View Full Version : garden of eden
11-27-2002, 03:41 PM
mail washer just picked up an e-mail. subject "garden of eden" which it reported as a virus.
I allowed mail washer to delete it as I d/l my other mail.
is there any way to get more info whilst in mail washer about the virus etc?
also if you open whilst in mail washer, could it infect the pc or is it safe?
11-27-2002, 04:21 PM
Have had the same with mailwasher reporting a virus. Tried a preview, and get a screenful of gibberish ( ASCII equivalent of binary code) Any attempt to D/L message results in AVG throwing a fit! No harm done to my machine. Only previewed it to find sender, to inform them they had a virus.
11-27-2002, 08:59 PM
You preview by double clicking on it. It doesn't actually download to your computer, so you are safe. I have done this several times when I wasn't sure if it was SPAM. Make sure you don't Bounce a virus since it will probably go back to the innocent whose system has already been infected and who is probably a friend of yours.
11-28-2002, 12:48 AM
"MailWasher only checks messages on the server in text mode so viruses and scripts can't be run" http://www.mailwasher.net/faq.php
Mailwasher uses heuristic analysis and not dat definitions to identify likely viruses. AVG can also be enabled for heuristic analysis and since it is watching what your are doing all the time it is able to make the same analysis of that Mailwasher does, and if enough of the viral code is read it is also able to identify the virus and thus "throw a fit" because, although the code IS on your pc, it is not in an executable form - any more than it would be safely inside a zipped folder.
It is certainly very disconcerting when it does this (have seen it with bugbear) but has the advantage that it may identify the virus for you in advance, which MailWasher (so far anyway) doesn't do.
The only other way to identify the virus is by making note of any particular identifying features: size of file(s), subject line, email message, etc. or by downloading it to your drive without opening it and then scanning it if it wasn't quarantined/detected en route or by zipping it up and sending it off for analysis.
If you do this via OE then ENSURE that the preview panel is off and that you DON'T open the mail to read it or to access the attachment in order to save it to disk. It is much easier to handle any attachment in this way using Foxmail, which always downloads in plain text by default and allows you to handle suspicious attachments more easily.
Even saving the whole eMail to disk and scanning the whole thing, including attachments, can catch you out, since some of the more modern viruses can cloak themselves until they are scanned or otherwise "touched", once they have been laid bare on their own.
If you want to identify which virus is on the way then have a good uptodate antivirus running and dont preview or open the mails. Do all of this at your own risk.
11-28-2002, 06:50 PM
Powered by vBulletin® Version 4.2.2 Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.