home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Dr. CD ROM (Annual Premium Edition)
/
premium.zip
/
premium
/
DOSUTIL1
/
FLSF100.ZIP
/
FILESAFE.DOC
< prev
next >
Wrap
Text File
|
1993-03-15
|
45KB
|
1,088 lines
FileSafe
Virus Detection
Software
User's Manual
JAYAR Systems
253 College Street
Suite 263
Toronto, Ontario
Canada M5T 1R5
(416) 751-3284
LICENSE
The license for the Shareware evaluation (trial use) version of
FileSafe is contained in the file LICENSE.DOC. This file has been
included for your convenience as an appendix to this manual.
WARRANTY
The Shareware evaluation (trial use) version of FileSafe is provided
AS IS. JAYAR Systems MAKES NO WARRANTY OF ANY KIND, EXPRESSED OR
IMPLIED, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF
MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
SUPPORT POLICY
JAYAR Systems provides free support for this product. We will answer
questions and fix serious bugs. If you have any questions about or
problems with using this product, give us a call at the number on the
inside front cover of this manual. Or, if you are not in a rush, send
us a letter.
We would also appreciate hearing from you if you have any comments or
suggestions for improvements.
_______
____|__ | (R)
--| | |-------------------
| ____|__ | Association of
| | |_| Shareware
|__| o | Professionals
-----| | |---------------------
|___|___| MEMBER
FileSafe Copyright (C) 1993 JAYAR Systems
All Rights Reserved
CONTENTS
1 INTRODUCTION . . . . . . . . . . . . . . . . . . . . 2
2 INSTALLING FILESAFE . . . . . . . . . . . . . . . . 2
3 USING FILESAFE . . . . . . . . . . . . . . . . . . . 3
3.1 FILESIG . . . . . . . . . . . . . . . . . . . . . 3
3.2 CHCKSIG . . . . . . . . . . . . . . . . . . . . . 5
3.2.1 Directory-level Signature File . . . . . . . . . . 5
3.2.2 External Master Signature File . . . . . . . . . . 8
3.3 GETSIG . . . . . . . . . . . . . . . . . . . . . . 8
4 STRATEGY . . . . . . . . . . . . . . . . . . . . . . 8
APPENDIX A COMPUTER VIRUSES AND FILESIG
APPENDIX B LICENSE
B.1 TRIAL USE LICENSE: . . . . . . . . . . . . . . . . B-1
B.2 LIMITED DISTRIBUTION LICENSE: . . . . . . . . . . B-2
APPENDIX C DEFINITION OF SHAREWARE
APPENDIX D HOW TO REGISTER
FileSafe User's Manual (JAYAR Systems) Page 2
INTRODUCTION
1 INTRODUCTION
FileSafe, if used conscientiously, is a practically foolproof virus
protection program. It works by taking the fingerprint or signature
of all the executable files and the boot record of your disk.
_________ ____ FileSafe stores this information in a signature file in each
directory. Periodically you check your files' current signatures
against the originals. FileSafe reports any changes.
Conventional virus detection programs of this type calculate a 32 bit
cyclical redundancy check (CRC) number for a file. The CRC can be
inverted though--a clever virus can modify a file without changing its
CRC. FileSafe on the other hand generates a 128 bit message digest as
a signature for each file. The message digest cannot be inverted. No
two files have the same message digest and it is not possible to
create a file that has a predetermined message digest. FileSafe is so
___ sensitive that changing one bit in a multi-megabyte file changes its
signature.
Computer viruses work by attaching themselves to (infecting) an
executable or program file, or by modifying your disk's boot record.
The problem lies in determining if this has happened. Clever viruses
may not change either the file's size or alter its timestamp. That's
where FileSafe comes in--it will detect any change, no matter how
small or how well covered.
FileSafe is easy to use and works best if you use it regularly. This
manual explains how to protect yourself from viruses with FileSafe.
o Section 2 describes how to install FileSafe.
o Section 3 shows how to use FileSafe.
o Section 4 suggests strategies for using FileSafe most effectively.
o Appendix A discusses how viruses work in more detail.
2 INSTALLING FILESAFE
Installation of FileSafe couldn't be easier. The distribution
diskette contains the three programs described below and a file called
README which you should check for any last minute updates that did not
make this manual.
