View Single Post
  #40  
Old April 9th 12, 06:49 PM posted to microsoft.public.windowsxp.basics,microsoft.public.test.here
~BD~[_6_]
external usenet poster
 
Posts: 463
Default Thank you.

was surprised that this popped up on the
'microsoft.public.windowsxp.basics' group!

My comment will be found at the bottom!

On Thursday, December 28, 2006 2:16:36 AM UTC, Michael D. Alligood wrote:
You are running Windows XP, with NIS 2006 and only 384 megs of RAM???
And your PC is responding well?!? How much available RAM do you have
after startup?

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



wrote in message
:

Hello again, Michael. I trust you enjoyed a great Christmas.

In general terms, my PC has responded well to using NIS 2006.
I have just 384Mb RAM (low by today's standards!) And an AMD 1300Mz
processor.
Not too fussed, as I'll upgrade to a new PC with Vista once it's released
here in the UK next year.

I've used Windows Live OneCare too and feel it will be very useful to many.

David
_______________________________________
"Michael D. wrote in message
...
And you can delete that as well. Windows XP has no need for it. As for NIS
2006, may I ask how the performance of your computer has been since
installation. And may I also inquiry as to the amount of RAM you have
installed. I generally stay away from the "security suite" programs. The
exception would be Windows Live One Care that I currently have installed
on my laptop -- I really am a fan of this product.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



wrote in message
:

I really appreciate your comments, Michael.

Thank you for taking the time and trouble to help me.

Whilst I know that there are differing views, I'm now using NIS 2006 and
hope this will help protect my PC!

As I have personally not deliberately added any'bat' files to my PC, I
have
deleted all but Autoexec.bat

David
______________________________________
"Michael D. wrote in message
...
Almost all AV programs now have heuristics scanning. To further
explain,
heuristics scanning "is similar to signature scanning, except that
instead
of looking for specific signatures, heuristic scanning looks for
certain
instructions or commands within a program that are not found in typical
application programs. As a result, a heuristic engine is able to detect
potentially malicious functionality in new, previously unexamined,
malicious functionality such as the replication mechanism of a virus,
the
distribution routine of a worm or the payload of a trojan." (Markus
Schmall).

So along with detecting viruses by using "virus signatures", AV
programs
also look for "certain instructions or commands within a program that
are
not found in typical application programs." Possibly detecting your
*.bat
files. While there is no golden AV program that detect all suspicious
programs, files and scripts -- and I do not want to continue this
thread
with the "Best AV program" on the market, it should perform heuristic
scans to help locate these suspicious files/programs.

I hope this clears things up.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



wrote in message
:

Thank you for your view, Ken.

.............. so if they *could* be, would they be identified by an
anti-virus scan?

I think not. You may know different - I'm still willing to learn!

Please see my response to Michael. Thank you.

David
_________________________________________________
"Ken Blake, wrote in message
...
Although it's possible that such
commands *could* be mailicious, there's nothing about their being in
a
bat
file that makes them so, and most bat files by far are completely
innoucuous.

Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup



Hello! :-)

An updated bit of info!

Quote:

Not necessarily, no. This dummy virus doesn't actually cause any
damage to the system. However it does make changes to the registry
from the command line.

Now the one I wrote back in the days of Windows 95/98, did. It
rendered the hard drive un bootable. In other words, once the victim
restarted their computer it halted on a black screen with the words
"Missing operating system" as it deleted key boot files; io.sys,
msdos.sys and command.com.

The only recourse from that (should one be so lucky) is to boot from a
system diskette and "sys" the drive from the command line.

Issuing the command: sys C: would fix that by putting those files back
onto the hard drive.

I also had two files from the Windows directory being targeted as
well.. they were user.dat and user.da0. Which meant that any and all
programs that were installed would have to be reinstalled again since
the system's registry would be gone too.

A "dummy virus" is so named due to the fact there are no actual virus
code antivirus software could scan for. These were merely batch files
(files that use the .bat extension) that contained commands the
computer would recognize and execute.

If I really wanted to be devious I could use something like this in a
batch file....

@ECHO OFF
CD/
attrib -r -a -s -h ntldr
del ntldr
ECHO.
ECHO Please restart your system...
ECHO.

In the above example, regardless what directory that was ran from it
would go right to the root of the drive. At that point it would remove
the read only, archive, system and hidden attributes to ntldr then
delete the file without confirmation.

But that would render the system inoperable and display the "NTLDR
missing" message. My method makes things more interesting due to the
simple fact that I could use the command: net view \\ip.addy.goes.here
to look for the shared drive. Unless I knew the IP address was static.

Then once I found it issue the command net use * \\ip.addy.goes.here\C
to map the drive. It basically allows me to see the hard drive in My
Computer as though it were physically attached to my system by adding
another drive letter. Then I could do whatever I wanted.. copy
files\folders from their hard drive to mine or vice versa, move
files\folders around, delete files, rename files, etc.. and they would
never know.

**


I'm wondering if the author is correct in what he claims. Some guidance
on this will be welcomed!

--
Dave - "It is much better to be hated for what you are, than to be loved
for what you definitely are not." "Do unto others as you would have them
do unto you."
Ads