From: Thomas Demmer Newsgroups: comp.os.msdos.djgpp Subject: Re: Download problems Date: Tue, 21 Oct 1997 08:56:40 +0200 Organization: Lehrstuhl fuer Stroemungsmechanik Lines: 87 Message-ID: <344C5228.10F9FAE9@LSTM.Ruhr-UNI-Bochum.De> References: <877403293 DOT 5275 AT dejanews DOT com> NNTP-Posting-Host: c64.lstm.ruhr-uni-bochum.de Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit CC: ringil3 AT hotmail DOT com To: djgpp AT delorie DOT com DJ-Gateway: from newsgroup comp.os.msdos.djgpp Precedence: bulk ringil3 AT hotmail DOT com wrote: > > Hi everyone. > A few weeks ago I heard about DJGPP compiler, and recently downloaded > it > from the tasmanian government mirror. When extracting DJDEV201.ZIP on > my > win95 machine, ThunderByte AV (V 8.00) interrupted some files, > claiming > that they contained "unknown viruses". The files and the messages > TBAV > gave are listed below. Is this just part of the files, or are they > infected with something nasty. > > The files are: > djtart.exe; djtarx.exe; dtou.exe; dexegen.exe; echo.exe; go32-v2.exe; > merge.exe; redir.exe; split.exe; symif?.exe (not sure of last letter, > p or > y I think); update.exe; and utod.exe > > All of them had these comments from TBAV: > *Suspicious or odd stack > *Checks for exe or com files > *invalid opcode (non 8088) or out of range branch > Some also had this comment: > *additional data at end of file, probably internal overlay Dave, you'd better get a newer virus checker, non 8088 opcodes are fairly common these days. Probably the thing get thoroughly confused by the stub. FIW, here is the output of unzip -v djdev* |grep bin/ from my UNIX machine (so no chance on my side to introduce a virus). Cross check your output, especcially the CRC-32 fields Archive: djdev201.zip Length Method Size Ratio Date Time CRC-32 Name ------ ------ ---- ----- ---- ---- ------ ---- 23 Stored 23 0% 02-27-95 02:46 c19367f2 bin/coff2exe.bat 187110 Defl:X 74154 60% 09-26-96 22:51 680d0c59 bin/djasm.exe 81408 Defl:X 45847 44% 10-31-96 19:14 984c0852 bin/djtar.exe 2048 Defl:X 1526 26% 10-05-96 20:49 537f381b bin/djtart.exe 2048 Defl:X 1526 26% 10-05-96 20:49 537f381b bin/djtarx.exe 53760 Defl:X 31808 41% 10-31-96 19:14 f6b6ba02 bin/dtou.exe 61440 Defl:X 34653 44% 01-23-96 22:03 c357b3a3 bin/dxegen.exe 39424 Defl:X 22718 42% 10-31-96 19:14 645b3c16 bin/echo.exe 79360 Defl:X 41746 47% 10-31-96 19:13 bd50cac9 bin/edebug32.exe 30184 Defl:X 12314 59% 01-23-96 22:07 d4f1b2e2 bin/emu387.dxe 91431 Defl:X 36173 60% 09-26-96 22:51 b5cddede bin/exe2coff.exe 139776 Defl:X 76628 45% 10-31-96 19:13 927c16e5 bin/fsdb.exe 62468 Defl:X 34781 44% 08-12-96 22:57 803b2e81 bin/go32-v2.exe 37376 Defl:X 21339 43% 10-31-96 19:14 0da4668f bin/merge.exe 60416 Defl:X 34949 42% 10-31-96 19:14 a92a8863 bin/redir.exe 5 Stored 5 0% 10-01-95 00:12 ad287931 bin/rem.com 425 Defl:X 262 38% 06-16-95 01:56 0e87e06d bin/setdjgpp.bat 37888 Defl:X 21752 43% 10-31-96 19:14 58db3765 bin/split.exe 104224 Defl:X 41773 60% 10-26-96 10:09 96011649 bin/stubedit.exe 112277 Defl:X 45986 59% 10-05-96 20:49 04de6197 bin/stubify.exe 53760 Defl:X 30316 44% 10-31-96 19:13 31f9ca4a bin/symify.exe 82432 Defl:X 39487 52% 01-14-96 19:13 3b0159fa bin/texi2ps.exe 37376 Defl:X 21390 43% 10-31-96 19:14 ac6b41fd bin/update.exe 53760 Defl:X 31808 41% 10-31-96 19:14 e15311f1 bin/utod.exe -- Ciao Tom ************************************************************* * Thomas Demmer * * Lehrstuhl fuer Stroemungsmechanik * * Ruhr-Uni-Bochum * * Universitaetsstr. 150 * * D-44780 Bochum * * Tel: +49 234 700 6434 * * Fax: +49 234 709 4162 * * http://www.lstm.ruhr-uni-bochum.de/~demmer * *************************************************************