A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » The Basics
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Just wonderin' :-)



 
 
Thread Tools Display Modes
  #31  
Old December 23rd 06, 12:37 PM posted to microsoft.public.windowsxp.basics
Frank Saunders, MS-MVP OE/WM
external usenet poster
 
Posts: 761
Default Thank you.

"BoaterDave" wrote in message
...
Shenan - I appreciate you coming back to me yet again (I'm sure you must
be busy with other things, so thanks)

Perhaps you didn't read my response to Michael where I said:-

"My basic understanding now is that, as a 'bat' file is not a 'virus' per
se,
it would (probably) not be picked up by an anti-virus programme. However,
I
suspect that if such a file was surepticiously placed on one's PC, it
could
issue commands to make one's PC do just about anything, including being
able
to make adjustments to, in my case, NIS 2006.

If I'm right about this (and I recognise that I may have got it wrong yet
again!) unless one specifically seeks out a suspicious 'bat' file, one's
PC
could apparently be working normally whilst, at the same time, be acting
as
a 'zombie' for unscrupulous persons unknown. (Perhaps that is what my
'script kiddie' meant - he's no academic, that's for sure!)"



A BAT file can't run by itself. You might as well say that EXE and DLL
files are suspicious. They could be placed on the computer by something
else and do something nasty when run. There is no way that they are
inherently dangerous and certainly are not as dangerous as SCR files, which
may be screen savers but also may be script files.

--
Frank Saunders, MS-MVP OE/WM
http://www.fjsmjs.com
Answer in newsgroup. Don't send mail.


Ads
  #32  
Old December 23rd 06, 01:05 PM posted to microsoft.public.windowsxp.basics
Frank Saunders, MS-MVP OE/WM
external usenet poster
 
Posts: 761
Default Just wonderin' :-)

"BoaterDave" wrote in message
...
Hello TechB - nice to see you here! :-)

I think you already know the danger of '.bat' files to us mere mortals.
My real, 'in-the-flesh', ex 'script kiddie' hacker turned PC consultant
has told
me so face-to-face. I'd rather trust him than you, I'm afraid.



Your 'script kiddie' is an ignorant fear monger. I have seen many good and
useful BAT files and only one or two malicious ones. The main reason I
don't use BAT files anymore is that it's too easy to forget exactly what
such a file does and thus forget how to do it manually. Since my main
business is helping people I want to be able to tell my customers over the
phone how to do things that I would have written a BAT file for if it was
for my own use only.

You also seem to be expressing a common prejudice that only young people can
"know" computers. That's ridiculous. Yes, a lot of older people are
computer illiterate, but so are an awful lot of young people. The young
people can be more dangerous in their advice just because they subscribe to
this prejudice and think they know a lot simply because they're young and
have learned a few tricks.

--
Frank Saunders, MS-MVP OE/WM
http://www.fjsmjs.com
Answer in newsgroup. Don't send mail.


  #33  
Old December 24th 06, 12:14 AM posted to microsoft.public.windowsxp.basics
BoaterDave
external usenet poster
 
Posts: 82
Default Thank you.

I really appreciate your comments, Michael.

Thank you for taking the time and trouble to help me.

Whilst I know that there are differing views, I'm now using NIS 2006 and
hope this will help protect my PC!

As I have personally not deliberately added any'bat' files to my PC, I have
deleted all but Autoexec.bat

David
______________________________________
"Michael D. Alligood" wrote in message
...
Almost all AV programs now have heuristics scanning. To further explain,
heuristics scanning "is similar to signature scanning, except that instead
of looking for specific signatures, heuristic scanning looks for certain
instructions or commands within a program that are not found in typical
application programs. As a result, a heuristic engine is able to detect
potentially malicious functionality in new, previously unexamined,
malicious functionality such as the replication mechanism of a virus, the
distribution routine of a worm or the payload of a trojan." (Markus
Schmall).

So along with detecting viruses by using "virus signatures", AV programs
also look for "certain instructions or commands within a program that are
not found in typical application programs." Possibly detecting your *.bat
files. While there is no golden AV program that detect all suspicious
programs, files and scripts -- and I do not want to continue this thread
with the "Best AV program" on the market, it should perform heuristic
scans to help locate these suspicious files/programs.

I hope this clears things up.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

Thank you for your view, Ken.

.............. so if they *could* be, would they be identified by an
anti-virus scan?

I think not. You may know different - I'm still willing to learn!

Please see my response to Michael. Thank you.

David
_________________________________________________
"Ken Blake, MVP" wrote in message
...
Although it's possible that such
commands *could* be mailicious, there's nothing about their being in a
bat
file that makes them so, and most bat files by far are completely
innoucuous.


Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup




  #34  
Old December 24th 06, 12:16 AM posted to microsoft.public.windowsxp.basics
BoaterDave
external usenet poster
 
Posts: 82
Default Thank you.

I appreciate your help, Ken. Thank you.

I will relay the comments which you and others have made and see what his
response is!

Cheers,

David
_______________________________________
"Ken Blake, MVP" wrote in message
...
BoaterDave wrote:

Thank you for your view, Ken.

.............. so if they *could* be, would they be identified by an
anti-virus scan?

I think not. You may know different - I'm still willing to learn!



Others here have called you a troll. I don't know anything of your past
postings, so I am willing to give you the benefit of the doubt, unless or
until you convince me that you are trolling. You are close to convincing
me of that, but I thought I would invest one more message before being
sure.

So here's the story:

It's likely that many kinds of malicious statements in a bat file would
not be caught by a an anti-virus program. There are many kinds of
malicious software, and the kind you might find in a bat file would not be
a virus, and might not be caught. Anti-virus software does not catch
everything, and if you rely solely on anti-virus osftware for protection
for security, you are kidding yourself.

Let's say, for the sake of argument, that I want to create a file that
would delete the contents of an important folder like c:\program files. I
could write a batch file to do this, I could create an exe file to do
this, I could create a file that masqueraded as a jpg file (or any other
type) to do this. Regardless of how I did it, a virus checker might not
catch it.

The point is that all of the various ways I might write something to
perform this malicious act are equivalent. There's nothing special about
the bat file, and that particular kind of file is no more risky than any
other type of file.

Over and above the points made above, you said "One thing he mentioned
recently was '.bat' files. He was absolutely adamant that, with only two
exceptions, other such files indicate that a PC has been compromised,
often without the knowledge of the user. I have tried to convince others
of this, but none believe me. "

Your young man's statement is *completely* false. There is risk in bat
files, as there is risk with any kind of files. With bat files, as with
all other files, you need to know what they are and where they came form
before you can trust them. The risk is not greater with bat files and the
statement that "with only two exceptions, other such files indicate that a
PC has been compromised" is complete and utter nonsense. If you are
putting your trust in someone who says that, you are very clearly trusting
the wrong person. He has no idea what he is talking about.

Feel free to disbelieve everything I, and everyone else here, has told
you, and trust your young man instead. It's entirely your choice.

--
Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup



_________________________________________________
"Ken Blake, MVP" wrote in message
...
Although it's possible that such
commands *could* be mailicious, there's nothing about their being in
a bat file that makes them so, and most bat files by far are
completely innoucuous.


Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup





  #35  
Old December 25th 06, 03:21 AM posted to microsoft.public.windowsxp.basics
Michael D. Alligood
external usenet poster
 
Posts: 157
Default Thank you.

And you can delete that as well. Windows XP has no need for it. As for
NIS 2006, may I ask how the performance of your computer has been since
installation. And may I also inquiry as to the amount of RAM you have
installed. I generally stay away from the "security suite" programs. The
exception would be Windows Live One Care that I currently have installed
on my laptop -- I really am a fan of this product.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

I really appreciate your comments, Michael.

Thank you for taking the time and trouble to help me.

Whilst I know that there are differing views, I'm now using NIS 2006 and
hope this will help protect my PC!

As I have personally not deliberately added any'bat' files to my PC, I have
deleted all but Autoexec.bat

David
______________________________________
"Michael D. Alligood" wrote in message
...
Almost all AV programs now have heuristics scanning. To further explain,
heuristics scanning "is similar to signature scanning, except that instead
of looking for specific signatures, heuristic scanning looks for certain
instructions or commands within a program that are not found in typical
application programs. As a result, a heuristic engine is able to detect
potentially malicious functionality in new, previously unexamined,
malicious functionality such as the replication mechanism of a virus, the
distribution routine of a worm or the payload of a trojan." (Markus
Schmall).

So along with detecting viruses by using "virus signatures", AV programs
also look for "certain instructions or commands within a program that are
not found in typical application programs." Possibly detecting your *.bat
files. While there is no golden AV program that detect all suspicious
programs, files and scripts -- and I do not want to continue this thread
with the "Best AV program" on the market, it should perform heuristic
scans to help locate these suspicious files/programs.

I hope this clears things up.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

Thank you for your view, Ken.

.............. so if they *could* be, would they be identified by an
anti-virus scan?

I think not. You may know different - I'm still willing to learn!

Please see my response to Michael. Thank you.

David
_________________________________________________
"Ken Blake, MVP" wrote in message
...
Although it's possible that such
commands *could* be mailicious, there's nothing about their being in a
bat
file that makes them so, and most bat files by far are completely
innoucuous.

Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup



  #36  
Old December 25th 06, 03:22 AM posted to microsoft.public.windowsxp.basics
Michael D. Alligood
external usenet poster
 
Posts: 157
Default Thank you.

And by the way, you are more than welcome. I am glad I could assist you.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

I really appreciate your comments, Michael.

Thank you for taking the time and trouble to help me.

Whilst I know that there are differing views, I'm now using NIS 2006 and
hope this will help protect my PC!

As I have personally not deliberately added any'bat' files to my PC, I have
deleted all but Autoexec.bat

David
______________________________________
"Michael D. Alligood" wrote in message
...
Almost all AV programs now have heuristics scanning. To further explain,
heuristics scanning "is similar to signature scanning, except that instead
of looking for specific signatures, heuristic scanning looks for certain
instructions or commands within a program that are not found in typical
application programs. As a result, a heuristic engine is able to detect
potentially malicious functionality in new, previously unexamined,
malicious functionality such as the replication mechanism of a virus, the
distribution routine of a worm or the payload of a trojan." (Markus
Schmall).

So along with detecting viruses by using "virus signatures", AV programs
also look for "certain instructions or commands within a program that are
not found in typical application programs." Possibly detecting your *.bat
files. While there is no golden AV program that detect all suspicious
programs, files and scripts -- and I do not want to continue this thread
with the "Best AV program" on the market, it should perform heuristic
scans to help locate these suspicious files/programs.

I hope this clears things up.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

Thank you for your view, Ken.

.............. so if they *could* be, would they be identified by an
anti-virus scan?

I think not. You may know different - I'm still willing to learn!

Please see my response to Michael. Thank you.

David
_________________________________________________
"Ken Blake, MVP" wrote in message
...
Although it's possible that such
commands *could* be mailicious, there's nothing about their being in a
bat
file that makes them so, and most bat files by far are completely
innoucuous.

Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup



  #37  
Old December 27th 06, 04:18 PM posted to microsoft.public.windowsxp.basics
BoaterDave
external usenet poster
 
Posts: 82
Default Thank you.

Hello again, Michael. I trust you enjoyed a great Christmas.

In general terms, my PC has responded well to using NIS 2006.
I have just 384Mb RAM (low by today's standards!) And an AMD 1300Mz
processor.
Not too fussed, as I'll upgrade to a new PC with Vista once it's released
here in the UK next year.

I've used Windows Live OneCare too and feel it will be very useful to many.

David
_______________________________________
"Michael D. Alligood" wrote in message
...
And you can delete that as well. Windows XP has no need for it. As for NIS
2006, may I ask how the performance of your computer has been since
installation. And may I also inquiry as to the amount of RAM you have
installed. I generally stay away from the "security suite" programs. The
exception would be Windows Live One Care that I currently have installed
on my laptop -- I really am a fan of this product.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

I really appreciate your comments, Michael.

Thank you for taking the time and trouble to help me.

Whilst I know that there are differing views, I'm now using NIS 2006 and
hope this will help protect my PC!

As I have personally not deliberately added any'bat' files to my PC, I
have
deleted all but Autoexec.bat

David
______________________________________
"Michael D. Alligood" wrote in message
...
Almost all AV programs now have heuristics scanning. To further
explain,
heuristics scanning "is similar to signature scanning, except that
instead
of looking for specific signatures, heuristic scanning looks for
certain
instructions or commands within a program that are not found in typical
application programs. As a result, a heuristic engine is able to detect
potentially malicious functionality in new, previously unexamined,
malicious functionality such as the replication mechanism of a virus,
the
distribution routine of a worm or the payload of a trojan." (Markus
Schmall).

So along with detecting viruses by using "virus signatures", AV
programs
also look for "certain instructions or commands within a program that
are
not found in typical application programs." Possibly detecting your
*.bat
files. While there is no golden AV program that detect all suspicious
programs, files and scripts -- and I do not want to continue this
thread
with the "Best AV program" on the market, it should perform heuristic
scans to help locate these suspicious files/programs.

I hope this clears things up.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

Thank you for your view, Ken.

.............. so if they *could* be, would they be identified by an
anti-virus scan?

