-----BEGIN PGP SIGNED MESSAGE----- At 18:09 31.01.00 -0800, Max Vision wrote: >ANOTHER BUG: Note that this exclude.dat was originally the default shipped >with NAV 2000, and excludes potential trouble filenames such as excel.exe, >winword.exe, and powerpnt.exe. That might not be the best idea, as when I >rename BackOrifice2000 to any of those filenames, it is completely >ignored. *sigh* (I just uploaded a version without those as well: >http://maxvision.net/nav/better.dat) Strange that Symantec managed to make their product so much worse during upgrades; I'm running Engine 5.00.01b, Viruse files 14.01.2000; results are significantly better: 1) There is no exclusion for \RECYCLED directory, neither hidden nor in the GUI. Exploit does not work, virus is detected. 2) The Excludes for EXCEL.EXE, WINWORD.EXE, POWERPNT.EXE and MSACCESS.EXE only turn off the check for writes to program files. Renaming the EICON.COM file from the exploit to excel.exe does not prevent NAV from finding it. 3) All Exclusions are visible using the GUI Interface. Martin Bene -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.0.2i iQCVAwUBOJfgfR+NBGYktXFhAQHBIAQAiUJ74XIgYpO+EpJbZwNV4EZsx4MZIMmi 2UMB9IIgp+nrkq1zzQUkCY6bs4LNRdb6Qz8/O4zb/ZJzdKsv1Uk53TG481xfTA0F Z9jc/kgBhNEa6iTFoGsh3nstYazHddAC/Abl3Ch0/b6J99wghBhOC5EkgkJ1/epU KWjHlHCDUUU= =nGN2 -----END PGP SIGNATURE----- "you have moved your mouse, please reboot to make this change take effect" -------------------------------------------------- Martin Bene vox: +43-316-813824 simon media fax: +43-316-813824-6 Andreas-Hofer-Platz 9 e-mail: mbat_private 8010 Graz, Austria -------------------------------------------------- finger mbat_private for PGP public key
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:33:03 PDT