OT: Win32/Mywife.E@mm

Billy A. Pumphrey bpumphrey at WoodMacLaw.com
Mon Feb 6 15:16:45 GMT 2006

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
> bounces at lists.mailscanner.info] On Behalf Of Jim Holland
> Sent: Saturday, February 04, 2006 8:27 AM
> To: MailScanner discussion
> Subject: RE: OT: Win32/Mywife.E at mm
> Someone wrote:
> > > > Naturally as long as everything is up to date things should be
> > > > People don't really know that a virus is going to happen before
> does
> > > > do they?
> > > Only if the bug has a timer/date trigger in them.  They get
> > > then lie in wait, and BAM do nasty things later.  Once detected
> > > we effectively reverse engineer the virus code, know that the
> will
> > > trigger in the future, thus know it's going to happen before. Once
> users
> > > update their scanning softs they can be assured the bug will be
> > > eradicated before they trigger.
> > > The media is a funny animal, they latch onto these bugs seemingly
> > > random, spreading doom and gloom, when we techs know that new bugs
> > > a daily occurrence, and are quickly and quietly squished by
> > > community.
> Of course the media loves to hype these things, but I think that this
> a valid case for some extra attention.  Not only was the worm
> destructive (just one single infected machine on a network could have
> destroyed all files in a shared folder on a file server that the
> had access to), but early copies did manage to get through the virus
> scanners and MailScanner itself.  I have not come across that
> since the Bagle worm with its password-protected zip files.
> Because we log the attachments that are sent to users we were able to
> determine that 6 of our 2500 members had received copies of the virus
> uuencoded form.  One of those 6 then opened the attachment with WinZip
> got infected as a result.  Fortunately we were able to clean up their
> infection before Friday, so no damage was done.
> I think the media hype was a useful wakeup call to ordinary users to
> them to update their antivirus software and to keep backups on
> media.
> Regards
> Jim Holland
> System Administrator
> MANGO - Zimbabwe's non-profit e-mail service

Good call and thanks for the responses guys.

More information about the MailScanner mailing list