Version 1.1 of FLU_SHOT+ has a few enhancements:

1.      If you use the '-B' switch when you first run FLU_SHOT+,
        the machines BIOS will be used instead of direct screen
        writes.  Useful for machines which are less than IBM-PC
        compatible.  Or those people still running CGA's who don't
        like snow.  It's a little slow.  For the CGA users: you
        ever think of how nice it would be to see an unblurred
        screen?  EGA's aren;t that expensive anymore....

2.      I neglected to remove some comments, and there was a hole
        in FLU_SHOT+ V1.0 that a worm could have exploited.  The
        hole has been patched securely....

3.      An additional option in the FLUSHOT.DAT file:
                X=<ambigious_filename>
        allows a matching program to "turn off" the triggering of
        FLU_SHOT+ for the entire duration of its run.  This could
        leave a security hole if you're not careful....so be careful!
        Do not use an ambigious directory: running a trojan from there
        would not trigger FLU_SHOT+.  I use it for programs like
        FORMAT, Norton Utilities and that kind of stuff.  I'm very
        careful when using it, though.  And you should be, too!

4.      The in-memory protection table is now checksummed so that
        worms can't change the files you're attempting to protect.
--
Version 1.2 of FLU_SHOT+ has a few enhancements:

1.      A new option, '-I<num>' has been added.  This allows you to
        determine the frequency, in 1/18 seconds, of how often the CMOS
        Check (if enabled) and the Protection Table Check are going to
        run.  The lower the number, the higher your protection, but
        the more impact it will have on system operations:  they'll
        be a little slower.  The default is set to one second.

2.      Some complaints from those having FSP in their AUTOEXEC.BAT and
        having a line of the the form R=\AUTOEXEC.BAT.  FSP was protecting
        the AUTOEXEC.BAT file (an intended option), but the boot sequence
        was causing people to have to hit a 'G' to continue with their
        boot.  I've installed a '-S<num>', where <num> represents how many
        1/18 seconds to sleep before activating the R= option.
        The default is set to 10 seconds.  It will also immediately
        expire on the first key hit.

3.      Because CMOS and Prot Table checks are done via the timer tick
        in Version 1.2, there is no need for the counter to be associated
        with the CMOS flag any longer.  As such, '-C' is the full option
        to turn on CMOS checking.
--
Version 1.4 of FLU_SHOT+ has a few enhancements:

1.      I've skipped Version 1.3 - something about the number having
        bad luck and all.

2.      A major bug, due to programmer stupidity, has been fixed. Alas,
        this bug actually could cause some damage to your disk.

3.      The X= switch works better now - it was ignored on Direct Disk
        Writes

4.      Some of the error messages have been made a bit clearer.

5.      Complaints from some of the users have caused me to increase the
        size of the checksum buffer internal to FLU_SHOT+.  This has the
        sad result of increasing the TSR size of the program itself -- but
        I consider it a reasonable increase for speeding up the checksumming
        of files.

6.      If a file to be checksummed could not be found at startup time,
        the previous files checksum was displayed -- this has been fixed.

7.      Certain holes in FLU_SHOT's security system have been patched.

8.      The size of the FLUSHOT.DAT buffer has also been increased to allow
        users to specify more files to be checksummed and/or protected.


Version  1.5,  released on 1/15/89,  has some enhancements and  a
bug-fix or two:

1.   IOCTL's are now checked pretty carefully.  Earlier versions
     had a minor hole.
2.   A new option, '-W' will keep FLU_SHOT+ from triggering on an
     open of a file which allows for write access.  Many lazy
     programmers (and I qualify as one, sometimes!) may open a
     file for write access, even though no write is intended.
     DOS's COPY command, for example, will cause a trigger on the
     open  access to the source file.
3.   FLU_SHOT+ will now trigger when a write is attempted to a
     file through the "handle" method. You'll get more triggers
     than with the original "Open with Write Access" you got,
     but it's better and more precise protection.
4.   If you end a line in your FLUSHOT.DAT file with an '!', then
     the files which match this are considered "restricted". When
     access to these files causes a FLU_SHOT trigger, no options
     are displayed: the user is advised they are attempting to
     access a restricted file and to press any key.  The
     operation will always fail.
5.   However, restricted access isn;t much use if three hits of
     the ALT key can disable FLU_SHOT.  So, a new option '--' has
     been added to disable disabling (yeah, I know it sounds
     weird!).  If you use a '!' in your FLUSHOT.DAT file to
     restrict access to users *local* to your system, then you
     should use the '--' option in your FSP invocation call.
6.   CMOS protection caused a lot of problems:  about three out
     of every four support calls were because of CMOS problems:
     and nine out of ten of those calls were due to people
     attempting to check CMOS on their XT.  XT's don't have
     CMOS!!  Since the protection offered wasn't that big a deal
     anyway, it's been pulled entirely.  As has the '-I' switch.
     The in-memory table is now checked before every DOS
     operation.
7.   A bug in 1.4 would allow the Lehigh virus through under
     certain circumstances.  This has been fixed.
8.   The price of FLU_SHOT+ remains the same, at $10.  However,
     the cost of FGLU_SHOT went up. Huh? Well, we now charge
     an additional $4 handling/shipping/processing charge on
     each order.  Sorry: I never expected to make a fortune
     off of FLU_SHOT+, but I have to at least break-even.
9.   A bug in the code would allow certain files to slip through
     unprotected.  It's been fixed.
10.  Using the '-A' switch allows you to define what attributes
     you want to use for the trigger window.
11.  Using the '-K' switch allows you to define which "special"
     keys will be used instead of the Alt and Ctrl keys.
12.  A serious bug in the "use BIOS" routine which could cause a disk
     to be trashed has been fixed.


Version  1.51  (02/01/89):
1.   The in memory checksum routine was running too frequently, causing
     certain DOS operations to crawl to a snail's pace.  It's been
     altered.
2.   FSP will now indicate what "agent" or program it believes is causing
     the problem.   This is not *always* reliable,  but it should tell you
     the right name of the program attempting a prohibited access
     about 99% of the time.


Ross, 02/01/89
