[Avcheck] Pre-announce: avcheck-0.9

[Piotr Klaban]

On Fri, Jul 12, 2002 at 12:32:56PM +0200, Ralf Hildebrandt wrote:
> >   % unzip -l JPGWIZ.EXE
> 
> Archive:  JPGWIZ.EXE
>   End-of-central-directory signature not found.  Either this file is not

Right this is not zip/exe file, but it is executable WiseSFX archive.
This is what I got when running:

 % /opt/AVP/kavscanner /alt/makler/JPGWIZ.EXE

<begin>
Current object: /alt/makler/JPGWIZ.EXE
/alt/makler/JPGWIZ.EXE archive: WiseSFX
/alt/makler/JPGWIZ.EXE/WISE0018.BIN packed: UPX
Scan process completed.
           
           Sector Objects :      0                Known viruses :      0
                    Files :     31                 Virus bodies :      0
                  Folders :      0                  Disinfected :      0
                 Archives :      1                      Deleted :      0
                   Packed :      1                     Warnings :      0
                                                   Suspicious :      0
           Speed (Kb/sec) :      2                    Corrupted :      0
                Scan time :  00:15:49                I/O Errors :      0
</end>

It was so time consuming, because my server is sparc/Solaris 8 (Ultra10)
and UPX compression is implemented on sparc only with C language
(on i386 it should be much faster because of assembler implementation).

According to the AVP docs:
<snip>
Unknown format 
 - the file is a pack or archive that was packed/archived
   with an unknown utility or is corrupted and therefore cannot be
   unpacked/extracted.
</snip>

Then maybe your JPGWIZ.EXE is corrupted or uses some type of new UPX format
that is not yet recognized by avp.
According to http://www.corpit.ru/pipermail/avcheck/2002-April/000572.html
return code 0x0131 was returned also for new MS Office format files.

-- 
Piotr Klaban