opps used the wrong file type :)With the release of Beagle.H and Beagle.I, virus writers
started enclosing the infected files within password protected
ZIP files… I’ve found that the A/V software does see the
file within the ZIP archive, but cannot process it because it
does not recognize the extension. When the archive is
password protected, the file enclosed receives a “+” character
at the end of the extension (ie test.exe becomes test.exe+)
Since the A/V software doesn’t recognize that kind of
extension, it lets it pass thru.

 I found that by adding the "+" character to file extensions
 that are blocked (.exe+, .cmd+, .vbs+ etc etc), the A/V
 software can now recognize that file extension and perform the
 necessary actions on it.
 
 I've only tested this out on Norton Anti-Virus for Exchange
 V2.1, but it should work on the other A/V software programs. -
 --Mike Maloney, Sr. System Engineer, Middlesex County College

                                  Click to email this item to a friend
                                           http://langa.com/sendit.htm