News Spacer Products Spacer Service Spacer Virus Center Spacer Contact Spacer Downloads Spacer Search

LogoGlobeAntiVirus Software

virus alerts

W32/Bugbear@mm Worm

Name: W32/Bugbear.B@mm
Aliases: W32.Bugbear.B@mm, Bugbear.B, PE_BUGBEAR.B, W32/Bugbear.b@MM, W32/Bugbear-B
Type: Internet Worm
Discovery Date: June 5, 2003

Description:

A new variant of the original Bugbear, W32/Bugbear.B@mm is a mass-mailing worm that is compressed and encrypted. Like Bugbear.A, it arrives as an email attachment, with the email's subject, body and attachment being selected randomly from a prescribed list. When executed, Bugbear.B will search the infected system for email addresses. It will then use its own SMTP engine to send copies of itself to all the addresses it has compiled. It will also attempt to terminate the processes of certain antivirus and firewall programs.


Detection:

Command AntiVirus version 4.58.3 or higher with definition files dated 06/05/2003 will detect and disinfect this worm.



Name: W32/Bugbear.A@mm
Aliases: Tanatos, W32.Bugbear@mm, W32/Bugbear@MM, W32/Bugbear-A, WORM_BUGBEAR.A
Type: Internet Worm
Discovery Date: September 30, 2002

Description:

W32/Bugbear.A@mm is a mass-mailing worm that arrives as an email attachment with a randomly generated name. The subject line and the message body of an infected email are also randomly chosen, making this worm potentially hard to identity. The email message may contain an exploit that allows the attachment to run automatically when infected mail is viewed; a patch for this vulnerability is available on the Microsoft site in the following location:

  • www.microsoft.com/windows/ie/downloads/critical/q290108/default.asp

    NOTE: If you are already infected with the Bugbear Worm, click here for disinfection information.


    Detection:

    Command AntiVirus version 4.58.3 or higher with definition files dated 09/30/2002 will detect and delete the worm.

    Note: CSAV will detect the worm as W32/Bugbear.A@mm. The keylogger component will be identified using the generic message is a security risk or a "backdoor" program.


    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

    HomePurchase CenterVirus CenterSupport Center
  • Quick Links
    BUY NOW
    PRODUCT INFO
    SOFTWARE UPDATES
    LATEST DEFFILES


    This Section
    Product Information
    Product Literature
    Tutorials
    Documentation
       - Manuals
       - Readmes
       - Quick Start Guide
       - Viewing Utilities
    Test Drives
    How to Buy
    Contact Us
    Latest DEF Files
    Latest Version
    Latest Patches

    Awards





    Home Page