3.04-1 & MyParty

Sander Jonkers felker at GMX.NET
Tue Jan 29 10:20:49 GMT 2002


> Myparty was not detected on my system: Exim 3.34, MailScanner 3.03-1
> with the "return 0;" mod in the DefinitelyClean sub of sendmail.pl and
> F-Prot with the Jan 28 DEF updates. Has anyone caught this virus using a
> similar setup as above? Might Mailscanner 3.04-1 give better results?

So this 'not-detection of MyParty' confirms my first mail saying that
MyParty was not in 'f-prot --virlist'.

Do you mean you have got a MyParty virus yourself? If so, please mail me a
copy at felker at gmx.net so that I can check my mailscanner 3.04-1 with the
updated f-prot (no worries: no windows over there).

Sander



>
> Thanks,
> Stephen
>
>
>
> On Mon, 2002-01-28 at 12:07, Sander Jonkers wrote:
> > Hmm, hopefully I was wrong: the f-prot website
> > http://www.f-prot.com/f-prot/virusinfo/mypartya.html says:
> >
> > "W32/Myparty.A at mm is detected by F-Prot Antivirus™ using the virus
> signature
> > files since January 28th or newer."
> >
> > Strange I can't find it in the virlist.
> >
> > Sander
> >
> >
> > > > At 15:22 28/01/2002, you wrote:
> > > > >Will 3.04-1 protect against MyParty by itself or does it need an
> > > > >up-to-date anti-virus database and tools as well?
> > > >
> > > > It will still need an up-to-date anti-virus database. If you can't
> get
> > > > that, I would advise you switch vendors the next chance you get :-)
> > >
> > > Hmm, the updated f-prot does not know MyParty:
> > >
> > > [root at sanderold root]# /usr/local/f-prot/f-prot -virlist | grep -i
> myparty
> > >
> > > Other Parties are present:
> > >
> > > [root at sanderold root]# /usr/local/f-prot/f-prot -virlist | grep -i
> party
> > > No_Party.519
> > > WParty.557.A
> > > WParty.557.B
> > > WParty.558
> > > IRC/Party.A
> > > VBS/Party.A at mm
> > >
> > > Proof that f-prot has been updated:
> > >
> > > [root at sanderold root]# /usr/local/f-prot/f-prot -virlist | head -5
> > > SIGN.DEF created 28. January 2002
> > > SIGN2.DEF created 28. January 2002
> > > MACRO.DEF created 16. January 2002
> > > 2-up.6000
> > > 2Sexy.384
> > > [root at sanderold root]#
> > >
> > > So, switch 'vendor'?
> > >
> > > Sander
>

--
Sent through GMX FreeMail - http://www.gmx.net



More information about the MailScanner mailing list