home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
FishMarket 1.0
/
FishMarket v1.0.iso
/
fishies
/
551-575
/
disk_560
/
bootx
/
bootx.doc
< prev
next >
Wrap
Text File
|
1992-05-06
|
28KB
|
875 lines
BootX v4.02
Copyright © 1989, 1990, 1991 Peter Stuer
All rights reserved
Release date October 2, 1991
FREEWARE
User Manual
KickStart 2.0 compatible
DISCLAIMER
BootX has been thoroughly tested and is the result of a
constant process of changes and updates that started in April
1989. The program has proven to be stable in everyday use. The
author is not responsible for any loss of data, damages to
software or hardware that may result directly or indirectly from
the use of this program.
PREFACE
This program is freeware, this means that you can copy it
freely as long as you don't ask any more money for it than a
nominal fee for copying. If you want to distribute this program
you should keep this document with it. This program cannot be
used for commercial purposes without written permission from the
author.
Special permission is hereby granted to include BootX in
Public-Domain collections such as Fred Fish's Amiga Library.
HOW TO GET THE LATEST VERSION OF BOOTX
The fastest way to get the most recent release of BootX is to
download it from FireBird BBS (see below).
If you send me a 3½" disk and a letter to get the most recent
version of BootX, please don't forget to include enough stamps or
money to send your disk back. BootX has been generating a lot of
mail and most of the times I had to pay the postal fee myself to
send the disk back. Remember, BootX itself is a FREEWARE so no
money is expected for it (although I won't refuse it, grin...).
And please, state your name and address clearly in print
because sometimes they are nearly impossible to decipher.
Every letter with a disk and/or money will be answered AS SOON
AS POSSIBLE...
If you have suggestions or remarks about this program, or if
you find any bugs, please let me know.
If you find any new viruses or linkviruses that BootX does not
recognize yet, please send them on a disk to me (my address
follows this paragraph). I will return the disk to you with an
updated copy of BootX.
Write to the following address:
Peter Stuer
Kauwlei 21
B-2550 Kontich
Belgium - Europe
A MESSAGE FROM OUR SPONSORS...
Our motto: "Safe Hex..."
BootX can be kept up to date thanks to the energy and work put
into a global anti-virus information bank founded by Erik
Løvendahl Sørensen from Denmark.
This group has over 120 international members now, among them
some of the programmers of wellknown anti-virus programs like
Steve Tibbet and Jonathan Potter. Among the activities of this
group are:
- Spreading information to anti-virus programmers as fast as
possible.
- Trying to get names and proof against virus programmers and
giving the information to the justice departement of his/her
country to press charges.
- Writing articles in popular magazines to inform new Amiga
users about viruses and how to protect themselves.
All this is volunteer work. If you want some more information
about this organization or you want to sponsor our work, contact
Erik at the following address:
Erik Løvendahl Sørensen
Snaphanevej 10
4720 Præstø
Denmark - Europe
Phone: 00 45 53 79 25 12
Fidonet 2:230/114.26
HELP
Around the time this release hits the street, FireBird BBS will
be up and running. As co-sysop of the Amiga area of this BBS I
can tell you that it is our aim to become number one (1) among
the Amiga BBS's in Belgium.
If you need help with my utilities or with OS programming for
the Amiga in C or assembler you can leave me a message at this
mailbox. Also, this BBS will always be the place to get the most
recent release of BootX.
If you have question about KickStart 2.0, the Amiga 3000 or
programming in general, leave a message for Nico François (of
PowerPacker fame) on the same BBS.
FireBird BBS
Tel. +32 (0)3 236.39.84
2400 BPS 8 N 1
24-24 h.
128 Mb on-line storage + CD-ROM
CD-ROM with Fred Fish 1 thru 530 on-line for Amiga
FIDO 2:296/120
Use 'j 1' to join conference 1 to get into the Amiga area.
THE AUTHOR
Since so many people keep asking me about it... I graduated in
June 1991 as a programmer-analyst and am currently working in a
software firm.
I use an Amiga A2000 with 5.5 Mbytes memory (512K chip), a 40
Mb Supra hard-disk, 2 3½" drives, 1 5¼" drive and a Supra2400
modem.
BootX has been created using DevPac Assembler, WShell and CygnusEd
Professional.
PACKAGE
The BootX package consists of:
BootX The program file
BootX.BBLib The BootX bootblock library
BootX.Brain An example of a brainfile
BootX.doc This file
BootX.history Complete history of BootX
Note that the BootX.BBLib or the BootX.Brain files are not
required to run the program. BootX will display an errormessage
when either of these two files are not found. See further.
REQUIREMENTS
BootX v4.02 should run on any Amiga starting from the A500 all
the way up to the A3000, any of these models with or without
processor expansion boards.
BootX has been tested with KickStart 1.3 and 2.0 on all three
Amiga models except the Amiga 1000.
Should you have any trouble running BootX on your machine,
please write to me with the full specifications of your machine,
that is KickStart version, model, expansion boards etc...
When BootX detects the ReqTools library (by Nico François) it
will use it for its requesters. Make sure you have the correct
version installed on your system. The version of ReqTools that
is distributed with BootX is a PRELIMINARY release, included with
special permission. ReqTools is copyrighted 1991 © by Nico
François. It may only be distributed as part of the BootX
package.
The complete and final version of the ReqTools package
(including autodocs and includes) will be released at a later
date.
FEATURES
- NEW !!! BootX does NOT use the arp.library anymore (Free, Free
at last...)
- NEW !!! KickStart 2.0 look and feel (even under KickStart 1.3).
- NEW !!! Configurable link and file virus check.
- NEW !!! BootX can scan your disks or hard-disk and generate a
report of the file types and viruses found. The report can be
saved to disk for later review.
- NEW !!! BootX Settings file.
- NEW !!! KickStart 2.0 SetPatch support.
- NEW !!! Completely rewritten link & file virus check routine.
- Recognizes over 246 bootblocks (among that 153+ bootviruses and
their mutants or family members)
- Recognizes over 80 viruses in memory and is able to repair the
damage caused by most of them.
- BootX can check your disks and hard disk for link and file
viruses.
- Loads bootblock libraries with several alternative bootblocks.
- Allows you to create your own brain files to recognize the
bootblocks of your disks.
- Allows you to load and save bootblocks to disk as a protection
against virus attacks.
- AmigaDOS Release 2 (KickStart & Workbench 2.0) compatible and
aware.
- PAL/NTSC/INTERLACE aware.
- Written completely in Assembler.
1. Short introduction
---------------------
BootX v4.02 is an attempt to make the ultimate viruskiller.
BootX v4.02 is fast (written completely in assembler), small and
tries to be as user friendly as possible.
2. How to start BootX v4.02
----------------------------
BootX v4.02 (from here on referred to as BootX) was written to
be used by both beginners and experienced users. BootX can be
started both from CLI and the Workbench.
2.1 Starting BootX from the CLI
-------------------------------
To start BootX from the CLI simply type:
1> BootX
followed by a return. This loads the BootX program and starts
it. BootX then detaches itself from the CLI. This means that
you can start BootX without using the run command, bring the
Workbench screen back to the front and then close the CLI window
with the EndCLI command.
2.2 Starting BootX from the WorkBench
-------------------------------------
This is the easy part. Simply click on the accompaning icon
and BootX starts.
NOTE: Workbench 2.0 users can also use the Execute Command item
from the Workbench menu to run BootX.
3. How to use BootX
-------------------
A lot of viruscheckers and viruskillers are already written for
the Amiga but none of them offered all the features I needed.
Hence the various disks offering several different programs for
doing the job. Enters BootX.
