This is the mail archive of the cygwin-talk mailing list for the cygwin project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
On 06 August 2007 17:17, amores perros wrote:
> re: Big List of Dodgy Apps
>
> Some notes on possible Symatec Norton Antivirus version checks
> for possible use by anyone who would like
Thank you very much! Did you read my mind or what? I was about to send a
mail round asking for help with exactly this since I committed the code to
cygcheck just before the weekend!
> registry check
>
> HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SymNetDrv
> Version, REG_SZ, eg: 6.0.2.211
>
> registry check
>
> HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Common Client
> Version, REG_SZ, eg: 104.0.8.3
>
> registry + file version check
>
> HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\InstalledApps
> SAV Install Directory, REG_SZ: C:\Program Files\Symantec AntiVirus\
>
> file:
> "C:\Program Files\Symantec AntiVirus\VPC32.exe"
> version, eg: 10.1.0.401
That's brilliant, and if you can spare a few more minutes to compile and run
the attached source file and mail me the output offlist, I'd be even more
grateful. What I'd like is if you could take the attached sysinf.cc file,
run:
g++ sysinf.cc -o sysinf -DAUTOMATIC -lntdll
at the command-line, then execute:
./sysinf.exe > sysinf.txt
and email me the sysinf.txt output file.
What that does is to show me a list of all running processes, and another of
all loaded dlls, drivers, and any other kinds of executable modules, which
I'll use to add further methods of detection.
cheers,
DaveK
--
Can't think of a witty .sigline today....
Attachment:
sysinf.cc
Description: Text document
Attachment:
COPYING
Description: Binary data
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |