home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Magnum One
/
Magnum One (Mid-American Digital) (Disc Manufacturing).iso
/
d1
/
dectc31a.arc
/
DETECT.DOC
< prev
next >
Wrap
Text File
|
1990-03-10
|
49KB
|
1,454 lines
THE DETECTIVE
Version 3.1
Complete File Tracking System
for the IBM Personal Computers and Other Compatibles
---------
User's Manual
(c) 1990 PC SOFT-TECH
March 5, 1990
Table of Contents
Introduction................................................1
Installation................................................2
The Importance of File Tracking.............................3
File Tracking and CRC Checking..............................4
How to use THE DETECTIVE....................................5
Creating the Control File...................................7
Report Generated from THE DETECTIVE........................10
What is a VIRUS?...........................................11
Importance of Virus Detection..............................12
APPENDICES:
-----------
System Requirements, Limits, and Performance................A
Warranty/Disclaimer/Terms and Conditions....................B
Registration................................................C
Control File Layout.........................................D
Sample files created by THE DETECTIVE.......................E
PAGE 1
-- INTRODUCTION --
THE DETECTIVE is a program which allows a user to verify the
integrity of files on his or her PC. THE DETECTIVE works on
systems which are stand along, file servers for a network, or
nodes within a network. Changes made to critical files
(whether they are unintentional or intentional) can be
detected quickly and accurately. This all in one program not
only can detect viral infections, but also can allow the user
to quickly review critical files on the system for any
updating which may have occurred since the last review. As
the PC world grows in size, connectivity and multi-user
environments, this becomes more and more important. THE
DETECTIVE is a must for Network Administrators who need a
quick efficient way of verifying the integrity of their system
as the program allows the user to specify exactly what drives,
directories, and files that must be reviewed.
THE DETECTIVE is available in two formats. The first is as
share-ware from many public bulletin board systems. The
second is through registration by sending $25.00 for a
diskette containing the programs (see Appendix D for order
form). Registered versions of THE DETECTIVE are available on
3 1/2" and 5 1/4" diskettes.
NOTE: THE FREE VERSION OF THE DETECTIVE WILL NOT PROCESS THE
ROOT DIRECTORIES OF ANY DISK DRIVE. IF YOU HAVE DONE A GOOD
JOB OF DISK MANAGEMENT, THE ROOT DIRECTORY SHOULD CONTAIN 3
PROGRAMS ONLY (COMMAND.COM, IBMBIO.COM, AND IBMDOS.COM). WE
REALIZE THAT THESE ARE THE MOST IMPORTANT PROGRAMS IN YOUR
SYSTEM, BUT WE BELIEVE THAT QUALITY SOFTWARE IS WORTH A
PRICE.
If you fear that the copy of THE DETECTIVE you have received has
been tampered or simply want to get the latest version, you can
call our bulletin board system at (414) 241-9125. The BBS
operates at 9600,N,8,1. You may also place your order through
the BBS (PO number required, original PO received before shipment
will be made) or send us some mail with any questions or comments
you may have.
PAGE 2
-- INSTALLATION --
THE DETECTIVE should be installed into its own directory and
will always look for and create its files in the drive/
directory from where it was invoked. If you create a
directory called DETECT and always invoke THE DETECTIVE from
that directory, you will have no problems. If, on the other
hand, you invoke THE DETECTIVE from the root directory the
first time, and from another directory on a subsequent run,
THE DETECTIVE will not be able to find the required files
([cntlfile].CTL and [cntlfile].NEW) and will establish new
files in the current directory.
To install THE DETECTIVE on the hard drive of your PC, you
must first create a directory for the programs. First make
sure you are in the root directory and create a sub-directory
called DETECT. Put THE DETECTIVE diskette in Drive A: and
follow these steps:
Go to the Root Directory, type "CD \" (enter)
Create DETECT Directory, type "MD DETECT" (enter)
Go to the DETECT directory, type "CD DETECT" (enter)
Copy DETECTIVE to hard disk, type "COPY A:*.*" (enter)
THE DETECTIVE (DETECT.COM & DETECT.DOC) is now ready for use.
If you wish to print a copy of THE DETECTIVE manual simply
type "COPY DETECT.DOC PRN" while in the DETECT directory.
The directory DETECT is not required, simply suggested. You
can use any directory name, in any path, on any drive.
PAGE 3
-- THE IMPORTANCE OF FILE TRACKING --
File Tracking today is more important than ever. Take the
case of a new or inexperienced PC user inadvertently deleting
or moving a critical file. Or the case of a user getting on
the network and changing a batch file needed by other users.
