home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
The Epic Collection 3
/
Epic Collection 3, The (1997)(Epic Marketing)[!].iso
/
useful_tools
/
virusz
/
virusz.history
< prev
next >
Wrap
Text File
|
1996-10-11
|
41KB
|
758 lines
============================================================================
VIRUSZ II REVISION HISTORY
============================================================================
1.35 Changes/Additions since 1.34:
- Added new topic to vector check: 'Suspicious Process Fields'.
The tc_Switch, tc_Launch and pr_PktWait fields of every process
are listed here. These fields are used by some new viruses and
they are likely to be used by future viruses too.
- Added 'Show Process Fields' to vector check prefs. This button
switches the function mentioned above.
- Added 'Process Fields' to 'Clear' menu in the vector check to
reset the above mentioned pointers.
- Added process field check to the background checker.
- Added 'Process Fields' buttons to the background prefs. Here you
can turn on/off startup check/surveillance of the process fields.
- Added new viruses: TRSI-ZNT.exe Fake, Firedom 1.4, HNY Clones.
Thanks to Markus Schmall and Jan Hendrik Lots for sending these
little beasts.
- Added Prometheus linkvirus. Thanks again to Markus Schmall.
- Added Smeg and Aram-Dol linkviruses. Thanks to... Markus ;-)
- Added BEOL3 linkvirus. Thanks to Markus Schmall, Jan Hendrik Lots
and Jani Juhani Mattinen for sending this sucker.
--------------------------------------------------------------------
The time has come to go back to the 'Fachhochschule' again, now for
about nine months until July 1997. This means that I will only work
on VirusZ at the week-ends which is far too less for astonishing
improvements. Therefore I will mainly do some new-virus-implemented
updates. Nevertheless VirusZ development will be continued...
--------------------------------------------------------------------
1.34 Changes/Additions since 1.33:
- Added new viruses: ADO! + Installer + Library, Gotcha! II, ORB 95,
VoxelSvind Trojan and AGA Italy Fake. Thanks to Jan Andersen and
Jan Hendrik Lots for sending those beasts.
- Added BEOL 96 virus, the most clever bastard ever seen on Amiga
so far. It took a lot of analysing work to find a cure against
this sucker. Thanks to Jan Hendrik Lots for sending it and Markus
Schmall for some more example files.
- Added B.E.O.L. 2 and Affe linkviruses. Thanks to Markus Schmall
for sending them.
- Added XCom linkvirus. Thanks to Markus Lück for sending it.
--------------------------------------------------------------------
Jan Andersen reported that the archive check crashes on his A500.
I myself then tested VirusZ on a plain 68000 and on Kickstart 2.0,
but it worked well. If someone has similar problems on his machine,
please tell me and send me the archive that crashed for testing...
--------------------------------------------------------------------
1.33 Changes/Additions since 1.32:
- Added archivers preferences! Here you can easily enter the names,
recognition offsets/data and command lines of any file based
archiver programs (eg. LhA, LZX) you want VirusZ to recognize and
extract.
- If preferences have been changed during a session, VirusZ now
tells you if any of them have not been saved yet before exiting.
This is especially useful as the new archivers preferences might
be a lot of typing stuff which is annoying to lose.
- Added 'EF67A3C3' linkvirus (temporary name until something better
comes to my mind). Thanks to Christoph Faßbach for sending me this
little beast.
- Fixed wrong recognition for Lisa FuckUp 2.0. Sorry folks, but all
those RexxMasher compiled files have been recognized as a virus.
Thanks to Bert Jahn for sending the RmS package and the report.
And sorry to Matthias Scheler (AmiNet Administration) for all the
trouble.
- Added 'Extract Archives' toggle to the file check preferences to
switch on/off the new feature.
- Finally added recognition/extract code to the file check itself.
The rewritten file loader now also handles data files much better
if 'Decrunch Data Files' is activated. Only crunched data files
will be read completely, all others will just be read partially
for recognition purposes.
- Added more informative statistics at the end of each file check.
- Added new options to CHECKFILE and CHECKDIR ARexx commands:
a. USEEXTERN enables use of external xfd slaves.
b. EXTRACT turns on extracting of archives.
- Added USEEXTERN and EXTRACT options to Shell template. Meanings
are the same as with the ARexx commands.
- Added HitchHiker 3.00 + Installer. This is the 50th linkvirus
recognized by VirusZ!!! Special thanks to Markus Schmall for
sending this 'anniversary gift'.
- Fixed bug in HitchHiker 2.01 repair code. Some branches haven't
been removed properly in the last version. Thanks to Emmanuel
Poirier for this report.
- Added new version of xfdmaster.library.
-----------------------------------------------------------------
The new features of this version have been heavily debugged and
I already fixed 3 major bugs in the beta versions, so this final
release should be stable and work properly. If there nevertheless
appear any problems, please contact me! Thank you in advance...
