PC: MVDL language

For the SVDL I have build the compiler and the interpreter. Then I build a IDE (Integrated Desktop Envirnoment) where people can compile (produce the SVX) and test a SVDL program. After I write a package for creating the SVDL library, and a little scanner that use the SVDL interpreter for finding virus in file.

So, I started to define the MVDL (Memory Virus Detect Language). But there's a little problem: all the viruses I saw use an equal method for finding them in memory, so I was thought that the MVDL should not be completely if I don't find all the virus detection methods. Due to the difficult to found other viruses, I didn't define completely the MVDL and not make any implementation of it. On the other hand, I write some documentation that I show you below.

The other code I wrote was a machine language version of MVDL scanner, e.g. the antivirus with the assembly code extracted directly from virus. This step permit me to prove the validity of MVDL, and show me the speed of this method. Do you remember how mach time need the McAfee scan for test your memory for viruses? Lot. With the assembly version of MVDL, 10000 TSR viruses may be searches in less that a second! In this case, even if the antivirus program may be recompiled when new viruses are found, due to the less instruction needed for one viruses to be found by MVDL, I use the recompilation of the antivirus (well, a pascal oop library that can be linked in other program, so today it will be a DLL).

For descript the MVDL language I don't give you the BNF, but some examples:

  CODE 01;
  SEARCH FOR 'SLAYER';
  ASSUME AX=0F1FAh;
  INT 21h;
  COMPARE AX WITH 0AAAAh BY =
  ON TRUE DO '%#^& in $'

The above is MVDL that search for Slayer virus; the assembly version was this:

  MOV  AX,0F1FAh
  INT  21h
  CMP  AX,0AAAAh
  JE   @VirusActiveInMemory

Note that in MVDL output string there's some macro char:

  %   string in SEARCH FOR '...'
  #   virus
  $   memory
  @   MVDL
  &   active
  ^   found

The reserved word of the MVDL are:

  CODE  SEARCH   FOR   ASSUME  INT  COMPARE  WITH  BY  ON  DO  TRUE  FALSE

plus the 8086 register:

  AX  BX ... SI  DI  AL  AH ...

On the implementation I only define this code:

  7  6  5  4  3  2  1  0
  |  |  |  |  |  |  |  |
  HI LO SI DI AX BX CX DX

  7  6  5  4  3  2  1  0
  |  |  |  |  |  |  |  |
  |  0  <> <= <  >= >  =
  0 false
  1 true

So the register AX is given by 11001000, BH by 10000100 and SI by xx100000.

Finally here you can download my languages:
SVDL (94 KB)
MVDL (4 KB)

Tognon Stefano programs