This is the mail archive of the cygwin-talk mailing list for the cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On 06 August 2007 17:17, amores perros wrote: > re: Big List of Dodgy Apps > > Some notes on possible Symatec Norton Antivirus version checks > for possible use by anyone who would like Thank you very much! Did you read my mind or what? I was about to send a mail round asking for help with exactly this since I committed the code to cygcheck just before the weekend! > registry check > > HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SymNetDrv > Version, REG_SZ, eg: 6.0.2.211 > > registry check > > HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Common Client > Version, REG_SZ, eg: 104.0.8.3 > > registry + file version check > > HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\InstalledApps > SAV Install Directory, REG_SZ: C:\Program Files\Symantec AntiVirus\ > > file: > "C:\Program Files\Symantec AntiVirus\VPC32.exe" > version, eg: 10.1.0.401 That's brilliant, and if you can spare a few more minutes to compile and run the attached source file and mail me the output offlist, I'd be even more grateful. What I'd like is if you could take the attached sysinf.cc file, run: g++ sysinf.cc -o sysinf -DAUTOMATIC -lntdll at the command-line, then execute: ./sysinf.exe > sysinf.txt and email me the sysinf.txt output file. What that does is to show me a list of all running processes, and another of all loaded dlls, drivers, and any other kinds of executable modules, which I'll use to add further methods of detection. cheers, DaveK -- Can't think of a witty .sigline today....
Attachment:
sysinf.cc
Description: Text document
Attachment:
COPYING
Description: Binary data
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |