All,
I fiddle around with good old 32bit Win7 / XP command line that still can handle 16 bit applications.
I've managed to be infected with the 1994 Die Hard 2 virus, that adds 4k on to every .COM and .EXE program; stays resident, and infects every other .EXE file that you run. It does something after every 13 executions.
Interestingly Sophos does not detect this virus. Neither does Avast, AVG, Zemana, or Malwarebytes does not even detect DieHard2 virus signature, let alone quarantine or clean it.
WHY ?
Yes, I am definitely infected. Sending any of ~15 different EXE files to Virus Total shows 80% of all scanners detecting it.
I really don't trust antivirus programs now, if they have ditched all of the older DOS / command-line based viruses.
Just wondering why this is.
Have you tried running sav32cli? From an admin prompt try:
"C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sav32cli.exe" -f -extensive -di -all -suspicious
Hi Bushy M
Is it managed by Sophos central or you are using Sophos home? I would also suggest you submit a sample to our labs if you suspect it's suspicious.
Shweta