-----------------------------------------------------------------
1.32 Changes/Additions since 1.31:
- Added recog/repair code for Hitch-Hiker 2.01 linkvirus. Thanks
to Frank Heim, Holger Hesselbarth, Michael Veroukis, Bert Jahn
and Jan Hendrik Lots for sending me this ugly creature ;-)
- Added other viruses: BootShop Virus-Installer, Lisa FuckUp 2.0,
Acid Infector 1.5, H.N.Y. Installer 3, ExHacker Trojan 1 - 3,
Pamela Fake and Commander Installer 2. Thanks to Jan Hendrik Lots
for testing VirusZ 1.31 and sending those missing ones.
- Added new xfdmaster.library that supports CFP 1.35/1.36 files.
No more hiding of viruses is possible now with that method.
1.31 Changes/Additions since 1.30:
- Enhanced basic file check routines. Added better test routines
for truncated files, added support for reloc32_short hunks in the
linkvirus removal code, added better CPU cache controlling code.
I hope that every abnormal condition is under control now ;-)
- Added analyzer for raw bootblock data files to file check. Now
you can scan your bootblock directories and get a report of all
bootblock viruses.
- Fixed severe problems in the file check: If a file was infected
with a linkvirus and underneath there was a 4eb9-linked file,
the 'Delete file' requester didn't pop up. The same problem
appeared when a linkvirus couldn't be removed properly.
- Fixed some bootblock recognitions. It sometimes happened that
clones were reported with the wrong name.
All the above improvements are mainly based on the test results of
the Virus Test Center of the University of Hamburg. Thanks to Sönke
Freitag and the other members of VTC for this 'blow on the head' ;-)
I will fight to get back on the top ranking in your test sheet...
- Fixed repair code for Invader linkvirus. Some files might have
been defect after repair with the old code.
- Added new viruses: AMOS AGA-Install, CompuPhagozyte 10/11/12,
Circle of Power 12/13/14, VirusConstructionSet 2, LZX Reg Fake,
Creator, Degrad, Andy/Decade, Susi Drive Stepper, Biomechanic 7,
Wireface 3/4, Fileghost 1, Strange Atmosphere + 3 Installers.
Thanks to Markus Schmall and Jan Andersen for reacting so quickly
on the poor results in the VTC test and providing me with those
missing viruses.
- Added new feature to file check: It now automatically removes any
hunk_name ($3e8) found in a file. This is especially useful as
there appeared several disguised trojans through the last months
that used hunk_name to avoid proper file checks. I changed some
recognitions too: Wireface Trojans, COP 8 and UA Dialer 6.2 will
be analyzed completely and reported with their real names now.
- Added Amixhack trojan. Thanks to Dave Jones for that bastard.
- Added viruses: UnLZX Trojan, PowerTrader Fake, The BBS Traveller,
Hitch-Hiker 1.10 and Mutation Nation 1.0. Thanks again to Markus
Schmall for supplying me with these viruses.
- Fixed Enforcer hit in the B.E.O.L. memory check code. Thanks to
Christoph Dietz for the report.
! IMPORTANT: I will no longer add new patches as I may develop !
! a totally new vector check for VirusZ that will be intelligent !
! enough to learn changes done to the vectors. So please don't !
! send me disks with new patches any longer. !
And finally sorry for this relatively long delay, but it's going
to be summer and I need some fresh air from time to time ;-)
1.30 Changes/Additions since 1.29:
- Added some old bootblock viruses: Ass Protector French, Cracker
Exterminator, Disk Furunkel, Lamer Ext. Decoded, Laureline Female,
Sinister Syndicate 1+2. Some of these aren't really viruses, but
most other virus checkers detect them, so I added them too.
Thanks to Jan Andersen for sending that stuff.
- Fixed bug in preferences load routine. This code crashed on plain
68000 machines because of odd stack addresses. Thanks again to
Jan and to Phillip Feigh for the report.
- Fixed bug in the 'Happy New Year 96' repair code. The old routine
missed to check for one possible branch location and therefore
produced some crashing files from time to time. Thanks to Holger
Wessling and Jan-Tore Eliassen for reporting that bug and sorry
for all the trouble you had with the defect files.
- Added patches: CacheIt, ModePro, NewIcons, Prop3D and UrouHack.
Thanks to Dave Jones for collecting and sending that stuff.
- Added new version of xfdmaster.library.
- Added decrunch support to the FD file loader in the vector check.
Now you can crunch your FD files with any data cruncher supported
by xfdmaster.library. Thanks to Dave Jones for the nice idea.
- VirusZ now requires xfdmaster.library already at startup, ie. you
MUST install it in your LIBS: drawer. The reason is simple: Until
v1.29, I added several xfd-routines directly to VirusZ to avoid
loading xfdmaster.library, but this seems to be very uneffective
as most people use the decrunch feature anyway. There is a nice
side effect too: VirusZ has been shortened by about 2500 bytes.
