larserio@IFI.UIO.NO ("Lars-Erik sterud") (05/01/91)
As I do not have access to that many atari-archives I will post this short (?) review of my newest program here and hope that some og you will contact me and get the file and spread it for me.... Protect6 - Your way of protecting your system against viruses """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""" Protect6 is a small but powerful program that is resident in RAM looking for bootsector and link-viruses. It's easy to install (just put it in the AUTO-folder on your boot disk) and easy to use. Before you install it you should read this documentation and learn to know the different messages, warning and questions you might get. The program is tested, but you are using it at your own risk anyway. Bootsector-viruses """""""""""""""""" Each time the system detect a new disk in drive A: Protect6 will check this disk to see if it contains a bootsector-virus. If the disk is allready immunized or if it is a MS-DOS disk you won't notice anything, BUT if the disk IS auto-booting you will get this message in the upper left corner of the screen: Disk is Auto-Booting, Should I kill it ? <here is the contents of the bootsector> Call ABK-BBS +47 2 132659, 1200-9600 BPS In the middle line the contents of the bootsector will scroll by giving you a chance to decide if it's a virus or another type of auto-boot (it could be an auto-starting game etc...) If you decide to KILL and IMMUNIZE the disk press Y for YES, if you DON'T want to CHANGE the bootsector press N for NO. If you decided to kill the disk or if Protect6 find a disk that is not auto-booting, but isn't immunized either, it will try to immunize the disk and you will see this message on the screen: Killing and Protecting disk in drive A: If everything went well the message will dissappear and the screen will be redrawn and control returned to the active program/desktop. If the disk in A: is write-protected you will get this message: Disk is Write-Protected, Try once more ? If you still want to KILL and IMMUNIZE the disk you should REMOVE the WRITE-PROTECT tab and press Y for YES, if you have changed your mind and want to KEEP the DISK as it is just press N for NO. All disks immunized by Protect6 are auto-booting and readable on MS-DOS and PC-DOS systemes (IBM's) and contain an info-text. Link-viruses """""""""""" This is a very nasty kind of virus that contaminates program files and spreads like fire on harddisks. Protect6 hooks on to the OS- routines and gives an alert if a program tries to modify another program (this is the way all known link-viruses spread): Program is trying to modify FILENAME.PRG Any key to modify file, Reset to Abort ! Call ABK-BBS +47 2 132659, 1200-9600 BPS FILENAME.PRG is replaced by the name of the program that will be modified. If this is OK just press ANY KEY (some programs store their configuration data this way), BUT if the program currently running is NOT supposed to MODIFY the indicated file you should write down the name of the program running and press RESET. When the system has rebooted you should examine and if possible remove the program that tried to modify another program. If you have an older (hopefully non-contaminated) backup you should copy this on to the disk and see if the problem dissappear. Lars-Erik / ABK-BBS +47 2132659 / ____ ______ ________________________ Osterud / larserio@ifi.uio.no / /___ / The norwegian ST __________/ ______________________/ ____/ / Klubben, user association Lars-Erik / ABK-BBS +47 2132659 / ____ ______ ________________________ Osterud / larserio@ifi.uio.no / /___ / The norwegian ST __________/ ______________________/ ____/ / Klubben, user association