Virus and firewalls

[Piru]

Unfortunately xvs.library does not work with OS4, and this pretty much rules out most of the antivirus apps. The author is looking for help.

Couple of years ago I helped getting xvs.library working with MorphOS, and I've used VirusZ III ever since.

I don't see any reason why the antivirus app should be PPC native, at least there is no reason for that with MorphOS. With 48h uptime, VirusZ_III has used total 30 seconds of CPU time.

[Piru]

@Hyperspeed

are some viruses incompatible with certain processors in the 68k range?

Certainly so. Many viruses broke when instruction cache was introduced with 68020 and later CPUs. Mainly this was due to self modifying code (or decryption) and failure to flush the caches.

Another source for incompatibility could come from use of "unused" bits to fool the disassembler. While these bits were usused on 68000, with 68020 and later these bits would for example indicate index multiplier [example: move.l 0(a0,d0.l*,d1 behaves like move.l 0(a0,d0.l),d1 on 68000].

Another example is move.w sr,d0, which is user mode instruction on 68000, but supervisor on 68010 and later.

For example, would the shift from '030 to '060 stop certain viruses working properly?

This is unlikely. If the virus is smart enough to work on 68020 and 68030, it would be really stupid to break on 68060.

And how do they survive a warm reset

Simple: There's ready functionality provided in the OS for this. Cool/Cold/WarmCapture vectors in execbase (these were used by bootblock viruses) and KickMemPtr/KickTagPtr in execbase (these were used by more complex things).

(RAD: is another oddity)...

Not really, it uses KickMemPtr/KickTagPtr.