BootX can check the bootblock of a disk, check memory for any
resident viruses and scan a disk for linkviruses. It can load
bootblock libraries with bootblocks for you to write on your
disks as an alternative for the boring DOS Install bootblock. It
can load "brain files" so you can add any new bootblocks that
BootX does not recognise yet.
Let's start a guided tour of the screen. The main screen
offers several gadgets and menus. Just click the appropriate
gadget or select a menu item to perform an action.
3.1 Quit
--------
Does just what the gadget says: it releases all used memory
and quits the program.
Before BootX quits it will check to see if you have made any
changes to the brain file. If so, it will ask you first if you
want to save the changes you made.
NOTE: Watch out that you don't leave any infected disks in your
drives when you quit BootX !
3.2 Read BB
-----------
This gadget explicitly instructs BootX to read the bootblock
from the current selected drive into the buffer. Normally BootX
detects when a new disk is inserted and automatically reads its
bootblock. But some old 5¼ drives don't support this automatic
diskchange. This gadget can also be used to read the bootblock
after another program has modified the bootblock.
You will also need to use this gadget when you have turned of
the auto-diskchange detection or when you have locked a drive
(see further).
3.3 Write BB
------------
Here you instruct BootX to write the bootblock currently in the
buffer to the selected drive. BootX maintains a buffer that
holds the last read bootblock. This buffer is also visible in
the large display window in semi-ASCII form (more about this
later). The buffer allows you to read a bootblock from one disk
and then copy it to another.
3.4 The 4 drive gadgets
-----------------------
You can connect 4 disk drives to the Amiga. BootX checks how
many drives are connected to the Amiga and installs a gadget for
every one of them.
When a drive is not found its radiobutton will be ghosted.
Note that although a drive is connected the Amiga will not
recognize its presence when it is turned off (only applicable for
external drives).
3.5 Lock Drive
--------------
Normally when you insert a disk in the disk-drive, the Amiga
tries to see if the checksum of the disk is OK. When it is not,
the Amiga tries to validate it. Pre-2.0 KickStarts need to load
and execute a program called Disk-Validator from the L directory
to check and/or repair the checksum.
When a disk-drive is 'locked', BootX will prevent AmigaDOS from
validating your disk. This also means that Disk-Validator viruses
have no chance of getting in. You can insert and remove disks as
many times as you like.
Also the automatic diskchange detect will be temporarily
disabled.
3.6 Install
-----------
Here you can write the selected built-in bootblock to the
bootblock of the current drive. When no bootblock library is
loaded only the normal AmigaDOS Install v1.3 bootblock is
available.
At startup BootX looks for a file called "BootX.BBLib" in the
directory from which BootX started. It contains several
alternative bootblocks. It is possible to load another bootblock
library using the "Load bootblock library" menuitem (see
further).
3.7 Next and Previous (< and >)
-------------------------------
These gadgets show the next or the previous bootblocks in the
currently loaded bootblock library. If no library is loaded,
only the normal AmigaDOS Install 1.3 bootblock will be available.
Among the bootblocks are the normal DOS bootblock, Ralph
Babel's Install2 and several others. Thanks to all groups and
programmers whose bootblock I included. Note however that when
you press Next and Previous the bootblock buffer is not updated.
3.8 Built-in bootblock name
---------------------------
This window shows the name of the selected built-in bootblock.
3.9 Message window
------------------
This window reports messages and errors resulting from the
various operations.
3.10 Main display window
------------------------
Shows the bootblock that is currently in the buffer in
semi-ASCII representation. Only the readable characters are
shown. This allows you to check for readable text signifying the
nature of the bootblock when BootX reports "Unknown bootblock".
The main display window is also used for the output of several
other BootX functions.
4. The BootX Project Menu items
-------------------------------
4.1 Load Bootblock library
--------------------------
Selecting this menuitem (or the key combination Right-Amiga-B)
allows you to load another bootblock library than the default
BootX.BBLib. BootX will only load valid bootblock libraries.
4.2 Load Brainfile
------------------
Selecting this menuitem (or the key combination Right-Amiga-L)
allows you to load another brainfile than the default
BootX.Brain. BootX will load only valid brainfiles. Before
loading it asks you if you want this brainfile to replace the one
in memory.
4.3 Save Brainfile
------------------
Selecting this menuitem (or the key combination Right-Amiga-S)
allows you to save the brainfile that is currently in memory.
4.5 View Brainfile
------------------
This menuitem allows you to view all the entries that are in
the brainfile that is in memory.
4.6 Merge Brainfile
-------------------
Sometimes it happens that two BootX users have different
entries in their brainfiles. This menuitem allows you to merge
any brainfile with the one in memory. BootX will only add an
entry that is not yet present. Don't forget to save the new
brainfile to disk.
4.7 Learn Bootblock
-------------------
Selecting this menuitem (or the key combination Right-Amiga-A)
is the same as clicking on the Learn gadget (see higher).
4.8 Show known bootblocks
-------------------------
This menuitem will produce a list of all the bootblocks and
bootblock viruskillers BootX knows.
4.9 Show known viruses
----------------------
This menuitem will produce a list of all the boot-, file- and
linkviruses BootX knows.
4.11 Goto sleep
---------------
Closes the main BootX screen and releases as much memory as
possible. A small window on the workbench screen will be opened
showing you that BootX is still in memory.
In this state BootX uses no CPU time and just waits for you to
make the window active and click in it with the menu button (the
right mouse button). Then the main BootX screen and window is
opened again and you can go on again.
BootX does not unload a brain file or a bootblock library.
Also, when asleep, BootX doesn't do any checking (like VirusX
does). I did this on purpose. There is no need to continuously
keep checking every disk that is inserted. Just check them once
to make sure they are virus-free.
4.11 About
----------
Displays information about BootX and the version number. Always
try to get the latest version available to have optimum virus
protection.
4.12 Quit
---------
Guess what this one does...
5. The BootX Bootblock Menu items
---------------------------------
5.1 Load/Save
-------------
BootX can save the bootblock in the buffer to any valid drive.
'Save BB' can be used to save the bootblocks of games, mega demos
and other programs to a separate data disk.
In case of a virus attack or a bad disk you can load the
previously saved bootblock back in the buffer and write it back
to the original disk.
Load BB will only allow you to load a file that contains a valid
bootblock. It checks if it is an Old or Fast File System
bootblock and then recalculates the checksum of the bootblock.
When the bootblock checksum is wrong, BootX will ask you if you
want to repair it. If you select Yes, BootX repairs the bootblock
checksum of the loaded copy.
5.2 Learn BB
------------
This menu item prompts you for a name when BootX does not known
the bootblock in the buffer yet. Enter an empty string when you
want to cancel the operation. BootX then adds the bootblock to
the current brain file (if present). Otherwise it makes a brain
file in memory.
6. The BootX Files Menu items
-----------------------------
6.1 Check Files
---------------
Selecting this menu item pops up a requester allowing you to
set your preferences for the file an linkvirus check.
6.2.1 Skip Directories
----------------------
When this option is on BootX will skip any subdirectories it
encounters during a scan. This option allows you to make a quick
scan of the root of a disk or hard-disk.
6.2.2 Check All Files
---------------------
Normally BootX only checks executable files (in techno talk:
files that have a valid AmigaDOS hunk structure) since those are
the only ones that can be run. When this option is selected BootX
will check every file it encounters, resulting in a substantial
increase in time it takes to finish to check.
6.2.3 Enter interactively
-------------------------
When this option is active BootX asks if it should enter a
directory everytime it encounters one. This is handy for scanning
hard-disks with lots of directories. A requester pops up giving
you the option to enter the directory (select the Yes gadget) or
skip this directory (select the No gadget).
6.2.4 Auto-remove read-protection
---------------------------------
AmigaDOS 2.0 recognizes and honours the protection bits of a
file. That means that if the read protection is on, programs are
not allowed to read that file. When BootX encounters such a file
it will ask you if you want to remove the read protection of the
file.
