AminetAminet
Search:
84656 packages online
About
Recent
Browse
Search
Upload
Setup
Services

util/virus/BerserkerV.lha

Mirror:Random
Showing:m68k-amigaosgeneric
No screenshot available
Short:Ancient Virus Killer missing Source
Author:Ralf Thanner
Uploader:aminet aminet net
Type:util/virus
Version:5.02
Architecture:m68k-amigaos
Date:2016-07-28
Download:http://aminet.net/util/virus/BerserkerV.lha - View contents
Readme:http://aminet.net/util/virus/BerserkerV.readme
Downloads:4910

Berserker V5.02 (1990)
======================

- works ONLY with Kick 1.2/1.3/2.0
- the Centurion Link Virus is the Smily Cancer
- i must decrunched all files
- the last Version!?

MfG
anonymous

==============================================================================

                          B E R S E R K E R  5.01
                          +++++++++++++++++++++++

               © Copyright 1988, 1989, 1990 by Ralf Thanner

   The code is entirely written in assembler for the Kuma Seka assembler

==============================================================================


        REVISION HISTORY:
        =================


   R    V1.0    - Just a primitive SCA finder and killer.

   R    V1.c    - Added Byte Bandit & Byte Warrior killer.
                - Improved SCA & SCA mutants killer routine.
                  -> OBELISK, AEK, LSD, PENTAGON, BAMIGA SECTOR ONE,
                     WARHWAK, MICROMASTER & NORTHSTAR...

   R    V2.b    - finds the Exterminator ( LAMER ).

   R    V2.d    - finds the first link virus ( IRQ TEAM 41 ).

        V2.e    - Added alert box. Idea by Olaf Barthel.
                - Some cleanups and bug-fixes done.

   R    V2.e+   - Doesn't refuse to work with Kick 1.3 any more.
                - Added custom bootblock writer.
                - Added kill cold-cool vectors;
                  There are just too many SCA clones on the market
                  and it is saver to clear these pointers.

   R    V3.0    - Now also finds the BSG 9 link virus.
                - Second ( and final? ) code cleanup for public
                  release
                - Removed the custom bootblock writer, too many guys
                  thought Berserker to be some kind of virus in
                  disguise.

   R    V3.0+   - Extended to find Gaddafi and Disk-Doctor viruses.

        V3.1    - Extended to find the REVENGE BOOTLOADER virus.
                  -> THIS IS A NEW ONE!!!
                - Bug-fix in EXTERMINATOR routine.
                  -> should find ALL lamer versions now...
                - Code cleanup ( added some subroutines ).

        V3.2    - Extended to find REVENGE (an old one, but some
                  nice guys told me that Berserker should also find
                  the old ones ... and because Berserker crashed when
                  memory was infiltrated by REVENGE )

        V3.2b   - Shortened, sped up & cleaned up the code.
                  ( and Berserker still works! )

   R    V3.39c+ - JOKE....

        V3.5    - Added Xeno 'killer' routine by STEVE TIBBET.

        V4.0    - Added a friendlier CLI-interface and an option
                  to start Berserker from Workbench.

   R    V4.0a   - WHAAA, what a pity: forgot to call ReplyMsg..
                  Bug now fixed... Thanks to Olaf for this hint.
                - Shortened and improved code again.

        V4.0b   - Threw the 'led switch off' out.
                - Made the cold/cool capture killer optional.
                  Hello Martin, yes, only for you...
                - Shortened and improved code again & again....

   R    V4.0c   - AARGH!!! A new link virus: Disaster Master V2.

   R    V4.0d   - CENTURION LINK VIRUS killer implemented.
                - Implemented a resident library checker.
                - From now on the source contains only the
                  'virus-killing-part'.

