English Amiga Board


Go Back   English Amiga Board > Main > Nostalgia & memories

 
 
Thread Tools
Old 30 January 2017, 13:06   #1
amiga_Forever
Users Awaiting Email Confirmation
 
Join Date: Mar 2011
Location: kkhkj
Posts: 323
Amiga games with viruses

Allot of Amiga games,if u'd scan them today with a Windows antivirus scanner (if u could scan the physical disc,, or more likely the (.adf) ) if there was a virus on there, would that be considered 'normal' back-then ?

A virus is a virus, but today we think of all viruses as bad mostly, but was that true with Amiga ? AmigaDOS disks, bootblocks and games, utilities etc ?


I guess what I am asking is, today u remove all sorts of viruses with little to no harm and your sofware still works...

Can i do the same to .adf's ? or did those virus-like bootlock/AmigaDOS etc mean something else like if u remove them it would/could destroy the disks, u could not boot up anymore?

i'm running Zonealarm under Windows against my entire 1.35TB Amiga collection (say half that for actual disks) and wondering is it ok to remove any viruses found ?
amiga_Forever is offline  
Old 30 January 2017, 15:20   #2
Anakirob
Unregistered User
Anakirob's Avatar
 
Join Date: Nov 2005
Location: Tasmania
Age: 38
Posts: 858
If a bootblock-type virus overwrites a custom bootblock then it's pretty safe to say that the affected game is pretty much screwed. Repairing it would require you to copy the original bootblock from an unaffected copy of the game. AmigaDOS bootblocks are a different story, just install a new one and it's all good.

DO NOT use a Windows virus checker to check your Amiga collection! Use an AmigaDOS virus checker. I would have thought this was obvious.

Also, in my experience, every single Windows virus checker I've used throws up "false positives" quite a bit. But then I would insist on running compressed demoscene executables.
Anakirob is offline  
Old 30 January 2017, 16:15   #3
demolition
Unregistered User
demolition's Avatar
 
Join Date: Sep 2012
Location: Copenhagen / DK
Age: 40
Posts: 4,123
Yes, a Windows antivirus program will be useless towards Amiga viruses.

And I would say that all viruses are generally bad in the sense that they copy themselves without your consent and thus potentially overwrites data that shouldn't have been overwritten.

Most Amiga viruses are pretty harmless however and will only install themselves on to the floppy bootblock, although that any disk that uses a custom boot block (like most original games) will be screwed. This is easy to do something about though - keep your floppies write protected, particularly all originals.
demolition is offline  
Old 30 January 2017, 17:24   #4
AMIGASYSTEM
Registered User
AMIGASYSTEM's Avatar
 
Join Date: Aug 2014
Location: Brindisi (Italy)
Posts: 6,058
Quote:
Originally Posted by amiga_Forever View Post

i'm running Zonealarm under Windows against my entire 1.35TB Amiga collection (say half that for actual disks) and wondering is it ok to remove any viruses found ?
Are you sure that they are the files ADF to be infected, verification well the Windows folder or volume where you have the files ADF (show hidden files and folders) it may be that there are files infected "not Amiga".
AMIGASYSTEM is offline  
Old 30 January 2017, 17:50   #5
amiga_Forever
Users Awaiting Email Confirmation
 
Join Date: Mar 2011
Location: kkhkj
Posts: 323
Quote:
Originally Posted by AMIGASYSTEM View Post
Are you sure that they are the files ADF to be infected, verification well the Windows folder or volume where you have the files ADF (show hidden files and folders) it may be that there are files infected "not Amiga".
Yep,, the file names are listed as infected.
amiga_Forever is offline  
Old 30 January 2017, 18:12   #6
demolition
Unregistered User
demolition's Avatar
 
Join Date: Sep 2012
Location: Copenhagen / DK
Age: 40
Posts: 4,123
Quote:
Originally Posted by amiga_Forever View Post
Yep,, the file names are listed as infected.
I'm almost certain that's all false positives. What does it say they are infected with? If it is some heuristic scanner, then it can produce a lot of false warnings.. I can't imagine Zonealarm knowing about MC68000 code so if you 'clean' any ADF files, they will be ruined.
demolition is offline  
Old 30 January 2017, 18:22   #7
AMIGASYSTEM
Registered User
AMIGASYSTEM's Avatar
 
Join Date: Aug 2014
Location: Brindisi (Italy)
Posts: 6,058
Yes, Windows knows no file structure ADF and it can not analyze, Unless you have an infected system, try doing a scan with another Antivirus type NOD32!
AMIGASYSTEM is offline  
Old 30 January 2017, 18:40   #8
amiga_Forever
Users Awaiting Email Confirmation
 
Join Date: Mar 2011
Location: kkhkj
Posts: 323
Quote:
Originally Posted by demolition View Post
I'm almost certain that's all false positives. What does it say they are infected with? If it is some heuristic scanner, then it can produce a lot of false warnings.. I can't imagine Zonealarm knowing about MC68000 code so if you 'clean' any ADF files, they will be ruined.

W32.Backdoor virus has some ADFs are coming up with, but that's probably false flag,, as others are 'not-a-virus' which i would just dismiss.

In any case, i ran into another *bigger* problem

The reason why i'm scanning this, is because i wsh to scan my entire AMiga collection... If what we are saying is i nee dto scan from inside the Amiga, how would i exactly do that on HDF file ? since .adf cannot be converted to HDF since it's a track-by-track of floppy disk..

Here's is my situation:

(1. I have a NAS loaded up with my Amiga connection externally to the emulator on my local network (adf, iso images etc of AMiga stuff)
(2. The reason why was using ZA from to scan these is because its located outside the emulator,, however if i need they need to done from an Amiga /FS-UAE in this case, how can i go about this...

What's the best way to accomplish this scan from Amiga side then? create HDF file and do something ?

Last edited by amiga_Forever; 30 January 2017 at 18:48.
amiga_Forever is offline  
Old 30 January 2017, 18:53   #9
demolition
Unregistered User
demolition's Avatar
 
Join Date: Sep 2012
Location: Copenhagen / DK
Age: 40
Posts: 4,123
You probably need to scan the adf files from within the emulator, so I guess you could create a bootable HDF which contains the relevant scriptable antivirus programs which will be run automatically towards df0: on boot.
You can then start the emulator from a batch file/script and mount each .adf file as df0: in turn so it scans df0:. The question is how to have it continue with the next adf if nothing was found, but maybe uaectrl can be used to close WinUAE from ss in case nothing was found after which the batch file can launch the next WinUAE instance?
Alternatively, you can mount each adf from within WinUAE and then mount your folder containing your adf files as PC0: and do the entire scripting in AmigaDOS.
demolition is offline  
Old 30 January 2017, 20:08   #10
Anakirob
Unregistered User
Anakirob's Avatar
 
Join Date: Nov 2005
Location: Tasmania
Age: 38
Posts: 858
I couldn't find uaectrl anywhere, but I could find uae-app 0.1.5, which promises to mount/unmount ADF files using UAE's drives.

As for a decent virus checker, I think I'd go for Virus Z III. As it seems to be the most recent. But I'm not 100% sure it supports the command line, as I've only ever used the GUI (and an older version).

Now if I were to actually find a bootblock virus in my ADF collection I think I'd probably just delete that SOB and try and source another, uncorrupted copy of the offending ADF rather than go to all the trouble of trying to repair the ADF.

File viruses on the other hand can be easily fixed, in fact I'd probably be surprised if you don't have at least one file infected with the "Happy New Year '96" virus, as that sucker seems to be quite prolific.

If you are able to come up with a script that works it would be nice if you could post the results here, as I'm sure it could be useful to others too. Thankyou.
Anakirob is offline  
Old 30 January 2017, 22:34   #11
Superman
Registered User

Superman's Avatar
 
Join Date: Sep 2014
Location: Wakefield
Age: 45
Posts: 869
Download ADFscan19b1.zip from this link.

http://oldstuff.amigabase.de/ADFScan/

Its a pc program that will scan your adf files for amiga viruses. It can't clean them but at least you will know which ones are really infected.
Superman is offline  
Old 31 January 2017, 01:19   #12
Anakirob
Unregistered User
Anakirob's Avatar
 
Join Date: Nov 2005
Location: Tasmania
Age: 38
Posts: 858
Quote:
Originally Posted by demolition View Post
If it is some heuristic scanner, then it can produce a lot of false warnings...
I had to look up the meaning of the word heuristic. Never has a word been more apt for describing the bulk of Windows virus/malware detection software. Thankyou for adding a word to my vocabulary. I can see this word being quite useful.

And going back on topic: I don't know, but I think that perhaps ADFScan will only scan ADF files. If you have lots of LHA's for example you will probably still need to scan these Amiga files in AmigaDOS.
Anakirob is offline  
Old 31 January 2017, 06:06   #13
demolition
Unregistered User
demolition's Avatar
 
Join Date: Sep 2012
Location: Copenhagen / DK
Age: 40
Posts: 4,123
Quote:
Originally Posted by Anakirob View Post
I had to look up the meaning of the word heuristic. Never has a word been more apt for describing the bulk of Windows virus/malware detection software. Thankyou for adding a word to my vocabulary. I can see this word being quite useful.
I cannot take credit for applying that word to AV scanners, but it is rather a word that the AV companies use themselves to describe the algorithms which tries to identify viruses without relying on recognizing exact patterns which was the traditional way of recognizing malware. The reason is that some viruses used morphing techniques to alter their binary footprint when they were distributing themselves so they could escape detection. Thus, the AV software had to counter this by analyzing the files in other ways to try and distinguish 'bad' behavior from 'good'. This then significantly increases the chance of false positives, particularly if the AV software scans a file assuming it is x86 code it is looking at while it is something else entirely.

