l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2003 Jan 21 18:50

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] bill and melissa virus
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] bill and melissa virus

On Tue, 21 Jan 2003, Bill Kendrick wrote:

> On Tue, Jan 21, 2003 at 03:13:43AM -0800, Peter Jay Salzman wrote:
> > this is too funny.
> >
> >
> > bill... have you been passing around the melissa virus?
> <snip>
> I bet it's because it has the word "Melissa" in it. :^)
> (Seriously... I mean, I can't think of what ELSE.
> And if that's the case, then DAMN... what a freaking ridiculous piece
> of anti-virus software!)

Actually, if it triggers on Melissa, that would be silly, as that 
is not a key indicator of the virus. As far as I know, none of the 
variants contained that word in the subject or body of the infection 
emails. Most likely, some binary string subset of the email matched 
a pattern for one of the many variants of the Melissa virus. It's 
also possible they have a silly matching algorithm that uses synonyms 
because one variant of Melissa does have a subject which begins with 
"Pictures" and this email has a subject which begins with "Photos" 
(and if they use such an algorithm, they really should be shot, heh).
If you really want to know for sure, this appears to be the TrendMicro 
eManager product (the email message identified the scanning program 
as eManager and the description of the TrendMicro product seems to 
fit). TrendMicro has the virus definitions for this product available 
for download in a tarball. 

Shwaine the Wandering Arch of Malevolence
http://www.malevolence.com              http://www.shwaine.com

vox mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.