   R    V4.1    - these fucking ass....., in the last two weeks
                  I got three new file/link viruses, and this is
                  even one of the best programmed viruses I ever
                  saw: The Traveling JACK... What chance has
                  a 'Traveling Jack' against a Berserker??? None...
                - OLSEN found out that 'Berserker' crashed on
                  Kick 2.0. Now checks the Kickstart version.
                  That's not my fault, most viruses will crash, too.
                - From now on source contains everything.
                  ( some people didn't like it the other way )
                - Removed 'math.lib' check. A virus in math.lib?? NAAA...

   R    V5.0    - improved 'Traveling Jack' searcher (now finds the
                  mutant version.
                - Added a permanent handler. ( read description below )
                - Removed 'dos.library' check. My kind of checking doesn't
                  work correctly with dos.library. ( doesn't find any change )
                - Takes care of NTSC screens when printing the CLI
                  instructions.
                - BIG code-cleanup.
                  This cleanup was a REAL one: Berserker has become shorter,
                  faster and (keep your fingers crossed) bug-free...
                  also changed the way I jump into dos.library from 'A5'
                    into 'A6'. ( less problems with future Kickstarts )
                  to be honest, I changed most of the routines...
                - New Workbench design. ( uses gadgets )
                - Full instructions from workbench.
                - Source contains only the last revision description.
                - NO german.docs any more! ( it's not too difficult to under-
                  stand the english docs... )

   R    V5.01   - Fine tuning ( cli-instructions with 'RETURN' and Workbench
                  instructions with 'LEFT M.B.' )
                - New handler version -> V1.4

   R    V5.02   - Once again fine tuning.
                  CLI PARAMETER CHECK recognizes TAB's now.
                - New handler version -> V1.5


   R = released version         release date:   22.11.90

   Berserker is now: 7892 bytes long. (not crunched!)

==============================================================================
==============================================================================

                          Berserker-Handler V1.5
                          ++++++++++++++++++++++

                     © Copyright 1990 by Ralf Thanner

   The code is entirely written in assembler for the Kuma Seka assembler

==============================================================================


        REVISION HISTORY:
        =================

        V1.0    - finds and destroys  the two link-viruses 'Traveling
                  Jack' and 'Centurion'.

   R    V1.1    - reprogrammed the whole handler which is now absolutely
                  system friendly. ( launch the handler and use XOPER
                  to see what I mean! )
                - If you start 'Berserker-Handler', it prints
                  it's revision number.
                - Handler should be waterproof... ( I HOPE! )

   R    V1.2    - improved 'Traveling Jack' searcher.
                  -> now finds the mutant version.

        V1.3    - Removed a big bug ( was it my fault or COMMODORE's ???  )
                  when the interrupt server was installed, all other servers
                  running with same priority ( like the Imploder crunch bars
                  or NoisePlayer's play routine ) didn't work.  Changed
                  priority to '-2'.

                - Also changed the check-rate.  ( older versions checked every
                  frame )

   R    V1.4    - Bumped priority to '-126' since 'BAD' had a priority
                  of '-60' which caused it to hang.

   R    V1.5    - changed task priority.


   R = released version

   Berserker-Handler is now: 884 bytes long.  ( don't crunch! )
                                                -------------

==============================================================================

                         WHAT DOES Berserker V DO?
                         =========================

Berserker is a viruskiller which was designed as a CLI-command.  It works with
Kick 1.2, Kick 1.3, 512K and expansion RAM.

Berserker 5.0 consists of two files, 'Berserker' and 'Berserker-Handler'.
Copy 'Berserker-Handler' into the 'L:' directory if you wish to use the
permament checker ( otherwise Berserker will not able to launch the handler ).

The Handler needs about 4900 bytes of memory; that should be worth it...
( four KB for the stack and one for the program )

Because of the big number of link viruses on the Amiga, I recommend inserting
the Berserker call as the third command in your startup-sequence.
( the later the better...  )

You can start Berserker V either from CLI or from Workbench.

WORKBENCH:
----------

Berserker opens a window and waits for your choice.

                   ALL OPTIONS SHOULD BE SELF-EXPLANATORY

CLI:
----

Berserker offers you following options:

                         'Berserker ?' - instructions.

