The email circulated to all staff via my IS Department last Friday:

Network Associates has classified the W32/Bugbear@MM Virus as High Risk and
we have had a number of reports from people receiving the W32/Bugbear@MM
virus on their systems.

W32/Bugbear@MM is a worm virus that primarily spreads via e-mail using
addresses found on infected systems. It uses random subject lines and
message body text from the infected system. The attachment commonly has a
double extension e.g. .doc.pif but not always.

It has the ability to disable Anti-Virus Software if an infection occurs. It
also can spawn print jobs on network printers i.e. it tries to print the
virus file contents to all network printers .

It can also replicate by copying itself to the start-up folder of remote pcs
on the network.

What to do:
-----------

1. Do NOT open suspicious e-mails with odd subject lines even if they are
from people you know. Check with the person who sent the mail by phone first
and if they didn't send it delete the mail.
2. If you suspect you are infected disconnect yourself from the network by
disconnecting the network cable from the back of your pc or the network
point on the wall.

Detection and removal for users of VirusScan is in the 4226 DAT files. If
you think you may be infected, please run a manual VirusScan on all files
once you are sure your version of VirusScan is up to date. (For instructions
on how to perform a scan go to
http://isservices.tcd.ie/help/virus/wincoll.html#runscan (For
instructions on how to check if your virus definitions are up to date go to
http://isservices.tcd.ie/help/virus/scandate.html#pc

There is also a specific W32/Bugbear removal utility available. Please
contact the helpdesk for details on how to obtain.

Please contact the I.S.Services helpdesk if you have any queries related to
this warning.

(For a full description of the virus see NAI's Website:
http://vil.nai.com/vil/content/v_99728.htm)