
                        Installation of F-PROT

My primary goal when I was designing the F-PROT package was to make the
protection almost invisible to the user.  I did not want to cause alarm by
constantly displaying warning messages, saying that "Something might be wrong".
At the same time, I wanted to make the package powerful and provide as much
security as possible.

I also wanted to provide full protection against all viruses, both those
known today and also the viruses that may appear in the future.

Another problem is that different users have different requirements.  Some
want as much security as possible, even if it may mean a little inconvenience
at times.  Other users do not even want to know of the existence of the
protection, unless a virus strikes.

F-PROT had to be divided into several separate programs, to make this
possible.  A full description on how to use each program can be found in
USAGE.TXT, but here are the steps needed to install the package.

One word of warning - although F-PROT is easy to use, it is a bit
complicated to install.  Be careful and know what you are doing.  The
installation instructions assume that you have a good knowledge of DOS
commands and know how to use a text editor.  A version that will provide
"auto-install" is currently under development.

Step 1) Create a directory with the name F-PROT on the drive or diskette
        you boot from.  Copy at least the following files there:

                        F-DRIVER.SYS
                        F-OSCHK.EXE
                        F-FCHK.EXE
                        SIGN.TXT
                        F-XLOCK.EXE

Step 2) Add the following line to the CONFIG.SYS file:

                        DEVICE=F-PROT\F-DRIVER.SYS

        This will protect you from the viruses described in FILVIR.TXT
        and BOOTVIR.TXT and it should also provide protection from any new
        boot sector viruses.  Best of all, it only uses around 2300 bytes
        of memory.

        Turn the computer off.  Wait.  Turn it back on.  You should see the
        message:

                        F-DRIVER version 1.14 installed

        If F-DRIVER detects an infection, you will have to reboot from a
        "clean" diskette and disinfect before you can continue.

        If you are using a Novell network, you need to copy the file
        F-NET.EXE to the F-PROT directory and add the command

                                  F-PROT\F-NET

        to your AUTOEXEC.BAT file, after the network software is run.
        Otherwise F-DRIVER.SYS will only protect you from viruses on your
        own computer, not virus-infected programs on the network server.

Step 3) Now you are protected from all the viruses listed in FILVIR.TXT
        and BOOTVIR.TXT.  You can double-check that, by giving the command:

                                 F-SYSCHK

	This program will scan the memory for any resident viruses. 
        Running F-SYSCHK should not be necessary, unless you skip step 2.

Step 4) Run the F-FCHK program to look for infected programs.

                Example:        F-FCHK C:\

        The above command will search every program on the C: drive for
        infection by known viruses.  If you have a large hard disk, you
        need to give one command for each drive (C:, D:, etc.)

Step 5) Run the F-OSCHK program, with no parameters.  It will display
        five numbers, which are encrypted checksums of the operating
        system files, the boot sector and the partition boot record.  Add
        the following line to the AUTOEXEC.BAT file,

                  F-PROT\F-OSCHK  vvvvv wwwww xxxxx yyyyy zzzzz

        where vvvvv, wwwww etc. are the five numbers produced
        before.  This will provide added security for the operating
        system.

Step 6) Use the F-XLOCK program to add the self-testing module to your
        .EXE and .COM files.  You do not need to modify every program,
        but you should use F-XLOCK on your most used programs.
        For example, if many of your executable files are stored in
        the \BIN subdirectory on drive C:, you simply give the command:

                        F-XLOCK  C:\BIN\*.*

        This will modify the .EXE and .COM files in that directory, so
        they will check that they have not been infected, every time they
        are run.  It will not prevent them from becoming infected, but you
        will be alerted the first time an infected program is run.  This
        should provide protection against new program viruses.  F-DRIVER
        should protect you against all "old" viruses.

        One word of warning - in some cases you are not allowed to make
        any changes to programs you buy, so read the license first.

	Also, some recent programs perform their own self-checking, so
	they will assume that the self-testing module is a virus infection,
	forcing you to remove it by using F-UN’LOCK

Step 7) Make COMMAND.COM and every .EXE and .COM file read-only, unless
        the program needs to be able to modify itself.  This can be done
        by giving the commands

                             ATTRIB +R *.EXE
                             ATTRIB +R *.COM

        in every directory that contains executable files.  This provides
        almost no protection against most viruses, but is nevertheless
        advisable, so you don't delete the files by mistake.

	If you install the F-LOCK program, as described below, it will
	intercept any attempt to make a read-only executable file
	writable again.

The six steps described above will provide very good protection against
all viruses.

However, those programs are not effective against Trojans, that may try
to format your hard disk or do something equally nasty.  They will only
protect you from viruses.

If you also want protection from Trojans, you should perform the next step.
It may, however, cause a bit of inconvenience at times, since any "suspicious"
activity will produce a pop-up window.

Step 8) Copy the programs F-LOCK.EXE and F-POPUP.EXE to the F-PROT directory.
        Add the following commands to your AUTOEXEC.BAT file, preferably at
        the beginning:

                        F-PROT\F-LOCK
                        F-PROT\F-POPUP

        The programs will be installed in memory, where they occupy around
        4K.  They will monitor all activity in the computer and produce a
        warning message when something suspicious is going on, allowing
        you to stop the program in question before it does any harm.

        You should not perform step 8 if you are running MS-Windows.

Finally, one program can be used to provide an additional level of security.
It can, however, only rarely be used.  You should only use it on computers
where there is no software development, and new programs are only rarely
installed.  See USAGE.TXT for additional information.

Step 9) Lock every .EXE and .COM file used on the computer, using the F-XLOCK
        program as described before (Step 6).  Copy the F-XCHK.EXE program to
        the F-PROT directory, and add the following command to AUTOEXEC.BAT

                        F-PROT\F-XCHK

        Now it will not be possible to run any programs not locked by
        using F-XLOCK.  In addition, all programs are checked for modifications,
        before they are run.  This will prevent the activation of any
        program viruses on your computer.

The installation is now finished.  You should use F-FCHK on all programs
you receive, before installing them on your computer, just to be sure
they do not contain any known viruses.  You should also use F-DISINF to
scan all diskettes you receive.