View Single Post
  #41  
Old April 9th 12, 09:08 PM posted to microsoft.public.windowsxp.basics,microsoft.public.test.here
Tim Meddick[_3_]
external usenet poster
 
Posts: 1,020
Default Thank you.


If your query referred to the ability of a batch file to disrupt an
NT-based system - then my answer would have to be ; "only if such a
batch-file was executed by a user with administrator privileges (on XP
only - vista / W7 gives an extra warning asking if it was you who really
initiated some risky code) would it be able to remove the essential
boot-loader system-file "ntldr" - otherwise, normal limited users would be
protected from such dodgy batch-code by the default usage-rights of files
and folders that reside within the root of the system-drive."

Plus, if the batch-file (or any one of a number of "vulnerable" executable
file-types) was downloaded from the internet, systems from 2K onward give
an extra warning of possible risk on any user attempting to execute it for
the first time.

But you'd have to a bit mental in the first place to deliberately execute a
strange batch-file that you had not first investigated it's contents for
yourself - let alone leaving it to AV scanning!!...

==

Cheers, Tim Meddick, Peckham, London. :-)




"~BD~" wrote in message
...
was surprised that this popped up on the
'microsoft.public.windowsxp.basics' group!

My comment will be found at the bottom!

On Thursday, December 28, 2006 2:16:36 AM UTC, Michael D. Alligood
wrote:
You are running Windows XP, with NIS 2006 and only 384 megs of RAM???
And your PC is responding well?!? How much available RAM do you have
after startup?


clipped
Hello! :-)

An updated bit of info!

Quote:

Not necessarily, no. This dummy virus doesn't actually cause any
damage to the system. However it does make changes to the registry
from the command line.

Now the one I wrote back in the days of Windows 95/98, did. It
rendered the hard drive un bootable. In other words, once the victim
restarted their computer it halted on a black screen with the words
"Missing operating system" as it deleted key boot files; io.sys,
msdos.sys and command.com.

The only recourse from that (should one be so lucky) is to boot from a
system diskette and "sys" the drive from the command line.

Issuing the command: sys C: would fix that by putting those files back
onto the hard drive.

I also had two files from the Windows directory being targeted as
well.. they were user.dat and user.da0. Which meant that any and all
programs that were installed would have to be reinstalled again since
the system's registry would be gone too.

A "dummy virus" is so named due to the fact there are no actual virus
code antivirus software could scan for. These were merely batch files
(files that use the .bat extension) that contained commands the
computer would recognize and execute.

If I really wanted to be devious I could use something like this in a
batch file....

@ECHO OFF
CD/
attrib -r -a -s -h ntldr
del ntldr
ECHO.
ECHO Please restart your system...
ECHO.

In the above example, regardless what directory that was ran from it
would go right to the root of the drive. At that point it would remove
the read only, archive, system and hidden attributes to ntldr then
delete the file without confirmation.

But that would render the system inoperable and display the "NTLDR
missing" message. My method makes things more interesting due to the
simple fact that I could use the command: net view \\ip.addy.goes.here
to look for the shared drive. Unless I knew the IP address was static.

Then once I found it issue the command net use * \\ip.addy.goes.here\C
to map the drive. It basically allows me to see the hard drive in My
Computer as though it were physically attached to my system by adding
another drive letter. Then I could do whatever I wanted.. copy
files\folders from their hard drive to mine or vice versa, move
files\folders around, delete files, rename files, etc.. and they would
never know.

**


I'm wondering if the author is correct in what he claims. Some guidance
on this will be welcomed!

--
Dave - "It is much better to be hated for what you are, than to be loved
for what you definitely are not." "Do unto others as you would have them
do unto you."


Ads