home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
TPUG - Toronto PET Users Group
/
TPUG Users Group CD
/
TPUG Users Group CD.iso
/
AMIGA
/
(A)U
/
(A)U5.ADF
/
VRTest4.1
/
VRTest4.1_DOC
< prev
next >
Wrap
Text File
|
1989-07-20
|
9KB
|
306 lines
VRTest 4.1
by Babar Khan
⌐ 1988,89 by Deltaware Products
Date: July 20, 1989
This program is freely-distributable. Please keep all the files in the
archive together.
NOTE:
In case you are wondering why no source is included with this release, I don't
think it's in good enough condition to be released. THIS IS BY NO MEANS A
VIRUS OR TROJAN! If you don't believe it, you can always disassemble it
yourself.
For a list of the new VRTest features, see the end of this file.
Beta-testing by:
Chris Larcombe
Jonathan Forbes
Thanks very much to the beta-testers!
Special thanks to Akbar Khan for the icon.
Thanks to Jonathan Forbes & Jean-Marc Leclerc for sending me the Lamer
Exterminator virus.
VRTest is a full-featured, easy to use, virus checker and killer written in
assembly language. It is operated by quick pull-down menus. When run, it
opens two windows and checks for viruses in memory, and non-standard boot
blocks on disks.
It has been tested with the following viruses; it will find them and kill
them as well. It will also find many other viruses, that are not listed
below (including future ones), since it does not check for specific
viruses.
SCA1
SCA2
Byte Bandit1
Byte Bandit2
Byte Bandit3
Byte Warrior
Revenge
FatMan
North Star
"Blank"
Lamer Exterminator
It has not been tested with the following viruses, but it should kill
them:
Obelisk
Pentagon
Graffiti
DiskDoktor
VRT is NOT limited only to killing the mentioned viruses!
---
VRTest runs from the CLI, or the Workbench. To run from Workbench,
double-click on its icon. VRTest has three parameters which can be
activated from the CLI:
? : this parameter reminds you of all VRTest's CLI parameters.
-A : this parameter switch turns on the VRT Alert Mode (see below for
a description of this mode).
-S : this parameter switch turns on the VRT CLI-Dump Mode (see below
for a description of this mode).
For example, if you wanted to execute VRTest in the Alert Mode, then
you would type the following in a CLI window:
RUN VRTest4.1 -A
or you would type,
RUNBACK VRTest4.1 -A
Upper/lower case does not matter for the parameters.
VRT Alert Mode
In this mode you are notified more distinctly when a virus is found;
a large box (an alert) will appear at the top of the screen you are
working on, and will say:
ALERT: data discovered in memory - possible virus!
VRTest will then wait until you press the left-mouse button, before
resuming normal virus checking.
VRT CLI-Dump Mode
This mode is very different from the normal [no parameter] mode, and
it does not open a window. It simply prints part memory into the CLI
window from which it was run. This mode is meant for low-memory
situations. If you see something shown in the display of memory, it is
possibly a virus. You will have to use the Clean RAM menu to kill the
virus.
MEMORY Window
This window tells you if a virus is in memory. Normally without a virus in
the system, the window should say:
MEMORY: CLEAN
When there is a virus in memory, it will say:
MEMORY: VIRUS
VRTest Pull-Down Menus
Here are the descriptions, and uses of the menus.
View
----
View shows you the boot block of a disk. If the boot block is non-standard
it will tell you this in a complementary colour at the bottom of the
window.
Install
-------
Install writes the standard Workbench 1.3 boot block onto your disks. If
your disk is write-protected, the screen will flash to tell you the disk
couldn't be installed. This option will kill any boot block virus on your
disk. But be careful: some viruses will re-infect the disk after you
install it. Be sure that you don't use this option on your commercial
programs (some have custom boot blocks that will be erased). NOTE: you
aren't asked 'Are you sure?' when you select this option!
De-install
----------
This selection, as the name implies, undoes an installed boot block, so a
disk will no longer boot. (The string "DOS" is written out to the boot
block.)
View RAM
--------
This shows you the contents of memory (where viruses enter). If anything
is shown, use the Clean RAM option to kill the virus.
Clean RAM
---------
This will kill a virus in memory by clearing memory (where viruses enter).
Caution: the system may crash with certain viruses.
