An IDS program I've been using has come up with a Captcha when you try to shut it down. In other words, it requests that you enter a code shown on the screen--just like some Web sites do for user security. This ensures that a thinking human being is shutting the program down and not some piece of malware.

ClamWin developers: you might want to consider something like this if/when you become concerned with "hardening" ClamWin.

Regards,

Problem here is the way the program goes about generating the captcha.
With PHP it's one thing, the code is generated server side and you can't just grab it and paste it.

But if malware knew it had to get around this captcha, it could by finding the result of a "generated captcha" and feed it back.

It's like saying something, writing it down then testing if the person next to you can read it, when he already heard it.

Although, like any preventative measure, it IS another plausible layer to such a protection.