开发者

call to shellexecte causes antivirus to give a warning?

when ever i write the following line of code开发者_C百科 any where in any app i program with delphi

ShellExecute(self.WindowHandle,'open','www.yahoo.com',nil,nil, SW_SHOWNORMAL);

kaspersky 2010 beeps this message ''behavior similar to pdm.hidden data sending. detected''

why is that and how do i get rid of this

note: i am using delphi 2007

update :sorry for not clearifing, when ever i RUN my program av gives me this error


Send your application to Kaspersky lab, marking your request with "false-positive" comment.


This seems to be issue in Kaspersky Internet Security 2011 number 94754. Updating software may help.


Kaspersky probably detects that you want to open an URL, which could of course be something like www.example.com/submit.php?stolencreditcardnumber=12345 and gives the message. Maybe you can get rid of it by not using a constant string for the URL but assign the URL at run-time, so Kaspersky does not detect the opening of a URL.

ShellExecute(self.WindowHandle, 'open', MyURL, nil, nil, SW_SHOWNORMAL);

This is of course just guessing.


I Shell Execute URIs all the time, don't get any problems with AV software (see EasyBCD for an example software of mine that does this). So it could be that Kaspersky detects the combination of both the Delphi framework + the URI ShellExecute code as the problem. Delphi is not an uncommon malware language.

One thing you can try: Run "iexplore.exe" with MyUrl as a command-line argument.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