1. Symantec/
  2. Security Response/
  3. W32.Bugbear@mm


Risk Level 2: Low

September 30, 2002
February 13, 2007 11:40:35 AM
Also Known As:
W32/Bugbear-A [Sophos], WORM_BUGBEAR.A [Trend], Win32.Bugbear [CA], W32/Bugbear@MM [McAfee], I-Worm.Tanatos [AVP], W32/Bugbear [Panda], Tanatos [F-Secure]
Systems Affected:
CVE References:

NOTE: Due to a decreased rate of submissions, Symantec Security Response has downgraded this threat from a Category 3 to a Category 2 as of October 24, 2003.

W32.Bugbear@mm is a mass-mailing worm. It can also spread through network shares. It has keystroke-logging and backdoor capabilities. The worm also attempts to terminate the processes of various antivirus and firewall programs.

Because the worm does not properly handle the network resource types, it may flood shared printer resources, which causes them to print garbage or disrupt their normal functionality.

It is written in the Microsoft Visual C++ 6 programming language and is compressed with UPX v0.76.1-1.22.

Antivirus Protection Dates

  • Initial Rapid Release version September 30, 2002
  • Latest Rapid Release version November 26, 2017 revision 020
  • Initial Daily Certified version September 30, 2002
  • Latest Daily Certified version November 27, 2017 revision 001
  • Initial Weekly Certified release date September 30, 2002
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Yana Liu

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube