lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <BAY3-F139amqkhqntKr00026554@hotmail.com>
From: safeer_00 at msn.com (L G)
Subject: NAV (or any AV tool) and MSBlast

Hi all,

A quick query...

If an XP machine has the most recent NAV definitions, and the machine is hit 
by the RPC worm (msblast or any variant for which AV signature exists)

1. Will the file get quarantined?

2. If the machine is already infected, given that av will catch it during a 
scan, after a reboot will msblast.exe continue to infect the computer or 
could it be assumed "safe" in the quarantine folder?

3. In short, what protection does any AV provide other than the fact that 
the user is told that the machine is infected?

Thanks.

_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE*  
http://join.msn.com/?page=features/virus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