'*********************************************************** '* AmosMemoryCheck ( AMC ) V1.00 * '* © 02/10/92 by Volker Stepprath * '* Checks for any viruses in memory * '* Compiled with ACmp -D11 -T0 -S0 -E0 -W1 -Q * '*********************************************************** ' N$=Upper$(Command Line$)-"-" ' If N$="C" Then _COLDRESET ' Global HANDLE,DATEI$,T$ ' VIRUSTEST : Wait 50 ' If N$="F" : _SEARCH : End : End If If N$="G" : _GENERAL : End : End If If N$="R" : _RUNBACK : End If If N$="S" : _SHOWMEMORY : End : End If If N$="V" : _VEKTOR : End : End If If N$<>"" : _USAGE : End If ' '**** Vektoren ÜberprÜfen **** ' Procedure VIRUSTEST EXECBASE=4 EXECBASE=Leek(EXECBASE) ' For I=0 To 4 Read N$,OFFSET ADR=EXECBASE+OFFSET ADR=Leek(ADR) If ADR T$=Chr$(10)+Chr$(69)+" "+N$+" is abnormal ( adr:"+Hex$(ADR,8)+" ) ... Right=Cold Reset"+Chr$(0) GURU[ADR] Exit End If Next ' Data "ColdCapture",$2A Data "CoolCapture",$2E Data "WarmCapture",$32 Data " KickMemPtr",$222 Data " KickTagPtr",$226 End Proc ' '**** Alarm **** ' Procedure GURU[ADR] Areg(0)=Varptr(T$) Dreg(1)=69 RESPONSE=Intcall(-90) If RESPONSE=0 Then _COLDRESET ' Wait 50 T$="Please be carefull... "+Chr$($9B)+"1;33;40m" ' N=Hunt(ADR To ADR+1540,"SADDAM") If N : T$=T$+"SADDAM VIRUS" : Goto VHUNT : End If ' N=Hunt(ADR To ADR+1540,"SCA") If N : T$=T$+"SCA" : Goto VHUNT : End If ' N=Hunt(ADR To ADR+1540,"NORTH STAR") If N : T$=T$+"STARFIRE/NORTH STAR II" : Goto VHUNT : End If ' N=Hunt(ADR To ADR+1540,"The Pentagon Circle") If N : T$=T$+"THE PENTAGON CIRCLE" : Goto VHUNT : End If ' Restore : I2=False For I=0 To 37 Read N$,N : If ADR=N or ADR=N+$C00000 : I2=True : Exit : End If Next If I2=False N$=Hex$(ADR,8) If Instr(N$,"7E") : N$="LAMER! EXTERMINATOR" : I2=True : End If If Instr(N$,"7F") : N$="LAMER! EXTERMINATOR" : I2=True : End If End If If I2=False T$=T$+"IT COULD BE A VIRUS" Else T$=T$+N$+" VIRUS" End If ' VHUNT: T$=T$+Chr$($9B)+"0;31;40m is in system !" T$=T$+Chr$(10)+"Startaddress: "+Hex$(ADR,8)+Chr$(10) T$=T$+Chr$($9B)+"0;33;40mAmosMemoryCheck ( AMC ) V1.00 02/10/92 by Volker Stepprath" T$=T$+Chr$($9B)+"0;31;40m"+Chr$(10) CLITEXT ' Data "AIDS/VKILL",$7E880,"AIDS/VKILL",$7E882 Data "ALIEN NEW BEAT",$20000 Data "ASV",$7DC00 Data "BGS 9",$1B022,"BGS 9",$15002,"BGS 9",$15022,"BGS 9",$16002 Data "BYTE BANDIT",$7EBE2 Data "CCCP VIRUS",$B974 Data "CODER",$7F600 Data "COLOR",$70000 Data "DISK-HERPES",$7EC00 Data "EXTREME",$7F800,"EXTREME",$FF800 Data "FRENCH KISS",$7F0D0 Data "FUTURE DISASTER",$7FB00 Data "GREMLIN",$7F400 Data "GX.TEAM",$7F4D0 Data "JEFF-BUTONIC V3.0",$A22A,"JEFF-BUTONIC V3.0",$A20F Data "JEFF-BUTONIC V3.0",$F702,"JEFF-BUTONIC V3.0",$A29A Data "JEFF-BUTONIC V3.0",$A27A Data "JITR",$7EC10 Data "JULIE",$7F800 Data "MEGAMASTER",$7E300 Data "PARATAX",$7EC3E Data "PENTAGON VIRUS SLAYER",$7ED000 Data "REVENGE V1.2",$7E000 