IVINIT
is part of InVircible,
the world's most complete Generic Virus Protection Suit.
For thorough protection of your computer and valuable data
you may wish to
download the complete InVircible package.
CleanTrack0
- Clear stray code of track zero
Normally, track zero of the hard drive is unused except
for the first sector, which is where the master boot record
(MBR) is stored. Track zero is also where boot viruses sometimes
relocate the uninfected MBR, or write their own auxiliary
code. Boot overlays such as EZ-bios and Disk Manager use
track 0 for storing the overlay code, for the same reason.
When disinfecting from such virus, or uninstalling a boot
overlay, then track 0 is not cleaned from the stray code
that was put by the virus or the boot overlay. Although
being inert, the stray code is sometimes picked by poorly
designed utilities and causes worry due to a false alarm.
The
CleanTrk utility clears the stray code from track zero
after it assures that there is no active boot overlay installed
to the drive. CleanTrk
can be run from the server right away, or downloaded
to the drive and then run locally. CleanTrk will not affect
the MBR and leave it unmodified.
Note: CleanTrk will only run from
true DOS, or Windows 9x/ME.
MakeResQ
- Boot rescue floppy producer
MakeResQ creates a system boot floppy, with all the necessary
drivers required to conduct virus recovery, as well as disk
and data recovery. To make a rescue boot floppy, put a formatted
floppy in drive A: with no system
files and run
MakeResQ from either the server, or from the desktop,
after having downloaded the utility. MakeResQ will only
run under Windows 95, 98 or ME, but not under NT, Win2000.
Run MakeResQ under Windows 98 or ME, preferably, in order
to have FAT-32 supported.
MakeResQ will first transfer the system files to the floppy
to make it bootable, then copy the XMS, RAMDrive and SmartDrive
device drivers to the floppy. Next, MakeResQ will test if
there is sufficient available space on the floppy before
it copies FDISK and ScanDisk as well. Finally, MakeResQ
will create a config.sys on the floppy that will load the
various devices when booting from the floppy. The RAM drive
created when booting from a floppy created with MakeResQ
has 16 megabytes of capacity (provided the hardware has
sufficient RAM) that can be used for temporary storage,
like of anti-virus software, or other utilities.
FixBoot
- Generic floppy boot cleaner / repair
FixBoot is a generic boot cleaner / repair tool for floppies.
It refreshes the boot sector by overwriting the existing
sector with a clean one. FixBoot can process floppies with
capacities from 360 Kbytes to 2.88 Mbytes.
FixBoot will automatically identify the capacity of the
floppy and install a clean boot sector for the same floppy
size. FixBoot can also be used to repair and regain access
to an inaccessible floppy, such as after infection by a
boot virus, or corrupted boot sector, through running FixBoot
with the /S (size) switch.
Bootable floppies will maintain their booting capability
after being processed by FixBoot, for the following operating
systems: MS DOS, PC DOS/DR DOS (IBM) and Windows 95/98,
including FAT-32 compatibility.
FixBoot can be used to processes floppies in bulk. All
the user need to do is to answer 'Yes' when prompted if
to process another floppy.
ResQfloppy
- Floppy cloning and data recovery kit
ResQfloppy is a set of tools that will let recover inaccessible
data from bad floppies. Attempting to recover such data
with disk repair utilities like ScanDisk, or Norton Disk
Doctor, will cause further and irreversible damage to the
floppy, ruining all chances to recover anything from it.
ResQfloppy will first make an exact clone of the bad floppy
and let you work on the clone, without further deteriorating
the already ruined disk.
ResQfloppy was originally written to recover a friend's
book manuscript from a bad set of floppies.
FreeDOS
boot disk
Certain viruses like INT_CE and W95.Spaces, take advantage
of a vulnerability in MS-DOS based operating systems, starting
from MS-DOS 5. The exploit is known as the circular partition
trick. This is an extremely frustating condition, as the
computer with a tricked drive will not boot anymore, not
even from floppy. Even experts are misled when faced with
a circular partition and will replace the hard drive, believing
that the hardware is at fault. The only way to revert a
circular partition is to boot with other than MS-DOS, like
PC-DOS, or FreeDOS, and fix it with a disk recovery tool
such as the NetZ ResQ utilities.
From www.freedos.org: "FreeDOS aims to be a complete,
free, 100% MS-DOS compatible operating system"
The
FreeDOS utility offered will create a boot disk, with
FreeDOS system files, to support FAT-16 as well as FAT-32
partitions. The boot disk can be used as a free boot disk
for accessing Windows 95/98 and ME systems. A 16 megabytes
RAM drive is created on booting from the FreeDOS floppy,
which makes it suitable as a rescue and general purpose
virus recovery boot disk.
XMonkey
Monkey is a common boot-MBR infector. When there is more
than a single hard drive on a computer, all the hard drives'
partition sectors will be affected too. While Monkey is
active in memory, all drive will still be accessible. If
the virus is removed from the first (master) hard drive,
without taking care of drive 2 and higher, all access to
the higher drives will be lost. XMonkey will automatically
remove Monkey from up to eight chained hard drives.
XMonkey will also recover access to hard drives that were
affected by Monkey and ruined by improper procedures such
as FDISK /MBR, or Norton Disk Doctor etc. In such case,
run XMonkey with the /U switch.
Since XMonkey uses the SeeThru (c) technique, embedded
in InVircible, it will function even if the virus is active
in memory. XMonkey can be used from the infected hard drive
itself, or from a floppy diskette, after booting clean from
DOS.
XOneHalf
One_Half is a relatively common file and MBR infector which
has unique properties. XOneHalf is a dedicated disinfector
from the One_Half virus. The attached program has been
made available, courtesy of Dr. Peter Hubinski, from SAC
- the Slovak Antivirus Center. To disinfect a hard drive,
use the program of a write protected, clean boot
floppy. Run with the /? switch for help.
Back
©NetZ Computing Manufacturers of InVircible
