On 11/15/05 11:07 AM, "Mark Wieder" <[EMAIL PROTECTED]> wrote:
> Ken- > > Tuesday, November 15, 2005, 8:25:49 AM, you wrote: > > Awesome post. Thanks! >> 4) Since the VBS file only connects to a DLL and executes a function, >> there's no way for Windows to know whether the function is bad or good, so >> virus protection software won't intercept the attempt to call the DLL (so > > Mostly true. Depends on your virus checker and its settings. It's > possible (and may be probable, if that's not an oxymoron) that > antivirus software would warn about the execution of *any* vbs file. > So the usual caveat about vbs and antivirus interaction still applies. > Just something for the user to be aware of, not a stumbling block. Good point - actually it would be good to start a list of antivirus software that does this (either as a default behavior or as an optional one). Do you know any off the top of your head that do this? (I've been a Symantec/Norton user for a while and it only has a "Script Blocking" feature that seems to intercept potentially malicious scripts (i.e. those that manipulate the file system), and it doesn't mess with my DLL code.) > The other related issue is that if this is installed on a user's > system, the vbs file must be installed into a directory for which the > user has the proper permissions to install and delete and run files. Absolutely true - my code example puts things briefly on the C: drive itself (which is *usually* available), but YMMV. Thanks, Mark! Ken Ray Sons of Thunder Software Web site: http://www.sonsothunder.com/ Email: [EMAIL PROTECTED] _______________________________________________ use-revolution mailing list [email protected] Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-revolution
