Mysterious file!

[Shane]

Hey Figgs!

Well, I'm flattered to be mentioned in such illustrious company - but I've
only just (tonight as it happens) figured out how to get the Win95 DOShere
powertoy to load ansi.com and doskey every time in ME!

This is the first time in weeks I've been playing with ME real mode. I use
AVG in Win95 and decided to add the scan to the 6.22 boot. Then to the
DR-DOS boot, during which AVG claimed to have found a virus. I suspected it
was rather that AVG didn't get Caldera, so set up another 7 AV scanners.

The Norton scanner - rather old - had supposedly been updated by Intelligent
Updater, but I didn't trust that so unzipped a few recent viruses and test
files (and that non-viable W95.Spaces you sent me - that you and the late KB
had a ding-dong over). While I was at it I figured I might as well run the
others (KAVDOS32, McAfee VirusScan and Trend's PCSCAN did quite well. I
won't mention the rest. Suffice to say they were about as useful as an arse
without a hole. Though I didn't try E-Trust. I was about to download a trial
version, but Sammy pissed me off. That and needing a password to get def
updates).

After I configured the various boot files to add the multi-scan as a
permanent option, I went into and did the same in ME.

(psst! Actually I've been messing around with Linux lately - finally got a
modem supported by it and I still can't go online! Had to download a kernel
update - if you don't have broadband, just forget Linux - and it still
doesn't work!)

Shame about Koldbear.


Shane

 

[Heather]

Hell, Shane......I haven't one clue as to what you are talking
about......grin. But you and Art can converse on this. (VBG)

Better clear up my sending you a non-viable virus in this 'illustrious
company'.....someone posted a crippled one to the MS news groups and it went
into my System Restore, so I was really ticked off.....and got into a
'ding-dong' with one of the regulars.....kind of livened up the ng, grin.
Must be the red hair!!

Have fun........and yes, it was a shock to hear about KB......obviously no
one knew he was ill. Has anyone here heard how Rod Fewster is doing??

Cheers......Figgs

 

[Shane]

Hell, Shane......I haven't one clue as to what you are talking
about......grin. But you and Art can converse on this. (VBG)

And I'd probably not have a clue what he was talking about!

Better clear up my sending you a non-viable virus

Yeah, I can see where that could be misconstrued, now that you mention it.


Shane

 

[Nick FitzGerald]

Let's say a file is actually a exe or com or pif or bat, etc., ie an
"executeable" file, but one that has been renamed to have no file
extension. Are you saying that there are circumstances where Windows
will allow such a extensionless file to execute or launch? If so,
precisely what are the conditions?

Off the top of my head I don't recall whether I found a way to get PE
executables to run under a default Windows install if extensionless and
some very brief tests on this laptop suggest that Win2K SP4 won't
execute such files. However, there are many other file types that can
be renamed extensionless that will open "properly" if extensionless and
that can "execute" code as a result. Remember that many more types of
files contain "code" than Windows executables, batch, .CMD files and
the like (and many of these have forms of "auto-execution" for that
code if its container file is opened with the "right" application).

 

[null]

Off the top of my head I don't recall whether I found a way to get PE
executables to run under a default Windows install if extensionless and
some very brief tests on this laptop suggest that Win2K SP4 won't
execute such files.

Reports of tests so far (that I've seen) have been negative.

However, there are many other file types that can
be renamed extensionless that will open "properly" if extensionless and
that can "execute" code as a result.

A simple example is to rename foo.doc to foo
Foo will Open in Word if clicked on.

Remember that many more types of
files contain "code" than Windows executables, batch, .CMD files and
the like (and many of these have forms of "auto-execution" for that
code if its container file is opened with the "right" application).

Probably this subject has been discussed here or on acv but for some
reason my old brain is drawing a blank. Could you give us some
dangerous examples of this? I think it would be quite interesting.


Art
http://www.epix.net/~artnpeg

 

[FromTheRafters]

Reports of tests so far (that I've seen) have been negative.


A simple example is to rename foo.doc to foo
Foo will Open in Word if clicked on.


Probably this subject has been discussed here or on acv but for some
reason my old brain is drawing a blank. Could you give us some
dangerous examples of this? I think it would be quite interesting.

I second that request, I would find it interesting as well.

If anyone has altered their registry with the "fix" which makes
all (previously) unregistered extensions default to a "notepad"
association, then they will have to undo that hack in order to
run these tests I believe.

 

[Shane]

Here's an update on the previous post. Apropos another thread around
hereabouts, I was setting up the McAfee command line scanner for 98's DOS
dual-booting with XP and it reported it was checking for 1.7 billion viruses
(I suspect I used the wrong scanner as it works fine now).

I'm downloading a second Linux kernel update in 2 months. AFAIK you have to
get all files, which in this case (and last months too) is approx 165MB. So
shortly I'll have downloaded approx the equivalent of the entire Win ME cd
in kernel updates alone in 2 months. But I do enjoy the Breakout game.

Finally, I got a syntax error using the Win ME mfd4life DOS hack that, along
with being unable to run Command /y /c somefile, suggests to me that the
hack only works properly on US versions of ME (Art having previously
reported that it works fine for him).


Shane

 

[Jack the Bear]

[big snip]

Finally, I got a syntax error using the Win ME mfd4life DOS hack that, along
with being unable to run Command /y /c somefile, suggests to me that the
hack only works properly on US versions of ME (Art having previously
reported that it works fine for him).

Shane

I'd thought that Art was in Canada, but his news sender, at least, is in
Pennsylvania. In either event, he would have a US version of ME, possibly w/
128 bit encryption, something non-exportable to the UK. Why a game would
require 128 bit encryption is beyond me. The real wonder of the story is
that ANYthing runs on ANY version of ME.

- Jack.

 

[Shane]

[big snip]

Finally, I got a syntax error using the Win ME mfd4life DOS hack that, along
with being unable to run Command /y /c somefile, suggests to me that the
hack only works properly on US versions of ME (Art having previously
reported that it works fine for him).

Shane

I'd thought that Art was in Canada, but his news sender, at least, is in
Pennsylvania. In either event, he would have a US version of ME, possibly w/
128 bit encryption, something non-exportable to the UK. Why a game would
require 128 bit encryption is beyond me. The real wonder of the story is
that ANYthing runs on ANY version of ME.

Not a game. It's one of the ways to get real mode DOS in ME. The PureDOS
method (devised by three MVPs) uses files from Win 98, so runs 7.10, but is
still an incomplete solution (a number of operations return 'wrong MS-DOS
version). The mfd4life method hacks ME's Command.com, Io.sys and
Regenv32.exe, so runs ME's MS-DOS 8.00. The most recent version is supposed
to have fixed some issues with non-US ME.

I've been using the latter with the approach of the former, switching
between the original and hacked files (PureDOS switches between the original
and 98 files). In hacked real mode 8.00, entering command /y /c somefile
results in 'Press Ctrl+Alt+Del to restart your computer'. Now I find a
perfectly simple batch for copying (or typing) 2 files returning a syntax
error, despite many other batches working perfectly well.

I have a cd made bootable with the ME EBD and containing every DOS file from
ME plus earlier files such as in the 622 supplement (eg DOS Shell). It also
contains various utilities and will run half a dozen command line AV
scanners. In 2 and a half years I've found no problems with this so it seems
to me MS went about hiding real mode in ME with religious fervour, as MS-DOS
8.00 is in itself pretty good. I'm wondering if a 3rd party command
processor would do the trick for hd mode. Think I'll go get 4DOS and see how
that goes.

(btw, for the record I actually like Win ME).


Shane

 

[Jack the Bear]

Not a game.

Sorry, I thought it was that stolen ½Life code......

(a number of operations return 'wrong MS-DOS version).

I'm on Win98SE. If you need a Command.com, I'll mail it.
Got one for 6.2 handy as well.
Tried using SETVER ?

entering command /y /c somefile

"/Y" steps through batch files, and I'd have thought "/K" to be more
usefull, you can see the output.

perfectly simple batch for copying (or typing) 2 files returning a syntax

Post it, I'll take a look. Some of this was pure gibberish to me, but I do
know .BAT files.
Often, if you know what you want it to say, that's what you'll read, no
matter what's there.