I think not. You may know different - I'm still willing to learn!

Please see my response to Michael. Thank you.

David
_________________________________________________
"Ken Blake, MVP" wrote in message
...
Although it's possible that such
commands *could* be mailicious, there's nothing about their being in
a
bat
file that makes them so, and most bat files by far are completely
innoucuous.

Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup





  #38  
Old December 28th 06, 03:16 AM posted to microsoft.public.windowsxp.basics
Michael D. Alligood
external usenet poster
 
Posts: 157
Default Thank you.

You are running Windows XP, with NIS 2006 and only 384 megs of RAM???
And your PC is responding well?!? How much available RAM do you have
after startup?

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

Hello again, Michael. I trust you enjoyed a great Christmas.

In general terms, my PC has responded well to using NIS 2006.
I have just 384Mb RAM (low by today's standards!) And an AMD 1300Mz
processor.
Not too fussed, as I'll upgrade to a new PC with Vista once it's released
here in the UK next year.

I've used Windows Live OneCare too and feel it will be very useful to many.

David
_______________________________________
"Michael D. Alligood" wrote in message
...
And you can delete that as well. Windows XP has no need for it. As for NIS
2006, may I ask how the performance of your computer has been since
installation. And may I also inquiry as to the amount of RAM you have
installed. I generally stay away from the "security suite" programs. The
exception would be Windows Live One Care that I currently have installed
on my laptop -- I really am a fan of this product.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

I really appreciate your comments, Michael.

Thank you for taking the time and trouble to help me.

Whilst I know that there are differing views, I'm now using NIS 2006 and
hope this will help protect my PC!

As I have personally not deliberately added any'bat' files to my PC, I
have
deleted all but Autoexec.bat

David
______________________________________
"Michael D. Alligood" wrote in message
...
Almost all AV programs now have heuristics scanning. To further
explain,
heuristics scanning "is similar to signature scanning, except that
instead
of looking for specific signatures, heuristic scanning looks for
certain
instructions or commands within a program that are not found in typical
application programs. As a result, a heuristic engine is able to detect
potentially malicious functionality in new, previously unexamined,
malicious functionality such as the replication mechanism of a virus,
the
distribution routine of a worm or the payload of a trojan." (Markus
Schmall).

So along with detecting viruses by using "virus signatures", AV
programs
also look for "certain instructions or commands within a program that
are
not found in typical application programs." Possibly detecting your
*.bat
files. While there is no golden AV program that detect all suspicious
programs, files and scripts -- and I do not want to continue this
thread
with the "Best AV program" on the market, it should perform heuristic
scans to help locate these suspicious files/programs.

I hope this clears things up.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

Thank you for your view, Ken.

.............. so if they *could* be, would they be identified by an
anti-virus scan?

I think not. You may know different - I'm still willing to learn!

Please see my response to Michael. Thank you.

David
_________________________________________________
"Ken Blake, MVP" wrote in message
...
Although it's possible that such
commands *could* be mailicious, there's nothing about their being in
a
bat
file that makes them so, and most bat files by far are completely
innoucuous.

Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup




  #39  
Old February 26th 12, 01:55 PM posted to microsoft.public.windowsxp.basics
No_Name
external usenet poster
 
Posts: 1
Default Thank you.


My comment will be found at the bottom!

On Thursday, December 28, 2006 2:16:36 AM UTC, Michael D. Alligood wrote:
You are running Windows XP, with NIS 2006 and only 384 megs of RAM???
And your PC is responding well?!? How much available RAM do you have
after startup?

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

Hello again, Michael. I trust you enjoyed a great Christmas.

In general terms, my PC has responded well to using NIS 2006.
I have just 384Mb RAM (low by today's standards!) And an AMD 1300Mz
processor.
Not too fussed, as I'll upgrade to a new PC with Vista once it's released
here in the UK next year.

I've used Windows Live OneCare too and feel it will be very useful to many.

David
_______________________________________
"Michael D. Alligood" wrote in message
...
And you can delete that as well. Windows XP has no need for it. As for NIS
2006, may I ask how the performance of your computer has been since
installation. And may I also inquiry as to the amount of RAM you have
installed. I generally stay away from the "security suite" programs. The
exception would be Windows Live One Care that I currently have installed
on my laptop -- I really am a fan of this product.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

I really appreciate your comments, Michael.

Thank you for taking the time and trouble to help me.

Whilst I know that there are differing views, I'm now using NIS 2006 and
hope this will help protect my PC!

As I have personally not deliberately added any'bat' files to my PC, I
have
deleted all but Autoexec.bat

David
______________________________________
"Michael D. Alligood" wrote in message
...
Almost all AV programs now have heuristics scanning. To further
explain,
heuristics scanning "is similar to signature scanning, except that
instead
of looking for specific signatures, heuristic scanning looks for
certain
instructions or commands within a program that are not found in typical
application programs. As a result, a heuristic engine is able to detect
potentially malicious functionality in new, previously unexamined,
malicious functionality such as the replication mechanism of a virus,
the
distribution routine of a worm or the payload of a trojan." (Markus
Schmall).

So along with detecting viruses by using "virus signatures", AV
programs
also look for "certain instructions or commands within a program that
are
not found in typical application programs." Possibly detecting your
*.bat
files. While there is no golden AV program that detect all suspicious
programs, files and scripts -- and I do not want to continue this
thread
with the "Best AV program" on the market, it should perform heuristic
scans to help locate these suspicious files/programs.

I hope this clears things up.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



"BoaterDave" wrote in message
:

Thank you for your view, Ken.

.............. so if they *could* be, would they be identified by an
anti-virus scan?

I think not. You may know different - I'm still willing to learn!

Please see my response to Michael. Thank you.

David
_________________________________________________
"Ken Blake, MVP" wrote in message
...
Although it's possible that such
commands *could* be mailicious, there's nothing about their being in
a
bat
file that makes them so, and most bat files by far are completely
innoucuous.

Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup



Hello! :-)

An updated bit of info!

Quote:

Not necessarily, no. This dummy virus doesn't actually cause any
damage to the system. However it does make changes to the registry
from the command line.

Now the one I wrote back in the days of Windows 95/98, did. It
rendered the hard drive un bootable. In other words, once the victim
restarted their computer it halted on a black screen with the words
"Missing operating system" as it deleted key boot files; io.sys,
msdos.sys and command.com.

The only recourse from that (should one be so lucky) is to boot from a
system diskette and "sys" the drive from the command line.

Issuing the command: sys C: would fix that by putting those files back
onto the hard drive.

I also had two files from the Windows directory being targeted as
well.. they were user.dat and user.da0. Which meant that any and all
programs that were installed would have to be reinstalled again since
the system's registry would be gone too.

A "dummy virus" is so named due to the fact there are no actual virus
code antivirus software could scan for. These were merely batch files
(files that use the .bat extension) that contained commands the
computer would recognize and execute.

If I really wanted to be devious I could use something like this in a
batch file....

@ECHO OFF
CD/
attrib -r -a -s -h ntldr
del ntldr
ECHO.
ECHO Please restart your system...
ECHO.

In the above example, regardless what directory that was ran from it
would go right to the root of the drive. At that point it would remove
the read only, archive, system and hidden attributes to ntldr then
delete the file without confirmation.

But that would render the system inoperable and display the "NTLDR
missing" message. My method makes things more interesting due to the
simple fact that I could use the command: net view \\ip.addy.goes.here
to look for the shared drive. Unless I knew the IP address was static.

Then once I found it issue the command net use * \\ip.addy.goes.here\C
to map the drive. It basically allows me to see the hard drive in My
Computer as though it were physically attached to my system by adding
another drive letter. Then I could do whatever I wanted.. copy
files\folders from their hard drive to mine or vice versa, move
files\folders around, delete files, rename files, etc.. and they would
never know.

**

I'm wondering if the author is correct in what he claims. Some guidance on this will be welcomed!

Dave
  #40  
Old April 9th 12, 06:49 PM posted to microsoft.public.windowsxp.basics,microsoft.public.test.here
~BD~[_6_]
external usenet poster
 
Posts: 463
Default Thank you.

was surprised that this popped up on the
'microsoft.public.windowsxp.basics' group!

My comment will be found at the bottom!

On Thursday, December 28, 2006 2:16:36 AM UTC, Michael D. Alligood wrote:
You are running Windows XP, with NIS 2006 and only 384 megs of RAM???
And your PC is responding well?!? How much available RAM do you have
after startup?

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



wrote in message
:

Hello again, Michael. I trust you enjoyed a great Christmas.

In general terms, my PC has responded well to using NIS 2006.
I have just 384Mb RAM (low by today's standards!) And an AMD 1300Mz
processor.
Not too fussed, as I'll upgrade to a new PC with Vista once it's released
here in the UK next year.

I've used Windows Live OneCare too and feel it will be very useful to many.

