TbSetupPaths= These are the disks, paths or files TbSetup will process.
TbScanPaths = These are the disks, paths or files TbScan will process.
SchedulePaths=These are the disks, paths or files that will be scanned by the scheduler.
Skip = skipping...
Check = checking...
Look = looking...
Trace = tracing...
Scan = scanning...
Decrypt = decrypting...
Ok = Ok
Cancel = Cancel
Help = Help
Browse = Browse
Paths = Paths
LogFile = Log&File
Continue = &Continue
Stop = &Stop
Internal = {Internal}
Found = found
Infected = infected by
Dropper = dropper of
Damaged = damaged by
Joke = joke named
Garbage = garbage: (not a virus)
Trojan = trojan named
Probably = probably
MightBe = might be
Virus = virus
UnknownVirus= an unknown virus
HasChanged = has been changed!
NoWhatsNew = No "WhatsNew" files found !
BootSector = BootRecord
PartTable1 = MBR H.D. 1
PartTable2 = MBR H.D. 2
Ready = The scanning process is completed; all files appear to be clean.
ReadyError = Couldn't find files to scan.
ReadyInf = The scanning process is completed; some files are infected or have been changed !
MightBeUnknown = might be infected by an unknown virus
ProbablyUnknown = probably infected by an unknown virus
HFlags = Heuristic flags:
SigFileError= The signature file TBSCAN.SIG has not been found.
ClosingMsg = When ThunderBYTE for Windows is terminated, the monitoring of files will be disabled. You might want to minimize TBAVWIN in order to monitor file I/O.\n\nFor now, press 'OK' to terminate TBAVWIN.
[HeurFlags]
HeurFlag_c = c No checksum / recovery information (Anti-Vir.Dat) available.
HeurFlag_X = C The checksum data does not match! File has been changed!
HeurFlag_F = F Suspicious file access. Might be able to infect a file.
HeurFlag_R = R Relocator. Program code will be relocated in a suspicious way.
HeurFlag_A = A Suspicious Memory Allocation. The program uses a non-standard\n way to search for, and/or allocate memory.
HeurFlag_N = N Wrong name extension. Extension conflicts with program structure.
HeurFlag_S = S Contains a routine to search for executable (.COM or .EXE) files.
HeurFlag_# = # Found a code decryption routine or debugger trap. This is common\n for viruses but also for some copy-protected software.
HeurFlag_V = V This suspicious file has been validated to avoid heuristic alarms.
HeurFlag_E = E Flexible Entry-point. The code seems to be designed to be linked\n on any location within an executable file. Common for viruses.
HeurFlag_L = L The program traps the loading of software. Might be a\n virus that intercepts program load to infect the software.
HeurFlag_D = D Disk write access. The program writes to disk without using DOS.
HeurFlag_M = M Memory resident code. The program might stay resident in memory.
HeurFlag_! = ! Invalid opcode (non-8088 instructions) or out-of-range branch.
HeurFlag_T = T Incorrect timestamp. Some viruses use this to mark infected files.
HeurFlag_J = J Suspicious jump construct. Entry point via chained or indirect\n jumps. This is unusual for normal software but common for viruses.
HeurFlag_? = ? Inconsistent exe-header. Might be a virus but can also be a bug.
HeurFlag_G = G Garbage instructions. Contains code that seems to have no purpose\n other than encryption or avoiding recognition by virus scanners.
HeurFlag_U = U Undocumented interrupt/DOS call. The program might be just tricky\n but can also be a virus using a non-standard way to detect itself.
HeurFlag_Z = Z EXE/COM determination. The program tries to check whether a file\n is a COM or EXE file. Viruses need to do this to infect a program.
HeurFlag_O = O Found code that can be used to overwrite/move a program in memory.
HeurFlag_B = B Back to entry point. Contains code to re-start the program after\n modifications at the entry-point are made. Very usual for viruses.
HeurFlag_K = K Unusual stack. The program has a suspicious stack or an odd stack.
HeurFlag_@ = @ Encountered instructions which are not likely to be generated by\n an assembler, but by some code generator like a polymorphic virus.
HeurFlag_1 = 1 Found instructions which require a 80186 processor or above.
HeurFlag_Y = Y Bootsector violates IBM bootsector format. Missing 55AA-marker.
HeurFlag_p = p Packed program. A virus could be hidden inside the program.
HeurFlag_i = i Additional data found at end of file. Probably internal overlay.
HeurFlag_h = h The program has the hidden or system attribute set.
HeurFlag_w = w The program contains a MS-Windows or OS/2 exe-header.
[LogFile]
LogFileHdr = TBAV for Windows virus detection report
Filter = Log Files *.LOG
[DataFile]
Filter = Data Files *.DAT
[VirusInfo]
InfoHeader = Information about
Trojan = This is not a virus but a Trojan Horse. It does not spread but simply causes damage. Determine the source of the file and simply delete it.
Dropper = This file is not a virus, but a dropper of a virus. If you run this file it will install a virus on your system. It is highly recommended to delete the file.
Joke = This file is completely innocent. It merely imitates virus activity but is actually harmless. Just delete it if you do not like it.
Garbage = This is NOT a virus, but is detected as such because it has been identified as a virus by some independent tester and is being used in virus scanner tests. To avoid an undeserved penalty in such tests, TbScan detects this file too!
InfectS = This virus is known to infect
COM = COM files,
EXE = EXE files,
SYS = device drivers,
BOOT = boot sectors,
InfectE = but unknown variants may infect other items as well.
Res = It remains resident in memory and infects/damages its victims in the background.
Tool = Actually, this is not just a virus, but a class of viruses. They are all created with the same tool. It is hardly possible to divide and describe all viruses created with this tool individually. Be aware of unknown side-effects. It is highly recommended to restore all files from a reliable backup.
Poly = The virus is polymorphic, which means that it looks different each time it infects a file. Some anti-virus products may have difficulties detecting this virus reliably. Also some false alarms may occur, especially on non-executable files.
Cryp = The virus is encrypted using a trivial encryption scheme. There is no simple signature that can be used to find it. However, the better anti-virus scanners should not have any problems detecting this virus.
Cmp = This is a companion virus. It does not alter existing executable files, instead it creates a new file with the same name, but with a filename extension that has a higher execution priority than the existing one. DOS will start this virus file instead of the original program. After execution, the virus executes the original program.
HLL = The virus is not written in assembly language, as usual, but in a high-level language. Since all components of the virus are the same as the other programs developed with the same programming language, it is difficult to detect such viruses without false alarms.
Many = Because the source code of this virus is widely spread, there are many variants of this virus. It is hardly possible to divide and describe all variants individually. Be aware of unknown side-effects. It is highly recommended to restore all files from a reliable backup.
Stlt = This virus has 'stealth' capabilities, which means that it is able to hide its presence from most people, and even virus scanners and checksummers, unless the virus has not yet been loaded in memory. It is highly recommended to boot from a clean diskette before scanning or cleaning!
Mus = The speaker of your PC may emit unusual sounds.
Msg = Unusual messages or effects may appear on the screen.
Hang = Unexpected system hangs may occur.
Obv = This virus is very obvious, and it is therefore extremely unlikely that the virus will succeed in spreading unnoticed. If you ever get it on your system, it has probably been put there intentionally! Anyway, you will find out that you have a virus immediately, even without a scanner.
Lab = This virus is very buggy and/or requires a special setup. It is hardly possible that the virus will ever succeed to infect another file. Therefore this virus is not a serious threat, but can be classified as a LAB virus.
Rare = This virus almost never appears 'in the wild'. It is very unlikely that you will ever encounter it, except in virus collections.
[CleanInfo]
CleanS = CLEANING INFORMATION:\nBefore cleaning or restoring, it is HIGHLY RECOMMENDED to boot from a clean, write-protected system diskette first! This is necessary to ensure that no viruses are active in memory, and to reduce the risk that you execute an infected file by accident.
Data = WARNING!\nThis virus is known to corrupt data files. Although the damage may not be visible immediately, the integrity of your data has been affected once this virus got active in your system. There is no other option than restoring all information from a reliable backup.
Ovw = This virus uses an infection method which makes it impossible to remove it from the file afterwards. Part of the victim file is destroyed by the virus. Therefore you have no other option than to restore everything from a reliable backup.
Del = Removing this virus is easy, just delete it !
Clean = The best thing to do is to restore all executable files from a backup, or to re-install them from their original disks. If speed or ease is more important than data integrity, you may attempt to separate the virus from the file with a cleaner, such as TbClean. Results are always depending on the exact virus variant you may have, on the lay-out of the victim file, and your system configuration.
Boot = You need to restore the original DOS bootsector and/or system files. Enter 'SYS C:' on the DOS command line. You also need to check and clean all your diskettes! Otherwise the virus will return sooner or later! You can clean the diskettes with the 'TbUtil -immunize' command.
MBR = You need to clean the partition code. You can do so with the DOS FDISK program ('FDISK /MBR'), or with TbUtil ('TbUtil C: -immunize'). The latter is recommended.
CleanE = As new variants of existing viruses appear almost daily, it is possible that you will encounter a variant of this virus which will still be identified by our scanner, but behaves differently than described above. The information above is therefore intended as a basic guideline.
[Menu:Main]
PopUpStart = &File
Item(100) = &Quit and save
Item(101) = E&xit (don't save)
PopUpEnd
PopUpStart = &TbSetup
Item(200) = &Start TbSetup
Item(201) = Files/&paths to setup...
Separator
Item(202) = &Options...
Item(203) = &Flags...
Separator
Item(204) = &Data file pathname...
Item(205) = &View data file
PopupEnd
PopUpStart = Tb&Scan
Item(300) = &Start TbScan
Item(301) = Files/&paths to scan...
Separator
Item(302) = &Options...
Item(303) = &Advanced options...
Item(304) = &If virus found...
Separator
Item(305) = &Log file options...
