Windows XP

The ubiquitous operating system, discussion of its (many) flaws, and how to mitigate the risks of those flaws

Windows XP

Post by Reason7194 on Thu May 05, 2011 12:38 pm
([msg=57022]see Windows XP[/msg])

Hello everyone, I have been exploring Windows XP since most of my clients use XP. After entering ' control userpasswords2 ' into the cmd, and selecting a user, I don't understand what the area's "Logon Script: , and Profile Path: " mean. What is their purpose?
I study Gotafu.
Reason7194
Poster
Poster
 
Posts: 215
Joined: Fri Jan 07, 2011 5:01 pm
Blog: View Blog (0)


Re: Windows XP

Post by Goatboy on Thu May 05, 2011 2:02 pm
([msg=57024]see Re: Windows XP[/msg])

Login scripts are, to be repetitious, scripts that are executed after a user logs in. Some can be found in the Start menu under Startup, and others are defined by registry keys. The Profile Path is basically where the user's profile is (pictures, docs, etc.). This is C:\Documents and Settings\<user> under XP, and C:\Users\<user> under Vista/7.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2751
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Windows XP

Post by Reason7194 on Thu May 05, 2011 3:15 pm
([msg=57029]see Re: Windows XP[/msg])

O thank you Goatboy.

For Registry files, deleting the wrong file when looking for a virus can be devestating. Is there another way of 'knowing' that there is a registry file that should not be there? Other than from knowing from sheer experience and remember what is usually there and what isn't.
I study Gotafu.
Reason7194
Poster
Poster
 
Posts: 215
Joined: Fri Jan 07, 2011 5:01 pm
Blog: View Blog (0)


Re: Windows XP

Post by Goatboy on Thu May 05, 2011 4:03 pm
([msg=57032]see Re: Windows XP[/msg])

CCleaner does a good job of showing what startups are in your system.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2751
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Windows XP

Post by Reason7194 on Thu May 05, 2011 4:09 pm
([msg=57034]see Re: Windows XP[/msg])

O wow yes it does. I have been an avid preacher of ccleaner and I have never known about that :roll:

But still my question remains, does a person just have to know what is usually there in the registry files to tell if a virus put itself there along with the other reg files?

How should I differenciate a malware reg file, and a normal/needed reg file?
I study Gotafu.
Reason7194
Poster
Poster
 
Posts: 215
Joined: Fri Jan 07, 2011 5:01 pm
Blog: View Blog (0)


Re: Windows XP

Post by Goatboy on Thu May 05, 2011 4:30 pm
([msg=57039]see Re: Windows XP[/msg])

Experience, mostly. Some scanners know the signatures of common malware and can look for that (blacklist). Others look for things outside of a list of known good values (whitelist). As for finding them manually, I'm not sure. I also wouldn't recommend it in all but the most extreme cases.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2751
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Windows XP

Post by mShred on Thu May 05, 2011 11:57 pm
([msg=57070]see Re: Windows XP[/msg])

Also "msconfig" will tell you your startup programs from both the startup folder and the registry.
And the best thing to do would be to save a copy of a good registry then compare a virus infected one to it, or restore it to that. Probably the latter because comparing could take a while.
Image

For those about to rock.
User avatar
mShred
Administrator
Administrator
 
Posts: 1612
Joined: Tue Jun 22, 2010 4:22 pm
Blog: View Blog (2)


Re: Windows XP

Post by Goatboy on Fri May 06, 2011 2:10 am
([msg=57072]see Re: Windows XP[/msg])

mShred wrote:Probably the latter because comparing could take a while.

diff under linux. 'nuff said.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2751
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Windows XP

Post by Reason7194 on Fri May 06, 2011 7:13 am
([msg=57077]see Re: Windows XP[/msg])

Ah ok. The last computer I dealt with I edited the registry manually. Deleting a reg file caused so much anxiety..

Thanks everyone.

Topic Solved
I study Gotafu.
Reason7194
Poster
Poster
 
Posts: 215
Joined: Fri Jan 07, 2011 5:01 pm
Blog: View Blog (0)



Return to Microsoft Windows

Who is online

Users browsing this forum: No registered users and 0 guests