Due to an increased rate of submissions, Symantec Security Response has upgraded this threat from a Category 3 to a Category 4 as of October 2, 2002.
W32.Bugbear@mm is a mass-mailing worm. It can also spread through network shares. It has keystroke-logging and backdoor capabilities. The worm also attempts to terminate the processes of various antivirus and firewall programs.
Damage
* Payload: * Large scale e-mailing: Attemps to mass-mail to addresses harvested from a compromised host using it's own SMTP engine * Compromises security settings: May allow unauthorized access to compromised machines. Attempts to terminate processes of various antivirus and firewall programs.
W32.Bugbear@mm Discovered on: September 30, 2002 Last Updated on: October 3, 2002 05:13:22 PM PDT
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me
Systems Not Affected: Macintosh, Unix, Linux
PS : I only uses Mac, so I could not be infected by this one. If you receive it using my address (MagiSign), don't believe it. Just somebody using my e-mail address has probablyt got this virus and this one has pick my name in its list of address, and perhaps also part of a mail of me !
-------------------- Philippe JACQUES info@magisign.com
Take a look at our NCS MagiSign plug-in for Adobe Illustrator : Posts: 185 | From: Ottignies Louvain-la-Neuve, Belgium | Registered: Mar 1999
| IP: Logged |
Printer-friendly view of this topic