Just a quick take on renaming Viruses, Malware and other nasties...

  1. Compumind's Avatar
    Posts : 2,757
    Windows 10 Pro x64, Various Linux Builds, Networking, Storage, Cybersecurity Specialty.
       #1

    Just a quick take on renaming Viruses, Malware and other nasties...


    Hi all -

    This is a minor dissertation, lol.

    I've had two clients that tried to do something tremendously silly, so I thought that I would pass their "thoughts" on.

    When you scan a file for "nasties," it *does not* matter if you change the filename of the file in question to avoid detection!

    Example:

    File ABCD is renamed to WXYZ in the thought that the AV will scan and permit the file as being valid under a different name - this is absolutely untrue!

    Once the file in question is compromised, the AV will analyze the file regardless of it's naming structure and (hopefully) detect it.
    If you feel that it is a False Positive you can always run Malwarebytes (free) to scan the file and/or submit to VirusTotal for a secondary or tertiary opinion.

    If clean, you can exclude the file through your AV, if necessary.

    I check a questionable file with my own AV, Malwarebytes (with Rootkit scan enabled,) VirusTotal and the MSRT.
    Sometimes, I use more granular tools if I still feel uneasy.

    Here are some resources:


    VirusTotal

    https://www.malwarebytes.com/free

    https://www.microsoft.com/en-us/down...s.aspx?id=9905

    I hope that this helps clarify some things.

    Last edited by Compumind; 07 Feb 2020 at 16:05.
      My Computer

  2. jamis's Avatar
    Posts : 466
    Windows10 Home 64 bit v. 20H2 bld. 19041.928
       #2

    I also have multiple AV packages on hand (not active) to scan if there is a thought that something might be afoul. Having four different packages scan and not find anything gives one a better sense of security.
      My Computer

  3. Jacee's Avatar
    Posts : 1,597
    Win 10 home 20H2 19042.928
       #3

    I've had two clients that tried to do something tremendously silly, so I thought that I would pass their "thoughts" on.
    When you scan a file for "nasties," it *does not* matter if you change the filename of the file in question to avoid detection!
    Back in the covered wagon days, we used to have people rename HijackThis! to another name so the virus wouldn't detect it and stop it from running.
      My Computers


  4. Posts : 1,469
       #4

    Back when Fred Flintstone and I would start our cars by pedaling our feet onto the road through the floorboard, AVG and AVAST used to do their AV jobs really well! Either quarantining or renaming the extension the file[s] judged having a virus.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 14:25.
Find Us




Windows 10 Forums