Even normal updates to existing files can be important to
detect.
With systems the size of PC's today, it can be very difficult
for an operator to detect these and other subtle changes to
the system on a timely basis, especially if limited to the DOS
environment with commands such as 'DIR'. THE DETECTIVE is
designed to give operators a method of easily checking out
what changes have been made to the system in an efficient,
timely manner. With THE DETECTIVE's versatility, the operator
can check only the drives/directories and files required. And
THE DETECTIVE will perform the requested checks very fast.
By invoking THE DETECTIVE on a regular basis, the operator can
request that all changes made to any (or those designated)
files, in any or all paths which have been changed or updated
since the last time THE DETECTIVE ran, be highlighted in a
concise report file. This file can be saved for future
reference as well as be printed immediately.
One client we support has well over 100 programs and batch
files that we change periodically. When it comes time to
produce a new release of the system, we run THE DETECTIVE and
it tells us everything that has changed and thus what we must
update in the next release of the software.
Another critical use of THE DETECTIVE is the ability to know
what software is being used on a specific computer. If you
are using THE DETECTIVE in a business environment and have
expensive word processors, spreadsheets, or data base
managers, and you find that the files created by these
products are not changing, you can pretty well assume that the
products are not being used very often and may wish to
reexamine the need for the software product on a specific
machine.
PAGE 4
-- FILE TRACKING AND CRC CHECKING --
File tracking with THE DETECTIVE is simple and fast. You need
only specify the paths (including drive letter) and file
extensions to track. If you are concerned about prgrams in
your system you would generally track EXE, COM, SYS, and OVL
type files. If databases are more critical to your needs you
could track DAT, IDX, and any other extensions that represent
your databases. You can even track both types and others at
the same time. If you have different conditions, timings,
and/or users, you can run THE DETECTIVE at different times
with different control information. This allows you to meet
nearly any users needs.
For file tracking, the program will find all requested files
in the requested paths and log each file along with its date,
time, and file size. On subsequent runs, this information is
gathered over again and a report file of all differences is
created. Any time a file is changed in any manner, DOS will
re-update the files date, time, and size. This is what THE
DETECTIVE keys in on for file tracking. There are some
programs that do not have DOS update this information in which
case no change is found since none of the attributes of the
file have changed. These types of programs are few and far
between, but they do exist. In order to detect changes in
these conditions, THE DETECTIVE must do CRC checking.
The CRC (cyclic redundancy check) is the key to knowing if a
file has truely been modified. Specifically, the CRC is a
process of taking the first byte within a file and through an
algorithm, apply a value of the next byte in the file to
derive a hexadecimal representation as of that byte in the
file. This process repeats until each byte of the file has
been applied to the algorithm, the result being a 4 character
hexidecimal code. Some people claim that a standard CRC check
is not sufficient, in fact, a program exists that will modify
a file and not change the CRC value. For this reason THE
DETECTIVE USES 2 DIFFERENT CRC ALGORITHMS!!. If, in the
unlikely chance, the standard CRC is not altered, our second
CRC will be.
The process of doing the CRC calculation requires that each
byte of the file be read. This entails much overhead compared
to file tracking alone, but we have minimized this by writing
THE DETECTIVE entirely in assembler. Simply stated, you will
not find a faster product.
We recommend that you use the CRC feature on all program type
files (EXE, COM, SYS, and OV*). Programs in a system should
never change unless they are updated to a newer version. The
main purpose then for doing CRC checking is to detect viruses.
The likelyhood of being infected is slight, but the potential
damage can be disasterous. An ounce of prevention...
PAGE 5
-- HOW TO USE THE DETECTIVE --
THE DETECTIVE essentially takes a snapshot of all specified
files in the specified paths of the specified drives. At a
later point in time you run THE DETECTIVE again telling it to
check for all differences since the last time it was run. A
report will then be created detailing all changes that had
occurred. These changes are composed of added and deleted
directories, and added, deleted, or changed files. Doing this
on a weekly basis (for example) would give you a history of
all changes made. You also have the ability to run an
unlimited number of scenarios since each scenario you define
is stored in a user defined control file. All files that are
created using this 'control file' retain the control file name
but have a different file extension. With this control, you
can let specific users track their own files in a number of
different ways while the system administrator tracks system
wide files. These are just two of many possible variations.
Before THE DETECTIVE can start issuing reports of all changes,
you need to run it once to create the 'control file' and 'base
file'. The control file contains the names of all paths to be
searched, the file extensions to track, the file extensions to
CRC, an indication if sub-directories are to be searched, and
an indication if the program should abort if files are
unavailable or damaged. The base file contains the snapshot
of all directories and files found in the search, the date,
time, file size, and CRC of file, and the options used to
create the base file (from the control file). Once these
files are created, subsequent executions can be done which
will detail all changes since the previous run.
If, after the initial run, you wish to change the options, you
can rerun THE DETECTIVE as if for the first time and change
the options. Since an initial run does not create a report of
changes, you should only do this immediately after a run that
did create the report of changes. If you are an advanced
user, you could use your text editor to change the options in
the control file rather than doing it through THE DETECTIVE.
By doing this you would not have to re-create the base files,
just change the control file and run THE DETECTIVE in its
checkout mode. The format of the control file is given in the
appendicies.
To invoke THE DETECTIVE for the first time to create the base
files, simply type "DETECT [optional control file name]". If
no control file name is specified, you will be prompted for
one. If the control file name is specified, it cannot contain
a file extension. THE DETECTIVE reserves the file extension
".CTL" and will create the control file with the .CTL
extension. After this invocation the program will prompt you
for the options required.
To invoke THE DETECTIVE for the checkout process, type "DETECT
[control file name] C". The 'C' indicates to the program that
it is to perform the checkout process. In this mode there is
no operator intervention required since the program will read
the options from the control file and perform its task.
PAGE 6
-- HOW TO USE THE DETECTIVE -- (continued)
You will generally want to run the checkout process in a batch
file. This is because THE DETECTIVE sets the DOS errorlevel
to indicate the result of the run. The values for errorlevel
are as follows:
0 = The program ran successfully and
no changes were reported.
1 = The program ran successfully and
some changes were reported
2 = The program ran successfully and
some CRC changes were reported
3 = The program aborted
Errorlevels 0 and 1 are normal and expected. Errorlevel 2 means
that a file that had CRC calculations made changed. An
errorlevel of 3 means that something happened that should not
have. The disk could be full so the report file could not be
created, a file could be locked and the options require all
files to be available, a read error could have happened, the
base files do not exist, the base files are corrupted, etc. If
this condition exists, it could happen at any time during the
checkout process. After determining the result of the problem,
you will have to make sure that the base files are restored to
their original state before re-running. The control file should
need no changing, but the snapshot file may need to be restored
(a simple rename will do, see below).
All files created by THE DETECTIVE have the same name as the
control file but with a different extension. The files
created are as follows:
[cntlfile].CTL - Control file
[cntlfile].RPT - Report file containing the list of all
differences since the last run
[cntlfile].NEW - The base file containing the current
snapshot of all paths and files tracked
[cntlfile].OLD - The previous base file
When THE DETECTIVE is run in the checkout mode, it performs
the following tasks:
1. Check the command line for proper format
(DETECT [control file name] C)
2. Open and validate options in control file
3. Delete [cntlfile].OLD if it exists
4. Rename [cntlfile].NEW to [cntlfile].OLD
5. Create [cntlfile].NEW
6. Delete [cntlfile].RPT if it exists
7. Create [cntlfile].RPT
8. Open [cntlfile].OLD (to compare to [cntlfile].NEW
in order to create report file)
You will note from this that the report file is deleted. If
you wish to retain this, you should either print it or rename
it for later reference.
PAGE 7
-- CREATING THE CONTROL FILE --
When you run THE DETECTIVE to create the base files, the
following screen is displayed:
|------------------------------------------------------------------------------|
| THE DETECTIVE V3.1 (C)1989 PC SOFT-TECH |
|------------------------------------------------------------------------------|
| Global Options; Control File Name (no extension): NEW FILE! |
| Abort If Files Unavailable (Y/N): |
|------------------------------------------------------------------------------|
| Path: Include Sub-Dirs (Y/N): |
| File Extensions To Track: |
| File Extensions To CRC: |
| |
| Path: Include Sub-Dirs (Y/N): |
| File Extensions To Track: |
| File Extensions To CRC: |
| |
| Path: Include Sub-Dirs (Y/N): |
| File Extensions To Track: |
| File Extensions To CRC: |
|------------------------------------------------------------------------------|
| Errors: |
|------------------------------------------------------------------------------|
| Help: Enter the name of the control file. An extension of .CTL |
| will be appended to it. All files created will have the same |
| name, but with a differnt extension (.NEW, .RPT, .OLD, etc). |
| F1=Save File and continue |
|------------------------------------------------------------------------------|
During editing of the fields above, the following edit keys
are available:
backspace - deletes the character to the left of the
cursor and shifts all following characaters
to the left 1 character
delete - deletes the character under the cursor and
shifts all following characters to the left
1 character
insert - allows you to insert characters into the
field and shifts following characters 1
character to the right
home - moves the cursor to the first position in
the field
end - moves the cursor past the last character in
the field
page up - moves cursor up to the next field group
page down - moves cursor down to the next field group
tab - moves cursor to the next field
backtab - moves cursor to the previous field
right arrow - moves cursor right 1 character
left arrow - moves cursor left 1 character
enter - moves cursor to next field
PAGE 8
-- CREATING THE CONTROL FILE -- (continued)
F1 - saves the options and starts processing
F3 - sorts the paths (available only when cursor
is in one of the paths fields)
F5 - deletes the path the cursor is under
(available only when cursor is in one of
the path fields)
ESC - Quits editing and will not save the
control file
During the editing process, the field 'ERRORS' will show any errors
encountered or invalid data entered and the field 'HELP' will give
field sensative help and where appropriate, sample data to enter.
