Hello there, Sunday, November 10, 2002, 9:55:23 PM, Marck D Pearlstone wrote:
AC>> ... If an unknowledgeable user had restored a system AC>> configuration using the infected cpy files, the laptop would AC>> get infected once again. MDP> At this time the AV software has previously failed and missed MDP> the infection's arrival in an *executable* form. MDP> As long as the AV software stops you getting infected, then you're MDP> not at risk. That's how I see it. In the specific case, there was no antivirus software at all. If I hadn't cleaned the cpy files and I removed the antivirus right now, the system would get infected once again if the user used Windows recovery. Keep in mind that I am talking about "unknowledgeable" users, who can potentially do whatever comes to their minds, without a lot of thinking. This would effectively infect the system again by using a file which is non-executable. That is my point. MDP> So, my point still stands. It's a pointless evaluation of the MDP> effectiveness of the software to ascertain whether it checks MDP> non-executables by default. To say that the AV software MDP> "fails" and should not even be considered is not reasonable. I am not trying to tear your point down and got no reason to do this. Your point about the false conduction of the tests is 100% correct and I couldn't agree more on the specific subject. I only wanted to comment on the "infected non-executable files are not a threat" part which is just not 100% correct under some very specific circumstances. -- Best regards, Alexander Cicovic Using The Bat! 1.61 under Windows 2000 Service Pack 3 ________________________________________________ Current version is 1.61 | "Using TBUDL" information: http://www.silverstones.com/thebat/TBUDLInfo.html