- Added patches: LowFrag and UrouHack 1.3. Thanks to Bert Jahn for
sending that stuff.
- Saved about 1600 bytes by removing double strings (mostly virus
names) and optimized some memory recognition code.
1.29 Changes/Additions since 1.28:
- Added xfdPatch to the vector check.
- Added recognition for LZX archives to the file check. Thanks to
Holger Wessling for the hint.
- Added MCP and PatchControl 2.2 to the vector check. Thanks to
Stefan Sommerfeld for sending the latest versions and for the
extra information.
- Added option 'Use External Slaves' to the file check preferences.
This is a new feature of xfdmaster.library v37 to filter out
external slaves that cause trouble all the time.
- Added KUK Crew and LZX 1.2 Fake trojans and Invader linkvirus.
Thanks to Markus Schmall for sending them.
- Modified and expanded the background preferences. The buttons for
'Bootblocks', 'Disk-Validators' and 'Known Viruses' exist twice
now as all the other buttons too. The 'Check Disks On Startup'
has been removed and replaced by the above mentioned. Now you can
switch on/off the bootblock and disk-validator check separately,
the check for known viruses can be switched off at startup too.
Please control your settings when you start the new version for
the first time.
- Rearranged some vector check code for better performance and
finally added all patches caused by SetPatch 40.16. Thanks to
Lars Kristensen for reporting about the SetPatch problems on
his machine.
- Redesigned file check preferences for better readability.
- Added changes done by 68040.library to vector check. If there
are still some vectors reported, please send me a note because
I couldn't test the recognition myself. No 68040 :-(
1.28 Changes/Additions since 1.27:
- Finally fixed a problem that I already noticed some months ago,
but didn't find the bug. After inserting and removing some disks,
it may have happened that the system had a busy-loop whenever the
background checker was working. Now I found the problem that
caused all the trouble: the BEOL memory checker tried to read
from a non-existing process in not available memory areas.
- Added a big new feature: a real background checker that not only
searches for known viruses but recognizes all changes done to
any system vectors. You can configure it totally to your needs.
All checks can be enabled/disabled separately for startup and
for surveillance.
- Added new security check to the memory checker: before testing
for known viruses, the respective address is tested to be in
available memory areas. This prevents busy-loops with RAD: or
other residents located near the bounds of a memory area.
- Added MagicCX 2.39 to the vector check. Thanks to Martin Hans
for sending it.
1.27 Changes/Additions since 1.26:
- Added Happy New Year 96 linkvirus + 2 installers and three old
bootblock viruses called Asshole, RedGhost and Sao Paulo. Thanks
to Markus Schmall and Holger & Data-Stream for sending them.
- Added new version of xfdmaster.library to the package.
- VirusZ has a new official distribution site: Nirvana BBS !!
For more info read the updates chapter of the guide file.
Thanks to Markus Schmall for talking with the SysOp.
1.26 Changes/Additions since 1.25:
- Added (new versions of) the following patches:
BusyPointer, FastWaitBlit, PatchOpenWB, QuietTD, WBGauge,
PowerData, ForceIcon, ModePro, AlertPatch, Arq and ReqChange.
Thanks must go to Dave Jones, David Oakes, Martin Hans and
Adam Szymczak for sending me that stuff.
- Added viruses: Circle Of Power 10 + 11, Biomechanic 6,
PB-Party Fake and Phantom Linkvirus + Installer. Thanks to
Markus Schmall for sending them.
- Added unlink code for Glue 2.2 and Glue 2.3 linkers to the
file check. Thanks to Dave Jones and Markus Schmall for the
example files.
1.25 Changes/Additions since 1.24:
- Fixed menu colors for Kickstart V39+.
- Removed INFO option from the shell template.
- Added ARexx port! Finally VirusZ can be controlled from external
scripts or other programs. The first commands are HIDE and QUIT.
- Added CHECKFILE command to the ARexx port. Now you can check
single files from other programs like DOpus etc.
- Added ARexx command CHECKDIR to check a whole directory.
- Added scripts: CheckFile.vzrx, CheckDir.vzrx and CheckArc.vzrx.
These three show the whole power of VirusZ's Arexx port. You may
modify them for use with e.g. DOpus or other archive types.
- Extended shell template with FILECHECK, AREXX and QUIT commands.
These enable you to send ARexx commands from a shell environment
or from scripts directly to VirusZ. Returncodes represent the
results of the ARexx calls. If VirusZ is not running while using
one of the shell options, it will be first started and then the
commands will be transmitted to the ARexx port.
- Fixed string comparison in the ARexx code. Now it is no longer
case sensitive and thus will no longer make trouble with shell
options.
- Rebuilt and enhanced documentation. Now you can get some more
information about what VirusZ is doing in the background etc.
- Added ExAll() emulation to the file checker. There seems to be
a problem with some Kickstart versions using ExAll(). I've
written a replacement routine that can be turned on if required.
Thanks to Markus Schmall for telling me about the problem and
to the guys who told it to Markus.
- Added MultiCX 2.18 to vector check. Thanks Markus!
- Fixed all gadget sliders to Kickstart V39+ colors.
- Added Swifter 2.5 and SCSI-HD-Faker viruses. Thanks Markus!
- Added new behaviour to startup code: If there's already an old
version of VirusZ running, this one will be terminated and the
new version is started. This will only work with versions that
already have an ARexx port, so this is useful starting with the
next version of VirusZ. Thanks to Holger for the idea.
- Added 'Activate On Startup' option to the Misc settings. Now
you can tell VirusZ to activate the main window on startup.
Thanks to Axel Folley for that suggestion.
- Added 'Skip Crypted Files' option to file check settings.
This is useful if you have many password-protected files and
don't want to click on the 'Cancel' gadget a hundred times.
Idea by Axel Folley, thanks a lot.
- Fixed report output in file check: Now the escape sequences
are no longer starting with $9b, but with $1b,$5b. This makes
the output readable in editors like CygnusEd that support the
usual esc sequences. Thanks again to Axel Folley for the hint.
- Added Wireface Trojan 2 (CheckMount) virus. This nasty beast
was sent to me by Axel Folley. Thanks #4!!
1.24 Changes/Additions since 1.23:
- Oops! Little bug fix in the file check. This one must have been
in VirusZ for at least 2 years and nobody (including myself)
noticed it. Whenever VirusZ came across 9 or more subdirectories,
the display went crazy because of a counter underflow in the
screen output routine. Special thanks to Cameron Weeks, Rudolph
Riedel and Axel Folley for the detailed report. Isn't it funny
that nobody noticed that bug for years and now you guys found it
all within two weeks??
- Added support for SetMan, PatchControl and patch.library to the
vector check. All patches that have been SetFunction()ed with
one of these programs running caused VirusZ to display them as
unknown even if they were already built in.
Thanks to Rudolph Riedel for sending me the programs.
- Added recognition for EasyReqPatch, ModePro, PatchAllocMem,
ReqChange, TimedRequesters and MultiCX to the vector check.
Thanks to Rudolph Riedel and Axel Folley for sending them.
- Added Ebola and Cryptic Essence linkviruses.
Thanks to Markus Schmall for sending them.
- Added support for FD files to the vector check. Now you are
able to see the function names of unknown vectors instead of
their offsets.
- Uh! Last minute fix in the FD file support. Standard functions
(-6 to [-24/-36]) have not been displayed correctly.
- Totally overworked file check routines. 4EB9-linked files will
be unlinked, decrunched and checked now. Nested 4EB9-links in
one file are handled all during one check via recursive calls
to the check routine. This stuff took me two full days as
I had to localize all global structures in the check routines!
- Totally overworked internal file- and linkvirus brains to
support 4EB9-viruses directly. And another weekend is gone!
Attention: VirusZ will detect some built-in viruses ONLY if the
decrunch option is enabled. Sorry, but that's the drawback with
recursive checking.
- Splitted docs in three parts: English, Deutsch and history.
Cut pre-VirusZ II entries from the history to shorten docs back
to a sensible size. Updated guides with new features.
- Fixed another little problem with FD files in the vector check.
Some devices (e.g. trackdisk) don't have a FD file because they
don't offer additional functions. In that case the standard
functions (-6 to -36) have not been displayed by name.
- Added new powerful version of xfdmaster.library.
- Removed old icons and added MagicWB icons by Martin Huttenloher
and Timm S. Müller. Thanks for the great work guys!
1.23 Changes/Additions since 1.22:
- Oops! Illegal Access also has a method to link itself to
libraries/devices/datatypes etc. which I've totally forgotten
in the last version. Thanks to Markus Schmall for reporting
this 'feature'.
- Oops again! The recognition for COP 9 recognized almost every
Amiga-E program as virus. Sorry for this especially to all
Amiga-E programmers who had trouble with their users.
Thanks again to Markus Schmall for the call.
- Renamed viruses formerly called COP 9 to Biomechanic 1.
- Renamed DayDream/Fixdisk Fake to Biomechanic 2.
VirusZ 1.21 Fake is a Biomechanic 2 too.
- Added viruses: HD_Install Fake, Circle of Power 9, Vera 2.3,
ConMan Link Installer and ConMan Link, Wireface Trojan and
Biomechanic 3. Thanks to Markus Schmall for sending them.
- Oops #3! When reading the report from VTC Hamburg, I always
wondered which generation of the Crime'92 shouldn't be
recognized by VirusZ. Now I found it by analysing the virus
once again. I've forgotten to check for word-padded links
(happens when the very last opcode in a file is RTS) and
I've overseen the fact that the encryption may have two
different branch offsets. Sorry folks, now it's 100% safe!