Below is a description of each field that needs to be entered:
Control File Name -
Type into this field the name of the control file.
If it does not exist a message will be displayed
displayed indicating that it is a new file. If the
file does exist, it will be loaded and you will be
able to page through it, make any changes necessary,
and then save it and continue. If the name is not
the name you want, you can go back and change it.
Remember to specify the file name without an
extension.
Abort if files Unavailable -
In a single user system, it is rare that files will
be locked by another program or application, even
if running under a multi-tasking operating system.
Files can however be locked if the file sharing
option of DOS is loaded (refer to your DOS users
manual). If you are running under a network, it
likely that files will be locked. If you enter a
'Y' to this question, THE DETECTIVE will abort if
it tries to access a file that is locked. If you
enter a 'N' to this question, any files that are
unavailable, for whatever reason, will simply be
logged in the [cntlfile].NEW with the reason for
the unavailability. This may result in that file
being reported on the [cntlfile].RPT file.
Path -
Enter the path name of the directory to be checked
such as C:\ or C:\DBASE or F:\DOS\UTILITY or
Z:\ACCTNG\GL\CHARTACT. If any directory does not
exist (and thus drive letter), the cursor will not
leave the field and you will have to re-enter it.
If you simply want to get rid of the path, press F3
to delete it. In a Novell Netware environment, a path
name can be as long as 128 characters long. If the
path you enter is longer than the field on the screen,
the name will be scrolled (from left to right)
automatically.
PAGE 9
-- CREATING THE CONTROL FILE -- (continued)
Include Sub-Dirs -
If you want to check the sub-directories of the path
specified, enter a 'Y', otherwise enter a 'N'.
A path of C:\ and including sub-directories will
check the entire C drive.
File Extensions To Track -
You can specify up to 10 file extension to track in
the given path, the wildcards * and ? ar valid. A
'* ' will check all files, 'C* ' will check all
files beginning with the extension of 'C', 'R?X'
will track all files with 'R' as the first character
of the extension and have a 'X' as the last
character of the extension.
File Extensions To CRC -
This functions exactly as file extensions to track
except that files with these extensions will have
CRC (cyclic redundancy check) calculations made.
Generally you want to specify EXE, COM, SYS, and
OVL for this field. Keep in mind however that doing
the CRC check requires that each byte of the file
needs to be read where tracking above simply finds
the attributes (date, time, file size) of the file.
When entering path information, paths can be nested. What
this means is that you can specify C:\ and include
sub-directories and also specify C:\DBASE with or without
sub-directories. If these were the only two paths entered, all
of drive 'C' would be checked with the attributes specified
for C:\ with the exception of the path C:\DBASE and its
sub-directories. C:\DBASE would use the attributes specified
for C:\DBASE, and the sub-directories of C:\DBASE, if included,
would also use the attributes C:\DBASE. There is also no
limit to the nesting that could be done.
PAGE 10
-- REPORT GENERATED BY THE DETECTIVE --
As noted in the previous section, THE DETECTIVE will create
the report file [cntlfile].RPT only during the checkout
process DETECT (control filename) C. If [cntlfile].RPT exists,
it will be deleted and a new one created, again in directory
from where THE DETECTIVE was invoked.
The [cntlfile].RPT file can be stored on the user's hard disk
as well as printed on his or her printer. The report will
list the start and end time of THE DETECTIVE file check. It
will also list all files that have changed since the last time
THE DETECTIVE was run (added, deleted, changed).