Hunt'n Kill
-----------
This option will murder a virus that does not fall into the memory VRTest
checks. Use this option under the following circumstance:
a) the MEMORY window says, "MEMORY: EMPTY" and the VECTORS window says,
"VECTORS ALERT!".
It will use a very unique method of hunting down and killing the virus that
is infecting your system. Caution: the system may crash with some viruses.
Set C/WCV
---------
This option may seem confusing. In simple terms, it resets the re-boot
vectors to point correctly. A lot of viruses change one of the re-boot
vectors to stay alive after your machine is warm-booted. Use this menu
option when the VECTORS window says, "VECTORS: ALERT!". There is no danger
of crashing your system with this option.
Version 4.1 Note:
A few additions have been made to this option, so it also resets two other
important vectors.
Show C/WCV
----------
This option opens the "VECTORS" window and begins monitoring the re-boot
vectors. If any of them change or are not normal, "VECTORS: ALERT!" will
be printed in the window. When this happens, select the Set C/WCV to fix
the problem. This window can be closed at any time (though it is not
recommended) by selecting its menu option. By default, Show C/WCV is on.
Checking
--------
This is the menu which toggles disk checking. If there is a checkmark
beside this menu, disk checking is on. This means that every disk inserted
in every drive is checked for a non-standard boot block. If one is found,
all system screens are flashed and "- DFx:" is printed inside the "MEMORY"
window. x depending on which drive the possibly infected disk was found
in. You can shut disk checking off at any time. If you use the "SystemZ"
virus checker (which has a custom boot block), you are in luck. VRTest
does not consider its boot block non-standard as do most other virus
checkers. By default, Checking is on.
Save Config
-----------
This option saves a config file ("VRT.DAT") in your S: directory. This file
is searched for in S: as well as the current directory whenever you run
VRTest, and the settings found within it are used. The current position
of both windows, whether Checking is on or off, and whether the Show C/WCV
window is open or closed, is saved in the file. The config file is only 24
bytes long, and does not clutter your main directory. Also, since it is
saved to a logical device (S:), you can always use the ASSIGN command to
re-assign S:. If an error occurs during the config save, all screens will
be flashed.
Version 4.1 Note:
VRTest 4.1 will not recognize a 4.0 config file, so simply re-save your
configuration, and the 4.0 VRT.DAT will be overwritten.
Print
-----
This selection prints the last shown boot block to your printer in a nice
formatted manner, so you can compare or examine various boot blocks. The
selected Preferences printer driver will be used.
Note: The printer.device MUST be in DEVS: for this options to work. Also
make sure that your printer is online and ready before you select this
menu!
Quit
----
This option does as it says and will close down VRTest.
Improvements/Additions in 4.1
o 68010/68020 compatibility added
o configuration file bug fixed (finally!)
o System-Z 5.0-boot block recognition added
o System-Z recognition in memory removed
o De-install menu option added
o Print menu option added
o virus killing significantly improved
o other bug fixes and small changes
Improvements/Additions in the last version, 4.0
o disk checking
o configuration file
o four drive support
o Hunt'n Kill
o Amiga-key equivalents
o improved virus checking/killing
o System-Z recognition
o extraneous-character filtering
o depth gadgets on VECTORS window
o many display changes
o mouse AND keyboard exiting from windows
o other little things
Final notes...
I am currently working on VRTest 4.2, and a very nice program called
VirusMaster. Look on my BBS or the latest Fred Fish disks for these
programs in the near future.
If you have any new viruses, I would GREATLY appreciate hearing from you!
Your support is appreciated. If you have any suggestions, bug lists, or
complaints I would also appreciate hearing from you. If you program, I
you can send me some of your programs on disk, and in return, I will send
you a disk with the latest version of VRTest.
Please write or send to:
Babar Khan
Deltaware Products
55 Merkley Sq.
Scarborough, Ontario, Canada
M1G 2Y5
By modem I can be contacted on my own BBS at:
M31 BBS
416-439-0493, 24 hrs, 7 days a week
300/1200/2400
85 Megabytes Online
(Write mail to sysop)
or on Xenomiga BBS at:
Xenomiga BBS
416-921-6638
(Write mail to Babar Khan)
The latest version of VRTest can be found first on M31 and Xenomiga.