Re: antivirus recomendation?
On Fri, 21 Nov 2003 14:10:16 +0100, Arnt Karlsen wrote:
> On Thu, 20 Nov 2003 17:14:41 -0700,
> "Monique Y. Herman" <spam@bounceswoosh.org> wrote in message
> <[🔎] slrnbrqm7h.78v.spam@home.bounceswoosh.org>:
>
>> On Thu, 20 Nov 2003 at 21:12 GMT, Arnt Karlsen penned:
>> >
>> > ..other wintendo compiler and virus signatures, anyone?
>> >
>>
>> filename\=.*\.(pif|scr|exe|bat|com|vbs)
Be aware that this is incomplete and could also yield false positives.
Just suppose, for a dumb off-the-top-of-my-head example, I send a file
to you named "shell.commands". You'll reject it as being an MS
executable. That's the false positive portion. You need to anchor
the pattern, according to MIME rules, but then you need lots of
variation due to variations allowed in the MIME rules. Your list of
extensions is also about 3 or 4 times as short as the more complete
ones I've seen on the web. To be truly accurate, you need an actual
MIME parser, not a regex here.
> ..thanks Monique, that I guess leaves "other wintendo
> compiler signatures, anyone?". ;-)
>
> ..does anyone have a good guess which compiler was used compiling Swen?
MSVC. (Microsoft Visual C / C++, aka Visual Studio) What else would
a windows person use? (Ok, Borland perhaps. I wouldn't be surprised
if that generated the same "this app needs windows, not dos" header)
-D
--
Misfortune pursues the sinner,
but prosperity is the reward for the righteous.
Proverbs 13:21
www: http://dman13.dyndns.org/~dman/ jabber: dman@dman13.dyndns.org
Reply to: