Bugbear Virus

Not open for further replies.


Red Leader
Staff member
Site Supporter
Aug 8, 2001
Just to let you know there is a virus currently doing the rounds. At the moment it is more prevailent in the US but from all acounts it is bound to start reaching further afield like the UK.

After it infects a PC, the Bugbear virus searches the machine for e-mail addresses and sends a message out to each address, with a copy of itself attached. Bugbear also grabs a random address from those found in the e-mail program on the PC and uses it in the "From:" line of the messages it sends. This disguises where the actual e-mails are coming from and makes it difficult to alert someone that there system is infected. The virus also attempts to spread by copying itself to other computers that share their hard drives with the infected system.

Bugbear also searches for any of a long list of security programs or antivirus programs and halts them if they are running on the victim's machine. In some cases, Bugbear can also cause printers on a network with infected PCs to start printing nearly blank pages.

The virus uses a flaw in the way Microsoft Outlook formats e-mail using MIME (multipurpose Internet mail extensions). The flaw, if left unpatched, allows the virus to automatically execute on a victim's PC if Outlook displays the text of the message. While the flaw and its patch are more than 18 months old, many users have apparently not fixed the problem, judging by Bugbear's success so far.

Since Bugbear exhibits few symptoms on an infected computer, users may not know their systems are infected and thus may not even take precautions after they've been attacked.

Users of Internet Explorer 6 should be safe from the e-mail portion of this worm. Users of IE 5.01 and 5.5 who have not installed the Infected Mime header patch found in MS01-020 should do so. If you do not need to share files on a network, you should also turn off file sharing within Windows.

And if you haven't already done so recently, update your antivirus software data files to be on the safe side.

Regards, Dave
Last edited:

Digger Barnes

' Digger'
Jun 29, 2002
[h4]Thanks Dave. I have just updated my antivirus program.
Anybody looking for a good antivirus prog then you dont get much better than AVG. http://www.grisoft.com, and its free[/h4]
Tight Lines

Not open for further replies.