| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 34185 | 2003-06-06 09:40:00 | W32.Bugbear is back! | Billy T (70) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 150300 | 2003-06-06 09:40:00 | From: "Partner APAC" <PartnerAPAC@symantec.com> To: <partnerapac@symantec.com> Sent: Friday, June 06, 2003 5:40 PM Subject: Symantec Partner Virus Alert Pleased be advised that Symantec Security Response has rated W32.Bugbear.B@mm a level 4 worm, on a scale of 1-5, with five being the most serious. As a consequence, you may receive an increase in customer enquiries about this latest threat. W32.Bugbear.B@mm is a variant of W32.Bugbear@mm originally discovered and named in the Sydney Symantec Security Response Centre in October 2002 and appears to be spreading quickly. W32.Bugbear.B@mm is a mass-mailing, polymorphic worm that also spreads through network shares. This worm infects a select list of executable files, has keystroke-logging and backdoor capabilities and will attempt to terminate the processes of various antivirus and firewall programs. For further information on this worm, please visit www.symantec.com.au Symantec Security Response strongly encourages users to download the latest virus definitions via LiveUpdate or from the Symantec Security Website -securityresponse.symantec.com Please be assured that Norton AntiVirus 2003 with current definitions will protect against W32.Bugbear.B@mm. |
Billy T (70) | ||
| 150301 | 2003-06-07 06:37:00 | Oh not again... I remember coming in to IDG in the afternoon when it got hit, They'd been intervied and all... I dont like that virus.. I wonder why :p |
Chilling_Silently (228) | ||
| 150302 | 2003-06-07 07:24:00 | Bugbear wasn't all that bad. I'm pretty sure thats one of the ones we got hit with at the college last year. Just used the Symantec remover and it all came away fine. | -=JM=- (16) | ||
| 150303 | 2003-06-07 07:30:00 | Never got it, wasn't affected by it, don't care about it. :D | agent (30) | ||
| 150304 | 2003-06-07 07:44:00 | It does seem to be making the rounds. Check out www.sharetrader.co.nz for another thread where some contributors also discuss seemingly the same problem. I personally have received two versions (attachment 'DSC000##.jpg.pif' ) at two different email addresses over the past several days which seem to be the same, or at least variants. No harm done to me, but (updated) AVG didn't pick up the virus (or worm) in the email attachment until I had downloaded it to a floppy and then checked the floppy. Aren't these AV programs supposed to pick them up directly from the email, without the need to download first? |
rugila (214) | ||
| 150305 | 2003-06-07 22:41:00 | > Bugbear wasn't all that bad. I'm pretty sure thats one of the ones we > got hit with at the college last year. Just used the Symantec remover > and it all came away fine. Our school got hit by it last year.. Took the network admins a good month to get rid of it, as it infected staff laptops, the different servers, etc.. So once it was gone from the network, some staff member would plug their laptop back in and it was back... I think that the network admin's just waited until the school holidays, then took all the laptops in and cleared them one by one. This partially explains why student workstations download an image of their HDD off the server and make sure that everything is the same - if there's a new folder on the HDD, then it get's deleted... Helps make sure that virus' don't get onto Student Workstations... CyberChuck |
cyberchuck (173) | ||
| 150306 | 2003-06-07 23:05:00 | > No harm done to me, but (updated) AVG didn't pick up > the virus (or worm) in the email attachment until I > had downloaded it to a floppy and then checked the > floppy. > Aren't these AV programs supposed to pick them up > directly from the email, without the need to download > first? It has been mentioned before that AVG will only detect the virus if it starts to run (from opening an email) or if you save the attachment and then manually scanned it. Either way, it will detect it before it escapes if you have the antivirus definition for it. With NAV, it will actually detect the virus/worm as the email is being downloaded into your inbox. |
Jen C (20) | ||
| 150307 | 2003-06-08 01:55:00 | Umm........ Please note that this is a new variant that requires a new AV definition. You may be protected against the earlier version but if your defs are not up to date then this version may still catch you. Cheers Billy 8-{) :| [pre][b]Complacency fuels many disasters |
Billy T (70) | ||
| 150308 | 2003-06-10 12:41:00 | The latest AVG update released 5/6/03 (alert posted by Kiwitas 6/6/03) is said to deal with it. | Robin S_ (86) | ||
| 1 | |||||