Item(306) = &View log file
PopupEnd
PopupStart = &Documentation
Item(400) = &License agreement
Item(401) = &TBAV user manual
Item(402) = Addendum &file
Item(403) = List of &agents
Item(404) = Application ¬es
Item(405) = &Report form
Separator
Item(406) = &What's new ?...
Item(407) = &Virus information...
PopupEnd
PopupStart = &Options
Item(500) = &TBAVWin configuration
Item(501) = &Scheduler configuration
Separator
Item(502) = &Button Bar
Item(503) = S&tatus Bar
PopupEnd
PopupStart = &Help
Item(900) = Help &Index
Item(901) = &Help on help
Separator
Item(999) = &About TBAVWIN...
PopupEnd
[ButtonBar]
Text(0) = Scan the diskette in your first diskdrive for virusses
Text(1) = Scan the diskette in your second diskdrive for virusses
Text(2) = Scan your local harddisk(s) for virusses
Text(3) = Scan your network drive(s) for virusses
Text(4) = Scan all logical fixed drive(s) for virusses
Text(5) = Set ThunderBYTE for Windows configuration
Text(6) = Change the settings for background scanning
[Dialog:DLG_INITIALIZING]
Title = ThunderBYTE Anti-Virus V6.26
Text(0xF000)= Please wait !
Text(0xF001)= ThunderBYTE Anti-Virus for Windows is initializing...
[Dialog:DLG_ABOUT]
Title = About ThunderBYTE for Windows
Text(0xF000)= ThunderBYTE Anti-Virus Utilities\nfor Windows\nVersion 6.26\n\n⌐ 1994 by ThunderBYTE B.V.
Text(0xF001)= TBAV for Windows is distributed by:
Text(0xF002)= ESaSS B.V.
Text(0xF003)= P.O. Box 1380
Text(0xF004)= 6501 BJ Nijmegen
Text(0xF005)= The Netherlands
Text(0xF006)= CompuServe: 100140,3046
Text(0xF007)= Phone: +31 (0)80 78 78 81
Text(0xF008)= Fax : +31 (0)80 78 91 86
Text(0xF009)= BBS : +31 (0)59 18 20 11
Text(0xF00A)= Fido : 2:280/200
Text(0xF00B)= Internet: veldman@esass.iaf.nl
[Dialog:DLG_ABOUT_CREDITS]
Title = ThunderBYTE for Windows Credits
Text(0xF000)= TBAV for Windows is written by:
[Dialog:DLG_CMDLINE]
Title = Edit path string
Text(0xF000)= Path string
Text(0xF001)= These are the disk, paths or files that will be processed when you press OK. Press Cancel to abort the operation.
[Dialog:DLG_CONFIGURE]
Title = Configure TBAV for Windows
Text(0xF000)= Program execution options
Text(0xF001)= File view utility
Text(0xF003)= Sound options
Text(2801) = &Wait after program execution
Text(2802) = &Edit path string before execution
Text(2803) = &Use internal viewer
Text(2806) = &Always
Text(2807) = &Only once
Text(2808) = &Background scan
Text(2809) = &Never
[Dialog:DLG_FILES]
Title = Choose disk, paths or files
Text(102) = All &local fixed disks
Text(103) = All &network disks
Text(104) = All &fixed disks
Text(105) = Drive &A:
Text(106) = Drive &B:
[Dialog:DLG_SCHEDULER]
Title = TBAV Background scanning
Text(0xF000)= Schedule timer configuration
Text(0xF001)= minutes
Text(0xF002)= Schedule files/paths configuration
Text(0xF003)= Execute virus scanner after a period of
Text(0xF004)= Enter the drives, paths or files that should be scanned
Text(0xF005)= File I/O monitor configuration
Text(2903) = Enable TBAVWIN &scheduler
Text(2904) = Enable file I/O monitor
[Dialog:DLG_SETUPOPTIONS]
Title = TBAV Setup Options
Text(0xF000)= Setup options
Text(2000) = &Use TBAV.INI file
Text(2001) = &Prompt for pause
Text(2002) = &Only new files
Text(2003) = &Remove Anti-Vir.Dat files
Text(2004) = &Test mode (don't change anything)
Text(2005) = &Hide Anti-Vir.Dat files
Text(2006) = &Make executables read-only
Text(2007) = &Clear read-only attributes
Text(2008) = &Include sub-directories
[Dialog:DLG_SETUPFLAGS]
Title = TBAV Setup Flags
Text(0xF000)= Setup Flag usage
Text(0xF001)= Select flags to be changed
Text(2020) = &Use normal flags
Text(2021) = &Set flags manually
Text(2022) = &Reset flags manually
Text(2023) = &Heuristic analysis
Text(2024) = &Checksum images
Text(2025) = Disk image &file
Text(2026) = Read-&only sensitive
Text(2027) = &TSR program
Text(2028) = &Direct disk access
Text(2029) = &Attribute modifier
Text(2030) = &Interrupt rehook
[Dialog:DLG_SCAN]
Title = TbScan
Text(3000) = The Thunderbyte Anti-Virus utilities provide a collection of sophisticated programs which offer various ways to check for, identify and remove known as well as unknown viruses from hard and floppy disks on PCs or across networks.