HiJackThis is now Open Source

[~BD~]

FromTheRafters wrote:
> ~BD~ wrote:
>> §ñühwö£f wrote:
>>> ~BD~<~BD~@nomail.afraid.org> wrote in
>>> news:gfudnZulffqy2dTSnZ2dnUVZ8lOdnZ2d@bt.com:
>>>
>>>> §ñühwö£f wrote:
>>>>
>>>>> Because he dosn't know how to boot his macintosh from a linux live cd
>>>>> and do it safely?
>>>>>
>>>>>
>>>>
>>>> Why would anyone want to do such a thing in the first place?
>>>>
>>>> Makes no sense to me!
>>>>
>>>>
>>> Go stand in the corner, dimmy.
>>
>> :-)
>>
>> Whilst standing there, I happened across this:-
>>
>> Quote:
>>
>> Not necessarily, no. This dummy virus doesn't actually cause any
>> damage to the system. However it does make changes to the registry
>> from the command line.
>>
>> Now the one I wrote back in the days of Windows 95/98, did. It
>> rendered the hard drive un bootable. In other words, once the victim
>> restarted their computer it halted on a black screen with the words
>> "Missing operating system" as it deleted key boot files; io.sys,
>> msdos.sys and command.com.
>>
>> The only recourse from that (should one be so lucky) is to boot from a
>> system diskette and "sys" the drive from the command line.
>>
>> Issuing the command: sys C: would fix that by putting those files back
>> onto the hard drive.
>>
>> I also had two files from the Windows directory being targeted as
>> well.. they were user.dat and user.da0. Which meant that any and all
>> programs that were installed would have to be reinstalled again since
>> the system's registry would be gone too.
>>
>> A "dummy virus" is so named due to the fact there are no actual virus
>> code antivirus software could scan for. These were merely batch files
>> (files that use the .bat extension) that contained commands the
>> computer would recognize and execute.
>>
>> If I really wanted to be devious I could use something like this in a
>> batch file....
>>
>> @ECHO OFF
>> CD/
>> attrib -r -a -s -h ntldr
>> del ntldr
>> ECHO.
>> ECHO Please restart your system...
>> ECHO.
>>
>> In the above example, regardless what directory that was ran from it
>> would go right to the root of the drive. At that point it would remove
>> the read only, archive, system and hidden attributes to ntldr then
>> delete the file without confirmation.
>>
>> But that would render the system inoperable and display the "NTLDR
>> missing" message. My method makes things more interesting due to the
>> simple fact that I could use the command: net view \\ip.addy.goes.here
>> to look for the shared drive. Unless I knew the IP address was static.
>>
>> Then once I found it issue the command net use * \\ip.addy.goes.here\C
>> to map the drive. It basically allows me to see the hard drive in My
>> Computer as though it were physically attached to my system by adding
>> another drive letter. Then I could do whatever I wanted.. copy
>> files\folders from their hard drive to mine or vice versa, move
>> files\folders around, delete files, rename files, etc.. and they would
>> never know.
>>
>> **
>>
>> I'm wondering if the author is correct in what he claims. Some guidance
>> on this will be welcomed!
>>
> It is wrong to call it a virus, dummy or otherwise.


Maybe you should tell Sycho that yourself?!! ;-)

How about commenting on the 'bat' file situation? I always value your
opinion on such matters.


--
Dave - "It is much better to be hated for what you are, than to be loved
for what you definitely are not." "Do unto others as you would have them
do unto you."

[Bullwinkle.]

"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:iv-dnSBgl77Q84DSnZ2dnUVZ8iydnZ2d@bt.com...
Mike Easter wrote:
> ~BD~ wrote:
> A person could claim to tell the truth (for the most part) but sometimes
> lie or tell an 'untruth' or be mistaken or fail to tell the 'whole truth
> and nothing but the truth' by omission.

OK - I'll admit to "fail to tell the 'whole truth and nothing but the
truth' by omission."

[Peter Foldes]

*****Added and unnecessary crossposting removed ********


"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:yIGdnTKbEp_13dfSnZ2dnUVZ8uSdnZ2d@bt.com...

> How about commenting on the 'bat' file situation? I always value your opinion on
> such matters.

What bat file. All I saw in the post of yours was a batch file and one that accessed
the ntdr file in the boot.ini section of boot

David, do you know the difference between a *.bat and a batch file. As usual you
have no idea what you posted and explaining to you would be the same as someone
trying to explain it to a dog who would in most probability understand it far more
than you. You are using a Mac and this batch file has nothing to do with that Mac
system.

So the conclusion that I can only come concerning you posting on this subject is
that you are Trolling

JS

[~BD~]

Peter Foldes wrote:
> *****Added and unnecessary crossposting removed ********
>
>
> "~BD~" <~BD~@nomail.afraid.org> wrote in message
> news:yIGdnTKbEp_13dfSnZ2dnUVZ8uSdnZ2d@bt.com...
>
>> How about commenting on the 'bat' file situation? I always value your
>> opinion on such matters.
>
> What bat file. All I saw in the post of yours was a batch file and one
> that accessed the ntdr file in the boot.ini section of boot

Please clarify the post to which you refer. A recent one - or are you
talking about in 2006?

