|
|
BugTraq
RFC: virus handling Jan 28 2004 03:45PM Thomas Zehetbauer (thomasz hostmaster org) (13 replies) RFC: content-filter and AV notifications (Was: Re: RFC: virus handling) Jan 29 2004 12:00PM Andrey G. Sergeev (AKA Andris) (andris aernet ru) (1 replies) Re: RFC: content-filter and AV notifications (Was: Re: RFC: virus handling) Feb 03 2004 04:07PM Peter J. Holzer (hjp wsr ac at) Re: RFC: virus handling Jan 28 2004 10:00PM John Fitzgibbon (fitz jfitz com) (1 replies) Re: RFC: virus handling Jan 28 2004 06:24PM Patrick Proniewski (patpro patpro net) (1 replies) Re: RFC: virus handling Feb 03 2004 08:55PM Matthew Dharm (mdharm one-eyed-alien net) (1 replies) Re: RFC: virus handling Jan 28 2004 06:07PM Jeremy Mates (jmates sial org) (1 replies) Hysterical first technical alert from US-CERT Feb 03 2004 12:11PM Larry Seltzer (larry larryseltzer com) (3 replies) Re: Hysterical first technical alert from US-CERT Feb 04 2004 02:31PM Valdis Kletnieks vt edu (2 replies) Re: Hysterical first technical alert from US-CERT Feb 05 2004 08:33AM Stephen Samuel (samuel bcgreen com) (1 replies) Re: Hysterical first technical alert from US-CERT Feb 06 2004 10:07PM Valdis Kletnieks vt edu (1 replies) Re: Hysterical first technical alert from US-CERT Feb 08 2004 01:01PM Shawn McMahon (smcmahon eiv com) RE: Hysterical first technical alert from US-CERT Feb 04 2004 02:41PM Larry Seltzer (larry larryseltzer com) (1 replies) Re: Hysterical first technical alert from US-CERT Feb 04 2004 12:27PM Philip Rowlands (phr doc ic ac uk) Re: RFC: virus handling Jan 28 2004 05:54PM 3APA3A (3APA3A SECURITY NNOV RU) (1 replies) getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling] Feb 03 2004 09:11AM Gadi Evron (ge linuxbox org) (4 replies) Re: getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling] Feb 04 2004 08:04PM Georg Schwarz (geos epost de) Re: getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling] Feb 04 2004 06:27AM der Mouse (mouse Rodents Montreal QC CA) Re: getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling] Feb 03 2004 11:07PM James A. Thornton (jamest u-238 infinite1der org) |
|
Privacy Statement |
>I just got the alert below from US-CERT. It's one of the new lists they
>started. Some things about it bother me. First, it's dated 1/28, the day
>MyDoom.B was discovered, and the message sent field says that too; other
>dates in the headers disagree.
Yes, I got this report as well and I agree with you that MyDoom.B was not
able to spread widely at all. It looks like a mistake to me -- maybe they
wanted to warn for MyDoom.A instead of MyDoomB.?
At the time of the writing, Trend Micro's online scanner HouseCall has
found and cleaned more than 900.000 MyDoom.A-infected machines:
<http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MY
DOOM.A&VSect=S>
However, they only found 7 (seven) MyDoom.B infected PCs world-wide:
<http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MY
DOOM.B&VSect=S>
At least one av company has send out a wrong alert for MyDoom.B as well
(they wanted to update their MyDoom.A advisory, but they mixed-up both
worms descriptions).
A German news about this possible false alert can be found here:
http://www.heise.de/newsticker/meldung/44281
cheers,
Andreas
--
BSc. Andreas Marx <amarx (at) gega-it (dot) de [email concealed]>, http://www.av-test.org
AV-Test GmbH, Klewitzstr. 7, 39112 Magdeburg, Germany
Phone: +49 (0)391 6075466, Fax: +49 (0)391 6075469
[ reply ]