Since the [cntlfile].RPT file is automatically written to the
hard disk, THE DETECTIVE can run unattended from batch and
allow the user or network administrator to check out what
changes have occurred since the last running of THE DETECTIVE
when he or she is available. Network Administrators can set
THE DETECTIVE up as part of an initial boot-up of a machine by
placing the DETECT (control filename) C command in the
machine's autoexec.bat file and have it check the root
directory only with no sub-directories. If changes to main
system files have caused corruption, the errorlevel can be
checked and the batch file paused before the network starts
running.
The Report has the following format:
THE DETECTIVE STARTED AT 21:29:06 ON 05/22/1989 VERSION 3.1
Report of differences since last run
Last run was on 05/15/1989 at 16:50:27
ADDED DIR: C:\DATABASE
ADDED FILE: DATABASE ZIP 47294 5-22-89 7:08p 0000 0000
DIRECTORY: C:\DESQVIEW
ADDED FILE: DVSETUP BAK 722 4-08-89 8:28p 0000 0000
CHANGED FILE FROM: DVSETUP DV 722 4-08-89 8:28p 0000 0000
TO: DVSETUP DV 722 5-21-89 12:44p 0000 0000
CHANGED FILE FROM: SPFCOMM PRM 828 3-22-89 10:58p 0000 0000
TO: SPFCOMM PRM 828 5-21-89 12:54p 0000 0000
DIRECTORY: C:\PS
DELETED FILE: DIRSORT COM 6292 1-21-85 3:00p 0000 0000
CHANGED FILE FROM: FILECOPY EXE 12224 3-09-89 5:02p 0000 0000
TO: FILECOPY EXE 12224 5-18-89 5:11p 0000 0000
ADDED FILE: PS01010X EXE 22304 5-22-89 3:23p 0000 0000
ADDED FILE: PS01020X EXE 9552 5-22-89 3:11p 0000 0000
CHANGED FILE FROM: TEST1 CTL Sharing Violation
TO: TEST1 CTL 260 5-22-89 5:06p 0000 0000
THE DETECTIVE ENDED AT 21:29:24 ON 05/22/1989
PAGE 11
-- WHAT IS A VIRUS --
A computer virus is a piece of program code that exists within
an otherwise normal program. When this program is run, the
viral code seeks out other programs within the computer and
replicates itself. The other programs can be anywhere in your
system and can even be the operating system itself. This
infection can grow geometrically depending on the number and
different types of programs you run (1 program infects 2, 3
then infect 6, 9 then infect 18...). At a given point in time
or based on some other external triggers such as the number of
times the program was run, the amount of free disk space is
reduced to below 10%, or any of a million other circumstances,
the viral code goes to work doing what it was intended for.
It could be as harmless as blanking your screen or as vicious
as formatting your hard disk and everything inbetween is
possible.
The concern over viruses has grown enormously over the past
year and even IBM and NASA have been infected. You would think
(or hope) that high security installations like NASA would be
free from infections, but the fact of the matter is that it
can happen to any computer, no matter how hard you try to
prevent it.
There is some software on the market today that tries to stop
viruses from spreading by monitoring disk access and only
allowing authorized updates. The biggest problem with these
is that they are doing this monitoring while your doing your
day-to-day work. You may not see any impact on performance
with a fast cpu and disk, but not everyone has that sort of
equipment. A bigger problem is that some viruses are created
knowing what and how these monitor programs work. Once
knowing this the virus can circumvent the protection process.
We by no means imply that these viral-fighting programs are
less than adequate, but only want you to know that regardless
of the precautions, a virus can still infect your system.
PAGE 12
-- THE IMPORTANCE OF VIRUS DETECTION --
Unfortunately, today viruses are a fact of life. They can
cripple or destroy your machine or network system. The key to
keeping your system virus-free is timely verification and early
detection. A program that is so complex or time consuming to run
will not be used, and therefore be of little help. Operators and
network administrators need a fast, simple, and inexpensive pro-
gram that can be depended upon to warn of an infection before any
damage is done.
A virus that goes undetected on your system or network can have
devastating affects. Not only can your system be stopped due to
replication of program code filling up your memory, but also files
can be erased or manipulated to the point they do not function. And
what about hackers who infiltrate your system and steal secured
information. An article in the June 5, 1989 Computer World Magazine
describes hackers getting into a real estate firm in the suburbs of
Chicago and stealing credit card and long distance calling card
numbers.
Even authorized users of a system or network can cause problems.
They can download an infected program from a bulletin board system
or mistakenly change a file required by the system.