Data "SACHSEN NO.1 / NO.3",$78000 Data "SUNTRONIC",$7FA00 Data "THE SMILY CANCER",$7F000 Data "THE SMILY CANCER",$7FE00 Data "ULTRA FOX",$7EB00 Data "VERMIN",$7EB10 Data "WARHAWK",$7E600 Data "ZOMBI I",$7A000 End Proc ' '**** Optionen **** ' Procedure _COLDRESET For I=0 To 109 : Read N : N$=N$+Chr$(N) : Next I Call Varptr(N$) Data 51,252,64,0,0,223,240,154,44,120 Data 0,4,32,86,145,252,0,0,2,118 Data 48,60,33,0,66,152,81,200,255,252 Data 32,124,0,0,0,0,48,60,0,254 Data 66,152,81,200,255,252,61,124,170,170 Data 0,36,45,124,204,204,204,204,0,38 Data 45,124,0,48,0,0,0,62,45,124 Data 0,222,0,0,0,78,45,124,187,187 Data 187,187,0,82,45,124,221,221,221,221 Data 2,42,32,124,1,0,0,0,34,124 Data 0,255,255,236,36,81,145,202,78,208 End Proc Procedure _SEARCH DATEI$="CON:0/83/640/21/AMC V1.00 by Volker Stepprath » Search For String «" XOPENWIN ' T$="Enter string to search: " XWRITE XREAD N$=T$ ' T$="Enter startaddress....: " XWRITE XREAD S=Val(T$) ' T$="Enter endaddress......: " XWRITE XREAD E=Val(T$)+1540 ' S=Max(17,S) If S>E Then Swap E,S If S=E Then Add E,1540 ' XCLOSE ' T$=Chr$(10)+"Searching for "+N$+"..."+Chr$(10) CLITEXT ' N=Hunt(S To E,N$) If N>0 and N<>$200000 Then T$="String found at address: "+Hex$(N,8) Else T$="Sorry... string not found !" T$=T$+Chr$(10)+Chr$($9B)+"0;33;40m" T$=T$+"AmosMemoryCheck ( AMC ) V1.00 02/10/92 by Volker Stepprath"+Chr$($9B)+"0;31;40m" T$=T$+Chr$(10) CLITEXT End Proc Procedure _GENERAL T$=Chr$($9B)+"0;33;40m" T$=T$+"AmosMemoryCheck ( AMC ) V1.00 02/10/92 by Volker Stepprath"+Chr$(10) T$=T$+Chr$($9B)+"0;31;40m"+"AMC is written in AMOS V1.31 and compiled with ACmp V1.0 !"+Chr$(10) T$=T$+"It is only tested on an AMIGA 500 ( OS1.3 ) + 1 MegaByte !"+Chr$(10) T$=T$+"AMC needs the `diskfont.library` in folder LIBS/ on SYS: !"+Chr$(10) T$=T$+"AmosMemoryCheck V1.00 is, was, and will be Public Domain !"+Chr$(10) T$=T$+"Please send bug reports, girls, or `6 Richtige` to follow:"+Chr$(10) T$=T$+"Author: V.Stepprath, Spandauerstr.4, 4019 Monheim, GERMANY"+Chr$(10) T$=T$+"Thanks F.Lionet, M.Tornsdorf, Testament ( for good music )"+Chr$(10) T$=T$+Chr$($9B)+"0;32;40m"+"AMC ©1992 by Depeche Software / AMOS ©1991 by Mandarin" T$=T$+Chr$(10)+Chr$($9B)+"0;31;40m" CLITEXT End Proc Procedure _RUNBACK T$="AMC V1.00 installed ... press CTRL+Fkeys for options !" T$=Chr$($9B)+"0;33;40m"+T$+Chr$($9B)+"0;31;40m"+Chr$(10) CLITEXT ' _INTERVALL: Every 500 Gosub ZEIT Every On Repeat Multi Wait If Key Shift=8 If Key State(80) : _USAGE : End If If Key State(81) : _GENERAL : End If If Key State(82) : Every Off : _SHOWMEMORY : Goto _INTERVALL : End If If Key State(83) : _VEKTOR : End If If Key State(84) : Every Off : _SEARCH : Goto _INTERVALL : End If If Key State(85) : Amos To Front : End If If Key State(86) : _COLDRESET : End If End If Until Amos Here Amos To Back T$="AMC V1.00 by Volker Stepprath removed from system !" T$=Chr$($9B)+"0;33;40m"+T$+Chr$($9B)+"0;31;40m"+Chr$(10) CLITEXT ' End ' ZEIT: Every Off VIRUSTEST Goto _INTERVALL Return End Proc Procedure _SHOWMEMORY DATEI$="CON:0/83/640/21/AMC V1.00 by Volker Stepprath » Show Memory «" XOPENWIN ' T$="Enter startaddress: " XWRITE XREAD N=Val(T$) ' T$="Enter output......: " XWRITE XREAD DATEI$=T$ N$=DATEI$ ' XCLOSE ' XOPENWIN ' If N$="" T$=Chr$(10)+Chr$($9B)+"0;33;42mAMC V1.00 02/10/92 by Volker Stepprath Start: "+Hex$(N,8)+" End: "+Hex$(N+1540,8) T$=T$+Chr$($9B)+"0;31;40m"+String$("-",77)+Chr$(10) XWRITE End If ' T$="" For I=0 To 19 For I2=0 To 76 C=Peek(N+I3) If N$="" If C<32 or(C>127 and C<161) : C=46 : End If End If T$=T$+Chr$(C) : Add I3,1 Next XWRITE T$="" Next ' If N$="" T$=Chr$(10) XWRITE End If ' XCLOSE End Proc Procedure _VEKTOR T$="*"+Chr$(0) XOPENWIN ' EXECBASE=4 EXECBASE=Leek(EXECBASE) T$=Chr$(10)+"Vector....: Original: Pointer.: Address.:"+Chr$(10) T$=T$+String$("-",44)+Chr$(10) ' For I=0 To 4 Read N$,OFFSET ADR=EXECBASE+OFFSET N=Leek(ADR) If N Then V$=Chr$($9B)+"0;32;40m" V$=V$+Hex$(N,8)+Chr$($9B)+"0;31;40m" T$=T$+N$+" "+"$00000000 "+V$+" "+Hex$(ADR,8)+Chr$(10) V$="" Next T$=T$+Chr$($9B)+"0;33;40m"+"AmosMemoryCheck ( AMC ) V1.00 02/10/92 by Volker Stepprath"+Chr$(10)+Chr$($9B)+"0;31;40m" XWRITE ' XCLOSE ' Data "ColdCapture ",$2A Data "CoolCapture ",$2E Data "WarmCapture ",$32 Data "KickMemPtr ",$222 Data "KickTagPtr ",$226 End Proc Procedure _USAGE T$=Chr$($9B)+"0;32;40mUsage: AMC [-? -G -S -V -F -R -C]"+Chr$(10)+Chr$($9B)+"0;31;40m" T$=T$+" -?=Usage...... ( CTRL+F1 )"+Chr$(10) T$=T$+" -G=General.... ( CTRL+F2 )"+Chr$(10) T$=T$+" -S=Show Memory ( CTRL+F3 )"+Chr$(10) T$=T$+" -V=Show Vector ( CTRL+F4 )"+Chr$(10) T$=T$+" -F=Search..... ( CTRL+F5 )"+Chr$(10) T$=T$+" -R=RunBack.... ( CTRL+F6 )"+Chr$(10) T$=T$+" -C=ColdReset.. ( CTRL+F7 )"+Chr$(10) T$=T$+" when using option -R, AMC must started like Run AMC -R"+Chr$(10)+Chr$($9B)+"0;33;40m" T$=T$+"AmosMemoryCheck ( AMC ) V1.00 02/10/92 by Volker Stepprath"+Chr$(10)+Chr$($9B)+"0;31;40m" CLITEXT End Proc ' '**** Öffnen/Schreiben/Schließen **** ' Procedure CLITEXT XOPENWIN XWRITE XCLOSE End Proc ' '**** Fensters/Datei öffnen **** ' Procedure XOPENWIN If DATEI$="" Then DATEI$="*" DATEI$=DATEI$+Chr$(0) Dreg(1)=Varptr(DATEI$) Dreg(2)=1006 HANDLE=Doscall(-30) DATEI$="" End Proc ' '**** Text schreiben **** ' Procedure XWRITE If HANDLE=0 Then Pop Proc T$=T$+Chr$(0) Dreg(1)=HANDLE Dreg(2)=Varptr(T$) Dreg(3)=Len(T$) XWRITE=Doscall(-48) End Proc ' '**** Text von Tastatur lesen **** ' Procedure XREAD If HANDLE=0 Then Pop Proc T$=T$+Chr$(0) Dreg(1)=HANDLE Dreg(2)=Varptr(T$) Dreg(3)=Len(T$) XREAD=Doscall(-42) T$=Left$(T$,XREAD-1) End Proc ' '**** Fensters/Datei schließen **** ' Procedure XCLOSE If HANDLE=0 Then Pop Proc Dreg(1)=HANDLE XCLOSE=Doscall(-36) End Proc