We have Trend OfficeScan. Trend finds it before the bat file can close the SUBST drive (SUBST Q: /D). It did however cause my realtime scanner's interface to throw an exception. It's still scanning, I just don't have the cute little heartbeat line in the taskbar. My question it this: Assuming it had gotten past my scanner, it could not be executed when the SUBST drive is removed could it? Because it couldn't be referenced to execute? Wouldn't someone have to re SUBST the drive and go it that way? And if they have the ability to do that, why don't they just run it while it is there? Unless I'm missing something, I don't see anything particularly dangerous about this, other than someone could eat up all your HD space with dark matter files (look, I coined a term!). Maybe I missed something though, it's been a long day! Still, I agree it needs to be addressed, but I would suggest the change should be made at the OS level, rather than the app level. Nice job finding this, Hans. Walt Moorhouse Network Administrator
This archive was generated by hypermail 2b30 : Thu Jan 31 2002 - 11:10:44 PST