[JA] Re: More Bugbear information

  • From: thepccat@xxxxxxxx
  • To: juno_accmail@xxxxxxxxxxxxx
  • Date: Fri, 4 Oct 2002 09:23:58 -0700


Yes, I was wondering what the keylogger was set up to do [potentially get
your passwords or allow outsiders to control your computer].

Sophos has come through for me [us]. This outfit primarily sells [costly]
antiviral software to big concerns. However, they are "concerned" enough
about the common folk that they created and offer a  downloadable or
emailable cleaning tool specifically for W32/Bugbear-A, as well as
providing more information on the keylogger/backdoor. They have changed
their website to low graphics format in reaction to the masses of people
surfing over there to get this good stuff.

I guess other AV firms will create such a program as well.

OK below is the info. thepccat
=================================

From: Sophos Alert System <emergency-return@xxxxxxxxxxxxxxxx>
Subject: Bugbear disinfection tool available from Sophos
[excerpt]

Sophos researchers have developed a standalone
tool which detects and disinfects the commonly
encountered W32/Bugbear-A worm.

You can read more about Bugbear and download the
disinfection tool from Sophos's website
at http://www.sophos.com
[this is available as self extracting exe or zip file]
Alternatively, you can email
   bugbear-request@xxxxxxxxxx
to have the utility and instructions automatically
emailed back to you as a Zip file.
------------------------------------

[info about their email emergency notification services fyi, they offer
two other email services, see the site]

http://www.sophos.com/virusinfo/notifications/

* Emergency information. When there is a serious virus emergency, you
will receive a warning. An emergency might be the appearance of a virus
that spreads very rapidly (like Melissa or LoveLetter) or that has a
particularly serious side-effect (e.g. CIH). Emergency warnings are sent
much less frequently than regular IDE notifications for new viruses in
the wild. 

Privacy Policy 
Sophos maintains a strict "no-spam" policy. Your email address is used
only by Sophos and its partners. You can be assured that your email
address will NEVER be passed on to any other outside company without your
permission or used by Sophos to send you unrequested promotional
material. 
=================================

[from the readme file of the disinfector]

W32/Bugbear-A is a worm, it does not infect files. All W32/Bugbear-A
files can
be deleted.



To unsubscribe, send a message to ecartis@xxxxxxxxxxxxx with
"unsubscribe juno_accmail" in the body or subject.
OR visit //freelists.org
~*~

Other related posts:

  • » [JA] Re: More Bugbear information
  1. Home
  2. juno_accmail
  3. Archive
  4. 10-2002