Details
BugBear (a.k.a. Tanatos)
The Internet email worm “BugBear” is officially known as “Tanatos” - please click here for a full description.

Ardamax Keylogger is a keystroke recorder that captures all of the user’s activity and keystrokes. It saves this to an encrypted log file. 

NetNanny allows users to either secretly or openly track activity within Chat dialogues and Instant Messages. It is designed for parents to monitor the chats that their kids are engaging in. 

Family Keylogger secretly records all keystrokes, e-mails, chat conversations, Web sites visited and programs run on a computer. The installer can then unhide the program and view the log of what occurred. 

Captain Nmemo is spyware specifically used to capture all login passwords on a certain computer. This program is being marketed to curious people looking to see what other people are doing on the computer. 

The UFP 007 Spy Spyware application is used to track all activity that the computer user does. 

Details
Bug.920

These are not dangerous parasitic and companion viruses. During execution they search for .EXE-files and create companion .COM-files. Then they search for .COM-files (including COMMAND.COM) and write themselves at their ends. As the result the companion files are infected twice.
“Bug.920″ is not memory resident virus, “Bug.1497″ hooks INT 21h and infects files that are executed.
The viruses delete CHKLIST file. Depending on the system date they change the font of a random selected letter to “bug” image. The viruses contain the internal text strings:
*.com *.exe c:\chklist.* c:\command.com

and:
“Bug.920″: BUG-2.0

Details
Buffalo.486

It is a dangerous memory resident parasitic virus. It copies itself into system buffers, hooks INT 21h, and then writes itself into the middle EXE-files that are accessed. While infecting the virus writes itself into the are of EXE stack, if it is placed within the file body, as the result the length of the file does not grow.
The virus has the bugs, and may halt the system while infecting the system memory.

Details
BuenDia.816

It’s a dangerous not memory resident parasitic virus. It searches for .EXE-files of current directory and writes itself at their ends. It corrupts some files on infection, these files are not recoverable and hang the system up on execution. After infection the virus draws the picture and displays the message:

Details
Budo.890

These are memory resident dangerous overwriting viruses. On execution they type one of the messages:
“Budo.890″: Run time error
Bad command or file name
“Budo.1000″: Incorrect DOS version

Then “Budo.890″ hooks INT 8 (timer) and INT 9 (keyboard). It waits several minutes and then searches for the .COM- and .EXE-file of the current directory and overwrites them.
“Budo.1000″ hooks INT 21h and on execution of any file it searches and overwrites .COM- and .EXE-files of current directory.
These viruses contain the internal text strings “*.COM *.EXE” and:
“Budo.890″: BUDO V1.2 TH-HV FINLAND
FLOW LIKE A RIVER - STRIKE LIKE A THUNDER
“Budo.1000″: BUDO V1.0 April/92.
T-H & HV Finland.
Flow like a river - strike like a thunder.

Details
Bucharest

It is not a dangerous memory resident boot virus. It hooks INT 12h, 13h and writes itself to the MBR of the hard drive and to boot sector of floppy disks. Depending on the system date and time it decrypts and displays the message:
ENJOY THIS BUG! RP VirusLab Bucharest

Details
Bubonic.2181

It’s a dangerous memory resident parasitic virus. It hooks INT 21h, 6Bh and writes itself at the end of .COM- and .EXE-files when they are accessed. On opening the infected file the virus cures this one. Sometimes it overwrites the files by the trojan program which erases the hard drive sectors and displays: “Ooops, Sorryall”. This virus also contains the internal text:
Bubonic[BBP],alpha.02a,fixedFCBbug.Soon:tightercode,anti-(debug,heuristics),norunifanti-virusprog.running(FSP,etc.)bettermemorystealthNEW!genetic,algorithmicdarwin-encryptionandadroplibraryofmanyvirii,alllessthan6k!

Details
Btg.792

It is not a dangerous memory resident stealth parasitic virus. It hooks INT 21h and writes itself to the end of COM files that are executed, opened or searched. If executed file contains the bytes B6h, F8h at the offset 7Eh, the virus displays the message “Error in EXE file.” and cancels file executing.
The virus also contains the text:
Btg

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA06-208A

Mozilla Products Contain Multiple Vulnerabilities

Original release date: July 27, 2006
Last revised: –
Source: US-CERT

Systems Affected

* Mozilla SeaMonkey
* Mozilla Firefox
* Mozilla Thunderbird

Any products based on Mozilla components, specifically Gecko, may also
be affected…

Read more at checksum.org…

Details
Bryansk.673

This is a relatively harmless non-memory resident virus, which searches for COM-files, and infects them by a standard manner. It contains the text: “BRYANSK 1992, BITE 0.01 (C)”. On Friday, it sets the attribute of all the files of the current directory to read-only.