home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Frozen Fish 2: PC
/
frozenfish_august_1995.bin
/
bbs
/
d01xx
/
d0161.lha
/
VRTest
/
VRTest3.2_DOC
< prev
next >
Wrap
Text File
|
1988-10-02
|
8KB
|
194 lines
VRTest 3.2
By Babar Khan
⌐ 1988 by Deltaware Products
*Special thanks to Akbar Khan for his amazing VRT Workbench icon*
VRTest 3.2 adds a few new major features plus improvements. To see the
list of new features/improvements read the text file included called
'NewIn3.2'.
To run VRT 3.2 from the Workbench, simply double-click on its icon and the
Virus Monitor window will open (as long as there's memory).
Example of Running VRT 3.2 from the CLI:
1> "Run VRTest3.2"
or
1> "RunBack VRTest3.2"
The above will open up the Virus Monitor Window which has a menu strip
attached to it.
1> "Run VRTest3.2 -S"
or
1> "RunBack VRTest3.2 -S"
The above will dump 2048 bytes of memory starting at $7E7FE to the CLI.
The other option switch [-A] is explained under the 'Switches' section.
NOTE: Running VRTest 3.2 with a stack size of 4000 bytes is more than
sufficient.
When VRTest is run without any parameters, a small window will open on
the Workbench screen, and begin monitoring protected memory for viruses.
If it finds something lurking in this memory, it will get your attention
by flashing all the system screens (this is called 'display beeping')
and will then change the window to read '$7E7FE: VIRUS'.
Note that the window which comes up also has menus attached to it; activate
the window by clicking in it, then examine the menus by pressing the right-
mouse button. Below is a brief description of each menu/sub menu. (Fully
updated for version 3.2).
==========MENUS==========
View DF0:
---------
When selected, this will open a window and show the boot block of the disk
in drive DF0:. When the dump is complete, you will be prompted to hit any
key to continue.
View DF1:
---------
When selected, this will open a window and show the boot block of the disk
in drive DF1:. When the dump is complete, you will be prompted to hit any
key to continue.
Install DF0:
------------
This menu item will write out a standard boot block to the disk in drive DF0.
Note that you are not asked if you are sure before the disk is installed. Be
sure not to install games or programs that have non-standard boot code (for
example, the game "Barbarian").
Install DF1:
------------
This menu item does the same as Install DF0:, except it writes the boot block
out to drive DF1:.
View RAM at $7E7FE
------------------
This menu item, if selected, will open a window and display the contents
of RAM at $7E7FE.
When the memory-dump is complete, you may hit any key and the Status Window
will disappear, allowing you to make other selections, as well as allowing
the Virus Monitor to continue checking memory.
NOTES ABOUT VIRUSES:
The ByteBandit went into $7E7FE on my un-expanded Amiga.
The SCA went in a little before $7EC00.
From what I hear, the ByteWarrior goes into $7E7FE, and the
LSD goes into the same place as SCA.
If the Virus Monitor window ever reads '$7E7FE: VIRUS', then
it is a good idea to use to View RAM item to find out what virus
is actually residing in RAM. Most viruses have strings in them,
such as 'Mega-Mighty SCA' or 'Byte Bandit'. When you view RAM,
you may see one of these strings - if you do, you have identified
a virus.
For more information on how to kill it, read the file NewIn3.2.
Before erasing any viruses out of RAM, you should check the
vectors, and if the vector window says 'ALERT', then you should
clean up RAM and reset the vectors. (If the vectors are normal,
but there is a lot of garbage in memory, it's possible that it's
a virus like ByteBandit, or it could be just data. The best thing
to do is save any thing you're working on or have in RAM or
recoverable RAM disk, and then select Clean RAM at $7E7FE; if the
machine locks up and then a GURU comes up, it was a virus you had
in memory. Otherwise it was just data some program put in that
memory (the latter isn't likely to happen - if some program puts
data in THAT memory, it probably won't be very much).
Clean RAM at $7E7FE
-------------------
This option of VRT is one of its most useful. It allows you to kill viruses
residing in protected memory. It clears 2048 bytes starting at $7E7FE.
Please read the NewIn3.2 for information on killing off all viruses in
memory.
Show C/WCV
----------
This menu item can be toggled on or off (if on, a checkmark will be placed
beside it) - when turned on, another small window will open right beside the
initial position of the other window.
The purpose of this window is so you can monitor three vectors called
ColdCapture/CoolCapture/WarmCapture.
These are part of the base of the exec library, and are usually modified by
by most viruses. Some viruses, (for example the ByteBandit) patch directly
into the system however, so this won't be modified if that type of virus is
in your memory. By being able to monitor these vectors, you can detect if
something, for example a virus, is executing before the regular re-boot
code. If the window reads 'VECTORS NORM.', use the View RAM menu item to make
sure there is no virus in your memory; if nothing shows up everything is fine.
But if the VECTOR window reads 'VECTORS ALERT', however, you'd better start
worrying, because something has modified one of the vectors. If the latter
is the case, it is very likely you have a virus in RAM.
Luckily, VRT has features for killing viruses! You can reset all the
vectors using the Set C/WCV menu item; read its description below.
If you wish to close the VECTORS window when it is open, simply select
its menu item again, and it will disappear.
Set C/WCV
---------
If this menu item is selected you will then be asked if you are sure you
wish to reset the Cold/Cool/WarmCapture vectors to point where they should be
- selecting 'Reset' will reset them.
Quit
----
When selected, this closes down VRT and returns all memory and resources.
==========SWITCHES==========
[-S] Switch
-----------
If VRT 3.2 is run with this switch, it simply dumps 2048 bytes of $7E7FE
to the CLI.
[-A] Switch
-----------
This switch does exactly the same thing as the running VRT without any
parameters except it doesn't display beep all screens if it finds virus(es) -
instead it puts up an alert to get your attention.
This option, therefore, should be used if you want to be distinctly alerted
about any viruses in memory.
NOTE: this switch should *NOT* be used if you are a BBS operator, as the
alert takes over the machine until you click one of the mouse buttons; at
this time it will change the display to read '$7E7FE: VIRUS'. (It takes over
the machine to compensate for a bug in Intuition's DisplayAlert() call.)
=========CONCLUSION========
As you can see, VRTest 3.2 is a handy virus checker/killer to have around.
I encourage you to put it into your startup-sequences and have it running at
all times, and really want everyone to spread it as many people/BBSs as
possible.
VRT 3.1 wasn't too popular, however VRTest 3.2 now has some powerful new
additions and improvements, so I am anticapating people will like it.
This program freely distributable. If you find any bugs, please leave me a
message on my BBS:
NAME : M31 BBS
INFO : 7 days a week
HOURS: 24 hours a day
BAUD : 300/1200/2400 bps
PHONE: (416) 439-0493
Thank you.
=========PROGRAM DATA========
VRamTest was coded ENTIRELY from scratch by Babar Khan in 100% 68000 assembly
language.
If you have ANY problems at all with this program, feel free to leave me
a message on M31, or write me a letter - I will be glad to help.
-B.Khan, 04/09/88