FromTheRafters wrote:
> ~BD~ wrote:
>> §ñühwö£f wrote:
>>> ~BD~<~BD~@nomail.afraid.org> wrote in
>>> news:gfudnZulffqy2dTSnZ2dnUVZ8lOdnZ2d@bt.com:
>>>
>>>> §ñühwö£f wrote:
>>>>
>>>>> Because he dosn't know how to boot his macintosh from a linux live cd
>>>>> and do it safely?
>>>>>
>>>>>
>>>>
>>>> Why would anyone want to do such a thing in the first place?
>>>>
>>>> Makes no sense to me!
>>>>
>>>>
>>> Go stand in the corner, dimmy.
>>
>> :-)
>>
>> Whilst standing there, I happened across this:-
>>
>> Quote:
>>
>> Not necessarily, no. This dummy virus doesn't actually cause any
>> damage to the system. However it does make changes to the registry
>> from the command line.
>>
>> Now the one I wrote back in the days of Windows 95/98, did. It
>> rendered the hard drive un bootable. In other words, once the victim
>> restarted their computer it halted on a black screen with the words
>> "Missing operating system" as it deleted key boot files; io.sys,
>> msdos.sys and command.com.
>>
>> The only recourse from that (should one be so lucky) is to boot from a
>> system diskette and "sys" the drive from the command line.
>>
>> Issuing the command: sys C: would fix that by putting those files back
>> onto the hard drive.
>>
>> I also had two files from the Windows directory being targeted as
>> well.. they were user.dat and user.da0. Which meant that any and all
>> programs that were installed would have to be reinstalled again since
>> the system's registry would be gone too.
>>
>> A "dummy virus" is so named due to the fact there are no actual virus
>> code antivirus software could scan for. These were merely batch files
>> (files that use the .bat extension) that contained commands the
>> computer would recognize and execute.
>>
>> If I really wanted to be devious I could use something like this in a
>> batch file....
>>
>> @ECHO OFF
>> CD/
>> attrib -r -a -s -h ntldr
>> del ntldr
>> ECHO.
>> ECHO Please restart your system...
>> ECHO.
>>
>> In the above example, regardless what directory that was ran from it
>> would go right to the root of the drive. At that point it would remove
>> the read only, archive, system and hidden attributes to ntldr then
>> delete the file without confirmation.
>>
>> But that would render the system inoperable and display the "NTLDR
>> missing" message. My method makes things more interesting due to the
>> simple fact that I could use the command: net view \\ip.addy.goes.here
>> to look for the shared drive. Unless I knew the IP address was static.
>>
>> Then once I found it issue the command net use * \\ip.addy.goes.here\C
>> to map the drive. It basically allows me to see the hard drive in My
>> Computer as though it were physically attached to my system by adding
>> another drive letter. Then I could do whatever I wanted.. copy
>> files\folders from their hard drive to mine or vice versa, move
>> files\folders around, delete files, rename files, etc.. and they would
>> never know.
>>
>> **
>>
>> I'm wondering if the author is correct in what he claims. Some guidance
>> on this will be welcomed!
>>
> It is wrong to call it a virus, dummy or otherwise.


Maybe you should tell Sycho that yourself?!! ;-)

How about commenting on the 'bat' file situation? I always value your
opinion on such matters.


--
Dave - "It is much better to be hated for what you are, than to be loved
for what you definitely are not." "Do unto others as you would have them
do unto you."