Morphing techniques were perhaps inspired by something like the influenza virus which is also very good at changing its 'footprint' from year to year so even though you have become immune to one strain of the flu, it changes itself enough so it can evade your immune system and make you sick once again.
demolition is offline  
Old 04 February 2017, 11:06   #14
amiga_Forever
Users Awaiting Email Confirmation
 
Join Date: Mar 2011
Location: kkhkj
Posts: 323
"heuristic" scan, as in "virus-like activity" They could a a possible threat, as the code used is very similar to how viruses would operate..

I have decided do the scan as if it was on a "real" Amiga, inserting floppy after floppy, since bootblocks will be lost if run from HDF file.. (and thats the main point of scanning in addition)

I'm still looking into some sort of script, for looking at the "Media Swap list" and inserting the next one if no more activity, but i wish to go ahead anyway and see how far i can go.


Thee problem is their mixed collection (.adf .lha, dms etc..).. so using one tool would not be good.....
Thanks anyway
amiga_Forever is offline  
Old 09 February 2017, 10:07   #15
Jope
-
Jope's Avatar
 
Join Date: Jul 2003
Location: Helsinki / Finland
Age: 40
Posts: 7,997
Quote:
Originally Posted by Superman View Post
Download ADFscan19b1.zip from this link.

http://oldstuff.amigabase.de/ADFScan/

Its a pc program that will scan your adf files for amiga viruses. It can't clean them but at least you will know which ones are really infected.
Judging by the source code, it doesn't know very many viruses, but at least most of the common ones are found.
Jope is offline  
Old 02 June 2017, 13:11   #16
Sinphaltimus
Registered User

Sinphaltimus's Avatar
 
Join Date: Aug 2016
Location: Cresco, PA, USA
Age: 50
Posts: 1,115
Quote:
Originally Posted by Superman View Post
Download ADFscan19b1.zip from this link.

http://oldstuff.amigabase.de/ADFScan/

Its a pc program that will scan your adf files for amiga viruses. It can't clean them but at least you will know which ones are really infected.
Thanks for this. Is there a real time protection A/V solution for the Amiga that can be run on a real amiga and in emulation that could help protect against infections? I ran this on my current adf collection and found too many virii in so many adfs. Some of which I know I tried without any protection at all. Kind of makes me want to wipe and reinstall.

What do you all use to protect yourselves from these old critters?
Sinphaltimus is offline  
Old 02 June 2017, 13:15   #17
demolition
Unregistered User
demolition's Avatar
 
Join Date: Sep 2012
Location: Copenhagen / DK
Age: 40
Posts: 4,123
Quote:
Originally Posted by Sinphaltimus View Post
What do you all use to protect yourselves from these old critters?
Set the read only flag on all your ADFs - then they can't be written to and thus cannot be infected. Also resetting the emulator, clearing the memory will remove any virus so they can't be transferred to other disks. Booting from a disk that has a virus is nothing major as long as it is cleared from memory before you insert another disk.
demolition is offline  
Old 02 June 2017, 13:19   #18
Sinphaltimus
Registered User

Sinphaltimus's Avatar
 
Join Date: Aug 2016
Location: Cresco, PA, USA
Age: 50
Posts: 1,115
Quote:
Originally Posted by demolition View Post
Set the read only flag on all your ADFs - then they can't be written to and thus cannot be infected. Also resetting the emulator, clearing the memory will remove any virus so they can't be transferred to other disks. Booting from a disk that has a virus is nothing major as long as it is cleared from memory before you insert another disk.
Ah OK, Thanks for that bit of info. Will do.


EDIT:
And done.

C:\Users\Sinphaltimus\Documents\Amiga>attrib +R *.adf /s
Sinphaltimus is offline  
 


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need some help regarding Amiga viruses. ElectroBlaster Amiga scene 9 19 March 2013 23:33
Amiga Viruses fuzzylogic request.Other 7 09 January 2012 19:38
Checking WinUAE/Real Amiga files for viruses. Bloodwych support.WinUAE 6 12 January 2002 09:34

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 06:29.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2020, vBulletin Solutions Inc.
Page generated in 0.09100 seconds with 15 queries