> David, do you know the difference between a *.bat and a batch file. As
> usual you have no idea what you posted and explaining to you would be
> the same as someone trying to explain it to a dog who would in most
> probability understand it far more than you.
>
> So the conclusion that I can only come concerning you posting on this
> subject is that you are Trolling

Which part of this article do you consider to be incorrect information,
Peter Foldes? http://en.wikipedia.org/wiki/Batch_file

> You are using a Mac and this batch file has nothing to do with that >
> Mac system.

As FTR mentioned today, I *do* still operate other clients! :-)

--
Dave - "It is much better to be hated for what you are, than to be loved
for what you definitely are not." "Do unto others as you would have them
do unto you."

[Peter Foldes]

"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:Bu2dnWtrO7cj19fSnZ2dnUVZ8iSdnZ2d@bt.com...

BD posted the following

>> How about commenting on the 'bat' file situation? I always value your
>> opinion on such matters.

Then posted the below in his next post

> Which part of this article do you consider to be incorrect information, Peter
> Foldes? http://en.wikipedia.org/wiki/Batch_file

Like I say about you. You have no idea what the hell you are talking about even when
you copy\paste article of others

JS

[FromTheRafters]

~BD~ wrote:
> FromTheRafters wrote:
>> ~BD~ wrote:
>>> §ñühwö£f wrote:
>>>> ~BD~<~BD~@nomail.afraid.org> wrote in
>>>> news:gfudnZulffqy2dTSnZ2dnUVZ8lOdnZ2d@bt.com:
>>>>
>>>>> §ñühwö£f wrote:
>>>>>
>>>>>> Because he dosn't know how to boot his macintosh from a linux live cd
>>>>>> and do it safely?
>>>>>>
>>>>>>
>>>>>
>>>>> Why would anyone want to do such a thing in the first place?
>>>>>
>>>>> Makes no sense to me!
>>>>>
>>>>>
>>>> Go stand in the corner, dimmy.
>>>
>>> :-)
>>>
>>> Whilst standing there, I happened across this:-
>>>
>>> Quote:
>>>
>>> Not necessarily, no. This dummy virus doesn't actually cause any
>>> damage to the system. However it does make changes to the registry
>>> from the command line.
>>>
>>> Now the one I wrote back in the days of Windows 95/98, did. It
>>> rendered the hard drive un bootable. In other words, once the victim
>>> restarted their computer it halted on a black screen with the words
>>> "Missing operating system" as it deleted key boot files; io.sys,
>>> msdos.sys and command.com.
>>>
>>> The only recourse from that (should one be so lucky) is to boot from a
>>> system diskette and "sys" the drive from the command line.
>>>
>>> Issuing the command: sys C: would fix that by putting those files back
>>> onto the hard drive.
>>>
>>> I also had two files from the Windows directory being targeted as
>>> well.. they were user.dat and user.da0. Which meant that any and all
>>> programs that were installed would have to be reinstalled again since
>>> the system's registry would be gone too.
>>>
>>> A "dummy virus" is so named due to the fact there are no actual virus
>>> code antivirus software could scan for. These were merely batch files
>>> (files that use the .bat extension) that contained commands the
>>> computer would recognize and execute.
>>>
>>> If I really wanted to be devious I could use something like this in a
>>> batch file....
>>>
>>> @ECHO OFF
>>> CD/
>>> attrib -r -a -s -h ntldr
>>> del ntldr
>>> ECHO.
>>> ECHO Please restart your system...
>>> ECHO.
>>>
>>> In the above example, regardless what directory that was ran from it
>>> would go right to the root of the drive. At that point it would remove
>>> the read only, archive, system and hidden attributes to ntldr then
>>> delete the file without confirmation.
>>>
>>> But that would render the system inoperable and display the "NTLDR
>>> missing" message. My method makes things more interesting due to the
>>> simple fact that I could use the command: net view \\ip.addy.goes.here
>>> to look for the shared drive. Unless I knew the IP address was static.
>>>
>>> Then once I found it issue the command net use * \\ip.addy.goes.here\C
>>> to map the drive. It basically allows me to see the hard drive in My
>>> Computer as though it were physically attached to my system by adding
>>> another drive letter. Then I could do whatever I wanted.. copy
>>> files\folders from their hard drive to mine or vice versa, move
>>> files\folders around, delete files, rename files, etc.. and they would
>>> never know.
>>>
>>> **
>>>
>>> I'm wondering if the author is correct in what he claims. Some guidance
>>> on this will be welcomed!
>>>
>> It is wrong to call it a virus, dummy or otherwise.
>
>
> Maybe you should tell Sycho that yourself?!! ;-)

He didn't ask, you did.

> How about commenting on the 'bat' file situation? I always value your
> opinion on such matters.
>
A batfile is like any other program and has the same scope as any other
program. I currently have 37 legitimate batfiles on my system - none of
which were written by me. Even have some related to Linux and OS/2 but
not on this drive.