- Optimized hunk handling in the linkvirus removal routines
and saved about 400 bytes of code.
- Finally fixed one BIG problem of the file checker:
Whenever there was a write access (deleting/removing virus),
it may have happened that some files were overseen or
checked twice because the filesystem exchanges some file
headers on disk on every write access. This was especially
nasty concerning RAM:, because that handler is not block
oriented. That problems are history!!
I've rewritten the whole directory scan routine using ExAll()
instead of Examine()/ExNext(). Now not only the above mentioned
problems are fixed, but the code is even shorter and faster
than before. Nested directories are now handled via recursive
calls to the scan routine!
- Added (new versions of) the following patches to the vector
check: AlertPatch, ExecPatch, MakeVPortPatch, Enhanced Alert
Hook, NewMenu, NoCare, PatchAlert, PointerX, Reset1200 and
SysIHack. Thanks to Dave Jones for sending them.
1.22 Changes/Additions since 1.20:
- Added file and memory support for B.E.O.L. and Illegal Access
viruses. These two bastards took me a whole weekend to analyse
and find a cure. Very nasty and totally new ideas inside.
Thanks to Markus Schmall for sending them so quickly.
- Added some more information to the vector check 'CPU Interrupt
Vectors'. Just an idea I got while analysing Illegal Access.
Now not only the autovectors are displayed, but all exceptions.
- Added recognition for the following viruses:
Alfons Eberg 2.0, ComKiller 1.6 Fake, Condom 1.5, K&M Intro,
DayDream/FixDisk Fake, Butonic 3.10 + Installer, LZX 1.20 Fake,
Empty Biomechanic, Rock'n'Roll Trojan and InstSG Fake.
- Added new feature to file check: So-called 4EB9-Linkers will
now be detected and reported. 4EB9, 4EF9, UFO and XLink linkers
are recognized by now. I will add some more support for these
in the next versions (Possibly re-link and check single parts?).
----------------------------------------------------------------------------
1.21 FAKED VERSION!!! I never released VirusZ II 1.21 (80268 Bytes).
This is an original VirusZ version with a Biomechanic virus
linked to it via 4EB9 Linker. Delete it immediately!!!
Thanks to Markus Schmall for reporting about that stuff.
----------------------------------------------------------------------------
1.20 Changes/Additions since 1.18:
- Added recognition for the following viruses:
Circle Of Power (several new versions), Fileghost 3, Karaçiç
and Conman 1995 + Installer. Thanks to Markus Schmall and
Axel Folley for sending that stuff.
----------------------------------------------------------------------------
1.19 FAKED VERSION!!! I never released VirusZ II 1.19 (9.6.95).
This actually is VirusZ II 1.03 with only the version strings
changed. No damage is caused by this fake.
Thanks to Markus Schmall for reporting about that stuff and to
Holger Hesselbarth and André Lagemann for sending it to me.
----------------------------------------------------------------------------
1.18 Changes/Additions since 1.17:
- Updated file check to support the new features of the
xfdmaster.library v35.
- Added new option to the file check prefs: "Decrunch Data Files"
Now you can tell VirusZ to load data files completely into
memory and try to decrunch them. Useful especially for XPK
packed executables, as they couldn't be checked for viruses
until now. Thanks to Nicolas Franck for this nice idea.
- Renamed old option "Decrunch Files" to "Decrunch Executables"
as this description is less confusing.
- VirusZ has a second official distribution site now:
Virus Help BBS - Team Denmark [++45-3672-6867]. Thanks Jan!
- Fixed little bug in the linkvirus removal code: If the hunk to
be removed was the only hunk of the whole file, VirusZ crashed.
Thanks to Koenraad Rutgers for sending some example files.
- Added new patches: MultiUser 1.8, ToolManager 2.1a, SmartWB
and xLoadSeg. Thanks to Nicolas Franck for sending them.
- Added viruses: Circle Of Power 4, CallingCard Hacker and
HD SpeedUp 1.0. Thanks to Jan Andersen for sending them.
- Added new features to the vector check:
a. Settings can be changed within the vector check now.
If some prefs have been changed, display auto-refeshes.
b. Vector report can be saved now. Thanks to Steve Bowman for
this useful idea and sorry for the long delay.
1.17 Changes/Additions since 1.16:
- Added viruses: Revenge of NANO 1 + 2, IconDepth Fake, VScan Fake,
Circle of Power 2 + 3. Thanks to Markus Schmall and Matthias Gutt
for sending them.
- VirusZ has an official distribution site now. Thanks to Holger
of THE REALM [++49-(0)515-43528] for his offer.
1.16 Changes/Additions since 1.15:
- Added patches: DosPrefs, TWA, PowerSnap and a new version of
ToolsDaemon. Thanks to Rudolph Riedel for sending these.
- Added viruses: Circle Of Power, /X Fucker, Rastenbork 1.2,
Rastenbork 2.0, Rastenbork Installer, World Clock Fake.
