home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Aminet 28
/
Aminet 28 (1998)(GTI - Schatztruhe)[!][Dec 1998].iso
/
Aminet
/
util
/
virus
/
xvs33_12.lha
/
xvs.doc
< prev
next >
Wrap
Text File
|
1998-09-27
|
13KB
|
465 lines
TABLE OF CONTENTS
xvs.library/xvsAllocObject
xvs.library/xvsCheckBootblock
xvs.library/xvsCheckFile
xvs.library/xvsCheckSector
xvs.library/xvsCreateVirusList
xvs.library/xvsFreeObject
xvs.library/xvsFreeVirusList
xvs.library/xvsInstallBootblock
xvs.library/xvsObjectType
xvs.library/xvsRepairFile
xvs.library/xvsRepairSector
xvs.library/xvsSelfTest
xvs.library/xvsSumBootblock
xvs.library/xvsSurveyMemory
xvs.library/xvsAllocObject xvs.library/xvsAllocObject
NAME
xvsAllocObject -- Allocate memory for specified object.
SYNOPSIS
object = xvsAllocObject(objecttype)
D0 -48 D0
APTR xvsAllocObject(ULONG);
FUNCTION
Allocates a memory block and required resources for the specified
object. Never do this in any other way for compatibility with
library updates.
Objecttype can be one of these:
XVSOBJ_BOOTINFO - allocate a xvsBootInfo structure.
XVSOBJ_FILEINFO - allocate a xvsFileInfo structure.
XVSOBJ_MEMORYINFO - allocate a xvsMemoryInfo structure.
XVSOBJ_SECTORINFO - allocate a xvsSectorInfo structure.
INPUTS
objecttype - One of the XVSOBJ_#? values.
RESULT
object - Pointer to the object or NULL if there occured an error.
SEE ALSO
xvsFreeObject()
xvs.library/xvsCheckBootblock xvs.library/xvsCheckBootblock
NAME
xvsCheckBootblock -- Check bootblock contents for viruses.
SYNOPSIS
result = xvsCheckBootblock(bootinfo)
D0 -66 A0
ULONG xvsCheckBootblock(struct xvsBootInfo *);
FUNCTION
Checks if a bootblock contains viruses and informs about the
dostype, checksum and type of the bootblock.
xvsbi_Bootblock must be initialized with a pointer to a 1024 bytes
bootblock.
The bootblock will be first checked for the dostype. If it's not
a DOS bootblock, you'll receive XVSBT_NOTDOS as a result.
Otherwise xvsbi_DosType will receive the type of filesystem the
disk is using (eg. DOS/0 -> xvsbi_DosType = 0).
The xvsbi_ChkSumFlag field will be TRUE if the bootblock checksum
is correct (ie. bootable), otherwise it's FALSE.
Now the bootblock will be checked for standard bootblocks and
viruses. You'll receive XVSBT_STANDARD13, XVSBT_STANDARD20 or
XVSBT_VIRUS in that case.
If all the tests were negative, XVSBT_UNKNOWN is returned. Note
that XVSBT_UNINSTALLED will never be returned by this function,
it is only used by xvsInstallBootblock(). You can consider an
unknown bootblock with xvsbi_ChkSumFlag set to FALSE as uninstalled.
In all cases, you'll receive the result in xvsbi_BootType too
and a describing ascii text in xvsbi_Name.
INPUTS
bootinfo - Pointer to initialized xvsBootInfo structure.
RESULT
result - One of the XVSBT_#? values.
xvs.library/xvsCheckFile xvs.library/xvsCheckFile
NAME
xvsCheckFile -- Check file contents for viruses.
SYNOPSIS
result = xvsCheckFile(fileinfo)
D0 -96 A0
ULONG xvsCheckFile(struct xvsFileInfo *);
FUNCTION
Checks any file (executable/data) for virus infection and informs
about the type of file.
xvsfi_File must be supplied with a pointer to the buffer holding
the file, xvsfi_FileLen must receive the length of the file.
The file will be first checked if it's executable. If not, it's
a data file and will be scanned for data viruses (eg. scripts,
bootblocks). If nothing is found, the result is XVSFT_DATAFILE,
otherwise you'll receive XVSFT_DATAVIRUS. Such files can only be
deleted.
Executable files are tested for link- and fileviruses. The result
for linkviruses is XVSFT_LINKVIRUS, you can repair these files with
a call to xvsRepairFile(). Fileviruses return XVSFT_FILEVIRUS and
the file can only be deleted completely.
In all cases, you'll receive the result in xvsfi_FileType too
and a describing ascii text in xvsfi_Name.
