***>>> CONTINUED FROM PREVIOUS MESSAGE <<<***
onto disk and free up RAM memory for things that need to be
there.
Sometimes, a scanner will detect a virus in this file. There
are a number of possible causes for this:
1) There's actually a virus on the system. It was
captured in memory and written to this file.
2) One scanner is picking up another scanner's
trings
which were only supposed to be alive in memory.
That is, even if the first scanner is otherwise
known as a well-behaved scanner that encoded its
strings, at some point, the scanner decrypted the
strings so it could use them. It was unlucky to
have had that piece of memory swapped out at that
point. When that scanner finished, it cleaned its
memory. But there's no chance to "clean" the swap
file.
3) A scanner is picking up itself in memory, similar
to 2). But actually more likely than 2).
To remove or adjust its size, use the interface found in 386
Enhanced settings in the Control Panel. One last note, a
"really big" swap file does not necessarily mean faster
peed.
There is an optimal setup for your machine depending on how
you use it.
3.2 Black box as mouse pointer
The arrow used by Windows to show where the mouse currently
points is something called a sprite. There's a whole
ifferent
science for how to deal with sprites.
In this case, Windows simply wasn't able to read in the
sprite associated with its current environment. Thus, the
sprite is just a black box.
4.0 DOS
4.1 DIR | MORE
Pipes, the concept of allowing output from one program to be
used as input to another program, was an afterthought of DOS
introduced in DOS 2.0. The method of implementation was to
direct the output of one process to be written to a file. The
first program finishes execution. Then the second program
runs. It reads from this temporary file and uses it as its
input stream.
This temporary file is created in the directory designated by
the TEMP environment variable.
As it happens, DOS creates 2 temporary files for the process
"DIR | MORE". These two files have names generated as some
random set of 8 characters. Thus, each invocation creates 2
differently named files.
No one happenstance generates more phone calls and questions
than this one.
[I happen to use NDOS, a derivative of 4DOS. It also creates
temporary files in the directory designated by the TEMP
environment variable. But, this set of circumstances only
creates one file and it is always a constant name.]
4.2 PEAT and \REPEAT\REPEAT\REPEAT\...
This is the issue of infinitely recursive subdirectories.
Looking at Appendix A, you will see that one of the fields
represents the cluster number of the subdirectory. Thus, if
you replace the cluster number of a subdirectory with the
cluster number of the directory itself, you can generate this
scenario.
Well, that's not all that easy to do, except... if you're in
the root directory. Any subdirectory with its cluster number
set to 0 will point back to the root directory. So, if you
overlay a random data file over the root directory, a random
byte will have the subdirectory bit set and if there happens
to be a NULL in the cluster field, you will create this
situation.
5.0 Software Applications
5.1 Where's Waldo?
A version of CorelDraw 5.0 had the capability of presenting
the message "Where's Waldo?" to the user. If you hear this
from a user, ask first if he's using CorelDraw. No virus
currently presents this message to the user.
5.2 Word Perfect
Ever since Macro Viruses for Word for Windows came into
eing,
there have been many people attributing any Word Perfect
problem to "Is this a new Word Perfect virus?"
Until you hear otherwise, the answer is, "No."
Presently, Word Perfect manages its macros in a separate file
***>>> CONTINUED NEXT MESSAGE <<<***
--- GEcho 1.20/Pro
---------------
* Origin: Slings & Arrows BBS St. Louis, Mo. (1:100/205.0)
|