Microsoft: piracy is getting virusy - Page 2

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: Microsoft: piracy is getting virusy

On Sunday, October 14, 2012 2:48:31 AM UTC+3, Dustin wrote:
Quoted text here. Click to load it

Dustbin you are, like the garage you spew and collect.  GIGO.

 
Quoted text here. Click to load it

So when you lose the argument, move the goalposts.  What do you define as
'real', old man?  Let's hear it.

RL

Re: Microsoft: piracy is getting virusy

RayLopez99 wrote:
Quoted text here. Click to load it

[...]

I hate to be the one to tell you this ... but ... your keyboard may have
a virus. Dustin's pretty clever, but I don't think even he can spew a
"garage"!

Re: Microsoft: piracy is getting virusy

On Sunday, October 14, 2012 2:35:40 PM UTC+3, Betty wrote:
 
Quoted text here. Click to load it

LOL.  Usually Google spell-check is a blessing...

RL

Re: Microsoft: piracy is getting virusy

Per RayLopez99:
Quoted text here. Click to load it

----------------------------------------
Eye halve a spelling chequer
It came with my pea sea
It plainly marques four my revue
Miss steaks eye kin knot sea.

Eye strike a key and type a word
And weight four it two say
Weather eye am wrong oar write
It shows me strait a weigh.

As soon as a mist ache is maid
It nose bee fore two long
And eye can put the error rite
Its rare lea ever wrong.

Eye have run this poem threw it
I am shore your pleased two no
Its letter perfect awl the weigh
My chequer tolled me sew.
----------------------------------------
--
Pete Cresswell

Re: Microsoft: piracy is getting virusy

RayLopez99 pretended :
Quoted text here. Click to load it
A *real* virus will fit the real definition of what a virus is. Most of
what gets called a virus by the average Joe (and even many of the AV
companies' representatives) is not really a virus at all.



Re: Microsoft: piracy is getting virusy

On Sunday, October 14, 2012 7:00:17 PM UTC+3, FromTheRafters wrote:

Quoted text here. Click to load it

OK I'm biting.  This sounds like trollbait, but what is a "real" virus that is
not detected by AV companies according to you?  Sounds like a Dave Lipmann
discussion coming up.

RL

Re: Microsoft: piracy is getting virusy

RayLopez99 formulated the question :
Quoted text here. Click to load it

I didn't say a word about detection. I'm only saying that AV companies
will often say a malware sample is a "Virus" with a subtype of "Trojan"
or some such nonsense. Most users will call anything going wrong with
their computer a "virus" - it doesn't make it true. A program must
self-replicate and infect as part of that process. If it replicates
without having to infect, and infects but not as a way to replicate, it
is a worm - not a virus.

Quoted text here. Click to load it

Actually, he disagrees with me on this point. He adheres to the "all
worms are viruses" mantra - which is true in a computer science sense.
The thing is, the antimalware industry also calls things that are not
really worms, worms.



Re: Microsoft: piracy is getting virusy

RayLopez99 wrote:
Quoted text here. Click to load it

Are they going into a dissertation about virii/viruses?

Re: Microsoft: piracy is getting virusy

Dustin pretended :
Quoted text here. Click to load it

Thanks, I had forgotten the order. So in DOS it's batfile (bat),
internal command (com), external command (com) and then exefile. I knew
that some exes could be renamed to comfile to avoid some old appkillers
(filters?) - in fact didn't MBAM at one time suggest that method for
those having trouble with their exe not running?

Quoted text here. Click to load it

I really liked the ADS running on XP with a text file showing in the
process list. You remember benign.txt:some.exe and when running the
process showed as benign.txt. Yeah, they fixed that, but I thought it
was cool.
Quoted text here. Click to load it

Well, I suspect another executable format will come - maybe newnewexe.



Re: Microsoft: piracy is getting virusy


Quoted text here. Click to load it

Try Google and find the answer on this page...

http://support.microsoft.com/kb/35284

Jax
--
Bear Bottoms
http://bearware.info

Re: Microsoft: piracy is getting virusy


Quoted text here. Click to load it
not
*really*
Quoted text here. Click to load it
the
format
quite
has

Did you not notice the [g]? I already know the execution order.
 
Quoted text here. Click to load it

You mean, Billy didn't know?


--
There ain't no rest for the wicked. Money don't grow on trees. I got
bills to pay. I got mouths to feed. Ain't nothing in this world for
free. Oh No. I can't slow down, I can't hold back though you know I wish
I could. Oh no there ain't no rest for the wicked, until we close our
eyes for good.




Re: Microsoft: piracy is getting virusy

"FromTheRafters" wrote:

Quoted text here. Click to load it

I am surprised. Why would you hide those extensions?

Quoted text here. Click to load it

Then I don't see your point of disagreement with VG. You and he are
advanced users so I would expect you both not to allow the OS to hide
extensions or any other type of file (system or hidden).

Quoted text here. Click to load it

So does NT - and also for OLE2 files with unregistered extensions. I
think that's also a bad idea. Fortunately it's rare, the icon will be
the default unknown-type icon (so the user won't have the expectation
of a particular application starting), and it's pretty much restricted
to MS Office docs.

Quoted text here. Click to load it

It's a mistake. The OLE2 thing is an aberration.