FileSafe is actually contained in three programs:
o FILESIG
calculates signatures for the executable files on your disk and
stores these signatures in signature files in the directories the
files are located in.
FileSafe User's Manual (JAYAR Systems) Page 3
INSTALLING FILESAFE
o CHCKSIG
reads the original file signatures from the signature files in
your disk's directories and recalculates the signatures for each
of the files listed therein. It writes a report file showing you
if any of the files have changed.
o GETSIG
is an optional utility that you receive when you register your
copy of FileSafe (see Appendix D). GETSIG gathers all the
signature files from the directories on a disk and puts them into
one file, perhaps on a floppy diskette. CHCKSIG can then use this
file as its source file to read the original signature
information.
The distribution diskette is not copy protected so you can copy the
programs to your hard disk (the suggested procedure)--a good location
would be the directory where you keep your utilities. It should be a
directory that is pointed to by your PATH environment variable so they
will be easy to use. For instance, if your hard disk is designated
drive C and you keep your utility programs in directory UTILS, then
insert the distribution diskette in drive A and type
A> COPY A:*.EXE C:\UTILS
It is also possible to use any of the FileSafe programs from a floppy
diskette. A feature of FileSafe is that the component programs are
quite small and don't require a lot of memory or disk space so they
are convenient to use even from a diskette.
In any event, don't execute the programs from the distribution
diskette. Copy them to another disk and put the distribution diskette
away in a safe place.
3 USING FILESAFE
This section describes the operation of the FileSafe component
programs.
3.1 FILESIG
You execute FILESIG from a directory you want to fingerprint so that
you can check it later for virus infestation.
FILESIG creates a file in the directory called dirname.SIG where
DIRNAME is the name of the directory. If you are in the root
directory of the disk the file is named ROOT.SIG. In this file
FILESIG writes a data record for every file in the directory that has
a filetype of .BIN, .COM, .EXE, .OVL or .SYS. If you are executing
from the root directory and the disk is bootable then FILESIG also
FileSafe User's Manual (JAYAR Systems) Page 4
USING FILESAFE
writes a record for the boot sector of the disk.
The data record for each file contains the file name, the file size,
date and time the file was last modified and the file's signature.
Here is a sample signature file, written for the root directory of a
bootable disk:
IBMBIO.COM 16369 12-30-85 12:00:00 336ffd03c58e805aa1372671442f4a00
IBMDOS.COM 28477 12-30-85 12:00:00 04baa0c094ba88e833300d3b9a1f4f13
COMMAND.COM 23791 12-30-85 12:00:00 4302a424a58f1da9afbed9bd6ecc1e0a
CONFIG.SYS 159 05-27-90 21:44:22 904838eb1c3c8342c03f806eb6625019
FASTDISK.SYS 5804 09-26-85 09:01:21 f214518db5e3f37ccec4ce864fa2bacc
REMM.SYS 9021 06-18-86 18:10:07 281d88d6cc71ca4162d63e8c78f639c0
REX.SYS 2150 04-15-86 16:26:26 c3639a605d29bd800a0be702df4f00a8
RAMBIOS.SYS 590 07-19-89 11:35:10 9d3658e1de983321f4b66f3097305363
CONFIG1.SYS 159 01-07-90 16:56:07 a15226c76423c01a3c8f709450fed6e7
BOOT.RECORD 512 c9a033d5aa3c497def0be28ac8c7034f
Optionally, FILESIG will do this recursively for all subdirectories
below the one you are executing it from as well. By default only
executable files (i.e., those with the file extensions listed above)
are checked, but FILESIG will optionally generate signature records
for all the files in a directory, or alternatively for any one, named
file.
The syntax for executing FILESIG is
[D:][PATH]FILESIG [-R] [-A] [-V] [-F filename]
where items in [...] are optional. The options are:
D:PATH before FILESIG specifies the drive and path where the program
is located. You will not need this if FILESIG is in a directory
on your hard drive and that directory is named in your PATH. You
will likely use this option if executing FILESIG from a floppy
diskette.
-R By default, FILESIG generates a signature file and checks files
for the current directory. This option causes FILESIG to check
files in the current directory and in all directories below the
current one, and in all directories below those, etc.
-A By default, FILESIG only checks executable files--those with
filetypes of .BIN, .COM, .EXE, .OVL or .SYS and the boot record
if it is executed from the root directory of a bootable disk.
This option causes FILESIG to check all files in the directories
it visits. While non-executable files cannot be infected by a
virus, you may wish to record their signatures to alert you if
the files are ever modified.
-V prints the version number of the program and quits.
________ -F filename causes FILESIG to generate a signature record for the
named file only.
FileSafe User's Manual (JAYAR Systems) Page 5
USING FILESAFE
FILESIG creates a new dirname.SIG file in a directory when it is
executed even if one already exists. This is not the case if you use
the -F option. If the dirname.SIG file exists, the record is appended
to the file. Note that this may cause a dirname.SIG file to have
multiple entries for one file. Feel free to edit the dirname.SIG
files that FILESIG produces and delete records for files you are not
interested in.
3.2 CHCKSIG
You use CHCKSIG to compare the signatures of files calculated at some
earlier time to their present signatures to see if the files have been
modified. CHCKSIG can operate in one of two modes. In the first it
looks in the current directory (and optionally, subdirectories below
it) for a signature file and then checks the files listed therein. In
the second mode CHCKSIG checks the files listed in an external master
directory file that was created with GETSIG. We will discuss the two
modes of operation separately.
3.2.1 Directory-level Signature File - Once FILESIG has created a
signature file in a directory you use CHCKSIG to check the files
listed in the signature file to see if they have been changed.
Optionally, you can request that CHCKSIG recursively check signature
files in all subdirectories below the current one as well.
When you execute CHCKSIG it looks in the directories it visits for a
file called dirname.SIG, where dirname is the name of the directory.
CHCKSIG reads the record for each file listed in the dirname.SIG file
and recalculates its signature. CHCKSIG writes its findings in a file
called FILESAFE.RPT that it creates in the directory that you execute
it from.
CHCKSIG checks each file for changes in the following attributes which
could indicate file modifications. Section 4 discusses how to
interpret its findings in the context of a possible virus attack.
____ o size: if the file's size has changed CHCKSIG prints the original
signature record and the file's current size and timestamp and a
warning that the size has changed. This indicates a file
modification. The file's signature is not recalculated.
____ o date: if the file's timestamp has changed, CHCKSIG recalculates
its signature and reports the old and new signature records for
the file. A timestamp change alone does not necessarily mean the
file has been modified.
_________ o signature: if the file's signature has changed, CHCKSIG reports
the old and new signature records for the file. This means that
the file has been modified.
FileSafe User's Manual (JAYAR Systems) Page 6
USING FILESAFE
If CHCKSIG detects a change in a file's timestamp or signature but not
its size, it reports the file's old and new signature records in
FILESAFE.RPT and flags them with one, two or three asterisks (*).
These are interpreted as:
* only the file's date changed--internally it is still the same.
** only the file's signature changed--it has been modified.
*** the file's timestamp and signature changed--it has been
modified.
Following is an extract from a FILESAFE.RPT file and what the various
lines mean.
F:\
===
NE.COM 32375 09-20-87 22:03:20 ... OK
BAC.COM 1392 09-03-86 19:57:14 ... OK
DR.COM 3456 09-03-87 00:10:20 0c3900897b999754359758dc581a0e7e
DR.COM 7808 02-12-93 22:33:10 ** file size has changed
RN.COM 4352 10-14-87 00:18:14 ... OK
CO.COM does not exist.
JRCE.EXE 15978 01-01-93 00:00:01 d5ea1e4e710e281807ae74588aaf2134
JRCE.EXE 15978 01-01-93 00:00:01 616e85df3f52e12da7fe4c53469c1c35 * *
SD.COM 320 09-03-86 19:57:15 291d40ced37b258f220945338c033eb5
SD.COM 320 02-12-93 22:34:09 291d40ced37b258f220945338c033eb5 *
JRCL.EXE 13268 01-02-93 01:00:01 ... OK
VTREE.COM 512 09-03-86 19:57:16 ffea28731f4a265674a7ec31cf2ce5e5
VTREE.COM 512 02-12-93 22:35:14 f05b513c59a53c59a1bec0af7a4033cd * * *
DDIR.COM 800 09-01-92 22:45:22 ... OK
JRC.EXE 29318 01-01-93 01:00:00 c5772d3d2dbdc76ce18f422207de2764
JRC.EXE 32774 01-01-93 01:00:00 ** file size has changed
Note that this report has been created for the root directory on drive
F. The files listed above therefore had entries in the signature file
F:\ROOT.SIG. This disk was not bootable.
From this report we can determine the following about the executable
FileSafe User's Manual (JAYAR Systems) Page 7
USING FILESAFE
files that were in this directory when FILESIG was executed
originally:
o The file size and timestamp of DR.COM have changed--this is
probably an entirely new version of this file.
o File CO.COM has an entry in file ROOT.SIG but no longer exists in
this directory.
o The signature of file JRCE.EXE has changed, but the timestamp and
size are the same--note the two asterisks.
o The timestamp on file SD.COM has changed, but the file contents
have not--the size and signature are the same. Note the single
asterisk.
o The timestamp and signature of file VTREE.COM have changed--note
the three asterisks.
o The size of file JRC.EXE has changed but the timestamp has
not--the file has nevertheless been modified.
o All files (marked with ... OK) are unchanged.
The syntax for executing CHCKSIG is
[D:][PATH] CHCKSIG [-R] [-V] [-O filename] [-F filename]
where items in [...] are optional. The options are:
D:PATH before CHCKSIG specifies the drive and path where the program
is located. You will not need this if CHCKSIG is in a directory
on your hard drive and that directory is named in your PATH. You
will likely use this option if executing CHCKSIG from a floppy
diskette.
-R By default, CHCKSIG looks for a dirname.SIG file and checks the
files listed in it for the current directory only. This option
causes CHCKSIG to check files in the current directory and in all
directories below the current one, and in all directories below
those, etc.
-V prints the version number of the program and quits.
________ -O filename by default CHCKSIG writes its findings in a file called
FILESAFE.RPT that it creates in the directory that was current
when it was executed. You can override this behaviour with this
option. This allows you to specify another name for the report
file, or by specifying a full drive, path, filename allows you to
place the report file in another location.
________ -F filename causes CHCKSIG to recalculate the signature for only the
FileSafe User's Manual (JAYAR Systems) Page 8
USING FILESAFE
named file. This file must already have a record in the
dirname.SIG file.
If CHCKSIG fails to find a file called dirname.SIG in any of the
directories it visits, it issues a warning and continues. If the
dirname.SIG signature file is empty, CHCKSIG proceeds without comment.
If a file listed in the signature file no longer exists in that
directory, CHCKSIG issues a warning and continues.
3.2.2 External Master Signature File - With GETSIG you can collect
all the .SIG files from part of a directory tree and place them in an
______ _________ ____ external master signature file (see Section 3.3) for enhanced
security. You receive GETSIG when you register your copy of FileSafe
(see Appendix D). You can then execute CHCKSIG from any directory and
check the files in the master signature file. CHCKSIG does not check
directories for the presence of a dirname.SIG file in this case.
3.3 GETSIG
FILESIG creates a signature file in each directory it visits and
stores signature information in that file for every executable file in
that directory. Normally, CHCKSIG visits a directory, reads the
signature file in that directory and checks the files listed therein.
Optionally, you may use GETSIG to gather all the signature files
created by FILESIG in a particular directory subtree into a master
signature file. This master file can be located anywhere--on a floppy
diskette for instance. CHCKSIG can then be instructed to check the
files listed in the master signature file (see Section 3.2.2).
Register this copy of FileSafe and we will send you GETSIG along with
a typeset manual.
4 STRATEGY
In this section we outline the steps to follow to use FileSafe to make
yourself safe from virus attack. For background on the information
presented in this section see Appendix A.
1. Make frequent backups of your hard disk. While this won't protect
you from viruses it makes things easier if you must restore files
that have been damaged by a virus.
2. Make a safe-boot floppy. To do this, cold boot your computer
(i.e., turn off the power if it is already on) from the original
DOS startup disk that came with your system. This disk has been
made by the manufacturer without a write-enable notch. Now use
FileSafe User's Manual (JAYAR Systems) Page 9
STRATEGY
the DOS program DISKCOPY to copy this disk to a new one. This
copy is your safe-boot floppy. Put a write-protect tab on it.
