Viruses

[Edit 151206] Added the authors homepage and some less important information. Thanks jPV!

One of the downsides of MorphOS’s compatibility with the classic Amiga is that a lot of it’s viruses are also compatible. The other day I got reminded of this and decided to check my system for viruses.

There isn’t a native virus checker, but for the same reason you can get Amiga viruses, you can also use some Amiga virus checkers. The one that is most up to date is from 2004 and is called VirusZ.

To get it to work, you need to download these files: VirusZ, xvs.library, xfdmaster and DisLib. When you have downloaded them, unpack them to RAM:.

151205-001_unpacking

Let’s start with DisLib. Go to the drawer.

151205-002_dissassembler.library

Copy this library to Libs: (don’t copy it to Mossys:Libs as it’s reserved for system libraries).

Next, go to the xfd_User drawer. There will be an installer there. Double click on it.

151205-003_install_xfdmaster1

Click Continue.

151205-004_install_xfdmaster2

Just click Continue when you get this message.

151205-005_install_xfdmaster3

Next, go to the xvs drawer and double click on it’s installer.

151205-006_install_xvf1

Click Continue.

151205-007_install_xvf2

A Quick Install is just fine. Click Continue. It will soon be done and you can quit the installer.

Next we go to the VirusZ drawer and click on it’s installer.

151205-008_install_virusz1

Click Continue.

151205-009_install_virusz2

Here you can decide where you want the program to be installed. A directory named VirusZ will be created automatically. I chose Applications/Programs.

151205-010_install_virusz3

Since we have already installed the necessary libraries VirusZ will tell us everything is fine.

151205-011_install_virusz4

Next we get this message. I chose to let the program send a message to Georg Höermann. But it doesn’t tell us if it works or not.

151205-012_install_virusz5

Here I chose No because I’m pretty certain that the page is gone by now.

[Edit] It turns out it’s still there, and still somewhat active. so go to their homepage and show them some support. Killing viruses is maybe not as sexy as making games, but it sure is an important endeavour.

151205-013_install_virusz6

Now it’s all installed and we can start using the program. Go to the drawer.

151205-014_virusz_drawer

Double click on the VirusZ icon.

151205-015_error_message

You will get this message. But since I’m pretty sure it’s because Amiga and MorphOS uses different kinds of file systems I decide to click Cancel. You will get this message every time you start the program. Then the program itself start as a small bar at the top.

151205-016_virusz_started

Right click on the bar (you may have to move it slightly to make it respond, for some reason): Project –> Check Files…

151205-017_scan

Type sys: at the top white field and press Enter (or click on Volumes and chose sys: there).

151205-018_scan_sys

Press the All button.

151205-019_scan_sys_all

Press Ok.

151205-020_scanning_sys

Now let it check your various files.

151205-021_scanning_sys_errors

After a while I get these Errors: messages. I guess there are files in MorphOS VirusZ simply can’t read. Maybe it’s intentional. Then it starts to find some viruses.

151205-022_scanning_sys_viruses_found

It turns out to be the HappyNewYear 96 virus (you can read about it here) that has been a pain in the neck for me since my Amiga days in the 90’s. To think that it has survived somehow and has now infected my MorphOS machine. Luckily it’s not that dangerous, but it’s still something I really don’t want.

Then after a little while (faster than I thought it would be) the entire Sys: drawer is checked.

151205-023_disinfect_one

At the bottom you see two buttons. Disinfect and One. I click on Disinfect.

151205-024_disinfect_one_gone

Like magic, the virus is gone!

151205-025_disinfect_all_before

Next I mark the top file and change the One button at the bottom to All. Then I press Disinfect again.

151205-026_disinfect_all_after

Now all infected files are cured. Just to make sure I quit this window and let VirusZ check sys: again. This time it doesn’t find any viruses.

There are also settings if you right click on the program bar –> Preferences –> File check. This is the default setting.

151205-027_default_options

As I understand it it only checks uncompressed files, so I decided to test checking all but the top two boxes and check for viruses again.

151205-028_most_options_checked

But this time when I check sys:, it crashes after a while. Trying the same thing again have the same results. The same goes for when I check work: as well. Eventually, I find a setting that works for work: but not for sys:. For sys:, you should use the default setting.

151205-029_extract_files

With this I was able to look into more files, even though the CPU had to work hard for it. I did run into a weird glitch. When I tried this on my USB HDD I did find the same virus in my backup folder (which was to be expected), as well as the Happy New Year 97 virus; a similar and also mostly harmless virus. But when I deleted the viruses, the HDD looked like it has been partly erased. All the icons was gone, most of the folders and all of my files. Naturally, I panicked, but after checking it in Windows it was all still there. And after a reboot in MorphOS everything was back to normal. That sure was a scare.

Note that there are a lot of more options but I haven’t tested them. Also, if the system crashes, use different settings. Only the default setting seems to work on everything.

[Edit] Also, if other virus checkers use the same xvs.library they will all be just as up to date as VirusZ. So you don’t need to use this program in order to be sure you have the latest virus list, but it does seem to be the most popular one nevertheless.

Well, now hopefully my (and your) system is virus free and stays that way. Don’t forget to run VirusZ from time to time just to be safe. Viruses have a nasty habit of returning in one form or another.

Advertisements
This entry was posted in Uncategorized and tagged , , . Bookmark the permalink.

One Response to Viruses

  1. Pingback: Mirrorcopy | Yasu's MorphOS Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s