myparty virus
Results 1 to 8 of 8

Thread: myparty virus

  1. #1
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325

    myparty virus

    Every monday, my norton antivirus corp. server finds a the myparty virus on the same clients computer. I have run virus scans on both the clients pc and on the exchange server.

    Actually, its not even coming in through the exchange server... he has it configured through outlook express... directly from the internet...

    any ideas why this might happen? I'm not sure who his mail provider is... have to check on that. think it could be stuck on their server?

    Thanks for any help that you can give!

  2. #2
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    One trait of this virus it that it installs a backdoor. Norton detects it as Backdoor.MyParty check their site http://securityresponse.symantec.com...yparty@mm.html sounds like the backdoor is still there.
    Can you be more specific Exchange and Outlook Express are two different things. If you scanned an exchange server and there is nothing that would be SMTP, is the exchange server also configed for Pop3 accounts (Outlook Express) port 110 then good chance the host account system is infected. I'd say close port 110 on Friday afternoon or Sunday night before Monday see if it stops, if so then get with the powers that be and figure out of pop email accounts are needed.
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  3. #3
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    I have run NAV scans on the clients PC and nothing turns up. I will block that port on friday to see what happens. It isn't coming in through my exchange server... it is coming in from the internet directly through outlook express by the way it was configured. let me try your suggestion. Its just all too weird.

    Thanks again!

  4. #4
    Senior Member
    Join Date
    Feb 2002
    Posts
    253
    The following might be of some help:

    http://service4.symantec.com/SUPPORT...206?Open&src=w

  5. #5
    Junior Member
    Join Date
    Apr 2002
    Posts
    3
    how about formatting the whole system???

  6. #6
    Senior Member
    Join Date
    Nov 2001
    Posts
    742
    Originally posted here by THECRiS
    how about formatting the whole system???
    IMHO Formatting and reinstalling may be the soultion for a homuser, but if I got a infection into my corporate (even my private) network would I not destroy the "target" before I did know the source of the infection. But if it seemed to spread uncontrolled would I try to isolate the infection and if that not worked would I shake the dust from the "catastrofic whitepaper" and call in the rest of the staff .

  7. #7
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    Why are you letting one of your users connect to his personal mail outside the company? And why are you letting him use Outlook Express to do it? If for some reason he has to have access to his personal mail at work, make him use Netscape or something for his mail. You should not be responsible for the actions of a moron, but if you let them get away with something, you will be responsible. And the minute he gets a virus like SirCam or something, you are going to be up to your eyeballs in stinky **** trying to fix the rest of your companies computers.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  8. #8
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    thanks for the info. I just did a F&R, and told him that he was not allowed to retrieve his personal e mail while at work. It kinda sucks that I had to do that because he is a VP.
    I'm just a peeon.

    Thanks again!
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •