View Single Post
  #28  
Old December 21st 06, 03:30 AM posted to microsoft.public.windowsxp.basics
Ken Blake, MVP
external usenet poster
 
Posts: 10,402
Default Thank you.

BoaterDave wrote:

Thank you for your view, Ken.

.............. so if they *could* be, would they be identified by an
anti-virus scan?

I think not. You may know different - I'm still willing to learn!



Others here have called you a troll. I don't know anything of your past
postings, so I am willing to give you the benefit of the doubt, unless or
until you convince me that you are trolling. You are close to convincing me
of that, but I thought I would invest one more message before being sure.

So here's the story:

It's likely that many kinds of malicious statements in a bat file would not
be caught by a an anti-virus program. There are many kinds of malicious
software, and the kind you might find in a bat file would not be a virus,
and might not be caught. Anti-virus software does not catch everything, and
if you rely solely on anti-virus osftware for protection for security, you
are kidding yourself.

Let's say, for the sake of argument, that I want to create a file that would
delete the contents of an important folder like c:\program files. I could
write a batch file to do this, I could create an exe file to do this, I
could create a file that masqueraded as a jpg file (or any other type) to do
this. Regardless of how I did it, a virus checker might not catch it.

The point is that all of the various ways I might write something to perform
this malicious act are equivalent. There's nothing special about the bat
file, and that particular kind of file is no more risky than any other type
of file.

Over and above the points made above, you said "One thing he mentioned
recently was '.bat' files. He was absolutely adamant that, with only two
exceptions, other such files indicate that a PC has been compromised, often
without the knowledge of the user. I have tried to convince others of this,
but none believe me. "

Your young man's statement is *completely* false. There is risk in bat
files, as there is risk with any kind of files. With bat files, as with all
other files, you need to know what they are and where they came form before
you can trust them. The risk is not greater with bat files and the statement
that "with only two exceptions, other such files indicate that a PC has been
compromised" is complete and utter nonsense. If you are putting your trust
in someone who says that, you are very clearly trusting the wrong person. He
has no idea what he is talking about.

Feel free to disbelieve everything I, and everyone else here, has told you,
and trust your young man instead. It's entirely your choice.

--
Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup



_________________________________________________
"Ken Blake, MVP" wrote in message
...
Although it's possible that such
commands *could* be mailicious, there's nothing about their being in
a bat file that makes them so, and most bat files by far are
completely innoucuous.


Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup



Ads