home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Night Owl 6
/
Night Owl's Shareware - PDSI-006 - Night Owl Corp (1990).iso
/
030a
/
vchk203.zip
/
VIRUSCHK.LJ2
< prev
next >
Wrap
Text File
|
1991-07-16
|
30KB
|
299 lines
&l8c0e66F&aR&l0O
(10U(s0p10h12v0s0b3T*p+255Y*p+79Y(10U(s0p10h12v0s0b3T *p1095XViruschk
*p+50Y(10U(s0p10h12v0s0b3T *p1035XVersion 2.03
*p+50Y(10U(s0p10h12v0s0b3T SSgt Jon Freivald, USMC
*p+50Y(10U(s0p10h12v0s0b3T *p1035XTurboC++ 1.0
*p+50Y(10U(s0p10h12v0s0b3T Copyright 1991, 1st Marine Corps District
*p+50Y(10U(s0p10h12v0s0b3T *p915XAll Rights Reserved.
*p+150Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TLICENSING INFORMATION:
*p+150Y(10U(s0p10h12v0s1b3T (10U(s0p10h12v0s0b3TViruschk is distributed as freeware. It may be distributed
*p+50Y(10U(s0p10h12v0s0b3T freely as long as there is no fee charged for it or it's
*p+50Y(10U(s0p10h12v0s0b3T distribution. Viruschk must be distributed as a complete
*p+50Y(10U(s0p10h12v0s0b3T package, containing all of the files contained in the file
*p+50Y(10U(s0p10h12v0s0b3T readme.1st. Viruschk may not be distributed as a feature with
*p+50Y(10U(s0p10h12v0s0b3T any other software package without the prior written permission
*p+50Y(10U(s0p10h12v0s0b3T of 1st Marine Corps District. There is no fee for registration,
*p+50Y(10U(s0p10h12v0s0b3T however, if you register as a user, you will be placed on
*p+50Y(10U(s0p10h12v0s0b3T distribution for future updates. Refer to the notes section for
*p+50Y(10U(s0p10h12v0s0b3T further information on how to register.
*p+150Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TWHAT IT IS:
*p+150Y(10U(s0p10h12v0s1b3T (10U(s0p10h12v0s0b3TThe use of McAfee's Viruscan (scan.exe) on all USMC systems is
*p+50Y(10U(s0p10h12v0s0b3T mandated by CMC/CCI msg R 220032Z OCT 90 ZY3.(10U(s0p10h12v0s1b3T Viruschk(10U(s0p10h12v0s0b3T is a
*p+50Y(10U(s0p10h12v0s0b3T "shell" or "watchdog" for McAfee's scan.exe. It also displays the
*p+33Y(10U(s0p10h12v0s0b3T (10U(s0p16.66h8.5v0s0b0T1
*p+17Y(10U(s0p16.66h8.5v0s0b0T *p240X(10U(s0p10h12v0s0b3Twarning screen mandated by USMC security regulations*p1818X. If a
*p+50Y(10U(s0p10h12v0s0b3T virus condition is found, it will lock up the user's system and
*p+50Y(10U(s0p10h12v0s0b3T with a loud tone and unmistakable screen, alert them to the
*p+50Y(10U(s0p10h12v0s0b3T infected condition! It is highly recommended that you also use
*p+50Y(10U(s0p10h12v0s0b3T the Vshield program (also by McAfee) - especially if you use the
*p+50Y(10U(s0p10h12v0s0b3T option to limit scanning to once a week. Please refer to the
*p+50Y(10U(s0p10h12v0s0b3T referenced message for further guidance regarding use of the
*p+50Y(10U(s0p10h12v0s0b3T McAfee virus prevention software. This documentation does not
*p+50Y(10U(s0p10h12v0s0b3T cover all policy set forth in the message, nor does it intend to
*p+50Y(10U(s0p10h12v0s0b3T be taken as a statement of policy.
*p+150Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TSYSTEM REQUIREMENTS:
*p+150Y(10U(s0p10h12v0s1b3T (10U(s0p10h12v0s0b3To IBM PC, PC/XT, PC/AT, PS/2 or 100% compatible computer
*p+100Y(10U(s0p10h12v0s0b3T o 384K RAM
*p+100Y(10U(s0p10h12v0s0b3T o a hard disk with one or more DOS partitions
*p+114Y(10U(s0p10h12v0s0b3T (10U(s0p16.66h8.5v0s0b0T____________________________________________________________________________________________________________
(10U(s0p16.66h8.5v0s0b0T *p2172X_
*p+64Y(10U(s0p16.66h8.5v0s0b0T *p240X1. For non USMC users, you can make this a welcome screen, display a corporate message, etc, or you can
*p+38Y(10U(s0p16.66h8.5v0s0b0T *p294Xeliminate it all together. The content of the screen file is irrelevant to the operation of the program.
*p+38Y(10U(s0p16.66h8.5v0s0b0T *p294XThe file should only be one screen long, or it will scroll before the first part can be read.
(10U(s0p16.66h8.5v0s0b0T*p+255Y*p+79Y(10U(s0p16.66h8.5v0s0b0T (10U(s0p10h12v0s0b3To DOS version 2.0 or higher
*p+100Y(10U(s0p10h12v0s0b3T o DOS version 3.0 or higher for the integrity self-check
*p+100Y(10U(s0p10h12v0s0b3T o McAfee & Associates Viruscan (scan.exe) version 7.2V77 or
*p+50Y(10U(s0p10h12v0s0b3T higher.
*p+150Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3THOW TO INSTALL IT:
*p+150Y(10U(s0p10h12v0s1b3T (10U(s0p10h12v0s0b3TTo install Viruschk, proceed as follows:
*p+100Y(10U(s0p10h12v0s0b3T Make a directory on the c: drive named "security" (this is CMC
*p+50Y(10U(s0p10h12v0s0b3T mandated and hard-coded into Viruschk).
*p+100Y(10U(s0p10h12v0s0b3T Copy the following files into c:\security:
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3Tviruschk.com
*p+100Y(10U(s0p10h12v0s1b3T scan.exe(10U(s0p10h12v0s0b3T *p727X(This should be the latest version supplied
*p+50Y(10U(s0p10h12v0s0b3T *p727Xthrough official channels. It(10U(s0p10h12v0s1b3T *MUST*(10U(s0p10h12v0s0b3T be version
*p+50Y(10U(s0p10h12v0s0b3T *p727X7.2V77 or higher.)
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3Twarning(10U(s0p10h12v0s0b3T *p727X(This screen may be modified to suit your
*p+50Y(10U(s0p10h12v0s0b3T *p727Xorganization with any ANSI editor such as
*p+50Y(10U(s0p10h12v0s0b3T *p727X"TheDraw", or you can substitute it with any
*p+50Y(10U(s0p10h12v0s0b3T *p727XANSI/ASCII screen of your choice, as long as it
*p+50Y(10U(s0p10h12v0s0b3T *p727Xis named "warning". If you are not a USMC user,
*p+50Y(10U(s0p10h12v0s0b3T *p727Xit may be omitted all together.)
*p+100Y(10U(s0p10h12v0s0b3T Add the line "c:\security\viruschk" to the beginning of the
*p+50Y(10U(s0p10h12v0s0b3T user's autoexec.bat file. This line should normally be the first
*p+33Y(10U(s0p10h12v0s0b3T (10U(s0p16.66h8.5v0s0b0T2
*p+17Y(10U(s0p16.66h8.5v0s0b0T *p240X(10U(s0p10h12v0s0b3Tline of the autoexec.bat *p1008X& should ALWAYS be before the user can
*p+50Y(10U(s0p10h12v0s0b3T login to the network.
*p+150Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TWHAT IT DOES:
*p+150Y(10U(s0p10h12v0s1b3T (10U(s0p10h12v0s0b3TViruschk first checks the DOS version being run on the machine.
*p+50Y(10U(s0p10h12v0s0b3T If it is version 3.0 or higher, it performs an integrity check on
*p+50Y(10U(s0p10h12v0s0b3T itself. ANY modification (manual tampering, "pklite"
*p+50Y(10U(s0p10h12v0s0b3T compression, a virus, etc) will cause the virus warning screen to
*p+50Y(10U(s0p10h12v0s0b3T display and the system to lock up. If the DOS is less than
*p+50Y(10U(s0p10h12v0s0b3T version 3.0, a message is displayed stating that the self-check
*p+50Y(10U(s0p10h12v0s0b3T cannot be performed.
*p+138Y(10U(s0p10h12v0s0b3T (10U(s0p16.66h8.5v0s0b0T____________________________________________________________________________________________________________
(10U(s0p16.66h8.5v0s0b0T *p2172X_
*p+64Y(10U(s0p16.66h8.5v0s0b0T *p240X2. If you use Zenith DOS with manual partition assignment, make sure that you place the asgnpart command
*p+38Y(10U(s0p16.66h8.5v0s0b0T *p294XBEFORE Viruschk or the additional partitions will not get scanned!
*p+76Y(10U(s0p16.66h8.5v0s0b0T *p294XIf your system does not have an internal clock/calendar, the DOS date command should be in the
*p+38Y(10U(s0p16.66h8.5v0s0b0T *p294Xautoexec.bat prior to the viruschk line.
*p+171Y(10U(s0p16.66h8.5v0s0b0T *p1140X(10U(s0p10h12v0s0b3T- 2 -
(10U(s0p10h12v0s0b3T*p+255Y*p+79Y(10U(s0p10h12v0s0b3T It then checks the command line. The following command line
*p+50Y(10U(s0p10h12v0s0b3T options are valid:
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3Tdisplay(10U(s0p10h12v0s0b3T *p727Xshows the "lockup" screen & plays a snippet of
*p+50Y(10U(s0p10h12v0s0b3T *p727Xthe warning tones - no scan is performed and the
*p+50Y(10U(s0p10h12v0s0b3T *p727Xwarning screen is not displayed (this is
*p+50Y(10U(s0p10h12v0s0b3T *p727Xincluded for demo purposes only!)
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TMon(10U(s0p10h12v0s0b3T *p727XExecutes scan.exe on Monday only
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TTue(10U(s0p10h12v0s0b3T *p727XExecutes scan.exe on Tuesday only
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TWed(10U(s0p10h12v0s0b3T *p727XExecutes scan.exe on Wednesday only
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TThu(10U(s0p10h12v0s0b3T *p727XExecutes scan.exe on Thursday only
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TFri(10U(s0p10h12v0s0b3T *p727XExecutes scan.exe on Friday only
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TSat(10U(s0p10h12v0s0b3T *p727X* Executes scan.exe on Saturday only
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TSun(10U(s0p10h12v0s0b3T *p727X* Executes scan.exe on Sunday only
*p+100Y(10U(s0p10h12v0s0b3T *p727X* = NOT ALLOWED ON USMC SYSTEMS - these options
*p+50Y(10U(s0p10h12v0s0b3T *p727Xare only included for those who wish to use this
*p+50Y(10U(s0p10h12v0s0b3T *p727Xprogram on their private systems.
*p+100Y(10U(s0p10h12v0s0b3T If no command line (or one not listed above) argument is given,
*p+50Y(10U(s0p10h12v0s0b3T scan.exe will be executed every day. The command line arguments
*p+50Y(10U(s0p10h12v0s0b3T MUST be typed exactly as they are above (i.e., "mon" is not
*p+50Y(10U(s0p10h12v0s0b3T equivalent to "Mon").
*p+100Y(10U(s0p10h12v0s0b3T If scan.exe is to be executed, Viruschk will then build a table
*p+50Y(10U(s0p10h12v0s0b3T of all valid hard drives for the system. It will then execute
*p+50Y(10U(s0p10h12v0s0b3T scan.exe with the proper parameters to scan all the drives. If
*p+50Y(10U(s0p10h12v0s0b3T scan.exe is not to be executed that day, this step will be
*p+50Y(10U(s0p10h12v0s0b3T skipped.
*p+100Y(10U(s0p10h12v0s0b3T If scan.exe is to be executed, and this is the first time for
*p+50Y(10U(s0p10h12v0s0b3T this particular day, scan will be executed with the "/NOBREAK"
*p+50Y(10U(s0p10h12v0s0b3T parameter - this will force a complete scan at least once each
*p+50Y(10U(s0p10h12v0s0b3T (selected) day. If this is a subsequent run, the "/NOBREAK"
*p+50Y(10U(s0p10h12v0s0b3T parameter will be omitted, allowing the user to press <Ctrl><C>
*p+50Y(10U(s0p10h12v0s0b3T or <Ctrl><Break> to bypass the scanning process. The first run
*p+50Y(10U(s0p10h12v0s0b3T force is controlled by a control file. This is a 4 byte file
*p+50Y(10U(s0p10h12v0s0b3T named "c:\security\viruschk.lrd". This file will be created the
*p+50Y(10U(s0p10h12v0s0b3T first time the program is run and will be re-created
*p+50Y(10U(s0p10h12v0s0b3T automatically if it is deleted.
*p+100Y(10U(s0p10h12v0s0b3T The control file is updated to reflect the current date AFTER the
*p+50Y(10U(s0p10h12v0s0b3T forced scan. If the system is rebooted during the scan, the scan
*p+50Y(10U(s0p10h12v0s0b3T will again be forced. This will continue until the scan
*p+50Y(10U(s0p10h12v0s0b3T completes and the control file is updated.
*p+255Y*p+20Y(10U(s0p10h12v0s0b3T - 3 -
(10U(s0p10h12v0s0b3T*p+255Y*p+79Y(10U(s0p10h12v0s0b3T Viruschk will then display the file "warning" for a period of 30
*p+50Y(10U(s0p10h12v0s0b3T seconds if it exists. You will only get this far if one of the
*p+50Y(10U(s0p10h12v0s0b3T following two conditions are met:
*p+100Y(10U(s0p10h12v0s0b3T 1. scan.exe is not to be run that day
*p+50Y(10U(s0p10h12v0s0b3T 2. scan.exe ran successfully and did not find any
*p+50Y(10U(s0p10h12v0s0b3T viruses
*p+100Y(10U(s0p10h12v0s0b3T After the 30 second delay, control will release back to DOS and
*p+50Y(10U(s0p10h12v0s0b3T the user's system can continue running it's autoexec.bat file.
*p+50Y(10U(s0p10h12v0s0b3T The user can bypass the delay by pressing a key. A countdown
*p+50Y(10U(s0p10h12v0s0b3T timer informs you of how much longer you have to wait if you
*p+50Y(10U(s0p10h12v0s0b3T don't press a key. The warning screen will display every day,
*p+50Y(10U(s0p10h12v0s0b3T regardless of command line arguments (except "display" which is
*p+50Y(10U(s0p10h12v0s0b3T not for general use anyway...). If the file c:\security\warning
*p+50Y(10U(s0p10h12v0s0b3T does not exist, nothing will be displayed, and there will be no
*p+50Y(10U(s0p10h12v0s0b3T delay before the program exits.
*p+255Y*p+255Y*p+255Y*p+255Y*p+255Y*p+255Y*p+255Y*p+240Y(10U(s0p10h12v0s0b3T - 4 -
(10U(s0p10h12v0s0b3T*p+255Y*p+79Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TWHAT WILL TRIGGER IT:
*p+150Y(10U(s0p10h12v0s1b3T (10U(s0p10h12v0s0b3TOne of five conditions will cause viruschk to lock up the user's
*p+50Y(10U(s0p10h12v0s0b3T system:
*p+100Y(10U(s0p10h12v0s0b3T 1. Viruschk.exe finds any type of modification has
*p+50Y(10U(s0p10h12v0s0b3T occurred to itself (indicating either manual tampering or a
*p+50Y(10U(s0p10h12v0s0b3T virus).
*p+50Y(10U(s0p10h12v0s0b3T 2. Scan.exe was not in the c:\security directory or could
*p+50Y(10U(s0p10h12v0s0b3T not be executed.
*p+50Y(10U(s0p10h12v0s0b3T 3. Scan.exe found viruses present on the system.
*p+50Y(10U(s0p10h12v0s0b3T 4. Scan.exe exited with an error code.
*p+50Y(10U(s0p10h12v0s0b3T 5. Your version of scan.exe is not at least 7.2V77.
*p+100Y(10U(s0p10h12v0s0b3T Given any of the 5 conditions, we do not want the user to be able
*p+50Y(10U(s0p10h12v0s0b3T to proceed and use his system (possibly spreading a virus..!), so
*p+50Y(10U(s0p10h12v0s0b3T viruschk sounds a warning tone on the PC's speaker & displays a
*p+50Y(10U(s0p10h12v0s0b3T screen leaving the user no doubt about the fact that a virus has
*p+50Y(10U(s0p10h12v0s0b3T been encountered (even though that is but one of five possible
*p+50Y(10U(s0p10h12v0s0b3T exit codes). The user's system will now be locked - the only
*p+50Y(10U(s0p10h12v0s0b3T keystrokes that will have any effect is <Ctrl><Alt><Del> and (if
*p+50Y(10U(s0p10h12v0s0b3T you have a Zenith system) <Ctrl><Alt><Ins> (so that you can boot
*p+50Y(10U(s0p10h12v0s0b3T from a write protected floppy disk and remedy the problem).
*p+100Y(10U(s0p10h12v0s0b3T For a demo of the warning screen type:
*p+100Y(10U(s0p10h12v0s0b3T viruschk display
*p+100Y(10U(s0p10h12v0s0b3T when display is on the command line, scan will not be executed,
*p+50Y(10U(s0p10h12v0s0b3T nor will warning be displayed - this is for admin demo use only.
*p+255Y*p+255Y*p+255Y*p+255Y*p+255Y*p+50Y(10U(s0p10h12v0s0b3T - 5 -
(10U(s0p10h12v0s0b3T*p+255Y*p+79Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TRETURN CODES:
*p+150Y(10U(s0p10h12v0s1b3T (10U(s0p10h12v0s0b3TViruschk will set the DOS errorlevel upon exit. You can use the
*p+50Y(10U(s0p10h12v0s0b3T DOS batch command "if errorlevel" to check these codes and take
*p+50Y(10U(s0p10h12v0s0b3T conditional action if desired. The following is a list of the
*p+50Y(10U(s0p10h12v0s0b3T codes & their significance:
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T0(10U(s0p10h12v0s0b3T *p727XViruschk ran uninterrupted to completion of the
*p+50Y(10U(s0p10h12v0s0b3T *p727Xdelay countdown or the "display" command line
*p+50Y(10U(s0p10h12v0s0b3T *p727Xoption was used.
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T1(10U(s0p10h12v0s0b3T *p727XA keystroke was pressed to bypass the delay.
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T2(10U(s0p10h12v0s0b3T *p727XThe file c:\security\warning was not found
*p+50Y(10U(s0p10h12v0s0b3T *p727X(therefore no display or delay).
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T3(10U(s0p10h12v0s0b3T *p727XWarning was present, but the program was unable
*p+33Y(10U(s0p10h12v0s0b3T *p1117X(10U(s0p16.66h8.5v0s0b0T3
*p+17Y(10U(s0p16.66h8.5v0s0b0T *p727X(10U(s0p10h12v0s0b3Tto display it*p1135X.
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T100(10U(s0p10h12v0s0b3T *p727XYou errantly obtained a copy of the program that
*p+50Y(10U(s0p10h12v0s0b3T *p727Xdoes not have the anti-virus information
*p+50Y(10U(s0p10h12v0s0b3T *p727Ximbedded in it. This copy should not have been
*p+50Y(10U(s0p10h12v0s0b3T *p727Xdistributed and will not run with DOS 3.0 or
*p+50Y(10U(s0p10h12v0s0b3T *p727Xhigher.