David
_______________________________________
"Michael D. wrote in message
...
And you can delete that as well. Windows XP has no need for it. As for NIS
2006, may I ask how the performance of your computer has been since
installation. And may I also inquiry as to the amount of RAM you have
installed. I generally stay away from the "security suite" programs. The
exception would be Windows Live One Care that I currently have installed
on my laptop -- I really am a fan of this product.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



wrote in message
:

I really appreciate your comments, Michael.

Thank you for taking the time and trouble to help me.

Whilst I know that there are differing views, I'm now using NIS 2006 and
hope this will help protect my PC!

As I have personally not deliberately added any'bat' files to my PC, I
have
deleted all but Autoexec.bat

David
______________________________________
"Michael D. wrote in message
...
Almost all AV programs now have heuristics scanning. To further
explain,
heuristics scanning "is similar to signature scanning, except that
instead
of looking for specific signatures, heuristic scanning looks for
certain
instructions or commands within a program that are not found in typical
application programs. As a result, a heuristic engine is able to detect
potentially malicious functionality in new, previously unexamined,
malicious functionality such as the replication mechanism of a virus,
the
distribution routine of a worm or the payload of a trojan." (Markus
Schmall).

So along with detecting viruses by using "virus signatures", AV
programs
also look for "certain instructions or commands within a program that
are
not found in typical application programs." Possibly detecting your
*.bat
files. While there is no golden AV program that detect all suspicious
programs, files and scripts -- and I do not want to continue this
thread
with the "Best AV program" on the market, it should perform heuristic
scans to help locate these suspicious files/programs.

I hope this clears things up.

--
Michael D. Alligood
MCSA, MCDST, MCP, A+,
Network+, i-Net+, CIW Assoc.,
CIW Certified Instructor



wrote in message
:

Thank you for your view, Ken.

.............. so if they *could* be, would they be identified by an
anti-virus scan?

I think not. You may know different - I'm still willing to learn!

Please see my response to Michael. Thank you.

David
_________________________________________________
"Ken Blake, wrote in message
...
Although it's possible that such
commands *could* be mailicious, there's nothing about their being in
a
bat
file that makes them so, and most bat files by far are completely
innoucuous.

Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup



Hello! :-)

An updated bit of info!

Quote:

Not necessarily, no. This dummy virus doesn't actually cause any
damage to the system. However it does make changes to the registry
from the command line.

Now the one I wrote back in the days of Windows 95/98, did. It
rendered the hard drive un bootable. In other words, once the victim
restarted their computer it halted on a black screen with the words
"Missing operating system" as it deleted key boot files; io.sys,
msdos.sys and command.com.

The only recourse from that (should one be so lucky) is to boot from a
system diskette and "sys" the drive from the command line.

Issuing the command: sys C: would fix that by putting those files back
onto the hard drive.

I also had two files from the Windows directory being targeted as
well.. they were user.dat and user.da0. Which meant that any and all
programs that were installed would have to be reinstalled again since
the system's registry would be gone too.

A "dummy virus" is so named due to the fact there are no actual virus
code antivirus software could scan for. These were merely batch files
(files that use the .bat extension) that contained commands the
computer would recognize and execute.

If I really wanted to be devious I could use something like this in a
batch file....

@ECHO OFF
CD/
attrib -r -a -s -h ntldr
del ntldr
ECHO.
ECHO Please restart your system...
ECHO.

In the above example, regardless what directory that was ran from it
would go right to the root of the drive. At that point it would remove
the read only, archive, system and hidden attributes to ntldr then
delete the file without confirmation.

But that would render the system inoperable and display the "NTLDR
missing" message. My method makes things more interesting due to the
simple fact that I could use the command: net view \\ip.addy.goes.here
to look for the shared drive. Unless I knew the IP address was static.

Then once I found it issue the command net use * \\ip.addy.goes.here\C
to map the drive. It basically allows me to see the hard drive in My
Computer as though it were physically attached to my system by adding
another drive letter. Then I could do whatever I wanted.. copy
files\folders from their hard drive to mine or vice versa, move
files\folders around, delete files, rename files, etc.. and they would
never know.

**


I'm wondering if the author is correct in what he claims. Some guidance
on this will be welcomed!

--
Dave - "It is much better to be hated for what you are, than to be loved
for what you definitely are not." "Do unto others as you would have them
do unto you."
  #41  
Old April 9th 12, 09:08 PM posted to microsoft.public.windowsxp.basics,microsoft.public.test.here
Tim Meddick[_3_]
external usenet poster
 
Posts: 1,020
Default Thank you.


If your query referred to the ability of a batch file to disrupt an
NT-based system - then my answer would have to be ; "only if such a
batch-file was executed by a user with administrator privileges (on XP
only - vista / W7 gives an extra warning asking if it was you who really
initiated some risky code) would it be able to remove the essential
boot-loader system-file "ntldr" - otherwise, normal limited users would be
protected from such dodgy batch-code by the default usage-rights of files
and folders that reside within the root of the system-drive."

Plus, if the batch-file (or any one of a number of "vulnerable" executable
file-types) was downloaded from the internet, systems from 2K onward give
an extra warning of possible risk on any user attempting to execute it for
the first time.

But you'd have to a bit mental in the first place to deliberately execute a
strange batch-file that you had not first investigated it's contents for
yourself - let alone leaving it to AV scanning!!...

==

Cheers, Tim Meddick, Peckham, London. :-)




"~BD~" wrote in message
...
was surprised that this popped up on the
'microsoft.public.windowsxp.basics' group!

My comment will be found at the bottom!

On Thursday, December 28, 2006 2:16:36 AM UTC, Michael D. Alligood
wrote:
You are running Windows XP, with NIS 2006 and only 384 megs of RAM???
And your PC is responding well?!? How much available RAM do you have
after startup?


clipped
Hello! :-)

An updated bit of info!

Quote:

Not necessarily, no. This dummy virus doesn't actually cause any
damage to the system. However it does make changes to the registry
from the command line.

Now the one I wrote back in the days of Windows 95/98, did. It
rendered the hard drive un bootable. In other words, once the victim
restarted their computer it halted on a black screen with the words
"Missing operating system" as it deleted key boot files; io.sys,
msdos.sys and command.com.

The only recourse from that (should one be so lucky) is to boot from a
system diskette and "sys" the drive from the command line.

Issuing the command: sys C: would fix that by putting those files back
onto the hard drive.

I also had two files from the Windows directory being targeted as
well.. they were user.dat and user.da0. Which meant that any and all
programs that were installed would have to be reinstalled again since
the system's registry would be gone too.

A "dummy virus" is so named due to the fact there are no actual virus
code antivirus software could scan for. These were merely batch files
(files that use the .bat extension) that contained commands the
computer would recognize and execute.

If I really wanted to be devious I could use something like this in a
batch file....

@ECHO OFF
CD/
attrib -r -a -s -h ntldr
del ntldr
ECHO.
ECHO Please restart your system...
ECHO.

In the above example, regardless what directory that was ran from it
would go right to the root of the drive. At that point it would remove
the read only, archive, system and hidden attributes to ntldr then
delete the file without confirmation.

But that would render the system inoperable and display the "NTLDR
missing" message. My method makes things more interesting due to the
simple fact that I could use the command: net view \\ip.addy.goes.here
to look for the shared drive. Unless I knew the IP address was static.

Then once I found it issue the command net use * \\ip.addy.goes.here\C
to map the drive. It basically allows me to see the hard drive in My
Computer as though it were physically attached to my system by adding
another drive letter. Then I could do whatever I wanted.. copy
files\folders from their hard drive to mine or vice versa, move
files\folders around, delete files, rename files, etc.. and they would
never know.

**


I'm wondering if the author is correct in what he claims. Some guidance
on this will be welcomed!

--
Dave - "It is much better to be hated for what you are, than to be loved
for what you definitely are not." "Do unto others as you would have them
do unto you."


  #42  
Old April 9th 12, 10:19 PM posted to microsoft.public.windowsxp.basics,microsoft.public.test.here
~BD~[_6_]
external usenet poster
 
Posts: 463
Default Thank you.

G. Morgan wrote:
~BD~ wrote:

I'm wondering if the author is correct in what he claims. Some guidance
on this will be welcomed!


Which claim? I see a glaring reason why a remote session will not
work outside of the LAN.



"Then I could do whatever I wanted.. copy files\folders from their hard
drive to mine or vice versa, move files\folders around, delete files,
rename files, etc.. *and they would never know*!"

--
Dave - "It is much better to be hated for what you are, than to be loved
for what you definitely are not." "Do unto others as you would have them
do unto you."
  #43  
Old April 9th 12, 10:25 PM posted to microsoft.public.windowsxp.basics,microsoft.public.test.here
~BD~[_6_]
external usenet poster
 
Posts: 463
Default Thank you.