Every time you use any of the FileSafe programs, cold boot your
computer from the safe-boot floppy.
3. Use FILESIG to create a signature file for the boot record and all
the executable files on you hard disk. If your hard disk is drive
C, for example, do this by typing:
A> C:
C> CD \
C> FILESIG -R
Use GETSIG to collect the signature files into a master signature
file. Put a freshly formatted floppy into drive A and
C> A:
C> GETSIG -D C:\
This creates a master signature file called FILESAFE.DAT on the
floppy in drive A. Put a write protect tab on this floppy. It is
slightly more secure to use the master signature file to check
your files than the individual directory signature files on your
hard disk.
4. Periodically use CHCKSIG to check your entire hard disk. If you
use your computer frequently you should do this on a regular
basis, say once a week. On a more frequent basis, say daily,
check the root directory on your hard disk.
For the entire disk check, insert the floppy with the master
signature file into drive A and type
C> CHCKSIG -S A:FILESAFE.DAT
or by typing
C> CD \
C> CHCKSIG -R
To check only the root directory type
C> CD \
C> CHCKSIG
In all cases CHCKSIG creates a file called FILESAFE.RPT that you
should read. What are you looking for? Any executable (program)
files whose contents have changed or a change in your boot record.
If this has happened and you don't know of any good reason why it
______ ___ ____ __ ____ ______ __ _________ should have--assume the file or boot sector is infected. Be
particularly suspicious if the file's signature has changed but
FileSafe User's Manual (JAYAR Systems) Page 10
STRATEGY
its size or timestamp have not.
In the root directory, the boot sector, the ROM-BIOS file
IBMBIO.COM, the DOS service routine file IBMDOS.COM, (or IO.SYS
and MSDOS.SYS for non-IBM systems) and the COMMAND.COM file should
never change unless you install a new version of the operating
system, in which case you should go back to step 2 and proceed
from there.
Executable files should not change unless you install a new
version of them. Executable files you create yourself by
programming in C or some other language will change every time you
compile and link a new version of them.
5. If you install a new program or a new version of an old program,
you should create a new signature file for that directory:
C> CD dirname
C> FILESIG
_______ where dirname is the name of the directory. If you are just
updating an existing program and only one or two executable files
are involved it may be faster add signature records to the
existing signature file by invoking FILESIG with the -F option and
then editing the signature file to remove the old records. Use
GETSIG to create a new master signature file for your disk as
described in step 3.
6. What if you find a program you suspect is infected? Erase it and
restore a clean copy from the original manufacturer's disk, or
from your backups. This includes the COMMAND.COM file. If your
BIOS or DOS files have been corrupted you will have to reinstall
the system files as described in your DOS manual.
What if your boot sector is corrupted? If you find your boot
sector has been altered you must reformat your hard disk. Backup
everything you want to keep if you have not done so already and
reformat it using your original DOS disk.
APPENDIX A
COMPUTER VIRUSES AND FILESIG
A virus is a program that attaches itself to another program and then
replicates itself and spreads. A virus has two parts. The first is the
infector--this is the part that replicates the virus. The second part is
the detonator. At some point the virus activates and does
something--usually something harmful such as erasing data on your hard disk
or making it inaccessible.
There are two general types of viruses: boot sector viruses and executable
file infectors. The boot sector virus works by replacing all or part of
the boot sector on your disk. The boot sector normally contains a small
program that your computer reads in the process of booting. The notable
thing about the boot sector is that it is not a file--it is a special
section of the disk outside the file area. If the boot sector is infected,
that means that by the time your computer has booted, the virus is active.
The only way to get infected from a boot sector virus is to boot your
computer from an infected floppy. The virus then infects the boot sector
of your hard disk. The prevention is simple--don't. Only boot your
computer from its internal hard disk or from a safe-boot floppy as
described in Section 4. If a boot sector virus is active it will usually
notice any time a bootable floppy is in one of the drives and infect it as
well. This is how it replicates itself.
The majority of viruses are boot sector viruses. The rest are executable
file infectors. These viruses only become active when the infected program
is run.
If the program has not run since you booted your computer, the virus is not
active. This type of virus can only infect executable files--that is,
files with one of the following filetypes: .COM, .EXE, .SYS, .BIN, or
.OVL. Data files, like text files, spreadsheet files or database files
cannot become infected and present no danger.
Executable file infectors are harder to guard against. They often install
themselves as TSRs and infect every program that is run--eventually all
your executable files will be infected.
A program that just replicates itself and spreads as described above is
____properly called a worm. When it detonates, then you know you have a virus.
COMPUTER VIRUSES AND FILESIG Page A-2
How do you protect yourself from viruses? One way conventional anti-virus
programs do it is to scan the executable files on your disk looking for the
"fingerprints" of known viruses. The problem is that new viruses are being
developed all the time so you must constantly get updates of the anti-virus
program. This tactic is also useless against a new class of self-mutating
virus which essentially changes itself every time it replicates. And then
there are stealth viruses--when the anti-virus program reads the portion of
disk where the stealth virus is installed, the virus, which has to be
active, intercepts the read and returns to the anti-virus program the image
of a virus-free disk.
Another tack anti-virus programs take is to install themselves as TSRs and
watch for "virus-like" behaviour. Unfortunately a lot of legitimate
activity carried on by programs gets flagged this way and you get a lot of
false alarms. To get any work done you will probably deactivate the
monitor.
The only foolproof method of detecting a virus infection is to monitor
potential infection sites, the boot sector and executable files, for
unexplained modification. This means you have to know what the sites look
like in their uninfected state, and have a guaranteed method of determining
when a change has occurred. This is where programs like FileSafe come in.
In order for a virus infection to occur a virus must attach itself either
to your disk's boot sector or to an executable file. In the simplest case
this will result in an increase in the file size which is readily
noticeable. However, a clever virus can attach itself by overwriting part
of the file so that the size doesn't change and it can also prevent the
timestamp from changing. Since the boot sector is not a file it doesn't
have a timestamp or a size to change. It is therefore necessary to take a
"fingerprint" of the file or boot sector and compare this periodically to
the original.
The fingerprint that is usually used is the cyclical redundancy check, or
CRC, which is a 32-bit number calculated as a function of all the bytes in
the file. Unfortunately, this can be quite easily inverted. For instance,
a boot sector virus could calculate the CRC of the boot sector before
infection, install itself and then determine what extra bytes to add to
restore the original CRC.
FileSafe however, with its 128-bit message digest algorithm, computes a
fingerprint for the file or boot sector that cannot be replicated. If the
contents of the file or boot sector change, so will its fingerprint.
This leaves only stealth viruses, which if active could fool FileSafe. For
this reason you should always cold boot your computer with your safe-boot
floppy before running the FileSafe programs. This will ensure that no
virus is active when FileSafe is running.
APPENDIX B
LICENSE
This appendix contains important license information regarding the use of
FileSafe, Version 1.00. This information applies to individual users who
wish to pass copies out to friends and associates.
User Groups, Computer Clubs, Disk Vendors and Distributors, Subscription
Services, Disk-of-the-Month Clubs, etc., should refer to the VENDOR.DOC
file for complete information relating to them.
BBS SYSOPs should refer to the SYSOP.DOC file for complete information
relating to them.
PLEASE! Show your support for Shareware by registering the programs you
actually use. JAYAR Systems depends upon and needs your support. Thank
you!
B.1 TRIAL USE LICENSE:
FileSafe is NOT a public domain program. It is Copyright (C) 1993 by JAYAR
Systems. All rights reserved.
This software and accompanying documentation are protected by Canadian
Copyright law and also by International Treaty provisions. Any use of this
software in violation of Copyright law or the terms of this limited license
will be prosecuted to the best of our ability. The conditions under which
you may copy this software and documentation are clearly outlined below
under "Distribution Restrictions".
JAYAR Systems hereby grants you a limited license to use this software for
evaluation purposes for a period not to exceed sixty (60) days. If you
intend to continue using this software (and/or it's documentation) after
the sixty (60) day evaluation period, you MUST make a registration payment
to JAYAR Systems.
Using this software after the sixty (60) day evaluation period, without
registering the software is a violation of the terms of this limited
license.
