1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

A Bat file, most probably malicious - Question

Discussion in 'General Security' started by Koszatniczek, Dec 31, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. Koszatniczek

    Koszatniczek Thread Starter

    Joined:
    Dec 31, 2015
    Messages:
    5
    Hello, a person has sent me a .bat file telling me it's a game. I have opened the file in my text editor, it contained this line:

    @Echo off cd Windows/system32/drivers/etc attrib hosts -r -h del hosts

    Can someone tell me what would this do exactly, and how angry should I be with that person? :)

    Thanks in advance.
     
  2. lochlomonder

    lochlomonder

    Joined:
    Jul 24, 2015
    Messages:
    2,428
    You should be very angry at the person, since this is a batch file - clearly not a game - and the command removes the Read-Only and Hidden attributes of the Hosts file, and then attempts to delete said file. However, they've screwed it up and it wouldn't work properly anyway. That's not the point, though.
     
  3. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    78,499
    First Name:
    Frank
    Do you know who this person is, and have you contacted him to confirm that he sent you that .bat file?
    If it's really an executable game, it should have a .exe extension and not a .bat extension.

    I agree with post #2.
    Someone is trying to mess up your computer.

    --------------------------------------------------------------
     
  4. Koszatniczek

    Koszatniczek Thread Starter

    Joined:
    Dec 31, 2015
    Messages:
    5
    I'm a game Dev, besides the file was like 60kb :p

    Yes, I know who sent it. A person from youtube, over skype. I have his phone number and probably real life name, so it won't be hard to get angry at him. He also tried sending me more bat files [ 700kb / 120kb ones~ ] telling me they're games, and when my antivirus blocked and deleted those, he told me to disable the antivirus. I could probably disable the antivirus and get those files to read them, but I don't think it's worth it. Least I missclick and run them, lol.

    Started out coming to my game server [he's a lets-player-wannabe], and when denied the operator status he sent me those.
     
  5. Koszatniczek

    Koszatniczek Thread Starter

    Joined:
    Dec 31, 2015
    Messages:
    5
    Also, what would happen if the said "hosts" file got deleted? Last time I heard of it was like years ago when we had those fancy loud modems, and I had to redirect[?] a bunch of stuff to make my internet even work...
     
  6. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    111,600
    There aren't always entries in the hosts file but most of the time any entries there are to block access to malicious or dubious sites and are added by some security software
     
  7. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    111,600
    BTW, I've edited posts by both of you to remove an inappropriate word. While it's not really considered profanity and is fairly mild, there are better choices and we prefer to use those so please keep this in mind in the future. Thanks for understanding.
     
  8. Koszatniczek

    Koszatniczek Thread Starter

    Joined:
    Dec 31, 2015
    Messages:
    5
    Sorry for the P word :)
    Also, you say malicious or dubious sites ... Before he sent me the files, he also sent me a link to his website to "come and register". May it be connected then?
    Suppose it's just a kid who read up a tutorial on some script kiddie forum, still noone likes being sent malicious things.
     
  9. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    9,463
    A web site can be malicious and invoke drive-by-downloads to download more malware to your computer. Don't go to his site.

    Also you can go to your Antivirus and see it's logs to find out what virus got cleaned.
     
    Last edited: Dec 31, 2015
  10. Koszatniczek

    Koszatniczek Thread Starter

    Joined:
    Dec 31, 2015
    Messages:
    5
    It has been sorted. I have sent an SMS to the number he had on skype, asking if he's XXX [His skype login was name + last name]. 5 minutes ago, a man called me from another number, telling me He is XXX, and his son just got that SMS to his phone. I have asked him to tell his son not to send malicious software to people, and explained the whole situation. He apologized and promised a chat with the son. Happy new year, script kiddie! :)
     
  11. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    111,600
    It's very highly likely.
     
  12. lochlomonder

    lochlomonder

    Joined:
    Jul 24, 2015
    Messages:
    2,428
    That's perfectly fine. I'll bear this in mind for future posts (y)
     
  13. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    111,600
    Thanks. :)
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1163335

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice