Reply 20 of 22, by Anapan
- Rank
- Newbie
Here's an elegant solution to the problem: emulate F-Prot Antivirus in dosbox and have it scan the suspect files. It was arguably the best dos virus scanner and went freeware after windows became standard. IIRC F-Prot even healed the programs most of the time because back then the viruses simply appended themselves to the end of the executable and placed a pointer to the propagation code. I used to spend hours looking through it's well commented virus encyclopedia explaining the virus naming origins and infection methods for all the viruses it knew of.
You could also upload the suspect file to Jotti Malware scan and see what a bunch of virus scanners have to say about it. One scanner may not give you a good idea about if a file is safe or not, but 25 of the best should be pretty conclusive (with an occasional false positive to keep things interesting).