From: Petr U. <sl...@ce...> - 2024-08-18 20:20:01
|
Hi guys, maybe it is false alert but when I try to download FreeDOS live CD (https://www.ibiblio.org/pub/micro/pc-stuff/freedos/files/distributions/1.3/official/FD13-LiveCD.zip) I get warning from Avast that the website is infected by some virus. Can somebody else same error? Thanks. Petr |
From: Jim H. <jh...@fr...> - 2024-08-18 22:35:10
|
You didn't mention the specific warning text that you see, but since this comes up once in a while (although not too frequently) I think I know what you are seeing. Yes, it is a false positive. Virus scanning software isn't always able to find an *exact* match for viruses. To try to find "zero day" viruses (in other words, to detect viruses before they are "known" viruses) antivirus programs sometimes use heuristics to guess about "virus-like" behavior. Avast is one of these antivirus programs that tries to make a guess. One "virus-like" behavior is a program that tries to install new code onto your bootloader, and run the system on its own. In other words, exactly like the SYS command will do, or how the FORMAT program can wipe a partition with a new filesystem. Or like what the FreeDOS kernel will do. Those are the kinds of "virus-like" programs that Avast thinks it finds in the FreeDOS LiveCD. This is a false positive. Avast hasn't really found a virus. On Sun, Aug 18, 2024 at 3:20 PM Petr Ullmann via Freedos-user <fre...@li...> wrote: > > Hi guys, > > maybe it is false alert but when I try to download FreeDOS live CD > (https://www.ibiblio.org/pub/micro/pc-stuff/freedos/files/distributions/1.3/official/FD13-LiveCD.zip) > I get warning from Avast that the website is infected by some virus. > > Can somebody else same error? > > Thanks. > > Petr > > > > _______________________________________________ > Freedos-user mailing list > Fre...@li... > https://lists.sourceforge.net/lists/listinfo/freedos-user |
From: andrew f. <an...@fa...> - 2024-08-18 22:57:12
|
Is the hash different than the officially published ones? https://www.freedos.org/download/verify.txt On Sun, Aug 18, 2024 at 1:21 PM Petr Ullmann via Freedos-user < fre...@li...> wrote: > Hi guys, > > maybe it is false alert but when I try to download FreeDOS live CD > ( > https://www.ibiblio.org/pub/micro/pc-stuff/freedos/files/distributions/1.3/official/FD13-LiveCD.zip) > > I get warning from Avast that the website is infected by some virus. > > Can somebody else same error? > > Thanks. > > Petr > > > > _______________________________________________ > Freedos-user mailing list > Fre...@li... > https://lists.sourceforge.net/lists/listinfo/freedos-user > -- andrew fabbro an...@fa... |
From: Jim H. <jh...@fr...> - 2024-08-18 23:39:40
|
On Sun, Aug 18, 2024 at 5:57 PM andrew fabbro via Freedos-user <fre...@li...> wrote: > > Is the hash different than the officially published ones? > > https://www.freedos.org/download/verify.txt > Good question. I just checked the sha512sums on the FreeDOS Files Archive at Iibiblio, comparing them to a copy of the verify.txt file. For each pair, the first line is the sha512sum of the zip file on Ibiblio; the second line is the sha512sum as reported in the verify.txt file: > $ for f in *zip; do sha512sum $f ; tail -7 ~/verify.txt | grep $f; done > 0e5f922a1601b43d421fa72a06e899542a13cbbc5833564f7d5203bb3bf0dc056b6a6d788ffff28bdf6f2c2a75d4416c4245c67072f4c9f94fd8e3f385ba7439 FD13-BonusCD.zip > 0e5f922a1601b43d421fa72a06e899542a13cbbc5833564f7d5203bb3bf0dc056b6a6d788ffff28bdf6f2c2a75d4416c4245c67072f4c9f94fd8e3f385ba7439 FD13-BonusCD.zip > 9683f4d1395d9879d836a08ee6fc875328a8896c75b85b59ec421d45c487fd106225aa9203d98a9101c8137f43b13f272c2464dd858ae494e1a5076fa1dd4903 FD13-FloppyEdition.zip > 9683f4d1395d9879d836a08ee6fc875328a8896c75b85b59ec421d45c487fd106225aa9203d98a9101c8137f43b13f272c2464dd858ae494e1a5076fa1dd4903 FD13-FloppyEdition.zip > 008cd9b7434c34f945a2c443bac2bb73515fb789b599a7047263133a9b6a4de36a9432cc664d3355f2ad76491f3204a66eb28376c19b5564da1932d40306921d FD13-FullUSB.zip > 008cd9b7434c34f945a2c443bac2bb73515fb789b599a7047263133a9b6a4de36a9432cc664d3355f2ad76491f3204a66eb28376c19b5564da1932d40306921d FD13-FullUSB.zip > e27545e8dff67be47c875e0c700eced44c94b174e1b9f55cca1a526fb96ad7e1af9c75051fc6630cf919ef5657f3c701f499f60b5bd7b908357ebf6c25b11fb2 FD13-LegacyCD.zip > e27545e8dff67be47c875e0c700eced44c94b174e1b9f55cca1a526fb96ad7e1af9c75051fc6630cf919ef5657f3c701f499f60b5bd7b908357ebf6c25b11fb2 FD13-LegacyCD.zip > 5d2bdf7533a9936b9418afaf0fe2dbbc3b96ae61825dd648b2908a6767f5cccece4128f057c7a4176dbc78491d5623c356694845868d2963aeef1cc58f1822a4 FD13-LiteUSB.zip > 5d2bdf7533a9936b9418afaf0fe2dbbc3b96ae61825dd648b2908a6767f5cccece4128f057c7a4176dbc78491d5623c356694845868d2963aeef1cc58f1822a4 FD13-LiteUSB.zip > 4eef4db28210462e30c5ba0f3764c0d9729358f258335b2385a5d43295c2149159b4cce779b6f61b68d4751368d635e66c40d941626aa3a1a755060af4b3d25f FD13-LiveCD.zip > 4eef4db28210462e30c5ba0f3764c0d9729358f258335b2385a5d43295c2149159b4cce779b6f61b68d4751368d635e66c40d941626aa3a1a755060af4b3d25f FD13-LiveCD.zip Or if you want that in a more readable way, here are the md5sums: > $ for f in *zip ; do md5sum $f ; head ~/verify.txt | grep $f; done > e9a04673e06fa14d4873d6d7db4b106c FD13-BonusCD.zip > e9a04673e06fa14d4873d6d7db4b106c FD13-BonusCD.zip > 3edecef2c585c7e471f26c7638d514f4 FD13-FloppyEdition.zip > 3edecef2c585c7e471f26c7638d514f4 FD13-FloppyEdition.zip > 873f5bb50f5007b7cd08c3e0b37cfb34 FD13-FullUSB.zip > 873f5bb50f5007b7cd08c3e0b37cfb34 FD13-FullUSB.zip > 5ef6de118e2a0b46c6756a70effc4c58 FD13-LegacyCD.zip > 5ef6de118e2a0b46c6756a70effc4c58 FD13-LegacyCD.zip > a63824d54ce286da82b4d0f38348e5a8 FD13-LiteUSB.zip > a63824d54ce286da82b4d0f38348e5a8 FD13-LiteUSB.zip > 61b5646ae7d6943a0957fd5f8c057357 FD13-LiveCD.zip > 61b5646ae7d6943a0957fd5f8c057357 FD13-LiveCD.zip So the files on the server are as expected. |
From: Jerome S. <je...@sh...> - 2024-08-19 00:52:24
|
Out of curiosity, I submitted the download URL to VirusTotal. 1 out of 96 online scanners flagged it as "Malicious" That was Sucuri SiteCheck. So, I went over to their site and directly submitted the same URL there. It comes back as "Medium Risk" and the only reason it gives.... Scan failed, try again later. Just lovely, is it. :-) Jerome |
From: Ralf Q. <fre...@gm...> - 2024-08-21 19:13:31
|
Yeah, that's one of the things were AVast (and other AV applications too) has gotten really bad. Anything that even remotely looks like "messing" directly with the hard drive is being flagged as potentially malicious. Same goes for a lot of self-developed software, simply due to the fact that the AV scanners are trying to detect malware not based on actual malware code, but common library code used by standard compilers. This might be less of a problem these days for "modern" Windows or Linux code, specially when written using MS compilers (or gcc in case of Linux), because it is very common. But DOS based code is rather rare these days, less samples for the AV scanners and thus a higher rate of false positives... :( Ralf |
From: Michał D. <mo...@gm...> - 2024-08-21 19:37:36
|
Hello, I would discount Avast and Avira as real antivirus programs because they have reliably false flagged open source projects (FuhQuake, ezQuake, etc) and cracked game executables. Best regards, Michał Dec W dniu 21.08.2024 o 21:13, Ralf Quint via Freedos-user pisze: > Yeah, that's one of the things were AVast (and other AV applications > too) has gotten really bad. Anything that even remotely looks like > "messing" directly with the hard drive is being flagged as potentially > malicious. Same goes for a lot of self-developed software, simply due > to the fact that the AV scanners are trying to detect malware not > based on actual malware code, but common library code used by standard > compilers. This might be less of a problem these days for "modern" > Windows or Linux code, specially when written using MS compilers (or > gcc in case of Linux), because it is very common. But DOS based code > is rather rare these days, less samples for the AV scanners and thus a > higher rate of false positives... :( > > > Ralf > > > > > _______________________________________________ > Freedos-user mailing list > Fre...@li... > https://lists.sourceforge.net/lists/listinfo/freedos-user |