- Jack.

 

[null]

Finally, I got a syntax error using the Win ME mfd4life DOS hack that, along
with being unable to run Command /y /c somefile, suggests to me that the
hack only works properly on US versions of ME (Art having previously
reported that it works fine for him).

Hi Shane. As I mentioned in a post to Heather, I do have in the back
of my mind putting up a web page on the various boot modes I've
discovered and find useful for Win ME. For what it's worth, my Win ME
PC is a Hp Pavilion.

I didn't have a problem with the mfd4life hack except that I did lose
the ability to get into Safe mode. However, I can get around that if I
ever want to by booting up using a special "boot into Windows" disk as
described at the XXCOPY web site. Using this boot disk, pressing F8
does allow the Safe mode option.

Another very interesting boot mode is to Windows command prompt only.
I got the idea from Zvi Netiv who has a free utility at his web site
which allows you to toggle this mode on and off. As I recall, to do
this manually, you change the shell= line in system.ini from
explorer.exe to command.com (Something like that anyway). I was kind
of surprised that everything works fine when using this mode .... I
can use my DSL service, browsers, etc. The mode could come in very
handy in case certain problems arise booting normally into Windows.


Art
http://www.epix.net/~artnpeg

 

[Shane]

Sorry, I thought it was that stolen ½Life code......


I'm on Win98SE. If you need a Command.com, I'll mail it.
Got one for 6.2 handy as well.

Thanks. Though I do have those - I'm running a 6.22/Win 95B boot as well as
using 98se's DOS files in an XP dual boot. Not that I'm an expert.

Tried using SETVER ?

No, but I want 8.00 running on hd the way it runs from floppy/cd if poss.,
but I suspect one would have to take the hacking further than the mfd4life
approach does. Having said that, the main use in ME (when one has 6.22 and
7.10 available anyway) is running command line AVs and those do work.

However, the batch now also works (see below).

"/Y" steps through batch files, and I'd have thought "/K" to be more
usefull, you can see the output.

Stepping through batches is what I want - also to do from real mode what
it'll do perfectly well from floppy/cd or a DOS window. Actually I
originally mentioned that specific command - some weeks ago - intentionally
as something one who wants real mode in ME enough to do something about it,
would IMO probably want to use at some stage. But merely typing COMMAND and
hitting enter brings the Ctrl+Alt+Del message and inevitable reboot.

syntax

Post it, I'll take a look. Some of this was pure gibberish to me, but I do
know .BAT files.
Often, if you know what you want it to say, that's what you'll read, no
matter what's there.

Yes. Well, I just booted Windows to post it's contents here, only when I
looked at it with Editpad, saw a 'square' character between IF and NOT that
didn't show in DOS using Edit.com. Like when you do the Ctrl+P+[ using
Edit.com to get the escape character, Editpad shows it as a square?
Overwrote that with a space and the batch now works. I've got a new,
natural, keyboard and keep hitting the comma key instead of the full stop,
so I'm wondering what key I hit to get a character invisible to Edit.com.

Shane

 

[kurt wismer]

Jack the Bear wrote:
[snip]

I'd thought that Art was in Canada, but his news sender, at least, is in
Pennsylvania. In either event, he would have a US version of ME, possibly w/
128 bit encryption, something non-exportable to the UK. Why a game would
require 128 bit encryption is beyond me. The real wonder of the story is
that ANYthing runs on ANY version of ME.

a couple of things...
a) 128bit encryption is a function of the cryptographic service
provider installed, not an indication that a special version of windows
is installed...
b) export controls don't necessarily mean something is non-exportable,
it just means the exporter needs to acquire a license to export it...
c) the export controls on cryptography were loosened in the past couple
years...
d) i'm pretty sure the only countries who can't get the MS CSP that
enables 128bit encryption in IE (legally) at this point are the US
embargoed nations (whether because ms got a license or because of the
changes to the export controls)... the UK isn't under a US embargo, is it?

 

[Jack the Bear]

so I'm wondering what key I hit to get a character invisible to Edit.com.

[Ctrl]+[G] ?

