From owner-freebsd-questions Wed Mar 31 23:14:44 1999 Delivered-To: freebsd-questions@freebsd.org Received: from hades.riverstyx.net (hades.riverstyx.net [216.94.42.239]) by hub.freebsd.org (Postfix) with ESMTP id 717981516C for ; Wed, 31 Mar 1999 23:14:42 -0800 (PST) (envelope-from unknown@riverstyx.net) Received: from localhost (unknown@localhost) by hades.riverstyx.net (8.9.3/8.9.3) with ESMTP id XAA23162; Wed, 31 Mar 1999 23:17:05 -0800 Date: Wed, 31 Mar 1999 23:17:05 -0800 (PST) From: To: Ben Smithurst Cc: Greg Lehey , NIcky Lai , FreeBSD Questions Subject: Re: ?? Virus detected on CD FSB_330A ??? In-Reply-To: <19990401002400.A94041@scientia.demon.co.uk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm just speculating, but a lot of boot sector code is often incorrectly detected as "Virus" code because the code's so common. --- tani hosokawa river styx internet On Thu, 1 Apr 1999, Ben Smithurst wrote: > Greg Lehey wrote: > > > [this message forwarded to FreeBSD-questions] > > > > On Tuesday, 30 March 1999 at 11:59:58 -0800, NIcky Lai wrote: > > > >> Virus name: PRESTO * > >> TOOLS\OSBSBETA.EXE (OS-BS\OS-BS.COM) > >> TOOLS\OSBS135.EXE (OS-BS\OS-BS.COM) > > > > Interesting. I wonder what the information in parentheses means. > > I think the .EXE files are self-extracting archives, and the filename in > parentheses is the file within the archive which (possibly) has this > "virus". > > -- > Ben Smithurst > ben@scientia.demon.co.uk > > send a blank message to ben+pgp@scientia.demon.co.uk for PGP key > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message