Full Disclosure mailing list archives
NAV (or any AV tool) and MSBlast
From: "L G" <safeer_00 () msn com>
Date: Wed, 13 Aug 2003 15:55:10 -0500
Hi all, A quick query...If an XP machine has the most recent NAV definitions, and the machine is hit by the RPC worm (msblast or any variant for which AV signature exists)
1. Will the file get quarantined?2. If the machine is already infected, given that av will catch it during a scan, after a reboot will msblast.exe continue to infect the computer or could it be assumed "safe" in the quarantine folder?
3. In short, what protection does any AV provide other than the fact that the user is told that the machine is infected?
Thanks. _________________________________________________________________MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- NAV (or any AV tool) and MSBlast L G (Aug 13)
- <Possible follow-ups>
- RE: NAV (or any AV tool) and MSBlast L G (Aug 14)