Cuchuk Sergey wrote:
> I have an idea -
>
> viruses or warms often use binaries or executables - so when we're
> protecting them from changing(or asking for comfirmation of user for
> program(for example installers can overwrite them)) we're protecting data
> from viruses
>
That would also prevent you from updating them. A query "what do you
want to do" is not safe, as
a virus can answer it itself.
I think that's a completely different protecting method than the
antivirus one. Plus i don't think there're
so much virus modifying .exe instead of copying themselves.
You'd need to do it as a driver to intercept the action. Windows already
does something similar
with Windows File Protection. You could have it protect other folders, too.
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32
