Date: Wed, 31 Mar 1999 16:04:40 -0800 (PST) From: Doug White <dwhite@resnet.uoregon.edu> To: NIcky Lai <nickylai@sirius.com> Cc: questions@freebsd.org Subject: Re: ?? Virus detected on CD FSB_330A ??? Message-ID: <Pine.BSF.4.03.9903311602230.19913-100000@resnet.uoregon.edu> In-Reply-To: <01BE7AD7.2BC5E760.nickylai@sirius.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 30 Mar 1999, NIcky Lai wrote: > I just bough the FreeBSD Version 3.0 CD and the book Complete FreeBSD 2nd > edition. I am doing backup of the CDs before I install the FreeBSD, during > the process the Trend PC-cillin 98 program with virus Pattern #502 detected > a virus on CD number one as follows: > > Virus name: PRESTO * > TOOLS\OSBSBETA.EXE (OS-BS\OS-BS.COM) > TOOLS\OSBS135.EXE (OS-BS\OS-BS.COM) > > > On the other hand, I am beginning to read the book before I do the > installation. The name PRESTO is being use as an example in page 46 and may > be other pages as well. Could this be a coincident that the word use in one > OS will misinterpreted as virus in another OS? Anyway, I like to point it > out because you people know it much better. This is probably a false positive. OSBS is a boot manager which installs itself into the system MBR. Heuristic virus checkers may mistake that for a virus action. (I know that older virus checkers often mistake the installed boot sector image as ANTI-EXE or something of that order.) If you're worried about it, those are self-extracting archives, so you could use unzip to unpack them instead of executing them directly. Or, I think they should be zipped in the \TOOLS\SRC directory on the disc. Doug White Internet: dwhite@resnet.uoregon.edu | FreeBSD: The Power to Serve http://gladstone.uoregon.edu/~dwhite | www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.03.9903311602230.19913-100000>