home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Software 2000
/
Software 2000 Volume 1 (Disc 1 of 2).iso
/
utilities
/
u140.dms
/
u140.adf
/
ZeroVirus.doc
< prev
next >
Wrap
Text File
|
1999-12-26
|
29KB
|
613 lines
**************************************************************************
ZeroVirus III
The Ultimate Virus Elimination System
© Copyright 1989,90 by Jonathan Potter
**************************************************************************
This program is freely distributable, but is NOT public domain.
ZeroVirus III MAY NOT be included in any commercial package, or sold for
ANY amount, including "COMPILATION VIRUS DISKS for only $20", etc.,
without written permission from the author.
ZeroVirus III MAY be included on any freely distributable package,
including packages for which a nominal copying fee of no more than $5 is
charged. This includes Fred Fish's Amiga Library Disks, and other similar
public domain libraries.
****************************************************************************
Well, that was boring, wasn't it? But it had to be said. Too often I
hear of ZeroVirus II being sold, with the seller making an enormous
(percentage) profit. The decision was made to release ZeroVirus III as
freely distributable rather than commercial software, so please don't
abuse this.
Those who have used a previous version of ZeroVirus will only need to
read this file to get up to speed; anyone using ZeroVirus for the
first time should also have a look at the "ZerovirusII_doc" attached
to the bottom of this file, which goes into detail about how to use the
menus, etc.
****************************************************************************
USAGE : ZeroVirus [-i] [-xnum] [-ynum] [-bfilename] [-n]
[-i] Start up iconified
[-xnum] Set iconified window's default LeftEdge to num
[-ynum] Set iconified window's default TopEdge to num
[-bfilename] Load BrainFile from the file "filename"
[-n] No window in iconify, run in background
If you want to run it in your startup-sequence, simply enter
ZEROVIRUS -i
and it'll start up in "iconified" form, ie a little window at the
top of the screen, which can be expanded to a full window by
the method just below:
HOT-KEY ACTIVATION
At any time, ZeroVirus can be activated by pressing AMIGA-AMIGA-Z
simultaneously. If ZeroVirus is iconified, it will de-iconify.
Otherwise, the ZeroVirus screen will be brought to the front.
HOW TO USE ZEROVIRUS III ? ? ?
Anyone who has used Zerovirus II will have no trouble with this
version - there are simply some changes and improvements as listed
below. For beginners, simply double-click on the ZeroVirus icon and
when the first screen comes up, click the left mouse button once to
continue.
--------------------------------------------------------------------------
CHANGES TO ZEROVIRUS III
(Roughly in order of appearance)
--------------------------------------------------------------------------
Firstly, ZeroVirus now detaches itself, so you do not need RUN or
RUNBACK when running it from the CLI (say in your startup-sequence).
Screen is back to NTSC size (ie, American 640 x 200) - why not?
You now no longer have to press the left mouse button to enter the
program.
Brilliant title screen, eh? Thanks to Adrian Jones for that. Any
enquiries on Amiga graphics, or offers for contract work can be sent to
Adrian via me (see address at the bottom of this text).
A new menu item, Memory, allows you to
a) Re-check memory for viruses. This repeats the procedure that
occurs when the program is run.
b) View memory, to look for any suspicious text.
Palette requester is much nicer. Sorry, Andrew Wong. I know
ZeroVirus is not a paint program, but when you have 4096 colours
available, it's silly (no, not ridiculous, just silly) not to take
advantage of them.
New Credits requester, showing names of all those marvelous people who
helped in making this program what it is.
INTO BOOTBLOCKS SECTION.
Click on a drive gadget. Zoooom.. yes, bootblock display is several
million % faster.
A new bootblock, MESSAGE, displays a scrolling message on a green
copper list. If this disappears from a disk you know it was on, it is
likely a virus has overwritten it.
HIDE DRIVE allows you to switch off a drive, hiding it from DOS. This
would be used if you are checking lots of non-DOS disks, that would
normally throw up DOS requesters when you insert them. Disk change is
not detected when a drive is hidden, so you have to keep clicking on
the drive gadget to check each new disk.
BACK TO MAIN MENU, INTO FILES SECTION.
File viruses currently recognised are BGS9 (or TTV1), LAMER, IRQ and
XENO.
Catalogue files lets you generate a catalogue of all files in a
directory (or on disk). These files can later be checked against the
catalogue (using Check Catalogue) for changes in size, date and
protection bits.
INTO BRAINFILES SECTION.
Nothing much changed here, except you can move using cursor
(shift/ctrl, etc) keys.. easier, I think.
The file requester is better. DRIVES gives you a list of all
available devices (disk, assigns...). In ARP fashion, SHIFT-RETURN
jumps to the other string gadget.
ZeroVirus III generally is more memory efficient than earlier
versions. Only 1K of chip RAM is used when it is iconified.
M
**************************************************************************
ZeroVirus v2.0 Docs
(c) Copyright 1989,1990 by Jonathan Potter
**************************************************************************
M
M INTRODUCTION
------------M
Welcome to ZeroVirus! This program is a complete virus detection,
removal, and protection system.
Using ZeroVirus, you can check the bootblock of any disc. You can
install the disc (removing any virus that is present) with one of four
different bootblocks, and backup the bootblocks of your commercial
programs to ensure recovery from any viruses in the future.
You can also use ZeroVirus to check a directory or a whole disc for
any known file (link) viruses. ZeroVirus uses BrainFiles to make
updating easier. The BrainFiles contain information that ZeroVirus
uses to identify viruses and other bootblocks. ZeroVirus has a LEARN
option, whereby you may include in the BrainFile the data necessary to
recognise a certain bootblock in the future. ZeroVirus also has
"on-line" BrainFile editing, to make the procedure even easier.
You can iconify ZeroVirus to a small window on the Workbench screen.
Here, it runs in the background, checking every disc you insert in the
drives.
M STARTING ZEROVIRUS
------------------M
To start ZeroVirus, double-click on the icon from Workbench, or type
"ZeroVirus" from the CLI.
ZeroVirus looks for the BrainFile (called "ZeroVirus.BrainFile") in
either the current directory, or in the S: directory, and if it is
found, it will be read in.
ZeroVirus then looks for the Palette file (called "ZeroVirus.Palette")
in the same places, and will read in your custom colours from that file
if it can be found.
M MEMORY CHECKING
---------------M
Once ZeroVirus has finished the above operations, memory is checked
for any known viruses. If any are found, they are automatically
removed, and you are notified of their presence.
After this, ZeroVirus checks a number of system vectors. The vectors
checked are WarmCapture, CoolCapture, ColdCapture, KickTagPtr (or
RomTags), KickMemPtr and KickCheckSum vectors. These should all
normally be zero ($000000), and one sign of a virus in memory is these
vectors pointing somewhere else. If their value is not $000000, you
will be given the option to restore them to $000000.
Be careful here, because some legitimate programs, like Guardian,
modify these to their own purposes. After this, you are prompted to
press the left mouse button to continue.
M MAIN MENU
---------M
Several options are available from the main menu.
The BOOTBLOCKS gadget, or "BootBlocks" from the pull-down menu takes
you into the bootblock checking part of ZeroVirus.
Likewise, the FILES gadget, or "Files" from the pull-down menu takes
you into the file checking part of ZeroVirus.
The BRAINFILES gadget, or "BrainFiles" from the pull-down menu takes
you into the "on-line" BrainFile editor.
The LEAVE gadget gives you the option of either quitting or iconifying
ZeroVirus.
"Palette" from the pull-down menu allows you to edit the colours
ZeroVirus uses, and "Save Palette" allows you to save them for future
use.
"About" displays some information about the program.
"Iconify" iconifies ZeroVirus.
"Quit" exits ZeroVirus.
M BOOTBLOCKS
----------M
This section of ZeroVirus allows you to work with the bootblocks of
discs. To check the bootblock of a disc, click on the icon of the
drive the disc is in. If no errors occur, the bootblock will be read
and checked. If the bootblock is recognised, its name and description
will be displayed.
eg "Normal DOS bootblock."
"This disc is okay. Insert another disc to keep checking."
"ZeroVirus BigScreenTest bootblock"
"Check for PAL sized screen on bootup"
"SCA virus recognised!"
"This disc contains a virus! INSTALL it immediately!"
If the bootblock is not recognised, you will see
"Non-standard bootblock"
"Suggestion : BACKUP and INSTALL"
Under the description, the bootblock is displayed. Characters in
white represent standard bootblock characters; those in red represent
non-standard bootblock characters.
ZeroVirus detects disc changes, so to check another disc in the same
drive, simple eject the current disc and insert the new one.
Several options are available from a pull-down menu. A "-->" in menu
names indicates the presence of sub-menus. From top to bottom, the
menu options are :
BootBlock --> - This option allows you to select the bootblock that
will be written to discs when you install them.
Standard - This is the standard AmigaDOS 1.3 bootblock.
NoFastMem - This bootblock allows you to turn off all
auto-configuring expansion memory on bootup.
BigScreenTest - All PAL Amigas have a bug that causes an NTSC (200
line) screen to occasionally open on bootup,
instead of one the normal PAL size (256 lines).
This bootblock checks the size of the screen you
are about to boot into, and if it is <256 lines,
will give you a chance to reset the computer.
This eliminates the possibility of going through
a half hour long startup-sequence only to find at
the end that you have to reboot because of a short
screen.
AutoAddRAM - This bootblock allows you to automatically add one
chunk of non-autoconfiguring memory on bootup. When
you install a disc with this bootblock, you are
prompted for the starting and ending addresses of
the chunk, in hexadecimal. If you give no input to
this, the RAM from $f80000 to $fbfffe present in
Amiga 1000s with Kickstart in ROM is assumed.
Install - This option installs the disc in the currently
selected drive, with the selected bootblock.
Learn - This option allows you to learn the bootblock of the
disc in the currently selected drive.
ZeroVirus recognises bootblocks by checking eight
characters. If all characters match the required
characters, ZeroVirus recognises the bootblock.
When you select learn, eight characters in the
bootblock view are highlighted. These are the eight
characters ZeroVirus has picked to recognise the
bootblock by. Unfortunately, ZeroVirus cannot
distinguish between code and text. Since text in
a bootblock can be changed relatively easily, it is
not a good idea to learn text bytes.
If it is obvious that ZeroVirus has picked some
text bytes to learn, you may reselect the bytes
yourself.
A maximum of eight characters may be highlighted at
once.
To toggle a character on or off, click on it with
the left mouse button.
You may pick eight or less characters.
Once you have finished picking characters, click
in the centre of the screen where you are told to.
You are now prompted for the name of the bootblock.
To cancel the learn operation, just press return
for this.
Once you have entered the name, you are asked
for a description. If the bootblock you have just
learnt is a virus, just press return for this.
Names and descriptions may be 80 characters at the
most.
Learn only learns to memory - the bootblock is
not recorded to the BrainFile on disc until you
do so from the BrainFile editing menu.
Force Learn - It may happen occasionally that the bootblock of the
disc you wish to learn has the same bytes in the same
places as a bootblock ZeroVirus has learnt previously.
In this case, Learn will complain that ZeroVirus
already knows this bootblock.
You may now learn the bootblock with Force Learn,
and pick some different bytes.
The bootblock will still not be recognised, however,
as the first bootblock is before this one in the list.
To overcome this problem, you may re-arrange the order
of bootblocks in the BrainFile from the BrainFile
editing menu.
Backup --> - These options allow you to manipulate bootblocks
as disc files.
Backup - Many programs employ custom bootblocks. These
bootblocks may be for fast loaders, intros, etc.
Many of these programs depend on their custom
bootblock. If this bootblock is overwritten with a
virus, the program will no longer work.
Backup allows you to backup a bootblock to a disc
file, for future retrieval.
When Backup is selected, a file requester appears for
you to enter the name you wish to save the bootblock
as. The name of the disc is automatically entered as
the filename, but this may be edited.
Once you have chosen the name, you are asked to
enter an optional comment for the bootblock (maximum
40 characters).
Providing no errors occur, the bootblock will be
saved to the file.
It is a good idea to keep all bootblocks in the same
directory, and an even better idea to keep a backup
of the disc containing the bootblocks.
Restore - Restore allows you to restore a previously backed-up
bootblock to the disc in the selected drive.