Thanks to Markus Schmall and Jan Andersen for sending them.
1.15 Changes/Additions since 1.13:
- Added Gathering '95, Conman-LoadWB + Installer, Addy 0.99 +
Installer, Commander Installer, Copy_LX, LhA V3, IStrip 2.1.
Thanks to Markus Schmall for all that viruses.
- Fixed recognition for DMS 2.06, Timebomber Inst. and Gotcha
Lamer! Installer. Thanks again to Markus Schmall.
----------------------------------------------------------------------------
1.14 FAKED VERSION!!! I never released VirusZ II 1.14 (2.2.95).
This actually is VirusZ II 1.03 with only the version strings
changed. No damage is caused by this fake, but it's really
old and though not too useful. Thanks to Jan Andersen for
sending that stuff to me.
----------------------------------------------------------------------------
1.13 Changes/Additions since 1.12:
- Added new PointerX, SysException and AddPower to the vector
check. Thanks to Dave Jones for sending this stuff.
- Added 'Access Forbidden' clone. Again thanks to Dave.
- Added CheckDebug, CycleToMenu, ForceIcon, NewMode, PatchPointer,
SwazInfo and new Setpatch to vector check. Thanks to
Thomas Kessler for all those bits'n'pieces.
- Added WBExtender to vector check. Thanks to Markus Schmall.
- Added Ami-Hacker, DMS 2.06 Short and Surprise virus. Thanks
to Markus Schmall for sending this stuff.
- Totally revised & updated the filevirus brain. Everything is
prepared for some new features now. Wait and see...
- Fixed some bad recognition code that reported several
virus-free programs to be infected. Thanks to Markus Schmall,
David Oakes and Koenraad Rutgers for the hints.
Note to Koenraad: The problems with BootJob and XLink will
be fixed in one of the next updates as this is what I wanted
to do next anyway. Your files are NO viruses.
- Added patches: FasterBlit 6.6 and some new SetPatch stuff.
Thanks to Adam Szymczak for these.
- Added Pestilence bootvirus. Infected sectors can be repaired
via SectorCheck. Thanks again to Markus Schmall.
1.12 Changes/Additions since 1.11:
- Added Commander, Eleni! and Fileghost 2 viruses! Thanks to
Markus Schmall for sending them.
- Added new versions of ReqChange and CopyMemQuicker to the
vector check. Thanks to Adam Szymczak for sending them.
- Renamed "? No Name ?" virus to Vtek 2.2.
- Improved recognition code for Decompiler virus. Some AMOS
files had been recognized as the virus. Thanks to Markus
Schmall for the hint.
- Redesigned whole file- and linkvirus checking routines.
You won't notice a big difference as the GUI looks as always,
but internally everything has changed. VirusZ is now able
to check EVERY hunk of executable files for linkviruses.
NO hidden linkviruses anymore by just adding some new hunks!
- Fixed several small bugs in some old linkvirus stuff while
rewriting the checker.
- Linkvirus removal code now supports all official hunktypes
from hunk_unit to hunk_index.
- Added some new file types.
- Renamed some more viruses, amount of viruses changed
slightly because some routines now recognize several
types of the same virus while others have been split.
- Redesigned "Show Brains" requester.
- Added Big Ben, Max Of Starlight '93, BootX Killer and
Amiga Fanatic 1.1 bootviruses. Thanks to Markus Schmall
as always for sending them ;-)
- Added recognition for new versions of RTPatch and FasterBlit.
Thanks to David Oakes for sending them.
- Redesigned "Show Brains" again, displays patches now.
TO DO:
Due to lack of time, I just redesigned the linkvirus part of
the file check, the filevirus part still only checks the first
hunk. This will be changed in later releases. I have some ideas
concerning the so-called 4EB9-Linker and similar utilities, too.
This is a secret, wait for the key...
1.11 Changes/Additions since 1.10:
- Added Elien 0.1 virus and VMK 3.00 fake. Thanks to Markus
Schmall for sending them.
- Added Enforcer, SegTracker and MungWall to vector check.
Thanks to Ulrich Klauer for sending this stuff.
- Added latest version of xfdmaster.library.
1.10 Changes/Additions since 1.09:
- Added viruses: Decompiler, Doom + Installer, Intel (LoadWB),
Lamerfry 1.3b, Lamerkiller, Laureline, DMS 2.13 Fake, JiZANSi,
RootFormatter, EastStar + Installer, Look BBS, Sumpf Gag,
Polyzygotronifikator. Thanks to Markus Schmall for these.
- Added latest version of xfdmaster.library.
- Added another linkvirus that doesn't contain any ID string,
so I simply called it "? No Name ?". May be renamed later.
Thanks again to Markus Schmall for sending it.
1.09 Changes/Additions since 1.08:
- Added viruses: Eleni, Loop-Combo and Labtec. Thanks to
Markus Schmall and Mark Ives for sending these.
