Eicar test virus (eicar.exe) into RAM, the scanner does not detect it. It is not until you "save" a copy of a file with the Eicar to your file system does Symantec detect it. So it is not real-time scanning of viral code, but rather just a simple monitor to activate a scan any time a file is saved.
-------------------------- yap, not only in windows ce but i have seen this thing in NAV for windows xp too... [the NAV EXPLOIT discussed in the previous email uses/gives the similar result... _____________________________________________________________ Secure mail ---> http://www.blackcode.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
