3.04-1 & MyParty
Stephen Lee
splee at PLEXIO.COM
Tue Jan 29 08:50:16 GMT 2002
Myparty was not detected on my system: Exim 3.34, MailScanner 3.03-1
with the "return 0;" mod in the DefinitelyClean sub of sendmail.pl and
F-Prot with the Jan 28 DEF updates. Has anyone caught this virus using a
similar setup as above? Might Mailscanner 3.04-1 give better results?
Thanks,
Stephen
On Mon, 2002-01-28 at 12:07, Sander Jonkers wrote:
> Hmm, hopefully I was wrong: the f-prot website
> http://www.f-prot.com/f-prot/virusinfo/mypartya.html says:
>
> "W32/Myparty.A at mm is detected by F-Prot Antivirus™ using the virus signature
> files since January 28th or newer."
>
> Strange I can't find it in the virlist.
>
> Sander
>
>
> > > At 15:22 28/01/2002, you wrote:
> > > >Will 3.04-1 protect against MyParty by itself or does it need an
> > > >up-to-date anti-virus database and tools as well?
> > >
> > > It will still need an up-to-date anti-virus database. If you can't get
> > > that, I would advise you switch vendors the next chance you get :-)
> >
> > Hmm, the updated f-prot does not know MyParty:
> >
> > [root at sanderold root]# /usr/local/f-prot/f-prot -virlist | grep -i myparty
> >
> > Other Parties are present:
> >
> > [root at sanderold root]# /usr/local/f-prot/f-prot -virlist | grep -i party
> > No_Party.519
> > WParty.557.A
> > WParty.557.B
> > WParty.558
> > IRC/Party.A
> > VBS/Party.A at mm
> >
> > Proof that f-prot has been updated:
> >
> > [root at sanderold root]# /usr/local/f-prot/f-prot -virlist | head -5
> > SIGN.DEF created 28. January 2002
> > SIGN2.DEF created 28. January 2002
> > MACRO.DEF created 16. January 2002
> > 2-up.6000
> > 2Sexy.384
> > [root at sanderold root]#
> >
> > So, switch 'vendor'?
> >
> > Sander
More information about the MailScanner
mailing list