Running FR 3.11 on Win/XP. Our corporate machines are beginning to strngthen policies on what can run on our machines, the latest victim is FR, we are not allowing code to modfy itself due to some virus attacks use this route. I now receive this meesage when FR runs:
1/18/2008 10:56:44 AM: The process 'D:\Program Files\FeedReader30\feedreader.exe' (as user xxxxxx\yyyyyyy) attempted to call the function CreateThread from a buffer (the return address was 0x404eaf). The code at this address is '0c5250b8 3c4e4000 505653e8 a9c4ffff 5f5e5b5d c20c008b c050e8a2 c4ffffc3' This either happens when a process uses self-modifying code or when a process has been subverted by a buffer overflow attack.
Thoughts anyone?
Greetings,
Greetings,
FR doesn't modify code at all, we don't do those hacks.
Feedreader uses Firebird database librarys , SSL and embedded IE;
Do you have in FR some feeds that are requiring SSL, maybe something there, but this code is also protected. You could disable such feeds and try again.
Which program gives such error ? DEP or some antivirus heuristics.
Also our products are always scanned with antivirus programs.
Ingmar
------
FR dev