Viruses

One of the downsides of MorphOS’s compatibility with the classic Amiga is that a lot of it’s viruses is also compatible. The other day I got reminded of this and decided to check my system for viruses.

There isn’t a native virus checker, but for the same reason you can get Amiga viruses, you can also use some Amiga virus checkers. The one that is most up to date is from 2004 and is called VirusZ.

To get it to work, you need to download these files: VirusZ, xvs.library, xfdmaster and DisLib. When you have downloaded them, unpack them to RAM:.

151205-001_unpacking

Let’s start with DisLib. Go to the drawer.

151205-002_dissassembler.library

Copy this library to Libs: (don’t copy it to Mossys:Libs as it’s reserved for system libraries).

Next, go to the xfd_User drawer. There will be an installer there. Double click on it.

151205-003_install_xfdmaster1

Click Continue.

151205-004_install_xfdmaster2

Just click Continue when you get this message.

151205-005_install_xfdmaster3

Next, go to the xvs drawer and double click on it’s installer.

151205-006_install_xvf1

Click Continue.

151205-007_install_xvf2

A Quick Install is just fine. Click Continue. It will soon be done and you can quit the installer.

Next we go to the VirusZ drawer and click on it’s installer.

151205-008_install_virusz1

Click Continue.

151205-009_install_virusz2

Here you can decide where you want the program to be installed. A directory named VirusZ will be created automatically. I choose Applications/Programs.

151205-010_install_virusz3

Since we have already installed the necessary libraries VirusZ will tell us everything is fine.

151205-011_install_virusz4

Next we get this message. I chose to let the program send a message to Georg Höermann. But it doesn’t tell us if it works or not.

151205-012_install_virusz5

Here I chose No because I’m pretty certain that the page is gone by now.

151205-013_install_virusz6

Now it’s all installed and we can start using the program. Go to the drawer.

151205-014_virusz_drawer

Double click on the VirusZ icon.

151205-015_error_message

You will get this message. But since I’m pretty sure it’s because Amiga and MorphOS uses different kinds of file systems I decide to click Cancel. You will get this message every time you start the program. Then the program itself start as a small bar at the top.

151205-016_virusz_started

Right click on the bar (you may have to move it slightly to make it respond, for some reason): Project –> Check Files…

151205-017_scan

Type sys: at the top white field and press Enter.

151205-018_scan_sys

Press the All button.

151205-019_scan_sys_all

Press Ok.

151205-020_scanning_sys

Now let it check your various files.

151205-021_scanning_sys_errors

After a while I get these Errors: message. I guess there are files in MorphOS VirusZ simply can’t read. Maybe it’s intentional. But then, it starts to find some viruses.

151205-022_scanning_sys_viruses_found

It turns out to be the HappyNewYear 96 virus (you can read about it here) that has been a pain in the neck for me since my Amiga days in the 90’s. To think that they have survived somehow and infected my MorphOS machine. Luckily it’s not that dangerous, but it’s still something I really don’t want.

Then after a little while (faster than I thought it would be) the entire Sys: drawer is checked.

151205-023_disinfect_one

At the bottom you see two buttons. Disinfect and One. I click on Disinfect.

151205-024_disinfect_one_gone

Like magic, the virus is gone!

151205-025_disinfect_all_before

Next I mark the top file and change the One button at the bottom to All. Then I press Disinfect again.

151205-026_disinfect_all_after

Now all infected files are cured. Just to make sure I quit this window and let VirusZ check sys: again. This time it doesn’t find any viruses.

There are also settings if you right click on the program bar –> Preferences –> File check. This is the default setting.

151205-027_default_options

As I understand it it only checks uncompressed files, so I decided to test checking all but the top two boxes and check for viruses again.

151205-028_most_options_checked

But this time when I check sys:, it crashes after a while. Trying the same thing again have the same results. The same goes for when I check work: as well. Eventually, I find a setting that works for work: but not for sys:. For sys:, you should use the default setting.

151205-029_extract_files

With this I was able to look into more files, even though the CPU had to work hard for it. I did run into a weird glitch. When I tried this on my USB HDD I did find the same virus in my backup folder (which was to be expected), as well as the Happy New Year 97 virus; a similar and also mostly harmless virus. But when I deleted the viruses, the HDD looked like it has been erased. All the icons was gone, most of the folders and all of my files. Naturally, I panicked, but after checking it in Windows it was all still there. And after a reboot in MorphOS everything was back to normal. That sure was a scare.

Well, now hopefully my (and your) system is virus free and stays that way. Don’t forget to run VirusZ from time to time just to be safe. Viruses have a nasty habit of returning in one form or another.