VIRUS ALERT: Bugbear - Spreading Rapidly!! edit**now with removal tools**

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
N

ndee

Lifer
Jul 18, 2000
12,680
1
0
Originally posted by: mithrandir2001
Originally posted by: OmegaNauce
Originally posted by: ndee
HAHA, Mandrake 9.0 here :)
Click to expand...

i love it!
Click to expand...
Nobody bothers Linux becuase nobody uses Linux for anything important. :p:p:p:p:p

I let Norton scan my drives. 99077 files. Damn, how did I accumulate so much stuff???
Click to expand...

Too much pr0n :)

and yes, mandrake r0x0rs j00 l4merZ :D
 
B

BarMan

Banned
Jan 4, 2001
1,204
0
0
Keep watch of your network file sharing! Here at work (work for Tech Support at The Stat University of West GA) our printers are on a seperate network for the Arts and Sciences department. This morning some girl checked her e-mail in one of our genereal usage labs and downloaded and opened the bugbear attachment. This started the virus on that machine and it spread through our network sharing to our printers (first network resource our usernames attach to). Well the random file was a .DOC.EXE file and the file was sent to EVERY PRINTER IN THE NETWORK! All the printers in every classroom and faculty office started printing out crap all at one time. The 50k file opened in Microsoft Word opened up to 614 pages. Now we have stacks of wasted paper for the recycle bin! If I was a tree hugger I'd be really pissed about htis one. hehe

Now our campus is on alert, cause I'm sure anyone of you that work with a faculty/staff know that e-mails are used day in and day out and they usually don't think before opening an attachment. Sheesh! I'm gonna be a busy camper for the next week or so... doh!

BarMan
 
wnied

wnied

Diamond Member
Oct 10, 1999
4,206
0
76
Thirty eight client calls and counting....this bug moves fast.

Get the warning out.
~wnied~
 
B

Balthazar

Golden Member
Apr 16, 2000
1,834
0
0
Originally posted by: ndee
Originally posted by: mithrandir2001
Originally posted by: OmegaNauce
Originally posted by: ndee
HAHA, Mandrake 9.0 here :)
Click to expand...

i love it!
Click to expand...
Nobody bothers Linux becuase nobody uses Linux for anything important. :p:p:p:p:p

I let Norton scan my drives. 99077 files. Damn, how did I accumulate so much stuff???
Click to expand...

Too much pr0n :)

and yes, mandrake r0x0rs j00 l4merZ :D
Click to expand...

Oh my gosh, you guys are soooooo smart and soooooo cool, you are using the EASIEST damned Linux distro out there!!!!
You are all my hero's....

rolleye.gif


wankers
 
Jeff7

Jeff7

Lifer
Jan 4, 2001
41,596
19
81
I was one to receive it on the 30th too; it came as a .doc.scr file. Norton AV didn't see it, but I was still suspicious of the weird filename. After quarantining it and sending it to Symantec, they sent me back a 3.5MB update. Glad I'm using cable. :)
 
N

ndee

Lifer
Jul 18, 2000
12,680
1
0
Originally posted by: Balthazar
Originally posted by: ndee
Originally posted by: mithrandir2001
Originally posted by: OmegaNauce
Originally posted by: ndee
HAHA, Mandrake 9.0 here :)
Click to expand...

i love it!
Click to expand...
Nobody bothers Linux becuase nobody uses Linux for anything important. :p:p:p:p:p

I let Norton scan my drives. 99077 files. Damn, how did I accumulate so much stuff???
Click to expand...

Too much pr0n :)

and yes, mandrake r0x0rs j00 l4merZ :D
Click to expand...

Oh my gosh, you guys are soooooo smart and soooooo cool, you are using the EASIEST damned Linux distro out there!!!!
You are all my hero's....

rolleye.gif


wankers
Click to expand...

yes I know, and if you didn't get that it was just some teasing, then you really need some help.
 
H

Harvey

Administrator<br>Elite Member
Oct 9, 1999
35,057
67
91
Oh joy! I just checked Windows Update and found they had a NEW CRITICAL UPDATE FOR Win98 SINCE YESTERDAY. That means everyone else should check for their versions, too.
rolleye.gif
Originally posted by: LakerGod
Is Intelligent Updated an option in the AntiVirus program, or do you have to download it seperately?
Click to expand...
Intelligent Update is not a program; it is their name for their sytem for distributing updates using manual downloads. Just go to the Symantec home page, and check the latest virus info. It is "intelligent" to the extent that the various updates are linked from the related pages describing the most recently detected viruses.

Norton now has a downloadable removal tool for this worm, W32.Bugbear@mm Removal Tool, along with their info page.
 
SagaLore

SagaLore

Elite Member
Dec 18, 2001
24,036
21
81
Originally posted by: TheEvil1
yea this should be everywhere. i think our campus is still tryin to recover from nimda. cause peopel had it last year and didnt know it and they just pluged there comp back into the network here again and its started allover again.

main i hate people who dont know how to run Anti virus software that comes free with there comps. also updating windows wouldent hurt either. i ask peopel if they have done this and they look at me like im speakin a forgin language
Click to expand...

If IE was upgraded, the OS was patched, and all the necessary permission changes were done on the shares, Nimda should not be reinfecting...
 
I

Ime

Diamond Member
May 3, 2001
3,661
0
76
I got an email from McAfee about 3 hours ago upgrading this puppy to High Risk.

I've since informed all the other LAN Admins in my company. I'm not worried about the gateway, I control it and I filter all exectuable attachments at the gateway. :) Not to mention that I loaded the new virus def's on Monday 10 seconds after they were available. What I'm worried about is someone opening it in their web-based email client, and running it on their unprotected computers. All the LAN Admins are supposed to make sure all their users are protected, but...

This thing looks like a combo of Nimda and the Goner virus, with the ability to flood printers thrown in for good measure. Nasty! If it makes it into my companies WAN... ugh... I don't wanna think about it.

I saw this coming 3 years ago when my company mandated that we use all Microsoft products across the board. :eek:
 
Scarpozzi

Scarpozzi

Lifer
Jun 13, 2000
26,391
1,780
126
This is one of the primary reasons that I'm slowly moving away from Microsoft products. They're very open to crap like this. I just installed RedHat 8.0.....
 
S

Saltin

Platinum Member
Jul 21, 2001
2,175
0
0
This one is going to be relatively sucessful because it has the ability to reply to or forward any email in your inbox back to the original sender

Getting a reply from someone you sent a message to, and it having the virus attached is going to fool alot of peple.

It also takes advantage of the MAPI auto-execute via preview pane flaw, though if you get burnt on that one, you deserve it.

I went hardcore and just configured my email proxies to quarantine .scr, .pif, .bat, .exe, and .com extensions. It's a little more work to have to go through and approve/delete, but it's worth it.
 
vi edit

vi edit

Elite Member
Super Moderator
Oct 28, 1999
62,484
8,345
126
I went hardcore and just configured my email proxies to quarantine .scr, .pif, .bat, .exe, and .com extensions. It's a little more work to have to go through and approve/delete, but it's worth it.
Click to expand...

Hell, I've been doing that for 6 months now :) Does this virus auto run? Or do you have to actually click the attachments?
 
B

bonkers325

Lifer
Mar 9, 2000
13,076
1
0
Originally posted by: vi_edit
I went hardcore and just configured my email proxies to quarantine .scr, .pif, .bat, .exe, and .com extensions. It's a little more work to have to go through and approve/delete, but it's worth it.
Click to expand...

Hell, I've been doing that for 6 months now :) Does this virus auto run? Or do you have to actually click the attachments?
Click to expand...


click
 
B

BarMan

Banned
Jan 4, 2001
1,204
0
0
Hell, I've been doing that for 6 months now :) Does this virus auto run? Or do you have to actually click the attachments?
Click to expand...

It will only autorun if you have IE 5.01 or 5.5 that's NOT patched with the MAPI flaw fix.

We only got it cause this one chick opened the freaking thing, and wondered why her e-mail wasn't working. lol :x

 
C

chrisjor

Golden Member
Dec 4, 2001
1,736
0
0
I do not use Outlook or Outlook Express....what can I expect in Eudora or Netscape?
 
Q

QueHuong

Platinum Member
Nov 21, 2001
2,098
0
0
I'm so damn pissed...idiot sister executed the virus. I gave her a long lecture about virus a month ago when she ran another virus. STUPID PEOPLE SHOULND'T USE COMPUTERS!!!!!!!!!!! Especially when they've been taught how to but won't learn. For the love of god.
 
T

Tripleshot

Elite Member
Jan 29, 2000
7,218
1
0
I got his virus this morning. Norton caught it, quareenteed it,and I nuked it cuz symantic didn't want to see it. Norton in action. Best dang virus detection engine outhere.;)
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom