Virus in 1995 pack

[Chaiavi]

While unpacking aaapack1.zip from 1995

I got a virus alert for this file:
AAA0001.EXE

Virus name: AAA-BOOT

Antivirus is TrendMicro.

[Mr-Bitch]

What the Fuck

[Chaiavi]

I know that we like the original packaging

But in this case, does it make sense to unpack, remove the virus, then repackage with the same metadata in the packaging , and then change the file to this upgraded one in the git repo ?

[sairuk]

This is the virustotal report, don't know what the likelyhood of this affecting anything these days is since it a pretty generic detection across the board (Trojan.DOS.General.A), could just be a false positive based on later signatures

https://www.virustotal.com/gui/file/deb1b2400725198f0590f47d4b1dbbcbf08b574c96f4eeea3b327f87ef18dcee?nocache=1

[Chaiavi]

It might be a false positive.

The best check would be checking the pack with an antivirus of the same era (1995-1996), with the virus signatures of 1995-1996, that will give us the most accurate results (f-prot).

To be honest, it would be good if someone would do a comprehensive check for DOS viruses on all of the ANSI packs.
Sounds like a lot of work, but it is much less than one might think, as automatic tools exist for doing the job.

download all ANSI packs
Extract (recursively) all ANSI packs
Scan all of the extracted files with F-PROT (Latest version with all signatures till 2009)
Report with Virus-Infected packs if any exist
If infected packs exist, and the owner of 16-colors agrees, then repack with the original MetaData and reupload