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T255(10U(s0p10h12v0s0b3T *p727XThe DOS version being run is less than version
*p+50Y(10U(s0p10h12v0s0b3T *p727X2.0. Viruschk requires at least version 2.0 to
*p+50Y(10U(s0p10h12v0s0b3T *p727Xrun and at least 3.0 to perform it's self-check.
*p+150Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TCOMMON PROBLEMS/REMEDIES:
*p+150Y(10U(s0p10h12v0s1b3T (10U(s0p10h12v0s0b3T1. Scan.exe cannot execute - Viruschk locks up system -
*p+50Y(10U(s0p10h12v0s0b3T scan.exe will execute when invoked manually.
*p+100Y(10U(s0p10h12v0s0b3T a. Memory - scan.exe requires 256K of RAM. Adding the
*p+50Y(10U(s0p10h12v0s0b3T overhead of Viruschk brings system requirements up
*p+50Y(10U(s0p10h12v0s0b3T to 384K. It doesn't actually require that much, but
*p+50Y(10U(s0p10h12v0s0b3T that is the next step up from 256K.
*p+100Y(10U(s0p10h12v0s0b3T b. Location - scan.exe MUST be located in C:\SECURITY.
*p+50Y(10U(s0p10h12v0s0b3T Because this location was mandated by CMC, it has
*p+50Y(10U(s0p10h12v0s0b3T been hard-coded into Viruschk. If it cannot
*p+50Y(10U(s0p10h12v0s0b3T execute the program c:\security\scan.exe, it is
*p+50Y(10U(s0p10h12v0s0b3T considered an error & the lock up is initiated on
*p+50Y(10U(s0p10h12v0s0b3T purpose. This prevents a virus from planting a
*p+50Y(10U(s0p10h12v0s0b3T trojan "scan" elsewhere in your path and having it
*p+50Y(10U(s0p10h12v0s0b3T executed by Viruschk.
*p+102Y(10U(s0p10h12v0s0b3T (10U(s0p16.66h8.5v0s0b0T____________________________________________________________________________________________________________
(10U(s0p16.66h8.5v0s0b0T *p2172X_
*p+64Y(10U(s0p16.66h8.5v0s0b0T *p240X3. This condition should **p710XN*p730XE*p750XV*p770XE*p790XR*p810X* *p848Xhappen! If it does, please contact me because I'm interested in knowing
(10U(s0p16.66h8.5v0s0b0T *p692X**p712XN*p732XE*p752XV*p772XE*p792XR*p812X*
*p+38Y(10U(s0p16.66h8.5v0s0b0T *p294Xif this can actually happen.
*p+171Y(10U(s0p16.66h8.5v0s0b0T *p1140X(10U(s0p10h12v0s0b3T- 6 -
(10U(s0p10h12v0s0b3T*p+255Y*p+79Y(10U(s0p10h12v0s0b3T c. Version - starting with Viruschk version 2.01c,
*p+50Y(10U(s0p10h12v0s0b3T Viruscan (scan.exe) 7.2V77 is the minimum version
*p+50Y(10U(s0p10h12v0s0b3T required.
*p+100Y(10U(s0p10h12v0s0b3T 2. My warning screen comes out looking like a bunch of
*p+50Y(10U(s0p10h12v0s0b3T jumbled garbage.
*p+100Y(10U(s0p10h12v0s0b3T a. Most likely your screen was done in ANSI graphics
*p+50Y(10U(s0p10h12v0s0b3T and you do not have ansi.sys loaded. Insure that
*p+50Y(10U(s0p10h12v0s0b3T your config.sys file contains a line something to
*p+50Y(10U(s0p10h12v0s0b3T the effect of "device=c:\dos\ansi.sys". If it does
*p+50Y(10U(s0p10h12v0s0b3T not, add the line (make sure you give the correct
*p+50Y(10U(s0p10h12v0s0b3T path to ansi.sys), then reboot your system.
