I tried the same with NAI (4.025
Engine AND DAT 4061) – and it seems that the exploit works ;-() But I was in hurry – I will test it
again… Hinse -----Ursprüngliche
Nachricht----- I'm
using NAV 5.02.00 with all updates and the latest definitions. I have NOT
modified the preferences except to turn off the weekly scan of all files. (Such
a scan is redundant to scanning files as they are executed. This is the
"Auto-Protect" feature of NAV.) Running
the executable "virusexploit0100.exe" caused NAV to alert. It saw the
virus signature and denied access to the file. It did this from memory, not
from a directory. If normal scanning (Auto-Protect) is turned on (as it is by
default) then this exploit should not work in any version of NAV that I'm
familiar with, versions 3.0 for Windows 95 and up. Russ |
Title: RE: Bypass Virus Checking