Path: utzoo!mnetor!uunet!husc6!uwvax!puff!ttang
From: ttang@puff.cs.wisc.edu (Theodore Tang)
Newsgroups: comp.sys.ibm.pc
Subject: Re: FLUSHOT3.ARC protect against Trojans program
Message-ID: <1416@puff.cs.wisc.edu>
Date: 23 Feb 88 01:54:22 GMT
References: <8221@eddie.MIT.EDU>
Organization: U of Wisconsin CS Dept
Lines: 21
Keywords: trojan,virus,flushot,protect
Summary: Would it help to just rename COMMAND.COM to somthing else and
	 hack the IBMBIOS.COM or IBMDOS.COM files so they can find it?


After reading about all these dangers comming along with virus and trojan
horse programs, I've got a question:

Couldn't one just rename their COMMAND.COM to something like PROTECT.COM
and hack at the IBMDOS.COM or IBMBIOS.COM so they can find the boot program
and others can't?

I mean, how are these viruses doing this?  Do they search for COMMAND.COM
explicitly and if so, wouldn't renaming them help?


Theodore Tang
University of Wisconsin at Madison

USENET:       ttang@puff.wisc.edu.UUCP
FIDONET:      1:121/3 (Opus's Internat'l Archives BBS)
BBS:          Opus's Internat'l Archives BBS
	      (608)251-4755 9600 USR HST MNP 5

"No, no, it wasn't me!" -anonymous