Quoted text here. Click to load it

Exactly; "the principal of least surprise" I think it's called.

Quoted text here. Click to load it

What counts is a double-click doing what you expect it to do. If you
hide file extensions all bets are off.

Quoted text here. Click to load it

Because it has always been that way in Windows and apparently still is.
Other OS's may behave differently.

Quoted text here. Click to load it

Probably because the marketoons got their way over the tech people.
Windows seems to be aspiring to look like what it isn't, e.g. MacOS.

Quoted text here. Click to load it

Of course not because you didn't change the extension.

Quoted text here. Click to load it

Of course, the average user has no hope!

Quoted text here. Click to load it

The properties shown should have been for the exe, no?

Quoted text here. Click to load it

Files like bat, com, exe, scr and pif are all handled by the OS and
not associated with an application. The expectation should be that
code will be loaded and run.



Re: Microsoft: piracy is getting virusy

It happens that Ant formulated :
Quoted text here. Click to load it

Maybe I should make an image *after* I set things up correctly.
Quoted text here. Click to load it

My disagreement is in thinking that filenames have meaning. Why can't
there be some sort of internal 'content type' metadata being used
instead of relying on a filename extension? That way, the 'content
type' travels *with* the content it describes and the name doesn't
matter.

The problem isn't that the OS gets tricked into running something, it
is that the *user* does because of the name and the icon associated
with that name. If the icon was associated with the *content* instead
of the name wouldn't it be that much clearer what one is about to
double-click on?
Quoted text here. Click to load it

I didn't know that was still the way it worked. If they're going to use
filename extensions to associate, they should do it across the board
and not be so inconsistent. This only serves to confuse matters I
think.
Quoted text here. Click to load it

Back in the day, I remember it being said that to open a text file (or
just about any file) you should go to the application and use the file
open dialog from the pulldown menu instead of relying on double-click
association with a default editor. Even so, it was so much more
convenient to just double-click and trust that everything went okay.
Quoted text here. Click to load it

No, it displayed calc.mp3 but described it correctly as an application.

http://i47.tinypic.com/2s8k9ig.jpg

Applying the 'do not hide stuff' has the name in the dialog box as
calc.mp3.exe like it should.

[...]



Re: Microsoft: piracy is getting virusy

FromTheRafters wrote:

Quoted text here. Click to load it

Yup.  That's why I do it.


Re: Microsoft: piracy is getting virusy

FromTheRafters wrote:
 
Quoted text here. Click to load it

So you can't really change the extension from .exe to .jpg under XP
then?

If not, then this whole idea of file-extensions and how they're handled
under user control is moot.

Re: Microsoft: piracy is getting virusy


Quoted text here. Click to load it

Yes... You can. extensions really mean nothing outside of the GUI you
control.
 


--
There ain't no rest for the wicked. Money don't grow on trees. I got
bills to pay. I got mouths to feed. Ain't nothing in this world for
free. Oh No. I can't slow down, I can't hold back though you know I wish
I could. Oh no there ain't no rest for the wicked, until we close our
eyes for good.




Re: Microsoft: piracy is getting virusy

Virus Guy brought next idea :
Quoted text here. Click to load it

Not from the shell with 'hide extensions for known filetypes' checked -
which is the normal user experience.
Quoted text here. Click to load it

Not really. Consider an executable file's content being downloaded and
given the name benign.txt.exe in the local filesystem. Consider also
that you have hidden the extensions for known filetypes (default
condidtion for XP). You would have a file named benign.txt.exe in the
filesystem (OS), but the GUI display for the user (user shell) has it
as benign.txt with the .exe hidden. Also, an executable can have a
custom icon in its resource section - in this case a copy of the
notepad icon. There would be no way for the user to tell that it was
not actually a plain old text file just by the presentation in the GUI.
The user double clicks the icon thinking it will invoke the default
text editor (notepad) with the file benign.txt (argument) as the file
content to disply - instead, the executable (benign.txt.exe) runs. The
OS is not being fooled into anything, it is the user that is being
fooled.

A safer way to open such a text file is to invoke notepad and use its
open file dialog to navigate to the file you want to open. That way,
there is never an association set up with the loader chain due to the
actual extension being exe.

IIRC, notepad in W98 won't show you most program file's contents
(they're too large for notepad) but it may offer you the option of
using wordpad. Mostly you will get little rectangles where non-ascii
characters would appear, which is why I used edit.com for my editor.



Re: Microsoft: piracy is getting virusy

FromTheRafters wrote:
Quoted text here. Click to load it

Won't most hex editor applications show whatever file you open
with the first part of the file being 'MX'?  

Re: Microsoft: piracy is getting virusy

ASCII wrote :
Quoted text here. Click to load it

MZ stubs can be found on PE files, is that what you mean? You once
posted a URL to a file which I downloaded. It had no extension so my
poor computer didn't know what to do with it. I opened it with edit.com
and saw the JFIF in the first line and knew to open by typing pbrush in
the run box. Yes, pbrush is also a stub of sorts.



Re: Microsoft: piracy is getting virusy

FromTheRafters wrote:
Quoted text here. Click to load it

A [jpg] is usually preceded by ' ' then the jfif part.

Site Timeline