Licensee shall not use, copy, rent, lease, sell, modify, decompile,
LICENSE Page B-2
TRIAL USE LICENSE:
disassemble, otherwise reverse engineer, or transfer the licensed program
except as provided in this agreement. Any such unauthorized use shall
result in immediate and automatic termination of this license.
All rights not expressly granted here are reserved to JAYAR Systems.
For information on registering your copy of FileSafe see Appendix D, "How
to Register."
B.2 LIMITED DISTRIBUTION LICENSE:
As the copyright holder for FileSafe, JAYAR Systems authorizes distribution
by individuals only in accordance with the following restrictions.
(User Groups, Computer Clubs, Disk Vendors and Distributors, Subscription
Services, Disk-of-the-Month Clubs, etc., should refer to the VENDOR.DOC
file for complete information relating to them.)
(BBS SYSOPs should refer to the SYSOP.DOC file for complete information
relating to them.)
Individuals are hereby granted permission by JAYAR Systems to copy the
FileSafe diskette for their own use (for evaluation purposes) or for other
individuals to evaluate, ONLY when the following conditions are met.
The FileSafe package is defined as containing all the material listed in
the PACKING.LST text file. If any files listed in the PACKING.LST text
file, or the PACKING.LST file itself, are missing, then the package is not
complete and distribution is forbidden. Please contact us to obtain a
complete package suitable for distribution.
o The FileSafe package--including all related program files and
documentation files - CANNOT be modified in any way and must be
distributed as a complete package, without exception. The
PACKING.LST text file contains a list of all files that are part
of the FileSafe package.
o No price or other compensation may be charged for the FileSafe
package. A distribution cost may be charged for the cost of the
diskette, shipping and handling, as long as the total (per disk)
does not exceed $10.00.
o The FileSafe package CANNOT be sold as part of some other
inclusive package. Nor can it be included in any commercial
software packaging offer, without a written agreement from JAYAR
Systems.
o The PRINTED User's Guide may not be reproduced in whole or in
part, using any means, without the written permission of JAYAR
Systems. In other words, the disk-based documentation may not be
distributed in PRINTED (hardcopy) form.
LICENSE Page B-3
LIMITED DISTRIBUTION LICENSE:
o The FileSafe package cannot be "rented" or "leased" to others.
o Licensee shall not use, copy, rent, lease, sell, modify,
decompile, disassemble, otherwise reverse engineer, or transfer
the licensed program except as provided in this agreement. Any
such unauthorized use shall result in immediate and automatic
termination of this license.
o U.S. Government Information: Use, duplication, or disclosure by
the U.S. Government of the computer software and documentation in
this package shall be subject to the restricted rights applicable
to commercial computer software as set forth in subdivision
(b)(3)(ii) of the Rights in Technical Data and Computer Software
clause at 252.227-7013 (DFARS 52.227-7013). The
Contractor/manufacturer is JAYAR Systems, 253 College Street,
Suite 263, Toronto, Ontario, CANADA M5T 1R5.
All rights not expressly granted here are reserved to JAYAR Systems.
APPENDIX C
DEFINITION OF SHAREWARE
Shareware distribution gives users a chance to try software before buying
it. If you try a Shareware program and continue using it, you are expected
to register. Individual programs differ on details--some request
registration while others require it, some specify a maximum trial period.
With registration, you get anything from the simple right to continue using
the software to an updated program with printed manual.
Copyright laws apply to both Shareware and commercial software, and the
copyright holder retains all rights, with a few specific exceptions as
stated below. Shareware authors are accomplished programmers, just like
commercial authors, and the programs are of comparable quality. (In both
cases, there are good programs and bad ones!) The main difference is in the
method of distribution. The author specifically grants the right to copy
and distribute the software, either to all and sundry or to a specific
group. For example, some authors require written permission before a
commercial disk vendor may copy their Shareware.
Shareware is a distribution method, not a type of software. You should
find software that suits your needs and pocketbook, whether it's commercial
or Shareware. The Shareware system makes fitting your needs easier,
because you can try before you buy. And because the overhead is low,
prices are low also. Shareware has the ultimate money-back guarantee--if
you don't use the product, you don't pay for it.
ASP OMBUDSMAN POLICY
This program is produced by a member of the Association of Shareware
Professionals (ASP). ASP wants to make sure that the shareware principle
works for you. If you are unable to resolve a shareware-related problem
with an ASP member by contacting the member directly, ASP may be able to
help. The ASP Ombudsman can help you resolve a dispute or problem with an
ASP member, but does not provide technical support for members' products.
Please write to the ASP Ombudsman at 545 Grover Road, Muskegon, MI 49442 or
send a CompuServe message via CompuServe Mail to ASP Ombudsman 70007,3536.
APPENDIX D
HOW TO REGISTER
FileSafe is a "shareware program" and is provided at no charge to the user
for evaluation. Feel free to share it with your friends, but please do not
give it away altered or as part of another system. The essence of
"user-supported" software is to provide personal computer users with
quality software without high prices, and yet to provide incentive for
programmers to continue to develop new products. If you find this program
useful and find that you are using FileSafe and continue to use FileSafe
after a reasonable trial period, you must make a registration payment of
US$29.00 (Cdn$34.00) to JAYAR Systems. The registration fee will license
one copy for use on any one computer at any one time.
When you register you receive the following:
o You will get the latest version of FileSafe,
o The registered version of FileSafe does not display a banner
(registration reminder notice) when it runs,
o You will get a typeset manual,
o You will get the utility GETSIG that gathers signature files from
a directory tree and stores them in a master signature file. This
makes using FileSafe somewhat more secure and convenient.
o You will be informed of updates and given a reduced upgrade cost.
You must treat this software just like a book. An example is that this
software may be used by any number of people and may be freely moved from
one computer location to another, so long as there is no possibility of it
being used at one location while it's being used at another. Just as a
book cannot be read by two different persons at the same time.
Commercial users of FileSafe must register and pay for their copies of
FileSafe within 30 days of first use or their license is withdrawn. Your
registration fee purchases a single user license. If you need to use
multiple copies, significant savings can be had by purchasing a site
license rather than registering multiple individual copies. Even a
two-user site license saves you money. See the file SITELICE.DOC for
details.
HOW TO REGISTER Page D-2
Anyone distributing FileSafe for any kind of remuneration must first
contact JAYAR Systems at the address given in DESCRIBE.DOC for
authorization. This authorization is automatically granted to distributors
and vendors who are members of the Association of Shareware Professionals
(ASP). See files VENDOR.DOC and SYSOP.DOC for details.
You are encouraged to pass a copy of FileSafe along to your friends for
evaluation. Please encourage them to register their copy if they find that
they can use it. All registered users will receive a copy of the latest
version of the FileSafe system.
Send in the following form to register your copy of FileSafe:
HOW TO REGISTER Page D-3
REGISTRATION FORM
Send to: JAYAR Systems GST Registration Number:
253 College Street R124607193
Suite 263
Toronto, Ontario
Canada M5T 1R5
Name ___________________________________________
Address ___________________________________________
___________________________________________
___________________________________________
___________________________________________
Telephone __________________________
+--------+------------------------+------------+------------+
Quantity | Product | Each | Total |
+--------+------------------------+------------+------------+
| | | US$29.00 | |
| | FileSafe | or | |
| | |Cdn$34.00 | |
+--------+------------------------+------------+------------+
| Canadian residents add 7% GST | |
+----------------------------------------------+------------+
| Ontario residents add 8% PST | |
+----------------------------------------------+------------+
| Outside Canada/U.S.A., add shpg/hndlg | $5.00 |
+----------------------------------------------+------------+
| TOTAL | |
+----------------------------------------------+------------+
Please remit by cheque (we will accept cheques in your local currency at
the appropriate rate of exchange) or by money order. We will accept your
company's purchase order. We also accept payment by Visa or Mastercard.
P.O. Number ______________________________________ (P.O. to follow)
+------------------------------------------------------------------+
| Note - Fill out the following ONLY if you are making payment by |
| credit card. You may also call (416) 751-3284 for credit |
| card registrations. |
| |
| Master Card [ ] Visa [ ] Card Number ______ ______ _____ ______ |
| |
| Name on the Card (print) _______________________________________ |
| |
| Expires ____/____ |
| Signature ___________________________________ |
| |
+------------------------------------------------------------------+