12 Dec
2012
12 Dec
'12
9:12 a.m.
On 12/12/2012 12:19 AM, Adrian Stoness wrote:
has a copy of windows 95 on floppy thats infected
hehehe
The win 95 makes more sense because the sequences that AV scanners look
for besides a huge list of signatures are system calls and operations
between them that may enter known buggy areas of the Windows kernel in
odd ways. Win95 is the first version of Windows which was protected on
"top" and 'real mode bottom', in that the system went protected much
earlier than before.
A lot of it was still implemented big real, so the code would jump back
and forth to the real mode with sequences which look suspicious to virus
scanners which assume the programs are for later windows, such as xp,
and later.
the hits on the maslin archive should not contain any x86 code unless it
is for something like an Atrona which has dual boards. And in that case
I don't think that it has any protected mode supporting processors, that
is an 8086 running msdos as a co-operating system.
I'd be interested if any of the protected mode standalone environment
code would pass AV scrutiny w/o complaint as well if the AV scanners
identified it as executable code.
On Tue, Dec 11, 2012 at 2:51 PM, Christopher
Satterfield <
christopher1400 at gmail.com> wrote:
I also had an antivirus complaint with one of the
files with DOS/Stoned or
something similar, I just remember it was "Stoned". I wasn't too worried
about it as 16-bit DOS virus on 64-bit Windows can't do anything.
--
C:\win
Bad Command Or File Name
C:\