*p+255Y*p+255Y*p+255Y*p+255Y*p+255Y*p+255Y*p+255Y*p+255Y*p+185Y(10U(s0p10h12v0s0b3T - 7 -
(10U(s0p10h12v0s0b3T*p+255Y*p+79Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TNOTES:
*p+150Y(10U(s0p10h12v0s1b3T (10U(s0p10h12v0s0b3TThe author can be contacted to register or for support in
*p+50Y(10U(s0p10h12v0s0b3T the following ways:
*p+100Y(10U(s0p10h12v0s0b3T Commanding Officer
*p+50Y(10U(s0p10h12v0s0b3T Headquarters, 1st Marine Corps District (ISMO)
*p+50Y(10U(s0p10h12v0s0b3T 605 Stewart Avenue
*p+50Y(10U(s0p10h12v0s0b3T Garden City, NY 11530
*p+50Y(10U(s0p10h12v0s0b3T ATTN: SSgt Freivald
*p+100Y(10U(s0p10h12v0s0b3T Commercial phone - (516) 228-5635
*p+50Y(10U(s0p10h12v0s0b3T Autovon phone - 994-5635
*p+50Y(10U(s0p10h12v0s0b3T ELMS/MCDN - bk1md4:gisnad05
*p+50Y(10U(s0p10h12v0s0b3T Compuserve - 70274,666
*p+50Y(10U(s0p10h12v0s0b3T Internet - 70274.666@compuserve.com
*p+50Y(10U(s0p10h12v0s0b3T Prodigy - ktfp55a
*p+50Y(10U(s0p10h12v0s0b3T BBS - (516) 483-5841 (8,N,1 - 300-2400,9600 HST)
*p+100Y(10U(s0p10h12v0s0b3T I wrote this program to take care of two CMC mandates for
*p+50Y(10U(s0p10h12v0s0b3T the users of our network as transparently as possible. It has
*p+50Y(10U(s0p10h12v0s0b3T also been implemented on all of our remote/stand-alone systems.
*p+50Y(10U(s0p10h12v0s0b3T Those mandates are the access warning screen on system startup
*p+50Y(10U(s0p10h12v0s0b3T and the scanning of all hard drives at least once a week.
*p+100Y(10U(s0p10h12v0s0b3T Please contact me ASAP if you have any problems with this
*p+50Y(10U(s0p10h12v0s0b3T program. We have tested it on over 90 systems here at 1st
*p+50Y(10U(s0p10h12v0s0b3T District, but our configurations are pretty standard, so I can't
*p+50Y(10U(s0p10h12v0s0b3T GUARANTEE that it will run properly on ALL systems (although I
*p+50Y(10U(s0p10h12v0s0b3T believe it will).
*p+100Y(10U(s0p10h12v0s0b3T I am also open to comments and suggestions for
*p+50Y(10U(s0p10h12v0s0b3T improvements. Having reached this stage, updates are not very
*p+50Y(10U(s0p10h12v0s0b3T high on the priority list, but I will definitely entertain them.
*p+50Y(10U(s0p10h12v0s0b3T I may also be willing to produce custom versions for specific
*p+50Y(10U(s0p10h12v0s0b3T requirements. This will depend on what they are (the amount of
*p+50Y(10U(s0p10h12v0s0b3T work involved), requested delivery deadlines, and my current
*p+50Y(10U(s0p10h12v0s0b3T workload here at 1st District.
*p+100Y(10U(s0p10h12v0s0b3T If you would like to be placed on distribution for any
*p+50Y(10U(s0p10h12v0s0b3T future updates, simply drop me a message (either US Mail or
*p+50Y(10U(s0p10h12v0s0b3T Electronic Mail) with your name, unit, address (E-Mail!?), etc...
*p+50Y(10U(s0p10h12v0s0b3T Be sure to mention Viruschk, as I maintain distribution lists for
*p+50Y(10U(s0p10h12v0s0b3T a number of programs & want to be sure to get you on the right
*p+50Y(10U(s0p10h12v0s0b3T list..! Also, please mention the version that you currently
*p+50Y(10U(s0p10h12v0s0b3T have.