If you select Yes BootX retains all previous protection bits
with exception of the read protection bit. Read protection will
be turned off and the file will be re-checked.
If you wish to restore the read protection afterwards, use the
AmigaDOS command Protect like this:
1> protect <filename> -r
which will give the file its read protection back.
If you select this option, the Auto-skip option will be turned
off. See further.
6.2.5 Auto-skip read-protected files
------------------------------------
It happens sometimes that you want to protect some files on
your disks or hard-disk from reading by removing the read
protection bit.
When this option is selected, BootX will ignore all read
protected files. It will count them though.
If you select this gadget, the Auto-remove option will be
turned off. See higher.
6.2.6 Handle viruses automatically
----------------------------------
When BootX encounters a virus it will ask you if it should use
any of the three mark methods you specified. Select this option
when you want BootX to handle all viruses automatically when it
encounters them.
HINT: These last two options are especially handy when checking
hard-disks with a lot of files on them.
6.2.7 Virus Mark options
------------------------
You can choose any of the three mark options that specify what
BootX should do with a virus.
You can add a filenote to the file, delete the file or rename
the file.
When BootX renames the file it will use a name that is composed
of the virus name and a special counter that ensures that all
virus names are unique.
The filenote or comment that BootX adds to the file specifies
the name of the virus and which version of BootX detected it.
This comment can be seen when you use the 'List' command in the
CLI or the Shell to list the files of a directory.
6.2.8 Report features
---------------------
These options allow you to generate a report of your disk or
hard-disk. At the end of the virus check will BootX ask you what
to do with the report. You can either take a look at it or save
it to disk.
Normally BootX only reports files that are infected or have
errors in them. When you turn on the Report File types option
BootX will add every file it encounters to the report together
with its file type.
6.2.9 Check files
-----------------
This gadget pops up the file requester for you to specify a
device to search for file- and linkviruses. You can select any
AmigaDOS device that supports a file system. You can also
specify a particular directory to check.
When you select OK BootX starts searching for viruses in any
file it encounters according to the preferences you specified.
6.3 Show report again
---------------------
This menu item allows you to see the last generated report
again.
6.4 Save report
---------------
This menu item allows you to save the last generated report to
disk.
6.5 Check Disk
--------------
When you select this menu item, BootX will prompt you to insert
a disk into the current drive. It will then perform all three
built-in checks, that is, first the bootblock and the
disk-validator will be checked. Then the complete disk will be
scanned for infected sectors. And finally all the files will be
checked. Of course BootX will prompt you if you want to skip any
of the three checks for the current disk.
6.6 Repair Disk
---------------
Currently this menu item allows you to repair the damage done
by the Saddam disk-validator virus. This virus will corrupt the
bitmap of a disk and encode the data blocks on a disk.
As long as the virus is in memory, these blocks get decoded
invisibly every time they are accessed. This way you don't
notice there is anything wrong. But when you use that disk on an
uninfected Amiga, these block will be unusable.
Repair Disk scans a disk and tries to repair the damage. Make
sure there is no virus in memory (especially not the Saddam
virus). BootX will do a memory scan just to be safe and removes
the virus if it is found.
BootX then locks the current drive (make a different drive
current using the 4 drive gadgets, see higher) and asks you to
insert the corrupted disk.
During the scan you'll get a progress report. You can leave
the write-protection of your disk on to scan a disk without
making modifications.
6.7. How BootX handles link- and fileviruses...
-----------------------------------------------
When you ask BootX to check the files of a disk or a directory,
BootX starts scanning and checking every file it encounters.
When it finds a read-protected file, BootX will ask you if you
wish to remove the read-protection from that file. If you select
the No gadget, BootX will leave the file as it is. This file
will NOT be checked. In case you select the Yes gadget BootX
will try to remove the read-protection.
The file is then checked to see if it contains a virus.
Whether or not you mark an infected file or not, BootX will set
the protection flags of the file to ---A---D which means that the
file can only be deleted. The Archive flag makes sure that this
file will not be included in a backup of that directory.
7. The BootX Miscellaneous Menu items
-------------------------------------
7.1 Check Memory
----------------
Checks the memory for any known virus ignoring all known
resident virus checkers. When BootX finds a virus it will
display an Alert identifying which virus was in memory and will
try to kill it. BootX also removes any known linkvirus from
memory.
After the memory check, BootX will show you some important
vectors from Execbase in the main display window. These vectors
are mostly altered by viruses.
Next the resources, libraries and devices are scanned to see if
any of their vectors have been changed.
A normal vector will be display in black. When BootX thinks
that something is not normal it will display a message in white
next to the vector saying 'Please check...'. Note that this not
necessarily means that there is a virus in memory. Resident
programs as f.i. TurboPrint use these vectors too.
I will try to keep BootX's knowledge base as up to date as
possible. In case of doubt, save all data and cold-start the
Amiga, that is, turn of the power and wait a few seconds before
turning it on again.
This display generates a lot of technical information. If you
are a beginning Amiga user and BootX reports that some of the
vectors have been changed and it does not know which program,
please contact a more experienced Amiga user (preferably a
programmer).
7.2 Reset vectors
-----------------
This menu item gives you the option to clear the first five
vector that BootX shows in its vector list. This is not a fail
safe way to kill a virus. Also if any other software is using
these vectors, it will not survive the next reset.
7.3 Install resident LVD
------------------------
LVD is a small program I wrote that patches the main entry
point of the Amiga operating system that is used for loading
executable programs. Once installed, LVD uses no CPU time until
you try to load an executable program.
Before this program gets a chance to run, LVD checks if there
is a known linkviruses attached to it. If there is the code of
the program gets changed and the program will not get started.
This prevents the virus from becoming activated.
But when you already have a virus in memory, every program you
load can be infected, every disk access can be fatal. This menu
option install a Resident version of LVD with any disk access.
First make sure you select Check Memory and Reset vectors to
try to kill the virus. Then install the resident LVD. When you
reset, LVD survives the reset and patches the entry point. Now if
there is a virus infected program in your startup-sequence, LVD
will intercept it before it gets a chance to run.
NOTE: LVD installs itself at the END of the KickTag chain. That
way if any other program is using the KickTag vector it will
remain active.
8. The BootX Settings Menu items
--------------------------------
8.1 Detection diskchange
------------------------
This menu item works as an on/off switch. It turns the
diskchange detection on or off. Sometimes it is not useful to
have BootX read the bootblock of every disk you insert,
especially when you have a bootblock in the buffer you wish to
write to another disk. This gadget allows one drive user to copy
bootblocks.
8.2 Show Help
-------------
This menu item toggles the help feature on or off. When it is
turned on you can click any gadget or select any menuitem to get
a short help message about its function. Select the Show Help
item again to turn off the help feature.
8.3 Pause after page
--------------------
This option controls if the text display will by shown page by
page. This feature will be temporarily disabled when you start a
file check.
8.4 Check Memory at startup
---------------------------
When this option is selected BootX will perform a full memory
check every time it is started or when it wakes up after being
put to sleep.
8.5 Check Disk-Validator
------------------------
When you insert a disk into the current drive BootX will first
try to identify the bootblock. When this option is on, it will
check the disk-validator also when it is on the disk. This way
disk-validator viruses can be identified before they get into the
system.
NOTE: this option is especially effective when the current drive
is locked !
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
© 1991 BootX v4.02 written by Peter Stuer
Thanks to Nico François, Bart Leeten and Didier De Cock for
beta-testing and all the useful suggestions.
Thanks to Bart Beeckmans for redesigning the icon.
_
_ //
Thanks to \X/ Amiga for being the best computer ever !