Turbo Toolbox

home *** CD-ROM | disk | FTP | other *** search

/ Turbo Toolbox / Turbo_Toolbox.iso / 1991 / 07_08 / praxis / virkill / virkill5.pas < prev

Wrap

Pascal/Delphi Source File | 1991-04-15 | 5.1 KB | 192 lines

(* ------------------------------------------------------ *) (* VIRKILL5.PAS *) (* *) (* Das Programm entfernt auf den angegebenen Laufwerken *) (* den Virus "Yankee Doodle" (nach McAfee's SCAN-Program) *) (* aus allen .COM und .EXE-Dateien. *) (* *) (* (c) '91 by R.Reichert & toolbox *) (* ------------------------------------------------------ *) PROGRAM VirusKiller; USES Dos, Crt, Win, ScanDir5; CONST VirCode : STRING[17] = #$7e#$85#$b1#$63#$2a#$c3#$71#$71#$2c+ #$a0#$f2#$8b#$59#$0d#$f9#$d5#$00; VAR f : FILE; VirNum : INTEGER; i, pc : BYTE; Path : STRING; Killed : BOOLEAN; Quit : BOOLEAN; CH : CHAR; PROCEDURE ReSetData; BEGIN ScanDir5.ReSetData; VirNum := 0; END; {$F+} PROCEDURE DoKillVir(Info : SearchRec; Name : STRING); {$F-} VAR FileCode : STRING[17]; ByteArray : ARRAY[1..32] OF BYTE; CH : CHAR; PROCEDURE KillVirInEXE; BEGIN Seek(f, Info.Size-2881+10); BlockRead(f, ByteArray, 32); Seek(f, 0); BlockWrite(f, ByteArray, 32); Seek(f, Info.Size-2881); TRUNCATE(f); END; PROCEDURE KillVirInCOM; BEGIN Seek(f, Info.Size-2889+14); BlockRead(f, ByteArray, 32); Seek(f, 0); BlockWrite(f, ByteArray, 32); Seek(f, Info.Size-2889); TRUNCATE(f); END; BEGIN WriteLn('Suche in ', Name); IF Info.Size > 2889 THEN BEGIN Assign(f, Name); IF (Info.Attr AND ReadOnly) <> 0 THEN FileMode := 0; {$I-} Reset(f, 1); {$I+} IF (Info.Attr AND ReadOnly) <> 0 THEN FileMode := 2; IF IOResult = 0 THEN BEGIN IF Pos('.COM', Name) > 0 THEN Seek(f, Info.Size-21) ELSE Seek(f, Info.Size-17); FileCode[0] := #17; BlockRead(f, FileCode[1], 17); IF (FileCode = VirCode) THEN BEGIN TextAttr := LightRed; WRITE('':20, 'PRORAMM INFISZIERT !'); IF Pos('.COM', Name) > 0 THEN KillVirInCOM ELSE KillVirInEXE; INC(VirNum); TextAttr := LightBlue; WriteLn(' Virus entfernt. Weiter mit Taste. '); CH := ReadKey; IF KeyPressed THEN CH := ReadKey; TextAttr := Yellow; END; Close(f); END ELSE BEGIN TextAttr := Red; WriteLn('FEHLER: Datei ', Name, ' konnte nicht', ' geöffnet werden.'); TextAttr := Yellow; END; END; END; {$F+} FUNCTION IsEXEorCOM (Info : SearchRec; Name : STRING) : BOOLEAN; {$F-} BEGIN IsEXEorCOM := (Pos('.COM', Info.Name) > 0) OR (Pos('.EXE', Info.Name) > 0); END; PROCEDURE InitPrg; BEGIN ClrScr; Window(1, 1, 80, 3); FrameWin('', SingleFrame, 0, Cyan); Window(1, 23, 80, 25); FrameWin('', SingleFrame, 0, Cyan); Window(1, 4, 80, 22); FrameWin('', DoubleFrame, 0, Blue); Window(1, 1, 80, 25); TextAttr := LightMagenta; GotoXY(26, 2); WRITE(' Yankee-Doodle-Virus-Killer '); GotoXY(45, 24); WRITE(' (c) ''91 by R.Reichert & toolbox '); Window(2, 5, 79, 21); pc := PARAMCOUNT; Killed := FALSE; i := 1; VirNum := 0; IF (pc = 0) THEN INC(pc); { Das Wichtigste: Die prozeduralen Pointer auf die eigenen Prozeduren richten !!! } DoIt := DoKillVir; Matches := IsEXEorCOM; END; BEGIN InitPrg; REPEAT REPEAT Quit := TRUE; ClrScr; TextAttr := Yellow; IF PARAMCOUNT = 0 THEN Path := '' ELSE Path := PARAMSTR(i); IF Path[Length(Path)] = '\' THEN DEC(BYTE(Path[0])); Scan(Path); WriteLn; IF VirNum > 0 THEN BEGIN WriteLn('Aus ', VirNum, ' von ', MatchNumber, ' Programmen ', 'den Virus "Yankee Doodle" entfernt.'); Killed := TRUE; END ELSE WriteLn('Der Virus "Yankee Doodle" wurde nicht ', 'gefunden.'); IF ((UpCase(Path[1]) = 'A') OR (UpCase(Path[1]) = 'B')) AND (Path[2] = ':') THEN BEGIN TextAttr := White; WriteLn; WRITE('Noch eine Diskette prüfen (J/N) ? '); REPEAT CH := UpCase(ReadKey); UNTIL (CH = 'J') OR(CH = 'N'); IF CH = 'J' THEN Quit := FALSE; END ELSE IF pc <> i THEN BEGIN TextAttr := White; WriteLn; WRITE(' Weiter mit ENTER'); ReadLn; END; ReSetData; UNTIL Quit; INC(i); UNTIL (i = Succ(pc)); IF Killed THEN BEGIN WriteLn; WriteLn('Falls Virus aktiv sein könnte, dann ', 'sofortigen Warmstart durchführen !'); END; WriteLn; WriteLn(' Weiter mit ENTER'); ReadLn; Window(1, 1, 80, 25); ClrScr; END. (* ------------------------------------------------------ *) (* Ende von VIRKILL5.PAS *) (* ------------------------------------------------------ *)