Selecting this opens the file requester, prompting
you for the name of the bootblock you wish to restore.
Catalogue - Catalogue allows you to generate a catalogue of all
the backed-up bootblocks in a specified directory.
Selecting this opens a requester with various gadgets
allowing you to configure the catalogue.
CATALOGUE TO FILE and CATALOGUE TO PRINTER allow you
to send the generated catalogue to a disc file, or to
the printer (PRT:).
INCLUDE COMMENTS and INCLUDE DATES allow you to
select whether comments and dates are included in the
catalogue.
SORT BY NAME, COMMENT and DATE allow you to turn
catalogue sorting on or off, and select which
item the catalogue is sorted by.
GENERATE CATALOGUE opens the file requester, allowing
you to select the directory containing the bootblocks
you wish to catalogue. Only bootblocks saved with
ZeroVirus are included in the catalogue.
View Saved - This allows you to view a saved bootblock. Selecting
it opens the file requester, prompting you for the
name of the bootblock you wish to view.
Compare Saved - This allows you to compare the bootblock of the disc
in the selected drive with a bootblocks saved to a
disc file. The saved bootblock is the one actually
shown. Conflicting characters are shown in red;
identical characters are shown in white.
Print Saved - This allows you to dump a saved bootblock to the
printer (PRT:). The bootblock is printed in both
hexadecimal and ASCII.
Print - This allows you to dump the bootblock of the disc in
the selected drive to the printer (PRT:).
Toolkit --> - These options allow you to manipulate bootblocks in
special ways.
UnInstall - UnInstall un-installs a disc, leaving the bootblock
the same as if the disc had just been formatted.
Fix Checksum - This fixes the checksum of the bootblock, and makes
it bootable.
No Checksum - This zeroes the checksum of the bootblock, and makes
it non-bootable.
Copy Block - This allows you to copy the bootblock of the disc
in the selected drive to a disc in another drive.
After selecting this, click on the drive that you
want to copy the bootblock to, or click on the same
drive to cancel the operation.
Main Menu - This option returns you to the main menu.
M FILES
-----M
This section of ZeroVirus allows you to check files for file (link)
viruses. When selected, the screen clears and the file requester
opens. You may now select the directory you wish to check (don't worry
about the filename).
When the directory has been chosen, you are asked if you wish to check
all the sub-directories as well. This allows you to check a whole disc
at once, if necessary.
You are now asked if you want any viruses to be automatically removed.
If you answer positively to this, any file viruses found will be
removed automatically, unless a user action is unavoidable (eg an error
occurs). The files are now checked. The filenames are displayed on
the screen as they are being checked.
File viruses are not learnt in BrainFiles. Therefore, ZeroVirus will
be updated if and when new file viruses appear.
Currently recognised file viruses are :
IRQ virus - This virus attaches itself to the first command in the
startup-sequence.
BGS9 virus - Also known as the TTV1 virus, this one replaces the
first command in the startup-sequence with itself, and
places the original file in a hidden file in DEVS:
If this virus is found, ZeroVirus will also give you
the option of trying to replace the original file.
Even if automatic virus removal is on, user input is
required here, as ZeroVirus has no idea where the DEVS:
directory on that disc is (in relation to the current
directory). The file requester is opened for this.
LAMER virus - This virus is usually disguised as a hidden file, and
inserts a line calling itself in the startup-sequence.
If a file called "startup-sequence" is found, it will
be checked to see if it calls this virus. The virus
calls itself a name consisting of (in hex) A0
(160 decimal). These are invisible as normal ASCII.
If any of these are found in the "startup-sequence",
ZeroVirus can remove them.
M BRAINFILES
----------M
The "on-line" BrainFile editor allows you to easily edit the current
BrainFile. The name of all bootblocks known by the current BrainFile
are displayed on the screen, along with their comments.
You may scroll the selector-bar up and down the list of bootblocks
with the UP and DOWN gadgets at the bottom of the screen, or with the
Move menu. Several options are available from a pull-down menu; these
are :
New - This option discards the BrainFile in memory at the
moment, and begins a new one. Be careful with this;
there is no undo feature.
Load - This option allows you to load a BrainFile from disc
into memory, replacing the BrainFile in memory at the
moment. The file requester is used to allow you to
select the BrainFile.
Note that BrainFiles need not be called
"ZeroVirus.BrainFile" - they may be called anything, and
kept anywhere. However, they will not be read in
automatically when ZeroVirus is run unless they are.
Save - This option allows you to save the BrainFile in
memory to disc. The file requester is used to allow
you to select the name.
The User Update count of the current BrainFile is
incremented everytime you Save.
Edit --> - These options allow you to make changes to the entries
in the BrainFile.
Move - Move allows you to reposition an entry in the BrainFile.
When selected, you may move the selector-bar to the
position you wish the entry to be moved to.
Press the right mouse button when the bar is in the
correct position. You are then asked if you wish the
entry to be moved above or below the current position.
To cancel this, press the right mouse button without
moving the bar.
Rename - This allows you to change the name and description of
the highlighted entry.
Delete - This allows you to delete the highlighted entry from
the BrainFile.
Merge - The Learn option allows you to include your own
bootblocks in the BrainFile. However, new BrainFiles
issued by the author will not, of course, contain these,
and so you would have had to Learn them all again.
Merge allows you to, effectively, join the current
BrainFile with one on disc. However, the "new" BrainFile
will not contain any repeated entries.
Move --> - These options allow you to move around the current
BrainFile.
Entry Up - Moves you one entry up. Identical to pressing the UP
gadget.
Entry Down - Moves you one entry down. Identical to pressing the DOWN
gadget.
Page Up - Moves you one page (13 entries) up.
Page Down - Moves you one page (13 entries) down.
Top - Moves you to the top of the BrainFile.
Bottom - Moves you to the bottom of the BrainFile.
Main Menu - This option returns you to the main menu.
M PALETTE
-------M
The palette requester has several gadgets to enable you to set the
colours of the screen. The coloured squares at the top of the window
let you select which colour you wish to work with. Underneath these is
a window-wide bar, which is filled with the current colour, and
displays (in hex) the value of the colour.
Under this are six slider gadgets. The first three, R, G and B enable
you to set the red, green and blue content of the current colour. The
next three, H, S and L enable you to set the hue, saturation and
luminance of the current colour. Under these are six other gadgets.
- COPY allows you to copy the current colour to the next selected colour.
- SPREAD allows you to evenly spread the colours between the current
colour and the next selected colour.
- RESET allows you to reset to the palette in use when the Palette
Requester was first invoked. Also, pressing the ESCape key has this
effect, so if you accidentally set all the colours to black (or
something), just press ESCape.
- DEFAULT returns the colours to their default settings.
- OKAY accepts the current colour settings and exits the palette
requester.
- CANCEL rejects the colour settings and exits the palette requester.
Clicking the close gadget also has this effect.
MICONIFY
-------M
Iconify closes the ZeroVirus window and screen, and opens a small
window on the Workbench screen. ZeroVirus now behaves very much like
the PD program VirusX. Unlike VirusX, however, it also contains a
title bar clock and memory monitor. The current time is displayed (and
updated) along with the amount of chip and fast memory available in the
system.
When the iconified window first opens, all discs present are checked
for viruses or non-standard bootblocks. If they have viruses or other
non-standard bootblocks on them, a requester appears, asking you if you
wish to return to ZeroVirus. If the bootblock is a virus, you are not
told which virus it is. You will find this out when you return to
ZeroVirus.
You are only notified if the bootblock is a virus, or if it is an
unknown, non-standard bootblock.
After all discs have been checked, the clock starts and continues
updating. Every time a disc is changed, that disc is automatically
checked, and the same procedure as above follows.
To return to ZeroVirus from the iconified window, activate the window
and press the right mouse button. To exit ZeroVirus without returning
to the main program, click the close gadget.
---------------------------------------------------------------------------
Enjoy...!
Jonathan Potter
P.O. Box 289
Goodwood, SA 5034
Australia
ph : (08) 2932788
(All donations gratefully accepted. Not only that, but you'll get
back a copy of the latest version/BrainFile. Thanks.)
^^^^^^^^^^^^^^^^^^^^^^^^^^ END OF ZEROVIRUSIII_DOC ^^^^^^^^^^^^^^^^^^