Just a guess, could'a been anything. I hate edit.com.[Actually, I don't know
it well enough to hate it.] I use SPFPC or notepad instead.

- Jack.

 

[David H. Lipman]

If you had the number then you mixed the standard DAT files with BOOTSCAN.EXE which requires
the Emergency DAT files which are a sub-set of the standard DATs and are for Boot Sector
Infectors.

Dave



| Here's an update on the previous post. Apropos another thread around
| hereabouts, I was setting up the McAfee command line scanner for 98's DOS
| dual-booting with XP and it reported it was checking for 1.7 billion viruses
| (I suspect I used the wrong scanner as it works fine now).
|
| I'm downloading a second Linux kernel update in 2 months. AFAIK you have to
| get all files, which in this case (and last months too) is approx 165MB. So
| shortly I'll have downloaded approx the equivalent of the entire Win ME cd
| in kernel updates alone in 2 months. But I do enjoy the Breakout game.
|
| Finally, I got a syntax error using the Win ME mfd4life DOS hack that, along
| with being unable to run Command /y /c somefile, suggests to me that the
| hack only works properly on US versions of ME (Art having previously
| reported that it works fine for him).
|
|
| Shane
|
|
| | > Hell, Shane......I haven't one clue as to what you are talking
| > about......grin. But you and Art can converse on this. (VBG)
| >
| > Better clear up my sending you a non-viable virus in this 'illustrious
| > company'.....someone posted a crippled one to the MS news groups and it
| went
| > into my System Restore, so I was really ticked off.....and got into a
| > 'ding-dong' with one of the regulars.....kind of livened up the ng, grin.
| > Must be the red hair!!
| >
| > Have fun........and yes, it was a shock to hear about KB......obviously no
| > one knew he was ill. Has anyone here heard how Rod Fewster is doing??
| >
| > Cheers......Figgs
| >
| >
| > | > > Hey Figgs!
| > >
| > > Well, I'm flattered to be mentioned in such illustrious company - but
| I've
| > > only just (tonight as it happens) figured out how to get the Win95
| DOShere
| > > powertoy to load ansi.com and doskey every time in ME!
| > >
| > > This is the first time in weeks I've been playing with ME real mode. I
| use
| > > AVG in Win95 and decided to add the scan to the 6.22 boot. Then to the
| > > DR-DOS boot, during which AVG claimed to have found a virus. I suspected
| > it
| > > was rather that AVG didn't get Caldera, so set up another 7 AV scanners.
| > >
| > > The Norton scanner - rather old - had supposedly been updated by
| > Intelligent
| > > Updater, but I didn't trust that so unzipped a few recent viruses and
| test
| > > files (and that non-viable W95.Spaces you sent me - that you and the
| late
| > KB
| > > had a ding-dong over). While I was at it I figured I might as well run
| the
| > > others (KAVDOS32, McAfee VirusScan and Trend's PCSCAN did quite well. I
| > > won't mention the rest. Suffice to say they were about as useful as an
| > arse
| > > without a hole. Though I didn't try E-Trust. I was about to download a
| > trial
| > > version, but Sammy pissed me off. That and needing a password to get def
| > > updates).
| > >
| > > After I configured the various boot files to add the multi-scan as a
| > > permanent option, I went into and did the same in ME.
| > >
| > > (psst! Actually I've been messing around with Linux lately - finally got
| a
| > > modem supported by it and I still can't go online! Had to download a
| > kernel
| > > update - if you don't have broadband, just forget Linux - and it still
| > > doesn't work!)
| > >
| > > Shame about Koldbear.
| > >
| > >
| > > Shane
| > >
| > > | > > >
| > > > | > > > > On Thu, 26 Feb 2004 20:17:16 GMT, "Heather" <[email protected]>
| > > > > wrote:
| > > > >
| > > > > >> Come on over to my web site and learn how to do it right
| > > > > >>
| > > > > >> Mr. 9x/ME Surgeon
| > > > > >
| > > > > >Touché, mon ami........)
| > > > >
| > > > > I'm thinking about putting up a Win ME web page describing various
| > > > > boot options that I've come across and find useful.
| > > > >
| > > > > 1. Boot up directly into DOS, create RAM drive, and install mouse
| > > > > driver.
| > > > > 2. Boot into Windows from floppy.
| > > > > 3. Boot into Windows command prompt only.
| > > > >
| > > > > These various boot modes (plus the standard Win ME system boot disk)
| > > > > can be very handy for troubleshooting. And #1 is invaluable for
| those
| > > > > who use DOS programs.
| > > > >
| > > > > Win ME can be made to be just as flexible and nice as Win 98 in
| spite
| > > > > of M$'s efforts to make things difficult
| > > > >
| > > > Sounds good.......why not come over to WinME General and discuss it?
| > Then
| > > > you can also teach me some stuff. (G)
| > > >
| > > > Shane B. hasn't been around lately, but he is a good one to talk
| > > to.....and
| > > > Chris Q. Shane was messing around with some programs for ME.....can't
| > > > remember exactly what all they were, but Norton was one.
| > > >
| > > > I never used Win98.......just 95. So to me, WinME is excellent. I do
| > > have
| > > > XP home here to put on, but frankly, not sure I want to yet. Besides,
| I
| > > > would prefer to partition and then dual boot and there are a few ways
| to
| > > go
| > > > re that. Additional HD, update the CPU......partition the existing 40
| > gig
| > > > one (half full now).....needs some thinking. And I am not up to doing
| > it
| > > > myself. No 'old folks' around here that know anything about that sort
| > of
| > > > stuff.
| > > >
| > > > Heather
| > > >
| > > >
| > >
| > >
| >
| >
|
|

