Just a quick take on renaming Viruses, Malware and other nasties...


  1. Compumind
    Posts : 5,048
    Windows 10/11 Pro x64, Various Linux Builds, Networking, Storage, Cybersecurity Specialty.
       New #1

    Just a quick take on renaming Viruses, Malware and other nasties...


    Hi all -

    This is a minor dissertation, lol.

    I've had two clients that tried to do something tremendously silly, so I thought that I would pass their "thoughts" on.

    When you scan a file for "nasties," it *does not* matter if you change the filename of the file in question to avoid detection!

    Example:

    File ABCD is renamed to WXYZ in the thought that the AV will scan and permit the file as being valid under a different name - this is absolutely untrue!

    Once the file in question is compromised, the AV will analyze the file regardless of it's naming structure and (hopefully) detect it.
    If you feel that it is a False Positive you can always run Malwarebytes (free) to scan the file and/or submit to VirusTotal for a secondary or tertiary opinion.

    If clean, you can exclude the file through your AV, if necessary.

    I check a questionable file with my own AV, Malwarebytes (with Rootkit scan enabled,) VirusTotal and the MSRT.
    Sometimes, I use more granular tools if I still feel uneasy.

    Here are some resources:

    VirusTotal
    https://www.malwarebytes.com/free

    https://www.microsoft.com/en-us/down...s.aspx?id=9905

    I hope that this helps clarify some things.

    Last edited by Compumind; 07 Feb 2020 at 17:05.
      My Computer
    Quote Quote

  3. jamis
    Posts : 579
    Windows10 Home 64 bit v. 22H2 bld. 19045.2604
       New #2

    I also have multiple AV packages on hand (not active) to scan if there is a thought that something might be afoul. Having four different packages scan and not find anything gives one a better sense of security.
      My Computer
    Quote Quote

  4. Jacee
    Posts : 1,604
    Win 10 home 20H2 19042.1110
       New #3

    I've had two clients that tried to do something tremendously silly, so I thought that I would pass their "thoughts" on.
    When you scan a file for "nasties," it *does not* matter if you change the filename of the file in question to avoid detection!
    Back in the covered wagon days, we used to have people rename HijackThis! to another name so the virus wouldn't detect it and stop it from running.
      My Computers
    Quote Quote

  6. RolandJS
    Posts : 1,621
    Windows 10 Home
       New #4

    Back when Fred Flintstone and I would start our cars by pedaling our feet onto the road through the floorboard, AVG and AVAST used to do their AV jobs really well! Either quarantining or renaming the extension the file[s] judged having a virus.
      My Computer
    Quote Quote

 

  Related Discussions
Greetings! I've come here for help because Google has failed me, perhaps for the first time ever. I have a new, custom built PC, with original Windows 10 installed. Avast Antivirus, Malwarebytes for anti-malware. The issue is this: my PC...
Every...i mean every anti malware blocked by unknown malware/virus
in AntiVirus, Firewalls and System Security

i have looked up this issue and apparently this must be a new one since there is no solution what so ever, even the hidden admin account is defenseless, here is what's going on 1. the PC got infected on windows defenders watch, the infection...
Pc taken over by viruses and malware
in AntiVirus, Firewalls and System Security

So my girlfriend got tricked by these multiple download button sites and unfortunately my pc is now possesed by all kinds of viruses and malware. It goes from hijacking my brownser (something called youndoo) to disabling the windows defender...
Got a ton of viruses
in AntiVirus, Firewalls and System Security

I installed the Win 10 Home Single Language from the downloaded iso. Was getting wierd error messages so updated Malwarebytes and ran a scan. It came up with about 15 trojans and worms which it got rid of. I thought this version of windows was...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 22:35.
Find Us




Windows 10 Forums