After calling this function, always test xvsfi_ModifiedFlag. If
this is TRUE, the recognition code modified your file buffer and
it's no longer safe to write it back to disk, execute it etc.
Some viruses require a lot of decrypt work for recognition and
it's not possible to detect them without, that's why I had to
add this flag.
INPUTS
fileinfo - Pointer to initialized xvsFileInfo structure.
RESULT
result - One of the XVSFT_#? values.
SEE ALSO
xvsRepairFile()
xvs.library/xvsCheckSector xvs.library/xvsCheckSector
NAME
xvsCheckSector -- Check disk sector contents for virus modifications.
SYNOPSIS
result = xvsCheckSector(sectorinfo)
D0 -84 A0
ULONG xvsCheckSector(struct xvsSectorInfo *);
FUNCTION
Checks if a sector has been modified by viruses.
xvssi_Sector must be initialized with a pointer to a 512 bytes
disk sector, xvssi_Key with the sector number it has on disk.
The sector will be checked for damages or changes done by viruses.
If anything is found, XVSST_DESTROYED or XVSST_INFECTED will be
returned, otherwise you'll receive XVSST_UNKNOWN.
In all cases, you'll receive the result in xvssi_SectorType too
and a describing ascii text in xvssi_Name.
INPUTS
sectorinfo - Pointer to initialized xvsSectorInfo structure.
RESULT
result - One of the XVSST_#? values.
SEE ALSO
xvsRepairSector()
xvs.library/xvsCreateVirusList xvs.library/xvsCreateVirusList
NAME
xvsCreateVirusList -- Allocate and initialize xvsVirusList structure.
SYNOPSIS
viruslist = xvsCreateVirusList(listtype)
D0 -36 D0
struct xvsVirusList *xvsCreateVirusList(ULONG);
FUNCTION
Allocates memory for a xvsVirusList structure and initializes it
with nodes of the required type.
Listtype can be one of these:
XVSLIST_BOOTVIRUSES - create list of bootblock viruses.
XVSLIST_FILEVIRUSES - create list of file viruses.
XVSLIST_LINKVIRUSES - create list of link viruses.
The list should be used for information purposes only, eg. for a
listview gadget of gadtools.library.
xvsVirusList->LH_TYPE holds the XVSLIST_#? value,
xvsVirusList->xvsvl_Count holds the amount of nodes.
The nodes themselves hold a pointer to the virus name in the
LN_NAME field.
INPUTS
listtype - One of the XVSLIST_#? values.
RESULT
viruslist - Pointer to xvsVirusList or NULL if not enough memory.
SEE ALSO
xvsFreeVirusList()
xvs.library/xvsFreeObject xvs.library/xvsFreeObject
NAME
xvsFreeObject -- Release memory of object.
SYNOPSIS
xvsFreeObject(object)
-54 A1
void xvsFreeObject(APTR);
FUNCTION
Deallocates the memory and releases the resources reserved via
xvsAllocObject().
INPUTS
object - Pointer to object.
RESULT
None.
SEE ALSO
xvsAllocObject()
xvs.library/xvsFreeVirusList xvs.library/xvsFreeVirusList
NAME
xvsFreeVirusList -- Release memory of xvsVirusList structure.
SYNOPSIS
xvsFreeVirusList(viruslist)
-42 A1
void xvsFreeVirusList(struct xvsVirusList *);
FUNCTION
Deallocates the memory of a xvsVirusList structure that has been
returned as result by xvsCreateVirusList().
INPUTS
viruslist - Pointer to a xvsVirusList structure.
RESULT
None.
SEE ALSO
xvsCreateVirusList()
xvs.library/xvsInstallBootblock xvs.library/xvsInstallBootblock
NAME
xvsInstallBootblock -- Install some standard bootblocks to buffer.
SYNOPSIS
xvsInstallBootblock(bootblock, boottype, dostype)
-72 A0 D0 D1
void xvsInstallBootblock(APTR, ULONG, ULONG);
FUNCTION
Installs desired bootblock data to the buffer. The checksum will
be corrected automatically except for XVSBT_UNINSTALLED bootblocks.
Boottype can be one of these:
XVSBT_UNINSTALLED - creates uninstalled (non-bootable) bootblock.
XVSBT_STANDARD13 - creates standard bootblock (Kickstart 1.3).
XVSBT_STANDARD20 - creates standard bootblock (Kickstart 2.0).
Dostype specifies the filesystem the disk is using. It's just
the trailing number behind 'DOS', eg. DOS/0 -> dostype = 0.
INPUTS
bootblock - Pointer to buffer that is 1024 bytes long.
boottype - One of the XVSBT_#? values above.
dostype -