*p+255Y*p+255Y*p+15Y(10U(s0p10h12v0s0b3T - 8 -
(10U(s0p10h12v0s0b3T*p+255Y*p+79Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3TREVISION HISTORY:
*p+150Y(10U(s0p10h12v0s1b3T (10U(s0p10h12v0s1b3T2.03(10U(s0p10h12v0s0b3T *p727XFixed a bug that would cause a divide error with
*p+50Y(10U(s0p10h12v0s0b3T *p727Xprogram termination if a RAM Drive or hard disk
*p+50Y(10U(s0p10h12v0s0b3T *p727Xpartition was smaller than one meg or had less
*p+50Y(10U(s0p10h12v0s0b3T *p727Xthan one meg free.
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T2.02(10U(s0p10h12v0s0b3T *p727XAdded the feature of "/NOBREAK" being passed to
*p+50Y(10U(s0p10h12v0s0b3T *p727Xscan.exe only on the first run of any given day.
*p+50Y(10U(s0p10h12v0s0b3T *p727XThis added the requirement for a 4 byte control
*p+50Y(10U(s0p10h12v0s0b3T *p727Xfile, which is named "c:\security\viruschk.lrd"
*p+50Y(10U(s0p10h12v0s0b3T *p727X(lrd stands for "last run date").
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T2.01c(10U(s0p10h12v0s0b3T *p727XUpdated the code to invoke scan.exe with the
*p+50Y(10U(s0p10h12v0s0b3T *p727X"/M", "/NOPAUSE" and "/NOBREAK" options. This
*p+50Y(10U(s0p10h12v0s0b3T *p727Xupdate requires the use of Viruscan (scan.exe)
*p+50Y(10U(s0p10h12v0s0b3T *p727Xversion 7.2V77 or higher.
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T2.01b(10U(s0p10h12v0s0b3T *p727XAdded (actually just made consistent &
*p+50Y(10U(s0p10h12v0s0b3T *p727Xdocumented) DOS errorlevel exits.
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T2.01a(10U(s0p10h12v0s0b3T *p727XCaptured the keystroke if the delay was bypassed
*p+50Y(10U(s0p10h12v0s0b3T *p727Xto prevent inadvertent input to the next program
*p+50Y(10U(s0p10h12v0s0b3T *p727Xrun.
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T2.01(10U(s0p10h12v0s0b3T *p727XAdded drive information display, changed 5
*p+50Y(10U(s0p10h12v0s0b3T *p727Xsecond delay to a 30 second delay bypassable
*p+50Y(10U(s0p10h12v0s0b3T *p727Xwith a keystroke, and made the warning screen
*p+50Y(10U(s0p10h12v0s0b3T *p727Xoptional.
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T2.0(10U(s0p10h12v0s0b3T *p727XAdded integrity (virus) self-check, system
*p+50Y(10U(s0p10h12v0s0b3T *p727Xinterrogation for drive table and option to run
*p+50Y(10U(s0p10h12v0s0b3T *p727Xon a specific day of the week. Converted from
*p+50Y(10U(s0p10h12v0s0b3T *p727X.exe to .com format. Documentation written.
*p+50Y(10U(s0p10h12v0s0b3T *p727XFirst general distribution.
*p+100Y(10U(s0p10h12v0s0b3T (10U(s0p10h12v0s1b3T1.0(10U(s0p10h12v0s0b3T *p727XFirst release, not distributed beyond First
*p+50Y(10U(s0p10h12v0s0b3T *p727XDistrict users. Would only scan drive c:, had a
*p+50Y(10U(s0p10h12v0s0b3T *p727Xfixed 5 second delay for the warning screen
*p+50Y(10U(s0p10h12v0s0b3T *p727X(which was required), and ran every day.
*p+255Y*p+255Y*p+255Y*p+60Y(10U(s0p10h12v0s0b3T - 9 -