...

View Full Version : Antivirus Exclusion Detection



Viper426
08-31-2009, 07:07 PM
Hi all!

I don't have much hope regarding a usable answer to this, but I've got to try anyways. I'm working on a program that's so bloody read/write intensive that if there's an on-access scanner involved the entire thing crashes. So far I've just included instructions for adding the program directories to av exclusion lists, but it would be far more user-friendly if I could detect if said directories are excluded, and pop up a message if they are not.

I've noted that there's a function in .NET for detecting registered AVs, but there doesn't seem to by any way of finding anything out about them.

I'm not looking to be able to change the settings as that would be a terrifying security issue, I just need to know if my directories are excluded before a fatal crash.

Any ideas?

Spookster
09-01-2009, 12:23 AM
If your program is that read/write intensive have you considered using a database instead of file io operation?

oracleguy
09-01-2009, 12:28 AM
Yeah, I think adding the program directories to the exclude list is a bad solution if it can be avoided. What are you doing exactly?

Viper426
09-01-2009, 08:28 PM
We are using databases (to an extent). The entire thing is running on Jet, but the sheer number of calculations required (using anywhere from 1 to n individual tables as input) brings the system crashing down as our program and the av try to access hundreds of files at the same time. I'm not 100% sure on the specifics of the calculations as that's all done in another part of the building, we just have to keep the thing running.

Either way, with the phenominal size of the current project the odds of moving over to another option are pretty much nil.

In terms of an answer to my own question, I've stumbled on a table called antiVirusProduct in \\localhost\\root\\SecurityCenter. I'm going to see if there's anything in there that could give me a head start.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum