瑞星文件监控功能的局限性
为使我自编的程序(finance.exe)在开机启动后自动运行,写了如下几条VFP命令:
oWSH = CREATE
OBJECT("wscript.shell")
cKEY = "HKCU\Software\Microsoft\Windows\CurrentVersion\Run\finance"
cProgramName = "D:\Finance\finance.exe"
oWSH.REGWRITE(cKEY,cProgramName,"REG_SZ")
将其作为txt文件保存,瑞星提示为“未知脚本病毒”,由于上述命令修改了系统注册表,有病毒的嫌疑,引起我对瑞星的文件监控功能的兴趣,遂试验将上述命令做一变形:
oWSH = CREATE
OBJECT("wscript.shell")
cKEY = "HKCU\Software\Microsoft\"
cKEY = cKEY + "Windows\CurrentVersion\Run\finance"
cProgramName = "D:\Finance\finance.exe"
oWSH.REGWRITE(cKEY,cProgramName,"REG_SZ")
将变形的命令以txt格式保存,发现瑞星的文件监控功能便失去作用。由此可见瑞星文件监控功能的局限性和脆弱了。
Åó
ÛUd&dot.bbs.ikaka.com
ºdN@