Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!uwm.edu!uakari.primate.wisc.edu!polyslo!vlsi3b15!vax1.cc.lehigh.edu!sei.cmu.edu!krvw From: frisk@rhi.hi.is (Fridrik Skulason) Newsgroups: comp.virus Subject: Re: Preventing virus attacks (PC) Message-ID: <0004.8909281133.AA14331@ge.sei.cmu.edu> Date: 27 Sep 89 13:40:46 GMT Sender: Virus Discussion ListLines: 34 Approved: krvw@sei.cmu.edu > Will changeing a file attribute to READ ONLY stop or slow down a virus? > What about write locking a whole Directory? > Does hiding a file or directory have any effect??? This is a very common question, but in general the answer is NO. Boot sector viruses are of course not affected by the read-only protection, since they do not infect files. Some viruses can be stopped my making program files read-only, but right now I can only think of two such viruses: South African "Friday 13." (and the related VIRUS-B) Lehigh However, those two viruses are very rare. The rest of the PC viruses remove the read-only attribute from files, before infecting them. Most of them restore it later ("Icelandic" does not). So - making files read-only will not provide any protection from viruses like: Jerusalem (Israeli Friday 13.) and relatives (Fu Manchu) Vienna (DOS-62) Traceback DataCrime Icelandic and relatives (MIX1 and Saratoga) The main use of read-only protecting .EXE and .COM files is really to protect the user from his own mistakes. Hiding a file is equally ineffective. --- frisk