Tools:   Web Probe  |  World-Wide WHOIS  |  Trace Route  |  Nimda Self Test  |  Code Red Self Test  |  W32.Bugbear
Bugbear Worm

What is the Bugbear Worm?
The Bugbear worm, also known by the names W32/Bugbear, Tanatos, is a mass mailing worm that spreads by email and through Network file shares.

What is special about this worm?
Several things about this worm make it dangerous and/or unique:

  1. It infects other systems through multiple channels (email and file shares)
  2. It includes a key-stroke logger that captures a user's passwords, credit card numbers, etc.
  3. It installs a back-door on a user's system on TCP port 36794 allowing remote access to the system.
  4. It actively every 30 seconds attempts to disable a variety of firewall and IDS software components you may have running on your system.

Test Me Now
If you are running your browser from the same system you want tested, simply click the following button to determine if your system is infected.

How Do I Stop It?
Symantec has created a removal tool which will disable and remove the Virus from your system. However, you should note that without closing the original hole used to infect your system (usually through an email attachment) you are susceptible to re-infection.


© 1998-2024 E-Soft Inc. All rights reserved.