                         'Berserker c' - clears the cold- & coolcapture

                         'Berserker i' - to install the 'Berserker-Handler'

                         'Berserker r' - to remove the Handler from memory


If you start Berserker V without any command it will start searching
through memory in order to kill these little bastards.

You can combine the options 'r' or 'i' and 'c'.

If Berserker finds a virus a Recoverable Alert appears, just click a
mousebutton to continue ( you will get to know the presence of a virus even
if the Berserker banner message has been redirected ).

If Berserker-Handler is installed and finds 'JACK' or 'CENTURION' a
Recoverable Alert appears, just click a mousebutton to continue.  I would
recommend that you use 'BLVC' to check the file loaded just before the
alert appeared.  BLVC 'heals' files infected by link-viruses.


                                 LIBRARIES
                                 =========

Berserker checks the following ones:

                - EXEC.LIBRARY
                - EXPANSION.LIBRARY
                - GRAPHICS.LIBRARY
                - LAYERS.LIBRARY
                - INTUITION.LIBRARY

Berserker checks these libraries in order to detect any illegal change.
Programs like 'SetPatch' use the systemcall 'SETFUNCTION' to change a
vector but no virus does.  Consequently, Berserker compares the original
library checksum with its 'homebrewn' checksum and puts up an alert.

                     -->> ANY CHANGE IS DETECTED. <<--

If Berserker shows its little alert with 'EXEC.LIBRARY' the chance that you
system has been infected by a new virus is very high!

Berserker does not repair a modified library.  The function was added only
to give you an opportunity to recognize new viruses...


                    WHICH VIRUSES DOES Berserker KNOW?
                    ==================================

1.  SCA and all its mutant brothers and sisters
    -------------------------------------------
    This means AEK, LSD, WARHAWK, OBELISK, PENTAGON, BAMIGA SECTOR ONE....

2.  Byte Bandit
    -----------
    No need for further discussion (or what do you think?).

3.  Byte Warrior (DASA0.2)
    ----------------------
    Was  the  first virus with coded text, so you couldn't recognize it on
    the bootblock.

4.  The Exterminator (LAMER!)
    -------------------------
    This  one  fills  the  tracks  of  a  disk  with 'LAMER!LAMER!LAMER!'.
    Exterminator  is  very  tricky, if you try to examine the bootblock it
    will always look like a normal one. The new  version should  find  all
    versions of the LAMER-EXTERMINATOR. (that's not true... what a shame)

5.  The IRQ-Virus
    -------------
    This  one  is  a  link  virus.  It looks for the second program in the
    startup-sequence and tries to infect it.  If this fails it will try to
    link itself to the DIR command.  WARNING!!!  Sometimes it also infects
    other programs.

    If a disk is write-protected -> look for REQUESTER

    Hint  for programmers:  the IRQ-virus' vector is OLDOPENLIBRARY(-408),
    therefore  always  use  OPENLIBRARY(-552).  Unfortunately the standard
    Aztec  'C'  3.2a  -  5.0   crt0.a68  startup  code  makes  a  call  to
    OldOpenLibrary()  to  get  access  to the dos.library.  Time for a bug
    fix, Manx?

6.  The BSG 9-Virus
    ---------------
    This  one  is  a  link  virus.   It looks for the first program in the
    startup-sequence  and  tries to infect it.  It saves the modified file
    in the DEVS directory with spaces instead of a name.  The virus itself
    is  about  2608  bytes  long  and  becomes  visible after four or five
    resets; the screen turns black and a message appears:

              "      A COMPUTER VIRUS IS A DISEASE     "
              "       TERRORISM IS A TRANSGRESSION     "
              "        SOFTWARE PIRACY IS A CRIME      "
              "             THIS IS THE CURE           "
              "   BSG 9  BUNDESGRENZSCHUTZ SEKTION 9   "
              "          SONDERKOMMANDO 'EDV'          "

7.  The Gadaffi-Virus
    -----------------
    This  one  is  a  mutant  version  of the old Byte Warrior.  It copies
    itself  on  each  disk  and  tries to play a sound with the disk drive
    motor  after  12  resets.  Even though you might find the music funny,
    the  drive  will  be  of a different opinion (this may lead to serious
    hardware failures!).

8.  The Disk-Doctor
    ---------------
    This  one is a brand new one.  It allocates 12 KBytes after each reset
    and  ...   to  be honest, I didn't test what it also does because this
    one  was  very complicated -> before Disk-Doc I had never seen a Task,
    nor  did  I know what you can do with one. I'm lucky enough to be able
    to detect and kill it.

    ( By writing Memguard I got to know a lot more about tasks...)

9.  The REVENGE BOOTLOADER
    ----------------------
    This  one  is  just  a  normal  virus  with  the  ASCII  text 'REVENGE
    BOOTLOADER'  in  it  (not the smartest of ideas).  It looks like as if
    this  one  has  no  message  in  it,  it only copies itself onto every
    disk inserted.  This one is a virus of a new generation, it works with
    every kickstart and with fast-memory.

10. SYSTEM Z
    --------
    I wanted to add this one but a programm which asks before it copies
    itself onto disk is not a virus in my eyes.

11. REVENGE
    -------
    This  is  an  old  one, which at the end of the boot code contains the
    following  ASCII text:  "REVENGEV1.2 COUNT:".  I had to implement this
    one because Berserker III crashed when REVENGE was in memory.

12. TIMEBOMB
    --------
    ARGHHHH!!   This  one  is  NOT in memory.  TIMEBOMB only tries to copy
    itself  to  the  disk  in DF1:.  The next time you boot the other disk
    from  DF1:   TIMEBOMB fills the whole root track with random data from
    location  $20000.   After quite literally killing the disk it displays
    an  alert  with  it's  stupid message.  Berserker cannot find and kill
    this one since it is not in memory.  Sorry!!!  Special thanks for this
    virus  must  go  to DATA BECKER.  The asshole who wrote the virus took
    all routines out of AMIGA INTERN I.

13. XENO
    ----
    I  can't  tell you anything about this one (I never got it).  I had to
    take  the routine from STEVE TIBBET.  Some of my friends own hard disk
    drives.   S.T.   says  that the Xeno spread like wildfire and infected
    even  hard disks.   My friends were so frightened that, (AAARRGH!!  it
    is very hard to say) I took the routine from VIRUSX4.0.

14. Disaster-Master V2
    ------------------
    This  is  a link virus which is 1740 bytes long and only infects disks
    with  a startup-sequence.  Disaster-Master is alway found in the first
    line  as  'CLS  *' and in the 'C:' directory as the 'CLS' command.  Be
    sure  to  examine  both  the  startup-sequence  script  and  the  'C:'
    directory If Berserker discovers that your system has been infected by
    DM  V2.   Funny  enough if launched without the asterisk ('*') the CLI
    window  is  cleared.  After a few (???) resets it puts up an alert and
    resets the computer.

15. CENTURION LINK VIRUS
    --------------------
    This  new  virus  makes itself resident, changes DoIO & KickSum and is
    always  located  at  $7f000  (some guys will - hopefully - never learn
    it).   The  virus  itself  is  3916 bytes long and tries to infect the
    programs  listed in the startup-sequence (what else!).  After a number
    of  resets  it  changes  the  mouse  pointer  to  a smiley with a tiny
    scrolling  banner  message  in  it.  I heard that you can protect your
    commands  in the startup-sequence with this little trick:  change your
    command line from:  'Berserker' to 'C/Berserker', etc.  Keep away from
    programs  like  'new  LZ' or 'LHwarp V1.44'; they are fake and contain
    the virus.

    If a disk is write-protected -> look for REQUESTER

16. THE TRAVELING JACK
    ------------------
    You  can  wipe  it out with a reset (that's at least what I guess from
    the  code) and changes the dos.library jump table (clever idea)!  When
    installed  it  tries  to write its 'VIRUS.xx' file to disk each time a
    program accesses the drive.  Be careful:  it tries to 'link' itself to
    anything!
    There are two diffent  versions, a normal one and a mutant.  Berserker
    wipes both from memory, but doesn't  tell you whether it was the normal
    or the mutant version.

    If a disk is write-protected -> look for REQUESTER



                                 REQUESTER
                                 =========

    If a disk is write-protected the virus always brings up a standard
    DOS Autorequester like this:

   +System Request ==================##|##+
   |                                      |
   | Volume                               |
   | - Disk name -                        |
   | is write protected                   |
   |                                      |
   | +-----+                     +------+ |
   | |RETRY|                     |CANCEL| |
   | +-----+                     +------+ |
   +--------------------------------------* <- 'OLSEN' is not a good painter..



                            ADDITIONAL REMARKS
                            ==================

                     Special thanks go to my friends:

                   Olaf B. for testing and ideas & help
                 Michael V. for utis, viruses and testing
                   Henning L. for being a helpfull coder
                       Thorsten H. for tips and help
        Erik L0vendahl S0rensen, watch out for the next version....


                          «»  DON'T RESOURCE!  «»

Olsen:  Berserker was written using the well known Kuma Seka Assembler.  As
an  American  user you might have never heard or seen anything of it.  Kuma
did it the British way:  Seka does neither generate ALink compatible linker
object  files,  nor  does  it  apply  to  the  de facto Metacomco MASM (see
Developers'  toolkit) standard.  For this reason your CAPE, MASM, ASM or AS
will  probably refuse to re-assemble the source code.  Calls like "MOVE 4.W
A6"  will  have to be replaced by something like "MOVE 4,A6".

Ralf:   I  love  my  SEKA and i use calls like 'MOVE 4.w,a6' for speed, you
C-FREAK!


 SORRY TO ALL THE FOLKS WHO WROTE ME A LETTER AND I DIDN'T ANSWER THEM!!!
    I WILL ANSWER THEM EVEN IF THEY ARE ONE YEAR OLD...  I'M SO LAZY...


===============================  Berserker  ==================================

IMPORTANT  NOTICE:   This program is (c) Copyright by Ralf Thanner, but can
be FREELY DISTRIBUTED, providing that the following rules are respected.

  - No change is made to the program nor to the accompaning documentation.

  - Every  form  of distribution is allowed and encouraged, but no fee can
    be charged for this program except for, possibly, the cost of magnetic
    media.

  - The package is always distributed in its complete form consisting of 4
    files:     'Berserker',   'Berserker-Handler',   'Berserker.Doc'   and
    'Berserker.S'.

By  copying,  distributing  and/or  using  the  program  you  indicate your
acceptance of the above rules.

==============================================================================


Contents of util/virus/BerserkerV.lha
PERMISSION  UID  GID    PACKED    SIZE  RATIO METHOD CRC     STAMP     NAME
---------- ----------- ------- ------- ------ ---------- ------------ ----------
[unknown]                 4288    7892  54.3% -lh5- 0332 Jul 28 19:47 BerserkerV/Berserker
[unknown]                  612     884  69.2% -lh5- 4d2e Jul 28 19:47 BerserkerV/Berserker-Handler
[unknown]                 7496   18451  40.6% -lh5- 1dea Jul 28 19:47 BerserkerV/Berserker.DOC
[unknown]                 3729   10468  35.6% -lh5- 672d Jul 28 19:47 BerserkerV/BLVC
[unknown]                 2200    4949  44.5% -lh5- 3c02 Jul 28 19:47 BerserkerV/BLVC.DOC
---------- ----------- ------- ------- ------ ---------- ------------ ----------
 Total         5 files   18325   42644  43.0%            Jul 28 19:34

Aminet © 1992-2024 Urban Müller and the Aminet team. Aminet contact address: <aminetaminet net>