- Added latest version of xfdmaster.library.
1.08 Changes/Additions since 1.07:
- Added viruses: Mount, Debugger, G-Zus and some CCCP Clones.
Thanks to Marco van den Mont, Jan Andersen, Jim Maciorowski
and Krzysztof Klos for sending them.
- Added more viruses: Installer of Mount, Easy-E and Installer
of Conman. Thanks to Markus Schmall for sending them.
1.07 Changes/Additions since 1.06:
- Added viruses: Installer of Datalock, LhA-Check 1.1 and a new
version of Menem's Revenge. Thanks to Markus Schmall and
Jan Bo Andersen for sending them.
- Again new viruses: MST-Inte, Rel 01.28 and Conman-Trojan.
Thanks to Markus Schmall for these beasts.
- Added new version of xfdmaster.library including external
decruncher and changed installation script.
- Designed new icons for VirusZ, Guide and Installation.
1.06 Changes/Additions since 1.05:
- Added some additional self checks. You can now verify if your
copy of VirusZ is an original or a fake by comparing the length
stated in the "About" request with the actual file length.
- Added new patches: HD Floppy Driver, SetPatchMrgCop, PowerData,
BorderBlank and a new version of MagicMenu.
Thanks to David Oakes and Naim Hosein for sending them.
- Added boot viruses: Datalock 1.1, Datalock 1.2, Polish P-1B.
Thanks to Markus Schmall and Krzysztof Klos.
- Added file viruses: Installer of Digital Dream, Xlink 3.0,
Saddam 7, Aibon 3, Burn 2, T.A.I. 11, ToolsDaemon 2.2 Fake,
GeneralHunter 3.2. Thanks to Markus Schmall, Martin Odaischi
and Jan Bo Andersen.
- Added string gadget "Devices" to the Misc Prefs. Now you can
enter all your devices (mounted or unmounted) to this list
and they will be both checked from the background task and
used from the BootLab. I hear some people say: "Oh, I have to
type them all myself. How irritating!". BUT: You'll have to do
it only once, and then there will never be any problems with
CD drives, some HD controllers etc. If a drive doesn't work,
simply don't add it to the list. Thanks to this simple but
nevertheless great idea to Axel Folley.
- Added again viruses: Zonder Kommando 1 + 2, AAA-Enhancer, JINX.
Thanks to Markus Schmall for these and for the 'Burn' code.
- Included latest version of xfdmaster.library.
----------------------------------------------------------------------------
!WARNING! VirusZ II 1.05 (68544 bytes) is a fake! !WARNING!
The original is 66116 bytes long.
----------------------------------------------------------------------------
1.05 Changes/Additions since 1.03:
- Totally redesigned documentation. It is now written for AmigaGuide
and contains a German section to satisfy all the guys who kept on
nagging for the last months.
- Added some nice code for encrypting VirusZ. Bad luck, hackers.
I hate nothing more than little lamers thinking they are cool
when they destroy the hard work of other people.
- Added patches: AlertPatch, FaccII, GOMF 3.0, RTDD 1.7, SFAPatch,
Setpatch 40.14. Thanks go to Steve Bowman and Ralf Thanner.
- Added bootblock viruses: Baltasar, Datacrime 2.0, PAL, PDS, PKK,
Shake!, TAI 4, TAI 5, TAI 6, TAI 8, TAI 9, Tomates Gentechnic 2.0.
Thanks to Martin Odaischi and [can't remember who it was].
- Added file viruses: Boot-Virus Installer, VirusZ 1.03 Fake.
Thanks fly over to Martin Odaischi and Markus Schmall.
If I only could get my hands on the little idiot who did that
fake, he'd wish he never had done it.
----------------------------------------------------------------------------
!WARNING! VirusZ II 1.04 is a fake! !WARNING!
----------------------------------------------------------------------------
----------------------------------------------------------------------------
!WARNING! VirusZ II 1.03 (67076 bytes) is a fake! !WARNING!
The original is 64664 bytes long.
----------------------------------------------------------------------------
1.03 Changes/Additions since 1.01:
- Added the following viruses: Sepultura 2.26, BossNuke,
ModuleMaster 1.7 Fake, Virus-Hunter 10.20, VKill 1.00 File,
Merry, MegaLink, Digital Dream, Zenker.
Thanks to Markus Schmall and Jan Nielsen for sending them.
- Replaced decrunch.library by xfdmaster.libary support.
That's one of the reasons why the last few updates were
quite simple, I worked on that library since October.
It works much more efficient than decrunch.library,
is much safer and supports some more crunchers. Several
bugs have been fixed.
- Improved the hunk tester in the file check.
- Added some more viruses: PHA Intro Fake, Anim Intro Fake,
Dialer 2.8g/6.2, M-WHO Backdoor, Stockmarket Backdoor.
