This is the mail archive of the cygwin-talk mailing list for the cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: The Big List of Dodgy Apps

On 20 March 2007 17:03, Christopher Faylor wrote:

> On Tue, Mar 20, 2007 at 02:43:45PM -0000, Dave Korn wrote:

>> Windows Defender
> 
> Funny but I didn't notice any problems when I was running Windows
> Defender.

  I got that from this post:
http://www.cygwin.com/ml/cygwin/2007-01/msg00742.html

  It's not fully explained in the event log but it looks like it checks the
executables that implement services and warns/blocks if it looks like the file
has been altered.
 
> It sure would be nice (tm pending) if we had some way of detecting
> these problematic applications automatically.  It would be even nicer
> if we had someone who was dedicated to making cygcheck be all that
> it could be wrt detecting potential sources of problems and, even,
> suggesting solutions.

  <nods sagely>  I'll try and find some tuits.  If nothing else it might save
a lot of time just to have the information listed in cygcheck.  We probably
want to give it the ability to detect that a badware exists or is installed by
looking for 1) registry keys that would indicate it has been installed 2)
presence of named executables in known (i.e. default install) locations and 3)
presence of named executables in list of current running tasks.

  Anyone can suggest any other useful detection mechanisms?

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]