| Author |
Topic |
|
stephe40
Posting Yak Master
218 Posts |
 Posted - 2004-07-06 : 16:03:13
|
| I hope I can get a response on this, even though this has nothing to do with sql server.I want to be able to verify if a program has been installed with a web browser. Can it be done?This is the situation. I work for a university and every year students come to campus and hook up their personal machines to the network. We already have an automated online registration system to handle it, but we are looking to include steps in the registration that check to make sure that antivirus and spyware removal tools are installed. This is a huge deal for us. We spend thousands of man hours every year on the phone and at student rooms fixing computers because of spyware/virus issues. And we think that if there was a way to force students to install our AV client and a spyware tool we could prevent some of the issues from happening (and save some money).We (our office) has spent a long time trying to come up with a decent way of doing this. We have evaluated every option we can come up with, and most of them involve some type of active-x control, and we all know the downside to that. But, I want to post this question to see if anyone else has a bright idea.- Eric |
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-07-06 : 18:09:15
|
| Active X is probably the only way you are going to be able to do this. It's the only thing that can run in a web browser and grab information from the registry and disk.Think about it this way. If Adobe could scan your box to see if you had an illegal version of Photoshop installed without prompting you to install an ActiveX control, they would have done it already.Wish there was a better answer! Getting an ActiveX control to install on client PC's can be entertaining! You need to do a few things:1. Get the user to set your site up as "trusted"2. Get an Authenticode cert for your control and sign your control with it.3. Make sure they don't have ActiveX controls completly disabled.Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
 |
|
|
mohdowais
Sheikh of Yak Knowledge
1456 Posts |
Posted - 2004-07-07 : 01:56:47
|
| There _is_ a way of doing this, call this an ugly hack if you will, but it works! This works by attempting to initialize an object of the class in Javascript or VBScript in client-side code, and check if the call succeeded. If the object is null, the class has not registered on the system, and in all probability, the program has not been installed. Of course, for this to work, you must know the ProgID or qualified COM class name for the class, and the class must be publicly initializable. Of course, if you've been web programming for any length of time, you've done this already (in vbscript): set foo = CreateObject("ADODB.Recordset"). And then its just a matter of substituting the appropriate class name or the progid, which you can easily obtain from the registry if required. I suggest you try it in VB6 first, and if it works, you should be able to convert it into vbscript quite easily.Heck, why am I calling this an ugly hack? This technique is already being used to detect flash players and acrobat plugins.OS |
|
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-07-07 : 08:00:23
|
| Well, that's a good idea. I had thought about that one, but the original question was to detect if a program (I'm thinking EXE and not DLL) is installed. But, if a dependant DLL exists for that EXE, maybe you could make the assumption that it's installed.Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
|
|
|
stephe40
Posting Yak Master
218 Posts |
Posted - 2004-07-07 : 09:45:19
|
| Ill have to look into it. Thanks for the suggestion. Ill be checking for Symantec AV Corporate and Adaware or Spybot, I hope they have publicly available com objects.- Eric |
|
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-07-07 : 09:52:43
|
| I just had a brainstorm!Maybe you could create your own COM object that does the checking for the EXE's, and check for the existance of YOUR COM object with the client side script.Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
|
|
|
Kristen
Test
22859 Posts |
Posted - 2004-07-07 : 11:42:54
|
| Fight Spyware with Spyware! I like that Michael! |
|
|
|
mohdowais
Sheikh of Yak Knowledge
1456 Posts |
Posted - 2004-07-08 : 03:19:29
|
| But Michael, wouldn't that require your object to be installed on the client computer? This is tougher than getting them to install an ActiveX control!OS |
|
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-07-08 : 10:34:39
|
| True, I keep thinking this is a office domain, and not new users to a university. Probably the best way to make this work is with a Custom Active X control that will detect everything and install whatever needs to be installed. Needless to say this will not work for your students running Apple products.Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
|
|
|
stephe40
Posting Yak Master
218 Posts |
Posted - 2004-07-08 : 17:17:05
|
| Yeah, its very difficult because these are not our own machines, we dont have admin passwords and its very hard to force people to install something. The best we can do right now is though people at it. Which is very expensive, but thats the only way.Right now were leaning toward actually developing a program that they download and run that installs, symmantec, adaware, etc all silently. We pretty much relize that there is no way to "force" a install from a webpage and there is no way to check if a program (at least the programs we want to check for) is installed from a webpage.A while ago we were joking around and said we should come up with a "angel" virus/worm that would attempt to remove any known spyware. But then welchia came out, (a worm to fight the blaster worm), and it ended up doing more damage than good.- Eric |
|
|
|
|
Verify installation of a program with web browser