Version = 0x061E ; Hexadecimal TBAV for Windows version number
[Language]
TbSetupPaths= These are the disks, paths or files TbSetup will process.
TbScanPaths = These are the disks, paths or files TbScan will process.
SchedulePaths=These are the disks, paths or files that will be scanned by the scheduler.
Added = added
Changed = changed
Removed = removed
Updated = updated
Skip = skipping...
Check = checking...
Look = looking...
Trace = tracing...
Scan = scanning...
Decrypt = decrypting...
Ok = Ok
Cancel = Cancel
Help = Help
Browse = Browse
Paths = Paths
LogFile = Log&File
Continue = &Continue
Stop = &Stop
Internal = {Internal}
Found = found
Infected = infected by
Dropper = dropper of
Damaged = damaged by
Joke = joke named
Garbage = garbage: (not a virus)
Trojan = trojan named
Probably = probably
MightBe = might be
Virus = virus
UnknownVirus= an unknown virus
HasChanged = has been changed!
NoWhatsNew = No "WhatsNew" files found !
BootSector = BootRecord
PartTable1 = MBR H.D. 1
PartTable2 = MBR H.D. 2
Memory = Internal memory
ScanReady = The scanning process is completed; all files appear to be clean.
ScanStop = The scanning process has been aborted; all files appear to be clean.
ScanError = Couldn't find files to scan.
ScanInf = The scanning process is completed; some files are infected or have been changed !
ScanStopInf = The scanning process has been aborted; some files are infected or have been changed !
MightBeUnknown = might be infected by an unknown virus
ProbablyUnknown = probably infected by an unknown virus
HFlags = Heuristic flags:
SigFileError= The signature file TBSCAN.SIG has not been found.
DatFileError= The data file TBSETUP.DAT has not been found.
ClosingMsg = When TBAV for Windows is terminated, the monitoring of files will be disabled. You might want to minimize TBAVWIN in order to monitor file I/O.\n\nFor now, press 'OK' to terminate TBAVWIN.
NetWorkRequest=Servicing network request...
NetWorkLink = Network active
NetWorkOptions=The changes you made in the network configuration only take effect if you restart TBAVWIN.
LockMsg = Due to a possible virus infection on your PC, this computer will be rebooted and locked. Please save all your work, and press OK.
SetupReady = The setup process is completed.
SetupStop = The setup process has been aborted.
SetupError = Couldn't find files to setup.
SetupChanged= The setup process is completed; some files have been changed !
SetupStopChanged= The setup process has been aborted; some files have been changed !
VirusInExec = Do you still want to execute this (infected) program ?
AddTargetError0= An error occured when adding an item to the target list. You probably did not select an item in the directory list.
AddTargetError1= You cannot add opened folders to the target list.\n\nEither select items out of the opened folder, or close the folder.
AddTargetError2= The path you wish to add to the target list, already exists in the target list.
AddTargetError4= Currently, no scan targets exist. Please select drives, directories or files out of the directory listbox, add them to the target listbox and press the scan button again.
AddTargetError5= Currently, no setup targets exist. Please select drives, directories or files out of the directory listbox, add them to the target listbox and press the setup button again.
DriveNotReady = The drive you selected is not ready. Please close the drive, or check your hardware.
Expired0 = The evaluation period of the unregistered version of TBAV for Windows has almost expired. Please register TBAV for Windows !
Expired1 = The evaluation period of the unregistered version of TBAV for Windows has expired. The item you selected is not available.
[HeurFlags]
HeurFlag_c = c No checksum / recovery information (Anti-Vir.Dat) available.
HeurFlag_X = C The checksum data does not match! File has been changed!
HeurFlag_F = F Suspicious file access. Might be able to infect a file.
HeurFlag_R = R Relocator. Program code will be relocated in a suspicious way.
HeurFlag_A = A Suspicious Memory Allocation. The program uses a non-standard\n way to search for, and/or allocate memory.
