[Dshield] F-Secure Radar2 Alert
micheal at tsgincorporated.com
Mon Jan 23 20:18:50 GMT 2006
----- Original Message -----
From: "Mark Tombaugh" <mtombaugh at alliedcc.com>
To: "General DShield Discussion List" <list at lists.dshield.org>
Sent: Friday, January 20, 2006 12:23 PM
Subject: Re: [Dshield] F-Secure Radar2 Alert
> On Fri, 2006-01-20 at 12:16 -0500, Paul Marsh wrote:
>> I saw a few of these yesterday, Trend calls it Grew.. Nothing so far
>> today, are others seeing it?
>> Thanx, Paul
> Looks like this is a new one Paul, at least from the wording at
> "It is similar to the 'Email-Worm.Win32.VB.bi' that was found a few days
> Email-Worm.Win32.VB.bi = VB-8 (Clam) = Nyxem-D (Sophos)
> Anyone have a sample? (of the new one) I'd like to check if the sigs for
> Nyxem-D at bleedingsnort also hit on this one. tia,
> PS - we so need a working cme...
> Mark Tombaugh
I've had some hits on Clamav that indicate dual infections, "Two viruses
were found: Worm.VB-9, Worm.VB-8". I'm still trying to determine if
Worm.VB-9 is the one referred to in this radar alert.
More information about the list