Anti Virus Utils for DOS

Back to Front Page

global menu:


Also see: Yves Bellefeuille's freeware list for other A-V utilities.


ANTI-VIRUS SCANNERS

I won't presume to know much about the performance of the virus scanners listed here. F-PROT has consistently achieved honorable placings in many test comparisons. AVPLite is another package that has received a good measure of public praise.


1. F-PROT- Anti-virus monitor, scanner, and disinfectant.

unrated [updated 11-03-99]

F-Prot is a shareware anti-virus package that has received rave reviews. Not only is it free for individual (non-commercial) use, but it is regularly updated to keep pace with new virus types. The F-Prot scanner/disinfectant and the antivirus monitoring program (memory resident) are DOS programs. "...also includes a VxD program for Windows '95/'98 users and a Windows version of a Word/Excel macro scanner." Can scan within archives (zip/arj) and many packed executables. Requires a 386+ PC.

Author: Fridrik Skulason / Frisk Software Int. (1999). Primary distribution site / virus definition updates.

11-03-99: v3.06a available.

download fp-306a.zip (about 2.1 MB)


2. NAVC- Norton command-line AV scanner.

unrated [added 04-12-99]

Revise description. NAVC is a free command line a-v scanner from Symantec Corp- this scanner also purports to repair infected files. Can scan zipped files as well.

NAVC pathname [options]
 /?                Display the help screen.
 /A                Scan all drives (A: and B: are skipped.)
 /L                Scan local drives (A: and B: are skipped.)
 /B[+|-]           Enable or disable scanning of boot records.
                   If /B[+|-] is omitted, /B+ is the default.
 /BOOT             Scan only the boot sectors of specified drives.
 /M[+|-]           Enable or disable scanning of memory.
                   If /M[+|-] is omitted, /M+ is the default.
 /MEM              Scan only memory.
 /S[+|-]           Enable or disable scanning subdirectories.
                   If /S[+|-] is omitted, /S- is the default.
 /REPAIR           Repair infected files automatically.
 /DELETE           Delete infected files automatically.
 /HALT             Halt the system if a virus is found.
 /CFG:[directory]  Specify the directory containing NAVC
                   configuration files.
 /LOG:file         Create and log to the specified file.
 /APPENDLOG:file   Append to an existing log file.
 /DOALLFILES       Scan all files, not just executables.
 /ZIPS             Scan files contained in compressed files.
 /NOBEEP           Run silently (no beeps).
 /HELPERROR        List possible DOS errorlevels returned by NAVC.
                   If desired, you can run NAVC from a batch file
                   and process the errorlevel with IF ERRORLEVEL
                   constructions.

Limitations: Doesn't scan files on FAT32, NTFS or a HPFS partitions but will scan and clean the master boot record of the primary hard drive.

Distributed as a winzip SFX but one can also extract contents with any DOS zip extracter that reads zip SFX's. Link below is to English version; other language versions may exist (?) on Symantec's web site. More info on this scanner is at Symantec. Regular virus definition updates can be found here (or FTP)- users of plain DOS should get a *16* bit updater (mmddi16*.exe ). Author: Symantec Corp. Suggested by Miky Gutman, Israel. (1999).

download navc10.exe (about 1.4MB)


3. AVPLite-(AntiViral Toolkit Pro)- Command line anti-virus scanner and disinfectant.

unrated [added 10-11-99]

Fully functional command-line sibling of the commercial AntiViral Toolkit Pro. Features from the docs:

Usage:  AVPLITE [options] path[\name][...]
        Path - any DOS path, * or *: - all hard disks
        Name - wildcards * or ?  Default is executable files
Options:

        /-  disinfect                    /SET=filename  alternate set-file
        /E  delete infected files        /*  check all files
        /M  skip memory test             /N  check remote disks, used with *:
        /P  skip Master Boot Record test /1  check only one floppy disk
        /B  skip DOS Boot Sector test    /R  do not scan subdirectories
        /T=path  swapping directory      /U  disable unpack
        /W[A][=filename]  save report    /A  disable extract
          /WA appends to existing file   /H  disable heuristic analysis
        /O  display OK messages          /@[!]=filename  check files by list
        /Y  skip all dialogs               /@! delete list after scanning
        /S  sound off                    /D  daily
        /X  do not use XMS memory        /K  disable pack info
        /MD check mail databases         /Z  disable aborting
        /MP check plain mail             /?  help screen
        /Lx  language (/Lx! - set as default). 
Author: Eugene Kaspersky, Russia (1999), suggested by many.

Get the binary here: http://www.kasperskylab.ru/eng/products/eval.html

Also need to get the virus database here: http://www.kasperskylab.ru/eng/products/download.html


FILE CHECKSUM UTILS

Using a variety of algorithms, these utils calculate a unique signature or "fingerprint" for a file. (e.g., calculate the checksum value for a program file; you can manually compare it with a reference, valid checksum value to ensure it has not been modified by viral or other actions).


1. CHK-SAFE- Calculates MD5 hash values for files.
2. CHKSUM- Calculates 32 bit CRC and 16 bit checksums.

1. CHK-SAFE unrated [added 06-12-99] uses the MD5 Hash algorithm developed by RSA Data security, Inc. The MD5 Hash is harder to fool than 16 bit CRCs and some other commonly used methods. Authors: Don Peters, Robert Bullock, Bill Lambdin (1994).

download cs-251.zip (15K)

2. CHKSUM unrated [added 06-12-99 updated 07-28-99]: CHKSUM calculates two checksums for each file: a 32-bit CRC and a 16-bit checksum. Also 16 and 32 bit "master" total checksums are calculated for all files successfully processed. One could concievably also use this tool as a cheap alternative to some shareware CRC comparers (e.g., run CHKSUM once to get baseline values for files of interest [redirect to file 1]- then run again, in whatever context [e.g., on the same files at a later date, or copies of those files; redirect output to file 2]; then use a text file compare program to locate any discrepancies in CRC values.) NASM source incl., distrib. under the Gnu Public License. Author: Charles Dye (1999). Home Page. 07-28-99: New in v1.04 (7-99): 16 and 32-bit master total checksums calculated for all files processed; see docs for other changes.

Syntax:  CHKSUM  [filespecs] [switches]
         /S  recurse into subdirectories
         /M  page output
         /H  do not hook critical errors
download chksum.zip (35K)


OTHER


ADinf- Anti-viral, disk integrity checker.

unrated [added 04-13-99 updated 05-25-99]

From the docs: ADinf "is a unique and powerful disk integrity checker which scans a disk, reading its sectors...through BIOS. It does not utilize DOS tools in searching for infectors and, therefore, can trap formidable stealth viruses that are known to intercept more than twenty DOS functions. It also traps infectors in disk drivers and hitherto- unknown viruses...Unlike other anti-virus tools....ADinf detects viruses on booting a system from the hard disk...[B]esides detecting infectors, ADinf scrupulously x-rays a system for full data integrity and security, and for other data modifications...

ADinf reads vital data about such parameters as the memory size, the address of Int 13h handler in BIOS, Hard Disk Parameter Tables, the master boot record and boot sectors, bad clusters, directory tree, and data on all files under control; then creates a [hidden] diskinfo table for every drive and saves [table in root directory]...At subsequent starts, ADinf first reads these parameters and compares them with those in its diskinfo tables. During scanning it notes any changes in the size of the memory allotted to DOS, Hard Disk Parameter Tables, master boot record, boot sectors of every logical drive, as well as new bad clusters, directories and files newly created or deleted since the last check, and changed files." Reports to screen.

Notes: May run out of memory when attempting to view large report entries.

The non-commercial version described here does not support personal diskinfo tables, editing of the filename extension list, lacks the option to skip subdirectories during checking, and reports to screen only (no create log file option). Also see DialogueScience Home Page for other free a-v software. Author: Dmitry Mostovoy, Russia (1999). Suggested by: Originally featured on Yves Bellefeuille's Best freeware for DOS and Windows 3.1.

05-25-99: latest version is v12.13 (5-99); Version history unavailable?

download adinf.zip (330K)
Russian and German versions also available: http://www.dialognauka.ru/dsav/


DISKSECURE - Protects basic disk files from Viruses.

unrated [added 10-25-98]

reviewed by H. Schwartz (10-06-98)

DISKSECURE: There are three critical files (well, not actually files) at the beginning of your hard disk that perhaps up to 1/3 of the viruses in the wild like to hide in, or like to attack and corrupt:

  1. The ``Master Boot Record'' contains basic software that your computer executes every time you start up and boot your computer. If they hide here, ``stealth'' and/or ``boot sector'' viruses can get executed each time you start your computer, and then hide in ram.
  2. The ``Partition Table'' describes how many partitions you have on your disk, what type they are, and where they are.
  3. The ``File Allocation Table'' probably should be called the directory allocation table. It describes where to find all the directories on each partition, and, where to go on the disk, to find out which files are in each directory.

By corrupting or destroying any one of these three items, a virus can make a disk completely unusable. DISKSECURE protects items #1 and #2 from viruses by:

DISKSECURE also includes a program that bypasses its defenses if you want a program to be able to access your hard disk's beginning sectors directly. DISKSECURE cannot protect your File Allocation Table in this way because it is constantly being written to and changed as new files are created, old ones deleted, etc. To protect this critical table, use a utility like stf.com (save the fat) to back up the FAT table each time you start your computer. Author: Padgett Peterson (1994).

download ds242.zip (31K)


[ Go to Top | Front Page ]

© 1994-1999. Rich Green