Thanks to Markus Schmall and Jan Bo Andersen.
- Replaced old reqtools.library with a new update.
- Added new patches to vector check: Xoper 2.4, NOG2 2.1,
PowerCache 37.64, FasterBlit 5.0, IPrefs 40.29.
Thanks to Ralf Thanner for sending them.
----------------------------------------------------------------------------
!WARNING! VirusZ II 1.02 is a fake, delete it now. !WARNING!
----------------------------------------------------------------------------
1.01 Changes/Additions since 1.00:
- Added new viruses: VIRI, SHI, VCS 1, VCS 2, Leviathan,
Fred Cohen.
Thanks to Markus Schmall and Jan Bo Andersen for these.
- Added new patches to vector check:
KCommodity 2.5, MagicMenu 1.27, PrintManager 1.1 + 2.0,
FastWaitBlit, FrontPubScreen, Alert Patch.
1.00 Changes/Additions since 0.94ß:
- Added new bootviruses: Karl Marx, CBM, SCA 666, M_Chat and
TFC Evergreen 47.11.
Thanks to Martin Odaischi for sending them.
- Added new bootviruses: AIFS, NASA, TAI, PVL.
Added new linkviruses: Dark Avenger 1 + 2.
Thanks to Markus Schmall for sending them.
0.94ß Changes/Additions since 0.93ß:
- Added several new bootblock viruses (mostly clones):
ABC Viruskiller 1.01, Electro Vision, Exorcist, Grim Reaper,
Irak 3, JT Protector 1.0, Lame Game, MAD 3b, Prima Vera 8.0,
Starcom 1, 2 and 3.
0.93ß Changes/Additions since 0.92ß:
- Added code for safer device calls. Several people told me
that previous VirusZ versions crashed immediately when started
on their A3000(T). They all had PC0: mounted. This was not a
problem of VirusZ at all, but a bug in the mfm.device of
Commodore. This device trashes register D3 in the Open() call
and therefore caused VirusZ to crash because it uses D3.
Time for a little bug fix, Commodore??
Thanks a lot to Axel Folley for his extensive testing. I don't
know if I would have found that bug as fast as he did.
0.92ß Changes/Additions since 0.91ß:
- Added 'Check Again' gadget to file and sector checker.
- Added 'Auto-Save Report' and 'Default Report Path' to the
file check preferences.
- Added 'Hide OK Vectors' to the vector check preferences.
- Rewrote main loop to act as a commodity. VirusZ can now
be controlled via Exchange.
- Added Shell options and tooltypes CX_PRIORITY, CX_POPKEY
and CX_POPUP for standard commodity support.
- Added 'Hide' item to project menu.
- Added commodity default settings to the misc prefs.
- Removed 'Snapshot Window' item from prefs menu.
The window now remembers all movements automatically.
- Added 'Center Main Window' to the misc prefs to override
the remembered window position.
- Added 'Close Main Window = Exit' to support both the old
CLOSEWINDOW and the standard commodity behaviour.
- Added Shell option and tooltype PUBSCREEN. VirusZ can open
its windows on any public screen now.
- Added Shell option ??=INFO. Use it to get more information
about the usage of the other options.
- Added new viruses: SnoopDos 1.9 Fake, SnoopDos 2.1 Fake,
DWEdit 1.62a Fake, DI Ansi Ed 2.8 Fake, AEReg 3.9, A.I.S.F.
0.91ß Changes/Additions since 0.90ß:
- Added bootblock lab (no brain support yet).
- Added bootlab preferences.
- Removed Unicorn 1.1 from the bootvirus brain. This is not
a virus, but a quite unique loader for menus etc.
Thanks to the guy from Unicorn for calling me.
0.90ß Changes/Additions since 3.07:
- VirusZ requires OS2 now.
- Redesigned main menu and split it in two parts.
- Totally rewritten file check. Uses a multiselect filereq
now, has a new window and new preferences. Detects more
file types and handles viruses even better than the old one.
- Totally rewritten sector check. Only works with trackdisk units
now and supports HD drives. Improved Saddam checking in order to
prevent wrong diagnostics (same with Little Sven). New window
and own preferences have been added.
- Totally rewritten vector check. Output may be scrolled now,
preferences configure the vectors that should be checked.
- Totally rewritten background checker. Works parallel to
the main process and therefore can check memory/disks even
during a file check. Own preferences.
- New preferences format with checksum. This will be compatible
with future ones because of standard definition.
- Rewritten startup code.
- Added internal brain display to VirusZ.
- No brain support and all related functions in this release.
- No bootblock lab + prefs.
- No Shell usage.
- 1000 other minor changes I can't remember.
----------------------------------------------------------------------------
VirusZ II (OS 2.0+ only) history starts in Summer '93.
VirusZ 1.00 - VirusZ 3.07 history (September '91 - Summer '93) removed.
----------------------------------------------------------------------------