THE DETECTIVE is the answer. Speed, ease of use, and versatility
all rolled up into one inexpensive program. And virus detection
is an additional benefit to a program already used to monitor and
control your system or network. By simply adding the file extensions
you wish to do CRC checking on to your control file, you have added
state of the art virus detection to your system or network. No
additional programs are required. And no addtional runs of THE
DETECTIVE are required. In the same pass with the other file
verification you have set up, THE DETECTIVE will do the double CRC
verification of critical files such as *.SYS, *.COM, *.EXE files
and issue a report highlighting changes to the CRC which could
denote a virus has infected the system.
APPENDIX A
-- SYSTEM REQUIREMENTS, LIMITS AND PERFORMANCE --
THE DETECTIVE has been successfully run using DOS 2.0 through
DOS 4.0 and has been run on the following machines (not all
versions of DOS on all machines):
o IBM PC
o IBM XT
o IBM XT/286
o IBM AT
o IBM PS/2 Model 50, 60, 70 and 80
o Compac Deskpro
o Compac SLT 286
o Leading Edge Model D
o Panasonic Business Partner
o Gateway 2000 25mhz 80386
THE DETECTIVE has a color display while running and works well
using Monochrome, CGA, EGA, and VGA adapters/monitors.
THE DETECTIVE requires 256k
A maximum of 4096 tracked/CRC files per directory are allowed.
A maximum of about 2500 tracked/CRC directories are allowed.
This may vary since all available memory is allocated to hold
a table of all directories. About 2000 directories can be
processed if 512k of memory is available.
THE DETECTIVE is written totaly in assembler and is very very
fast. To track files only, the run time will be well less
than a minute for a small size system to five or ten minutes
for a large network file server.
Running THE DETECTIVE with CRC checking requires the reading
of entire files. On an 8 mhz AT about 2.5 to 3 megabytes are
processed each minute. This figure rises to about 6 megabytes
per minute for a 25 mhz 80386 machine. The average will
fluctuate depending on the processor, disk speed, and for
networks, the speed of the line.
APPENDIX B
-- WARRANTY/DISCLAIMER/TERMS & CONDITIONS --
PC Soft-Tech warrants to the original purchaser of this computer
software product that the recording media on which the programs are
recorded will be free from defects in material and workmanship for
ninety (90) days from the date of purchase. Defective media
returned by the purchaser within ninety (90) days will be replaced
without charge provided the returned media have not been subjected
to misuse, damage, or excessive wear.
PC Soft-Tech does NOT warrant that the programs will meet the
purchaser's specific requirements. ANY STATEMENTS MADE REGARDING
THE UTILITY OF THE PROGRAMS ARE NOT TO BE CONSTRUED AS EXPRESS OR
IMPLIED WARRANTIES.
THIS WARRANTY IS IN LIEU OF ALL OTHER WARRANTIES, WHETHER WRITTEN
OR ORAL, EXPRESSED OR IMPLIED. ANY IMPLIED WARRANTIES, INCLUDING
IMPLIED WARRANTIES OF MECHANTABILITY AND FITNESS FOR A SPECIFIC
PURPOSE ARE EXCLUDED.
IN NO EVENT WILL PC SOFT-TECH BE LIABLE FOR INCIDENTAL OR
CONSEQUENTIAL DAMAGES OF ANY KIND IN CONNECTION WITH THE SOFTWARE
PRODUCT.
Registered copies of THE DETECTIVE and it's LOG may be purchased
by completing the attached registration form and send it with a
check for $25.00 each for THE DETECTIVE or $45.00 each for THE
DETECTIVE plus THE DETECTIVE LOG (quantity discounts, network
pricing and site licenses also available) to PC Soft-Tech at the
address given. Purchase orders will be accepted subject at all
times to apprval of PC Soft-Tech. Terms of payment for orders
received via purchase order are "Due Net 30 days".
PC Soft-Tech shall not be liable for delays in performance
caused by riots, strikes, floods, accidents, or any other
contingency beyond its control.
Accepted orders are subject to cancellation charges to the
extent PC Soft-Tech shall be reimbursed for the cost of
reasonable expense incurred prior to the cancellation as a result
of order acceptance.
THE DETECTIVE distribution package, consisting of the program
and documentation files are copyright (c) 1990 by PC SOFT-TECH.
The author reserves the exclusive right to distribute this product,
or any part thereof, for profit.
Under NO CIRCUMSTANCES may modified versions or disassembled
versions be distributed, either for profit or in the public domain.
APPENDIX B
-- WARRANTY/DISCLAIMER/TERMS & CONDITIONS (con't)--
User's groups, clubs, libraries and clearing houses are authorized
to distribute the FREE version of THE DETECTIVE pursuant to the
following conditions:
1. No charge is made for the software or documentation. A
nominal distribution fee may be charged, provided that it
is no more that $7 total.
2. The program and documentation are distributed together and
are not modified in ANY way.
APPENDIX C
-- REGISTRATION --
Once you become a registered user of THE DETECTIVE and/or THE
DETECTIVE LOG, you will receive a new version of THE DETECTIVE
and/or THE DETECTIVE LOG which will include root directory files in
the tracking process. You will also receive the following
benefits:
o Support by phone, mail, or through our bulletin board
system. Support will only be provided to registered
users.
o Notice of significant upgrades and bug fixes. You will
be notified by mail for any such updates. There will be
no charge for updates as long as you send us a diskette
and return postage. You can also receive a free update
through our private bulletin board.
Each copy of THE DETECTIVE and THE DETECTIVE LOG is registered for
use on one computer only and a registered copy is required for each
additional computer. The price breakdown is given below:
THE DETECTIVE
plus
THE DETECTIVE THE DETECTIVE LOG
Copies Price Per Copy Price Per Copy
-------- ---------------- -------------------
1-50 $25.00 $45.00
51-100 $21.00 $40.00
101-500 $18.00 $35.00
500+ $16.00 $30.00
The price for networks $50.00 for each file server and $5.00
for each computer (node) on the network (THE DETECTIVE).
The price for networks $75.00 for each file server and $10.00 for
each computer (node) on the network (THE DETECTIVE and THE
DETECTIVE LOG).
The registered version of THE DETECTIVE can be used in commercial,
educational, and governmental institutions.
The free version of THE DETECTIVE is expressly prohibited for use
in commercial, educational, and governmental institutions except
for the purpose of evaluation.
APPENDIX C
-- REGISTRATION FORM --
Please send me a copy of the current full version of THE DETECTIVE
and/or THE DETECTIVE LOG and add me to the list of registered
users, to be eligible for support and update notices.
Computer Model: _____________________________________________
-----Quantity by diskette type-----
THE DETECTIVE _______ 5.25 in. ________ 3.5 in.
THE DETECTIVE and
THE DETECTIVE LOG _______ 5.25 in. ________ 3.5 in.
May we send you high-density diskettes? _____(yes) _____(no)
Company Name: _____________________________________________
Your Name: _____________________________________________
Title: _____________________________________________
Address: _____________________________________________
City, State, Zip: _________________________________________
Phone: _____________________________________________
Any initial comments about THE DETECTIVE products?
___________________________________________________________
___________________________________________________________
___________________________________________________________
Where did you hear about THE DETECTIVE product?
___________________________________________________________
___________________________________________________________
___________________________________________________________
May we use your comments and/or name in future literature for
THE DETECTIVE products? _____(yes) _____(no)
Send registration form and check or money order to:
PC SOFT-TECH
P.O. Box 742
Mequon, Wi. 53092
(414) 241-9119 - Voice
(414) 241-9125 - BBS (9600,N,8,1)
APPENDIX D
-- CONTROL FILE LAYOUT --
The control file can be edited with any text editor (such as
edlin) as long as the format of the file is as defined below.
We do not recommend that you change the file yourself, but
advanced users with special needs may have to do this.
