home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Night Owl 6
/
Night Owl's Shareware - PDSI-006 - Night Owl Corp (1990).iso
/
030a
/
autosn30.zip
/
AUTOSCAN.DOC
< prev
next >
Wrap
Text File
|
1991-03-11
|
14KB
|
328 lines
╓──╖
║ ║
║ ║ ╥ ╥ ╓─╥─╖ ╓───╖ ╓─── ╓───╖ ╓──╖ ╥┐ ╥
╓╨──╨╖ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║└┐ ║
║ ║ ║ ║ ║ ║ ║ ╙───╖ ║ ╓╨──╨╖ ║ └┐ ║
║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ └┐║
╨ ╨ ╨───╨ ╨ ╙───╜ ────╜ ╙───╜ ╨ ╨ ╨ └╨
v e r s i o n 3 . 0
Copyright (C) 1991, /\/\ountainTop Technologies
All Rights Reserved. Written by Nick Tucker.
Why the need for such a complicated algorithm?
──────────────────────────────────────────────
There was a need for a quick and easy way checking files for viruses
on BBS systems (Recent Uploads can always be a hazard, especially when
left unattended). There are many "shells" that are available, but they
are either too slow or don't work correctly. AUTOSCAN was written to
work with the McAffee SCAN program and various archiving programs.
Required Files
──────────────
PKUNZIP.EXE
PAK.EXE
PKUNPAK.EXE (or PKXARC.EXE and/or XARC.EXE)
LHARC.EXE (or ICE.EXE)
ARJ.EXE
SCAN.EXE
(All of the current versions can be obtained from my board or the support
boards).
How does it work?
─────────────────
The way it works is very simple, all it does is un-archive any ZIP, ARC,
ICE, LZH, PAK, or ARJ file into a work directory (\AUTOSN), then
use McAffee's SCAN.EXE to scan it for any virus (Since SCAN is updated
regularly, you don't have to worry about AutoScan becoming outdated or
missing any recent viruses.) If all goes well and no viruses are found,
it deletes all the "work" files and then moves onto the next file and
repeats the process.
To get going is real simple, copy AUTOSCAN.EXE into a directory in your
path ( example in AUTOEXEC.BAT:
PATH = C:\;C:\UTIL;
when AUTOSCAN.EXE is in C:\UTIL ). Change to the directory you wish to
scan, and type "AUTOSCAN".
AutoScan will then look through the Current Directory for ZIP, ARC,
ICE, PAK, LZH, ARJ and SDN files, un-archive them and scan them, if all
goes well it will proceed onto the next file. In order for everything to
work all the un-archivers should be within reach upon the currect path,
PKUNPAK.EXE, PKUNZIP.EXE, LHARC.EXE, ICE.EXE, PAK.EXE, ARJ.EXE and, most
importantly, SCAN.EXE. If any of the un-archivers are not found that
section will not execute, you don't need them all to run AUTOSCAN,
however if SCAN.EXE is not located the program will halt.
AutoScan will keep a detailed log of it's activities in the same
directory that contains AUTOSCAN.EXE appropriately named AUTOSCAN.LOG.
If it already exists, new information will be appended to it.
"What if?" he said
──────────────────
What if there is an archive within an archive? AutoScan will detect if there
are any archives within archives - to any level and any combination of
archive types. If an error is located in a "sub archive" that name is placed
in the log along with the main archive name and what the error was - Virus
or bad archive.
About ARC
─────────
AutoScan supports most major ARC type archivers, PKPAK, PKARC and the SEA
ARC7, it can tell the difference between the three and will use the
appropriate archiver to un-archive the file. If AutoScan detects a file
generated by the ARC7 archiver and XARC is not available that file will be
skipped, however if XARC is found and PkPak or PkArc isn't, AutoScan will
attempt to use ARC7 for the Arc type unarchiver.
About PAK
─────────
AutoScan, when examining a PAK archive, will only un-archive the type 10
compression (Crushed) and the type 11 compression (Distilled).
COMMAND LINE OPTIONS
────────────────────
AUTOSCAN /S
If you wish to have your Hardrive scanned as well put a /S on the command
line. Drives C: through H: will be scanned if they exist. Only EXE, COM,
SYS, PIF and OVR files will be checked.
AUTOSCAN /Q
When AutoScan finishes it sounds a two tone bell a few times, or in the
case of a VIRUS, many times! If you wish to run it in the QUIET MODE put
a /Q on the command line.
AUTOSCAN /C
This will trick AutoScan into thinking that there is a virus, and will do
the following:
1. Rename the archive to .BAD
2. Exit at an errorlevel of 1
You must have an archive in the current directory (ALONG WITH CHECK.EXE)
to use this. You may use no other command line options.
AUTOSCAN /R
AutoScan will rescan all files archives. This option is as if you had
deleted AutoScan.Dat, which is exactly what AutoScan does.
AUTOSCAN /M
AutoScan will instruct Scan.exe not to scan RAM at all. Without this option
RAM will be scanned only on the first pass or if a virus was found RAM will
be scanned again.
AUTOSCAN /O
To scan a single file. This will not enter the name into AUTOSCAN.DAT, or
even check to see if it has been processed before. Just a quick and dirty
scan. IE: AUTOSCAN /OTEST.ZIP
A path and file name can be specified, sorry no wildcards.
AUTOSCAN /F
This will instruct AutoScan to reboot the machine once all operations have
been completed, a five (5) second count down can be aborted by pressing any
key. This feature is usefull if you are doing an entire drive scan and don't
want to sit around watching it run, when it's done it will reboot and bring
up your BBS or Menu system if you have one.
AUTOSCAN /N * - Registered Version.
This will instruct AutoScan to check for Bad Archives ONLY, only use this
option if you are sure the file is free of Virus's.
AUTOSCAN /A * - Registered Version.
AUTOSCAN will search the ENTIRE DRIVE for archives and scan them. AUTOSCAN
will not update the AUTOSCAN.DAT or check to see if the file has been
processed. IE: AUTOSCAN /AC: If no drive is specified the default is used.
AUTOSCAN /T * - Registered Version.
This will instruct AutoScan to check the size, time and date of the archive.
If it has changed, the archive will be rescanned. If you run AutoScan from a
BBS to check any recent uploads you might not want to use this option. If you
add ZIP comments to a file, it will obviously change the file size and cause
AutoScan to rescan it.
AUTOSCAN /D * - Registered Version.
With this option you can specify the directory to scan on the command line.
IE: AutoScan /DF:\WORK . Any files in the F:\WORK directory will be scanned.
AUTOSCAN /I * - Registered Version.
All this does is supress the blue or red box upon completion, the same info
is written to the screen in a "normal manner".
AUTOSCAN /B * - Registered Version.
To direct AutoScan to place any .BAD files in a specified directory.
IE: AUTOSCAN /BC:\BADFILES where C:\BADFILES is the directory.
All command line options must be seperated by a space and they may be in
any order you wish.
AUTOSCAN /Q /R /BC:\BADFILES /I /DE:\RECENT
This would cause AUTOSCAN to run in Quiet Mode (/Q), rescan all files (/R),
copy all .BAD files to C:\BADFILES (/B), supress the ending screen (/I),
and examine the directory E:\RECENT (/D). The Command line is limited to
80 characters so keep those paths small!!
AUTOSCAN.CFG
────────────
Included in the Archive is a file called AutoScan.Cfg. In this file you can
set certain default settings for AutoScan. Edit this file with an ASCII editor
to suit your liking. If you wish to use different config files you can specify
the name on the command line with the /K option.
AUTOSCAN /KC:\AUTOCFG.CFG would cause AutoScan to use the Autocfg.Cfg file
in the root directory of drive C:. This option MUST BE THE FIRST OPTION
otherwise it will be ignored. You can add further options on the command line
after the /k option, IE: AutoScan /KC:\AUTOCFG.CFG /R /I .
HELP and SCAN.EXE
─────────────────
For help on the fly type AUTOSCAN ? and it will display some information
about itself.
In order for AutoScan to detect all known virus's you must keep your
version of SCAN.EXE as current as possible. AutoScan is only as good
as the Scanner it uses. SCAN.EXE can be found on most good bulletin
boards in your area.
*.BAD
─────
If AutoScan comes across a bad archive or a virus that file will be
renamed to "filename".BAD and make a note in the log indicating which
file is SUSPECT of being bad. If a file is flagged as being bad you
might want to examine it manually to see why. If the /B option was used
that file would be copied to the specified directory.
NEWLIST.TXT
───────────
As AutoScan runs it generates a file called NEWLIST.TXT. In this file it
will place the names of any new files that it has just processed. If you
have an archive commenter that can use this file then please do. I am in
the process of writing one for ZIP files and it should be released soon.
