English Amiga Board


Go Back   English Amiga Board > News

 
 
Thread Tools
Old 10 July 2013, 06:37   #1
xArtx
Registered User
 
Join Date: Jun 2013
Location: Australia
Posts: 636
New ADF Checker Demo...

Hi Guys,
Here's a demo of the beginnings of an ADF virus checker for Windows.



In addition to searching for virus definitions, it can also take a new approach,
and find viruses that it doesn't have definitions for by
brute force decrypting bootblocks with known virus decryption algorithms using every possible key combination.
An undocumented variant of The Lamer Exterminator was found this way.

Right now it is limited to testing one Amiga Disk File at a time,
and also limited to detecting/decrypting The Lamer Exterminator virus.
Support for unencrypted viruses should arrive quickly,
and then I plan to start on more encrypted viruses.

link removed due to possible virus infection. OP repost the link once this is sorted. Thanks BippyM

Cheers, Art.

Last edited by BippyM; 10 July 2013 at 19:59.
xArtx is offline  
AdSense AdSense  
Old 10 July 2013, 17:23   #2
prowler
Global Moderator

prowler's Avatar
 
Join Date: Aug 2008
Location: Sidcup, England
Posts: 10,278
ADF Checker Demo canot be downloaded because LExTerminator.exe is infected with Win32.Virtob malware, according to Avast!
prowler is offline  
Old 10 July 2013, 18:11   #3
s2325
Zone Friend

s2325's Avatar
 
Join Date: Jun 2006
Location: Gargore
Age: 37
Posts: 17,807
You can not trust Avast.
s2325 is online now  
Old 10 July 2013, 18:17   #4
ShK
Apollo Team
ShK's Avatar
 
Join Date: Mar 2013
Location: Lahti / Finland
Age: 46
Posts: 258
Nod32: LExTerminator V1.zip, Win32/Virut.AV virus
ShK is offline  
Old 10 July 2013, 18:22   #5
TCD
Registered User

TCD's Avatar
 
Join Date: Sep 2006
Location: Germany
Age: 39
Posts: 24,032
xArtx informed me that it'll be reported as virus infected and said he'll try to fix it. Avira also complains about the file btw.
TCD is offline  
Old 10 July 2013, 19:58   #6
BippyM
Global Moderator

BippyM's Avatar
 
Join Date: Nov 2001
Location: Nottingham, UK
Age: 42
Posts: 8,621
Link removed until OP can confirm a non virus infected version is uploaded.
BippyM is offline  
Old 11 July 2013, 01:36   #7
xArtx
Registered User
 
Join Date: Jun 2013
Location: Australia
Posts: 636
I sent a pm after I posted, but before the post was approved (thankfully).
There was indeed a virus on my PC that infected the exe right at compile time!

I have moved the project to a new PC, and have it sorted:
http://www.sendspace.com/file/x74lqd
http://www.sendspace.com/file/nl9wts

Also fixed a GUI issue with overlapping objects depending on Windows version.

Quote:
Originally Posted by s2325 View Post
You can not trust Avast.
It's an old virus "Virtob" and Mcafee free virus scan didn't get it.
I love Windows The whole installation will have to go

Last edited by xArtx; 11 July 2013 at 05:31.
xArtx is offline  
Old 11 July 2013, 21:30   #8
prowler
Global Moderator

prowler's Avatar
 
Join Date: Aug 2008
Location: Sidcup, England
Posts: 10,278
Quote:
Originally Posted by xArtx View Post
I have moved the project to a new PC, and have it sorted:
http://www.sendspace.com/file/x74lqd
http://www.sendspace.com/file/nl9wts
Yep, that's fixed it. Thanks!
prowler is offline  
Old 11 July 2013, 21:58   #9
DaveMB
Banana in disk drive eror
DaveMB's Avatar
 
Join Date: Oct 2010
Location: England (Hull)
Age: 37
Posts: 354
Aaahh cool, a virus infected 'virus detector' lol

Cool program though, nice work.
DaveMB is offline  
Old 11 July 2013, 22:43   #10
s2325
Zone Friend

s2325's Avatar
 
Join Date: Jun 2006
Location: Gargore
Age: 37
Posts: 17,807
Long ago I had compressed file compressor, nothing new

Last edited by s2325; 12 July 2013 at 08:31.
s2325 is online now  
Old 12 July 2013, 05:01   #11
gnujon
Registered User
 
Join Date: Apr 2013
Location: Tauranga / New Zealand
Age: 41
Posts: 42
Wasn't 'Lamer Exterminator' actually the name of an Amiga virus back in the day?

Oh, sorry, just re-read the original post. I was confused by the name of the app. ;-)

Last edited by gnujon; 12 July 2013 at 05:03. Reason: Lack of coffee today
gnujon is offline  
Old 12 July 2013, 10:22   #12
xArtx
Registered User
 
Join Date: Jun 2013
Location: Australia
Posts: 636
I'm shooting for something much more comprehensive.
I think I'll run into trouble with the polymorphic type, and don't have any ideas there.
It would be easy to identify a non-standard bootblock, but that doesn't mean it's anything bad.
xArtx is offline  
Old 18 December 2013, 22:01   #13
1time
Amiga Lover

1time's Avatar
 
Join Date: Jan 2010
Location: Stockholm / Sweden
Age: 40
Posts: 565
Noticed that version 2.0 of this tool has been released and i cant find any "viruses" on this file. http://www.freewebs.com/defxev/bigcalc.htm
1time is offline  
Old 23 December 2013, 15:24   #14
xArtx
Registered User
 
Join Date: Jun 2013
Location: Australia
Posts: 636
Version 1 was fixed before it really made it to the public since posts in the area
are moderated, I got to the moderators before the post made it.

Quote:
Originally Posted by 1time View Post
Noticed that version 2.0 of this tool has been released and i cant find any "viruses" on this file. http://www.freewebs.com/defxev/bigcalc.htm
xArtx is offline  
AdSense AdSense  
 


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Similar Threads
Thread Thread Starter Forum Replies Last Post
Demo wanted in .adf or .dms? ipod_sock support.Demos 25 10 March 2010 01:56
ADFCHK (ADF checker for ADOS disk images) - v0.2.1 released andreas News 8 03 December 2009 16:22
Create and ADF of my old demomaker demo bLAZER request.Other 39 15 April 2009 03:47
Is there batch ADF checker? Oxygene support.Apps 9 10 November 2006 14:28
Virus-Checker? BarrySWE support.Apps 4 27 October 2005 21:52

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 09:18.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Page generated in 0.24535 seconds with 11 queries