Tim Meddick wrote:

If your query referred to the ability of a batch file to disrupt an
NT-based system - then my answer would have to be ; "only if such a
batch-file was executed by a user with administrator privileges (on XP
only - vista / W7 gives an extra warning asking if it was you who really
initiated some risky code) would it be able to remove the essential
boot-loader system-file "ntldr" - otherwise, normal limited users would
be protected from such dodgy batch-code by the default usage-rights of
files and folders that reside within the root of the system-drive."

Plus, if the batch-file (or any one of a number of "vulnerable"
executable file-types) was downloaded from the internet, systems from 2K
onward give an extra warning of possible risk on any user attempting to
execute it for the first time.

But you'd have to a bit mental in the first place to deliberately
execute a strange batch-file that you had not first investigated it's
contents for yourself - let alone leaving it to AV scanning!!...

==

Cheers, Tim Meddick, Peckham, London. :-)


Thanks for commenting, Tim.

I wonder how many folk using a computer with an XP operating system do
*not* operate with administrator privileges! ;-)
  #44  
Old April 10th 12, 12:46 AM posted to microsoft.public.windowsxp.basics,microsoft.public.test.here
Tim Meddick[_3_]
external usenet poster
 
Posts: 1,020
Default Thank you.

You arrogant, pontificating a***hole - the guy could be using an internet
café, or anything, why do you assume stuff?!!...

==

Cheers, Tim Meddick, Peckham, London. :-)




"Sycho" wrote in message
m...
This just in to the microsoft.public.test.here news room. On Mon, 09
Apr 2012 22:19:14 +0100 it was announced to all in a public briefing,
~BD~ made the following declaration and
shocked the world when the following was announced:

G. Morgan wrote:
~BD~ wrote:

I'm wondering if the author is correct in what he claims. Some
guidance
on this will be welcomed!

Which claim? I see a glaring reason why a remote session will not
work outside of the LAN.



"Then I could do whatever I wanted.. copy files\folders from their hard
drive to mine or vice versa, move files\folders around, delete files,
rename files, etc.. *and they would never know*!"


You're really trying to disprove anything any everything I have said,
aren't you? You're just not willing to face the facts as I have
carefully demonstrated/laid out for you in clear, easy to understand
English.

If you are *that* determined to prove/disprove what I have said, why
don't you try it out locally yourself and find out just how simple it
is..

Then again you probably wouldn't be able to perform the task without
someone remoting into your computer and doing it for you.

I'd show you just how simple a procedure it is, complete with screen
caps, pretty instructions, a YouTube video, pop-up books, PowerPoint
presentations and a narrator but you STILL wouldn't get it. So it
would be a complete waste of my time.

So here.. http://www.youtube.com/watch?v=_Gi1BpLhRsw

And here.. http://www.youtube.com/watch?v=r8ELtS0YWHc

Pay attention, VERY CAREFULLY.. I understand that will be a difficult
task for you.

Again, as I have said previously (and others have as well), you are on
a Macintosh computer NOT a PC. So all of the above information is
completely irrelevant to you.
--
insert blank stare here


  #45  
Old April 10th 12, 12:48 AM posted to microsoft.public.windowsxp.basics,microsoft.public.test.here
Tim Meddick[_3_]
external usenet poster
 
Posts: 1,020
Default Thank you.

A great many, I should think! Like the millions of XP machines that
populate internet cafés and have not, as yet, been upgraded...

==

Cheers, Tim Meddick, Peckham, London. :-)




"~BD~" wrote in message
...
Tim Meddick wrote:

If your query referred to the ability of a batch file to disrupt an
NT-based system - then my answer would have to be ; "only if such a
batch-file was executed by a user with administrator privileges (on XP
only - vista / W7 gives an extra warning asking if it was you who really
initiated some risky code) would it be able to remove the essential
boot-loader system-file "ntldr" - otherwise, normal limited users would
be protected from such dodgy batch-code by the default usage-rights of
files and folders that reside within the root of the system-drive."

Plus, if the batch-file (or any one of a number of "vulnerable"
executable file-types) was downloaded from the internet, systems from 2K
onward give an extra warning of possible risk on any user attempting to
execute it for the first time.

But you'd have to a bit mental in the first place to deliberately
execute a strange batch-file that you had not first investigated it's
contents for yourself - let alone leaving it to AV scanning!!...

==

Cheers, Tim Meddick, Peckham, London. :-)


Thanks for commenting, Tim.

I wonder how many folk using a computer with an XP operating system do
*not* operate with administrator privileges! ;-)


 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 12:01 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.