HeurFlag_N = N Wrong name extension. Extension conflicts with program structure.
HeurFlag_S = S Contains a routine to search for executable (.COM or .EXE) files.
HeurFlag_# = # Found a code decryption routine or debugger trap. This is common\n for viruses but also for some copy-protected software.
HeurFlag_V = V This suspicious file has been validated to avoid heuristic alarms.
HeurFlag_E = E Flexible Entry-point. The code seems to be designed to be linked\n on any location within an executable file. Common for viruses.
HeurFlag_L = L The program traps the loading of software. Might be a\n virus that intercepts program load to infect the software.
HeurFlag_D = D Disk write access. The program writes to disk without using DOS.
HeurFlag_M = M Memory resident code. The program might stay resident in memory.
HeurFlag_! = ! Invalid opcode (non-8088 instructions) or out-of-range branch.
HeurFlag_T = T Incorrect timestamp. Some viruses use this to mark infected files.
HeurFlag_J = J Suspicious jump construct. Entry point via chained or indirect\n jumps. This is unusual for normal software but common for viruses.
HeurFlag_? = ? Inconsistent exe-header. Might be a virus but can also be a bug.
HeurFlag_G = G Garbage instructions. Contains code that seems to have no purpose\n other than encryption or avoiding recognition by virus scanners.
HeurFlag_U = U Undocumented interrupt/DOS call. The program might be just tricky\n but can also be a virus using a non-standard way to detect itself.
HeurFlag_Z = Z EXE/COM determination. The program tries to check whether a file\n is a COM or EXE file. Viruses need to do this to infect a program.
HeurFlag_O = O Found code that can be used to overwrite/move a program in memory.
HeurFlag_B = B Back to entry point. Contains code to re-start the program after\n modifications at the entry-point are made. Very usual for viruses.
HeurFlag_K = K Unusual stack. The program has a suspicious stack or an odd stack.
HeurFlag_@ = @ Encountered instructions which are not likely to be generated by\n an assembler, but by some code generator like a polymorphic virus.
HeurFlag_1 = 1 Found instructions which require a 80186 processor or above.
HeurFlag_Y = Y Bootsector violates IBM bootsector format. Missing 55AA-marker.
HeurFlag_p = p Packed program. A virus could be hidden inside the program.
HeurFlag_i = i Additional data found at end of file. Probably internal overlay.
HeurFlag_h = h The program has the hidden or system attribute set.
HeurFlag_w = w The program contains a MS-Windows or OS/2 exe-header.
[LogFile]
LogFileHdr = TBAV for Windows virus detection report
Filter = Log Files *.LOG
[DataFile]
Filter = Data Files *.DAT
[VirusInfo]
InfoHeader = Information about
Trojan = This is not a virus but a Trojan Horse. It does not spread but simply causes damage. Determine the source of the file and simply delete it.
Dropper = This file is not a virus, but a dropper of a virus. If you run this file it will install a virus on your system. It is highly recommended to delete the file.
Joke = This file is completely innocent. It merely imitates virus activity but is actually harmless. Just delete it if you do not like it.
Garbage = This is NOT a virus, but is detected as such because it has been identified as a virus by some independent tester and is being used in virus scanner tests. To avoid an undeserved penalty in such tests, TbScan detects this file too!
InfectS = This virus is known to infect
COM = COM files,
EXE = EXE files,
SYS = device drivers,
BOOT = boot sectors,
InfectE = but unknown variants may infect other items as well.
Res = It remains resident in memory and infects/damages its victims in the background.
Tool = Actually, this is not just a virus, but a class of viruses. They are all created with the same tool. It is hardly possible to divide and describe all viruses created with this tool individually. Be aware of unknown side-effects. It is highly recommended to restore all files from a reliable backup.
Poly = The virus is polymorphic, which means that it looks different each time it infects a file. Some anti-virus products may have difficulties detecting this virus reliably. Also some false alarms may occur, especially on non-executable files.
Cryp = The virus is encrypted using a trivial encryption scheme. There is no simple signature that can be used to find it. However, the better anti-virus scanners should not have any problems detecting this virus.
Cmp = This is a companion virus. It does not alter existing executable files, instead it creates a new file with the same name, but with a filename extension that has a higher execution priority than the existing one. DOS will start this virus file instead of the original program. After execution, the virus executes the original program.
HLL = The virus is not written in assembly language, as usual, but in a high-level language. Since all components of the virus are the same as the other programs developed with the same programming language, it is difficult to detect such viruses without false alarms.
Many = Because the source code of this virus is widely spread, there are many variants of this virus. It is hardly possible to divide and describe all variants individually. Be aware of unknown side-effects. It is highly recommended to restore all files from a reliable backup.
Stlt = This virus has 'stealth' capabilities, which means that it is able to hide its presence from most people, and even virus scanners and checksummers, unless the virus has not yet been loaded in memory. It is highly recommended to boot from a clean diskette before scanning or cleaning!
Mus = The speaker of your PC may emit unusual sounds.
Msg = Unusual messages or effects may appear on the screen.
Hang = Unexpected system hangs may occur.
Obv = This virus is very obvious, and it is therefore extremely unlikely that the virus will succeed in spreading unnoticed. If you ever get it on your system, it has probably been put there intentionally! Anyway, you will find out that you have a virus immediately, even without a scanner.
Lab = This virus is very buggy and/or requires a special setup. It is hardly possible that the virus will ever succeed to infect another file. Therefore this virus is not a serious threat, but can be classified as a LAB virus.
Rare = This virus almost never appears 'in the wild'. It is very unlikely that you will ever encounter it, except in virus collections.
[CleanInfo]
CleanS = CLEANING INFORMATION:\nBefore cleaning or restoring, it is HIGHLY RECOMMENDED to boot from a clean, write-protected system diskette first! This is necessary to ensure that no viruses are active in memory, and to reduce the risk that you execute an infected file by accident.
Data = WARNING!\nThis virus is known to corrupt data files. Although the damage may not be visible immediately, the integrity of your data has been affected once this virus got active in your system. There is no other option than restoring all information from a reliable backup.
Ovw = This virus uses an infection method which makes it impossible to remove it from the file afterwards. Part of the victim file is destroyed by the virus. Therefore you have no other option than to restore everything from a reliable backup.
Del = Removing this virus is easy, just delete it !
Clean = The best thing to do is to restore all executable files from a backup, or to re-install them from their original disks. If speed or ease is more important than data integrity, you may attempt to separate the virus from the file with a cleaner, such as TbClean. Results are always depending on the exact virus variant you may have, on the lay-out of the victim file, and your system configuration.
Boot = You need to restore the original DOS bootsector and/or system files. Enter 'SYS C:' on the DOS command line. You also need to check and clean all your diskettes! Otherwise the virus will return sooner or later! You can clean the diskettes with the 'TbUtil -immunize' command.
MBR = You need to clean the partition code. You can do so with the DOS FDISK program ('FDISK /MBR'), or with TbUtil ('TbUtil C: -immunize'). The latter is recommended.
CleanE = As new variants of existing viruses appear almost daily, it is possible that you will encounter a variant of this virus which will still be identified by our scanner, but behaves differently than described above. The information above is therefore intended as a basic guideline.
[Menu:Main]
PopUpStart = &File
Item(100) = &Quit and save
Item(101) = E&xit (don't save)
PopUpEnd
PopUpStart = Se&tup
Item(202) = &Options...
Item(203) = &Flags...
Separator
Item(204) = &Data file pathname...
Item(205) = &View data file
PopupEnd
PopUpStart = &Scan
Item(302) = &Options...
Item(303) = &Advanced options...
Item(304) = &If virus found...
Separator
Item(305) = &Log file options...
