Posted by Virus Bulletin on Feb 12, 2004
Virus vs virus - new Welchia variant seeks to destroy Mydoom.
Today we can say our goodbyes to Mydoom.A - which is programmed to stop spreading on today's date, 12 February 2004. Meanwhile, today has also seen a newcomer to the virus world - a new variant of W32/Welchia (aka W32/Nachi).
Like the original variant, which attempted to remove W32/Blaster from infected machines, Welchia.B attempts to clean up infected computers - this time removing Mydoom.A and downloading Microsoft security patches.
By virtue of its apparently curative effect, Welchia.A was deemed by some to be a 'good worm' - and this variant is likely to receive similar misplaced accolades. However, as Peter Ferrie, Péter Ször and Frédéric Perriot point out, 'The concept of a 'good worm' has been researched repeatedly, with little success. We would rather call it a 'jealous worm'.'
See
