Re: Running program files on XP with non-executable extension?
From: Poster 60 (ekron_at_wapda.com)
Date: Thu, 03 Nov 2005 02:12:56 GMT
> I found that if I add the random letters *before* the EXE then
> AntiVir PE's guard does not detect it as a virus.
This is what an anti-virus program will do if you choose to rename
the file to keep it for observation purposes. If you add a "v" in front
of the exe extension, it is no longer read as an executable. You will
also notice the icon of the file changes.
You could also rename it by a second extension after the exe - exe.abc
> So BLUESKY.HJEXE is ok according to 'AntiVir PE'.
The executable is disabled but it is still a malicious file. It can
be reactivated by changing the extension back to exe.
> Is this just an oddity in 'AntiVir PE'? Or is this being done
> because of something in XP Pro which might truncate the letters in
> a file's extension after the first three letters?