The control file is a standard ASCII file with each record
terminated with a carriage return and line feed. The first
record in the file is simply a "Y" or "N" that indicates if
THE DETECTIVE should abort if files are unavailable. All
subsequent records have the following format:
Start End
Position Position Length Description
1 128 128 Path name
129 129 1 "Y" or "N" for including
sub-directories
130 132 3 1st file extension to track
133 135 3 2nd file extension to track
136 138 3 3rd file extension to track
139 141 3 4th file extension to track
142 144 3 5th file extension to track
145 147 3 6th file extension to track
148 150 3 7th file extension to track
151 153 3 8th file extension to track
154 156 3 9th file extension to track
157 159 3 10th file extension to track
160 162 3 1st file extension to CRC
163 165 3 2nd file extension to CRC
166 168 3 3rd file extension to CRC
169 171 3 4th file extension to CRC
172 174 3 5th file extension to CRC
175 177 3 6th file extension to CRC
178 180 3 7th file extension to CRC
181 183 3 8th file extension to CRC
184 186 3 9th file extension to CRC
187 189 3 10th file extension to CRC
APPENDIX E
-- SAMPLE FILES CREATED BY THE DETECTIVE --
The [cntlfile].NEW and [cntlfile].OLD Files both have the
following format:
THE DETECTIVE STARTED AT 22:08:12 ON 05/22/1989 VERSION 3.1
**Building New Base File**
Options: Abort if files unavailable: N
Path: C:\
Include sub-dirs: Y
Extensions to track: *
Extensions to CRC: EXE COM SYS OV* BAT
Path: D:\
Include sub-dirs: Y
Extensions to track: *
Extensions to CRC: EXE COM SYS OV* BAT
DIR: C:\
FILE: AUTOEXEC BAT 443 5-08-89 2:39p 5F00 6FC5
FILE: BACKUP M_U 84480 5-08-89 2:39p 0000 0000
FILE: COMMAND COM 25307 3-17-87 12:00p 56B8 D3E3
FILE: CONFIG SYS 280 5-22-89 5:04p 1BA4 4A17
FILE: DMDRVR BIN 7699 10-13-87 12:00p 0000 0000
FILE: IBMBIO COM 22100 3-18-87 12:00p 9132 07DD
FILE: IBMDOS COM 30159 3-17-87 12:00p 474C 0012
FILE: OLDBACK M_U 84480 5-08-89 2:39p 0000 0000
FILE: TO TRE 1877 5-22-89 7:09p 0000 0000
DIR: C:\A86
FILE: A86 COM 22180 7-30-88 9:35a 5575 936D
FILE: D86 COM 17386 8-01-88 4:51p 8168 BB87
FILE: EDIT BAT 13 7-25-88 4:15p F517 0696
FILE: MAKELIB BAT 48 11-11-88 12:24a 205F 0E40
DIR: C:\A86\GRAPHIC
FILE: TEST ASM 2149 10-31-88 8:19p 0000 0000
FILE: TEST COM 471 10-31-88 8:19p AC40 DF9F
FILE: TEST SYM 474 10-31-88 8:19p 0000 0000
: : : : : : : :
: : : : : : : :
DIR: D:\SOFTTECH\PROGRAMS
FILE: CUSTLIST WB 22593 5-04-88 10:07p 0000 0000
FILE: DETECLBL WB 1476 12-09-88 12:46p 0000 0000
FILE: FILEBLD WB 1295 10-04-88 10:07p 0000 0000
FILE: LABELS BAS 2378 12-04-88 3:22p 0000 0000
FILE: LABELS EXE 51686 12-09-88 12:50p D4E8 5B59
FILE: MAILLBLS WB 4160 12-04-88 4:24p 0000 0000
FILE: MAKE360 WB 1483 1-11-89 10:27a 0000 0000
FILE: MAKE720 WB 1487 1-11-89 10:28a 0000 0000
FILE: MENU WB 6161 8-14-88 7:43p 0000 0000
FILE: PRNTLABL WB 16324 5-11-89 10:09p 0000 0000
THE DETECTIVE ENDED AT 22:10:08 ON 05/22/1989
APPENDIX E
-- SAMPLE FILES CREATED BY THE DETECTIVE -- (continued)
The [cntlfile].RPT file has the following format:
THE DETECTIVE STARTED AT 21:29:06 ON 05/22/1989 VERSION 3.1
Report of differences since last run
Last run was on 05/15/1989 at 16:50:27
ADDED DIR: C:\DATABASE
ADDED FILE: DATABASE ZIP 47294 5-22-89 7:08p 0000 0000
DIRECTORY: C:\DESQVIEW
ADDED FILE: DVSETUP BAK 722 4-08-89 8:28p 0000 0000
CHANGED FILE FROM: DVSETUP DV 722 4-08-89 8:28p 0000 0000
TO: DVSETUP DV 722 5-21-89 12:44p 0000 0000
CHANGED FILE FROM: SPFCOMM PRM 828 3-22-89 10:58p 0000 0000
TO: SPFCOMM PRM 828 5-21-89 12:54p 0000 0000
DIRECTORY: C:\PS
DELETED FILE: DIRSORT COM 6292 1-21-85 3:00p 0000 0000
CHANGED FILE FROM: FILECOPY EXE 12224 3-09-89 5:02p 0000 0000
TO: FILECOPY EXE 12224 5-18-89 5:11p 0000 0000
ADDED FILE: PS01010X EXE 22304 5-22-89 3:23p 0000 0000
ADDED FILE: PS01020X EXE 9552 5-22-89 3:11p 0000 0000
CHANGED FILE FROM: TEST1 CTL Sharing Violation
TO: TEST1 CTL 260 5-22-89 5:06p 0000 0000
ADDED DIR: C:\WORK1
THE DETECTIVE ENDED AT 21:29:24 ON 05/22/1989