Tanatos (also known as Bugbear) is an e-mail and network worm that also has a backdoor component. This particular variant is similar to the original Tanatos/Bugbear worm that was found in year 2002.
Disinfection & Removal
Allow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
This Tanatos worm variant spreads in e-mail messages with the following characteristics:
- !!! WARNING !!!
- [Fwd: look] ;-)
- bad news
- empty account
- good news!
- history screen
- I cannot forget you!
- I love you!
- I need photo!!!
- Is that your password?
- Just a reminder
- Lost & Found
- Me nude
- New Contests
- new reading
- Old photos
- Payment notices
- Please Help...
- Sex pictures
- Today Only
- You are fat!
- Your Gift
- Pease open an attachment to see the message.
- Please see Attachment
- please,read the attach file.
- see attachment
- See the attached file
- See the attached file for more info
- Take a look to the attachment
- a000032.jpg [lots of spaces] .scr
- girls.jpg [lots of spaces] .scr
- image.jpg [lots of spaces] .scr
- love.jpg [lots of spaces] .scr
- message.txt [lots of spaces] .scr
- music.mp3 [lots of spaces] .scr
- myphoto.jpg [lots of spaces] .scr
- news.doc [lots of spaces] .scr
- photo.jpg [lots of spaces] .scr
- pic.jpg [lots of spaces] .scr
- readme.txt [lots of spaces] .scr
- song.wav [lots of spaces] .scr
- video.avi [lots of spaces] .scr
- you.jpg [lots of spaces] .scr
F-Secure Anti-Virus detects this malware with the following updates:
Detection Type: PC
Description Created: 2006-05-10 17:29:11.0
Description Last Modified: 2006-05-11 12:16:23.0