quote:
Originally posted by ShawnZ
quote:
Originally posted by vikke
Actually there are a lot of viruses using WSH scripting (.vbs & .js files). And if they get access to the memory (and the ability to create/remove files), you'll never know what happens. That's why the anti-virus is blocking the registry interface, to prevent these malwares that actually exists. This is a good protection, too bad it blocks Messenger Plus!.
However Messenger Plus!'s scripts are using these interfaces in a good way. If there's an option to ignore it just for that process (msnmsgr.exe), that would be great for you.
except... hey, wait a minute, virus scanners already have the capability to check executable files for virus signatures and monitor important registry locations! gee, that sort of makes blocking any use of activex in WSH useless, doesn't it?
Nope. New viruses are created everyday, and if Symantec wouldn't have added this block, you would have got infected since you get the virus before Symantec's updates. Also, you cannot be sure these checks on the PE-file is working correct. If I'm not mistaken a lot of programs has been identified as viruses when they're not.
It's a well-used technology, it's recommended to block these objects.
It's better having this block than getting infected by the virus.
/ 
