Version 1

    Based on this article from Symantec, pulled Dec 03 2015

    W32.Bugbear@mm Technical Details | Symantec


    ZIP includes a User Defined Group for the list of processes, and a rule.  Both can be imported into LEM, though you may have to re-add the group to the Rule.


    Created in response to this thread: W32.Bugbear