F10 - ABORT
───────────
While AutoScan is running pressing F10 will cause AutoScan to abort the
current session. AutoScan will only stop once the current file has been
finished and the work files have all been deleted. AutoScan will report on
the current status of it's operation and further runnings of AutoScan will
just pick up where it left off. AutoScan will exit on an ERRORLEVEL of 0
in this case.
AUTOSCAN.DAT
────────────
Once AutoScan has completed its operations it will update a file called
AUTOSCAN.DAT, this file contains a list of files that have already been
scanned. For sysops, this makes it possible to run AutoScan after users
have logged off the BBS, and if any new files were uploaded, they get
scanned right away and removed from circulation if needed.
The Naughty Bits
────────────────
Each time AutoScan starts up it checks it's own size and CRC, and if it
has changed, it will terminate with a nasty message. AutoScan will also
check disk space each time it starts up. If the amount of disk space left
is less than 150% of the archive size AutoScan will exit on a ErrorLevel 1.
Errorlevels
───────────
AutoScan will exit on one of 5 DOS ErrorLevels..
ErrorLevel 0 - New Files found and processed.
ErrorLevel 1 - SCAN.EXE missing / No Disk Space /
AUTOSCAN.EXE infected / File Error.
Errorlevel 2 - No New Files.
ErrorLevel 3 - Bad Archive, Renamed to .BAD.
ErrorLevel 4 - VIRUS, Renamed to .BAD.
What In?
────────
AUTOSCAN is written in Turbo Pascal 6.0 and some routines are from
the TechnoJock Turbo Toolkit V5.02 (excellent package if your a TP 4/5/6
programmer).
AUTOSCAN uses many "outside" programs, without which AUTOSCAN would not
function. Please show your appreciation and register these fine programs.
What If?
────────
If AUTOSCAN does report that SCAN.EXE found a virus, what do I do? Either
contact McAffee Associates, and they can guide you through getting rid of
the virus, or you can run SCAN.EXE manually with a /D on the command line.
SCAN /D will delete any file found with a virus. Also Mace Utilities 1990
and CLEANPxx.ZIP will get rid of any viruses after they are detected.
The key to virus protection is that ugly word "BACKUP"! Always backup any
critical files that you may have.
The Best
────────
This program would not be possible without the creation of these fine
programs:
PKZip / PKPak - PKWare / Phil Katz - PKZ110.EXE
PAK - NoGate Programming - PAK251.EXE
ARC,XARC - System Enhancement Associates - N/A
Lharc (LZH) - Yoshi - LH114B.EXE
Turbo Pascal - Borland Corporation - N/A
5.5 / 6.0
TechnoJock - TechonoJock Software - TTT502.ZIP
5.02
SCAN - McAffee Associates - SCANV72.ZIP
The Rest
────────
AutoScan is distributed under the Shareware concept, and you are given a
LIMITED contract to use AutoScan. You may use it free of charge for a
period of THIRTY (30) DAYS, and then you must register it. There is a
registration fee of $10.00 US dollars ($15.00 Canadian) which will entitle
you to the next version of AutoScan. See REGISTER.NOW for more details. A
lot of work has gone into creating this program, and if you would like to
see it continue, please contribute.
The author shall not be held responsible for any hardware or software damage
associated. You are using this program at your own risk.
You are NOT allowed to distribute this program for any money, but are able
to distribute it for fee but only for the amount of the disk and/or the
price of postage.
Final Word
──────────
Thank you to everyone who helped out with the nasty task of debugging
this thing...THANKS! THANKS! THANKS!...
Thanks to Eric Boehm for putting the seed to this program in my head and
testing many different versions in the same day!
Thanks to all those in the Pascal Echo who help me with some of the
stranger points in this program. You can always find me in there!
Thanks to Josh for help with these docs..
My Beta testers:
Josh Linder, Rich Lowenburg, Bob Moravsik (The infamous!!!) and Eric
Boehm and all the others who moaned about the Runtime Error 5 and 6
of Version 2.0!.
Where to find me
────────────────
Somewhere in the FidoNet Pascal Echo.
or my mailing address:
/\/\ountainTop Technologies
91 Sage Court
Bedminster NJ, 07921 USA
ATTN: Nick Tucker..
Thank you for using /\/\ountainTop Technologies for you computing needs.
We offer a full line of software packages, write for details...