Item(306) = &View log file
PopupEnd
PopupStart = &Documentation
Item(400) = &License agreement
Item(401) = &TBAV user manual
Item(402) = Addendum &file
Item(403) = List of &agents
Item(404) = Application ¬es
Item(405) = &Report form
Separator
Item(406) = &What's new ?...
Item(407) = &Virus information...
PopupEnd
PopupStart = &Options
Item(500) = &TBAV for Windows configuration
Item(501) = &Scheduler configuration
Item(504) = &Network configuration
PopupEnd
PopupStart = &Help
Item(900) = Help &Index
Item(901) = &Help on help
Separator
Item(999) = &About TBAVWIN...
PopupEnd
[ButtonBar]
Text(0) = Scan the diskette in your first diskdrive for virusses
Text(1) = Scan the diskette in your second diskdrive for virusses
Text(2) = Scan your local harddisk(s) for virusses
Text(3) = Scan your network drive(s) for virusses
Text(4) = Scan all logical fixed drive(s) for virusses
Text(5) = Set TBAV for Windows configuration
Text(6) = Change the settings for background scanning
[Dialog:DLG_INITIALIZING]
Title = TBAV for Windows V6.30
Text(0xF000)= Please wait ! TBAV for Windows is initializing.
ScanMem = Scanning internal memory for viruses....
Text(0xF001)= These are the disk, paths or files that will be processed when you press OK. Press Cancel to abort the operation.
[Dialog:DLG_NOTBDRIVER]
Title = TBAV for Windows - WARNING !
Text(0xF000)= The resident utility called TbDriver is not installed!\n\nTBAV for Windows requires this program in order to access low-level system resources. If you continue, the virus scan process will not be able to scan the Master Boot Records of your local harddisks.\n\nTBAVWIN is however still able to scan files in an accurate way.
Text(100) = Do not show this message on startup
Text(1) = &Continue
Text(2) = &Terminate
[Dialog:DLG_CONFIGURE]
Title = Configure TBAV for Windows
Text(0xF000)= Program execution options
Text(0xF001)= File view utility
Text(0xF003)= Sound options
Text(2801) = &Wait after program execution
Text(2803) = &Use internal viewer
Text(2806) = &Always
Text(2807) = &Only once
Text(2808) = &Background scan
Text(2809) = &Never
[Dialog:DLG_FILES]
Title = Choose disk, paths or files
Text(102) = All &local fixed disks
Text(103) = All &network disks
Text(104) = All &fixed disks
Text(105) = Drive &A:
Text(106) = Drive &B:
[Dialog:DLG_FILELIST]
Text(0xF000)= Directory
Text(0xF001)= Targets
Text(103) = &Add Target -->
Text(104) = &Clear Targets
Text(0xF010)=Scan targets
Text(0xF011)=Setup targets
Text(0xF012)=Background scanning
Text(0xF013)=Virus Information
Text(0xF014)=Help
[Dialog:DLG_SCHEDULER]
Title = TBAV for Windows Background scanning
Text(0xF000)= Schedule timer configuration
Text(0xF001)= minutes
Text(0xF002)= Schedule files/paths configuration
Text(0xF003)= Execute virus scanner after a period of
Text(0xF004)= Enter the drives, paths or files that should be scanned
Text(0xF005)= File I/O monitor configuration
Text(2903) = Enable &scheduler
Text(2904) = Enable file I/O monitor
[Dialog:DLG_SCAN]
Title = TbScan
Text(3000) = The Thunderbyte Anti-Virus utilities provide a collection of sophisticated programs which offer various ways to check for, identify and remove known as well as unknown viruses from hard and floppy disks on PCs or across networks.
Text(3000) = The TbSetup program stores checksum, validation, and cleaning information of programs in hidden Anti-Vir.Dat files. Several Thunderbyte Anti-Virus (TBAV) utilities use this information to enhance detection and removing of viruses.\nPrograms that require special attention of TBAV utilities are listed in the TbSetup.Dat file. Send files that require special TBAV attention to our BBS for inclusion into this file! You can also add them to this file yourself!
