Full Disclosure mailing list archives

NAV (or any AV tool) and MSBlast

From: "L G" <safeer_00 () msn com>
Date: Wed, 13 Aug 2003 15:55:10 -0500

Hi all,

A quick query...

If an XP machine has the most recent NAV definitions, and the machine is hitby the RPC worm (msblast or any variant for which AV signature exists)


1. Will the file get quarantined?

2. If the machine is already infected, given that av will catch it during ascan, after a reboot will msblast.exe continue to infect the computer orcould it be assumed "safe" in the quarantine folder?

3. In short, what protection does any AV provide other than the fact thatthe user is told that the machine is infected?


Thanks.

_________________________________________________________________

MSN 8 with e-mail virus protection service: 2 months FREE*http://join.msn.com/?page=features/virus


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

NAV (or any AV tool) and MSBlast L G (Aug 13)
- <Possible follow-ups>
- RE: NAV (or any AV tool) and MSBlast L G (Aug 14)