Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!rutgers!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: woody@chinacat.Unicom.COM (Woody Baker @ Eagle Signal) Newsgroups: comp.virus Subject: Re: ways to circumvent viri attack, maybe Message-ID: <0014.9012041357.AA13652@ubu.cert.sei.cmu.edu> Date: 30 Nov 90 19:11:48 GMT Sender: Virus Discussion List Lines: 32 Approved: krvw@sei.cmu.edu pc2d+@ANDREW.CMU.EDU (Philip Edward Cutone, III) writes: > Just a thought, > > What kind of impact would say, renaming com and exe files to > something else while not being used. Then at least viri that scan the > disk looking for those files to infect would find no hosts in which to You can patch command.com to accomplish this. Using Norton utilites search through command com for exe com and bat strings. Change them to whatever you wish. The rename your files accordingly. Be aware however, that some programs spawn or run other programs and they may assume exe or com extensions. These will fail. I have a slightly diffrent technique. I have a Tallgrass 1040I tape drive. A marvelous drive, this little jewel is a 40 meg drive that has a installable device driver that makes it look like up to 5 hard drives. I currently have 4 6.9 meg drives and one about 14 meg. I keep nearly all my stuff arced up and stored on the tape. When I need something, I go un arc it from the tape (any dos command will work and you can open the tape files from any language) and load it to my hard disk. If I don't need it later, I just delete it. NOW: some viruses probably look at the file format to determine what it is. you can look for the signature at the front of the file to determine if it is an exe file. Dos will run a com file if you rename it as an exe file, or an exe file if you rename it as a com file. It can figure things out, so there is no reason to assume that a virus cannot do it. Cheers Woody Brought to you by Super Global Mega Corp .com