Win32 Programming

[Redbone]

The best way to protect yourself is to only download and run programs that are written by people or companies that you know. I think that it is generally a bad idea to download and run a lot of programs from places like download.com or similar sites. The reality is that you don't know what it is that you are getting, so unless you are willing to assume the risk then you shouldn't use those services.

What I do when I download a program that I want to test is to run it on a small PC that I have set aside for testing purposes. When I say small I mean a P1-166. If I can open it and it doesn't crash the box or attempt to connect to the internet then I usually trust it. If it does anything that I feel is malicious I normally reformat the drive and reinstall Windows on it.

[slarty]

It is true that it takes a malicious programmer to make malicious code, but there are a bunch of programmers out there. C++ is incredible, and I wish I could afford MSVC++.

C++ can do no more or less than any other language. The APIs may be more geared toward C or C++ programmers than, say, VB where all the more low-level and/or dangerous is insulated from them (treated like kiddies) - that's not to say that a VB program can't wipe your disc just as effectively.

Can an AV program actually look for commands that delete things, or pass system handles? I wrote a test program that looked and actually worked as an SMTP client. Yet, if anyone clicked "Send", their hard drive was formatted. My friend and I put it on his computer, and none of his AV caught it. How does one protect themselves from this, as I download programs all the time.

The AV programs using Heuristics (unsure of spelling) are not particularly effective. The problem is that when you look closely enough, all programs do them same sorts of things.

Many programs delete files. Many programs create files. Many programs access the internet. It can't detect them all as viruses.

This AV software does exist but is not terribly effective and causes lots of false alarms. However, it can potentially detect malware which nothing else does.

Nevertheless, running untrusted binaries and then hoping the AV catches them if they are nasty is really a bad idea.

C++ is incredible, and I wish I could afford MSVC++

Get MingW instead then it's free, there's no IDE but it compiles C++ on Windows.
http://www.mingw.org/

[Mahdi]

windows xp is secure enough to not allow a program to destroy the system (especially if it is not run as superuser). but win 9x... it can be crashed just using "/con/con", "/aux/aux" or "/prn/prn". and this can be done over a network, too. not to mention that win 95 (not OSR2) can be crashed with "ping of death".