Matthew Toseland skrev: > On Tuesday 09 June 2009 15:51:08 Zero3 wrote: >> Matthew Toseland skrev: >>> What can we do to avoid trouble with antiviruses? Would it help to install >>> a service under LocalSystem rather than creating a new user? >> (We are talking Windows here, btw.) >> >> Not sure. We *are* messing around with the user's system quite a bit. It >> is indeed not normal practice to create a new, password-expire-less, >> hidden user with access to logon as a service in the background. And >> then running a custom internet-enabled service under it. I can >> understand why some antivirus products gets suspicious about that (not >> justifying the silent messing around with our installation though). >> >> According to the AHK forums, this has happened before (and several >> people mailed antivirus companies in order to have the false detections >> removed, which they apparently were). > > Well, should we try some things such as installing as NetworkService or > whatever? (Only on OS's where it exists i.e. not win2k). And will we be able > to test it? And how much of it are you interested in doing? >> - Zero3
Me and nextgens were discussing it quite a bit here on the mailing list a while ago. To be honest, I don't remember what the arguments against it were in the end (they kind of drowned in other discussions). If everyone is fine with whatever consequences it will have (as far as I DO remember, the main one being that if fproxy was somehow compromised, an attack would have much more access to the system compared to running under a custom user), I can add it to my to-do list and do some testing. - Zero3