 

[Ant]

[...]

d) i'm pretty sure the only countries who can't get the MS CSP that
enables 128bit encryption in IE (legally) at this point are the US
embargoed nations (whether because ms got a license or because of the
changes to the export controls)... the UK isn't under a US embargo, is it?

Nope. I've got 128 bit encryption on my Win2k here in the UK.

 

[FromTheRafters]

so I'm wondering what key I hit to get a character invisible to Edit.com.

[Ctrl]+[G] ?

Control G...control G...hmmm that rings a bell from my
teletype days. ;o)

 

[Beauregard T. Shagnasty]

Quoth the raven named FromTheRafters:

so I'm wondering what key I hit to get a character invisible to Edit.com.

[Ctrl]+[G] ?

Control G...control G...hmmm that rings a bell from my
teletype days. ;o)

<lol> After about a dozen of them, the boss would throw a staplegun or
something our way...

 

[Shane]

Hi Shane. As I mentioned in a post to Heather, I do have in the back
of my mind putting up a web page on the various boot modes I've
discovered and find useful for Win ME. For what it's worth, my Win ME
PC is a Hp Pavilion.

I didn't have a problem with the mfd4life hack except that I did lose
the ability to get into Safe mode. However, I can get around that if I
ever want to by booting up using a special "boot into Windows" disk as
described at the XXCOPY web site. Using this boot disk, pressing F8
does allow the Safe mode option.

Must have a look at that. But it isn't much of a problem (as I now concede.
I used to think otherwise) since you can replace the three files with the
originals in about 2 minutes from floppy/cd anyhow.

Another very interesting boot mode is to Windows command prompt only.
I got the idea from Zvi Netiv who has a free utility at his web site
which allows you to toggle this mode on and off. As I recall, to do
this manually, you change the shell= line in system.ini from
explorer.exe to command.com (Something like that anyway). I was kind
of surprised that everything works fine when using this mode .... I
can use my DSL service, browsers, etc. The mode could come in very
handy in case certain problems arise booting normally into Windows.

Yes, I've just tried that. Interestingly - though if memory serves, you will
be less than impressed - you can run System Restore from there. The MSKB
method for running SR 'from the command line' when you can't boot Windows is
to edit System.ini to change the shell to Progman.exe. I've used Minitrue to
automate that (and more recently to clean up an XDIR of C: to feed to
VirusScan's SCANPM as it doesn't appear to have a NOSUB switch).

Shane

 

[Shane]

I see. Well, I did experiment with each scanner rather than read the
instructions. I admit to rarely R-ingTFM. :-(



Shane