home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Magazyn Exec 5
/
CD_Magazyn_EXEC_nr_5.iso
/
Programy
/
Antywirusowe
/
xvslibrary.lha
/
Xvs
/
Docs
/
HISTORY
next >
Wrap
Text File
|
2001-01-04
|
11KB
|
242 lines
============================================================================
== History ==
============================================================================
TO DO:
------
- Add Neurotic Death 2 and Neurotic Death 4. These two linkviruses are
polymorphic, but crash on my system if I try to infect some test files.
It seems that they haven't been spread to the public, I received them
anonymously from the author. So it's not that BIG danger at the moment.
- Try to get and add GlobVec linkvirus. The only one who has it is Heiner
Schneegold (author of VT-Schutz) and VTC Hamburg, but Heiner doesn't
give his permission to the VTC to send me the virus :(
xvs.library 33.24 (size: 52.916 bytes)
- Added 4kIntro Trojan
Thanks to Ryben Kozlak and Jan Andersen
- Added Dkg-Blum Trojan
Thanks to Peter Gordon, Urban Mueller and Jan Andersen
NOTE:
This trojan also replaces/deletes or adds a file called asi.library
XVS will not (yet) be able to detect this file because as far as I
could analyze it, it looked like a normal VideoTracker file.
If XVS would have to see this as a virus, more VideoTracker files
will be fake detected. If you have problems or want this added anyway
let me know.
xvs.library 33.23 (size: 52.868 bytes)
- Added Port 4097 Installer (LoadWB) virus
Thanks to Zeeball for the files
No memory infection found yet, might be added later if one
is found.
- Added Port 4097 Trojan (RexxFifo.Library) virus
Thanks to Zeeball for the file
No memory infection found yet, might be added later if one
is found.
- Added Port 2421 Installer virus (Jizzer)
Thanks to Zeeball for the file
No additional memory or file infection found yet, might be added later
if one is found.
- Added Port 2421 Trojan (Mount) virus
No additional memory or file infection found yet, might be added later
if one is found.
These viruses create TCP/IP ports in memory. If a file infected with one
or more of these viruses is found on your system, chances are that these
ports are open already. For now, you should let the xvs.library remove
the virus and then reset your Amiga. (Which is always a good idea
after detecting a virus, but that aside of the subject) The ports should
then be gone.
xvs.library 33.22 (size: 52.732 bytes)
- Added 8x8 Link virus.
Thanks to Jan Andersen, Chill and Zeeball for the files.
Thanks to Heiner Schneegold for the info on this virus.
xvs.library 33.21
- Added YamPPCpatch Trojan. When so called "patched" a file called
"cedmacros" is put in your "S:". Aferwards, when you press specific
buttons in CED ("a", "q", etc.) some lame text is placed in the text
you are editing. Highly annoying. The library recognises the "patch"
and it's installer. Thanks to Jan Andersen for supplying it to me.
Thanks to Urban Mueller for reporting it to Jan Andersen.
- Changed position of DoubleDensity bootblock virus in virus list.
Wasn't sorted alphabetically properly.
- Fixed MUI 4.0 (clickforcolors) entry to a smaller entry (too big
a name for some virus killers)
xvs.library 33.20
- Quickly fixed the naming of the MUI 4.0 fake. I accidentally named
it Miami 4.0 for some reason. Thanks for Dirk Stoecker for noticing
this
- Placed the Amos Joshua trojans at the right place in the list for
programs that don't sort the virus list before outputting to the user
xvs.library 33.19
- Added Zakapior trojan virus and it's Dropper, thanks to Jan
Andersen for sending them.
- Added Amos Joshua trojan virus and it's Dropper, thanks to
Jan Andersen for sending them.
- Added Amos Joshua Clone virus and it's Dropper, thanks to
Jan Andersen for sending them.
- Added MUI 4.0 trojan virus and installer, thanks to Jan Andersen
for sending them.
- Added AmigaE include modules to archive, including a small example.
The modules and example were created by Andrew Cashmore
(aj.cashmore@ukonline.co.uk)
- The library has changed programmer, although Georg does keep all
copyrights and remains owner of the sources, I (Alex van Niel)
will continue developement. See the README file for my contact
address.
xvs.library 33.18
- Fixed bug in recognition code for Elbereth 1 - 4 and Disnomia
linkviruses. Some copies have not been detected correctly.
Thanks to Dran/Chew-Z for the report and the testfiles.
- Added additional verification code for pseudo-executables like
'Scalos.key' starting with $3f3 even if they are datafiles.
Thanks to Ramon for the report.
xvs.library 33.17
- Added 'STD Crabs #1' linkvirus and its Dropper. Thanks to Jan
Andersen and David Knell for sending them.
- Added 'STD Vaginitis #1' linkvirus and its Dropper. Thanks to
Jan Andersen for sending them.
- Added 'STD Vaginitis #2' linkvirus, its Dropper and
'STD Vaginitis #3' filevirus. Thanks to Jan Andersen and
Jesper Svennevid for sending them.
xvs.library 33.16
- Added another security mechanism that should bring up an alert
if xvs.library has been modified in length (what usually all
viruses do). If such an alert pops up on your computer, please
perform a file check with VirusZ on 'xvs.library' in your libs:
drawer. The library will therefore no longer refuse to work when
it's (possibly) infected.
- Oh my god, why am I such an idiot? While analyzing Polish Power
linkvirus, it suddenly came to my mind: The polymorphic code
of Polish Power is exactly the same as the one Antonio uses.
I just had to fix some small routines in the repair code, and
now both dangerous linkviruses will be recognized :-)
xvs.library 33.15
- My Christmas gift for you: Recognition and repair code for the
'Antonio' linkvirus (that's how I call it!). It uses the ugliest
polymorphism I have seen so far, but I nevertheless did it in
just 2 days. If there appear infected files that cause problems,
please send them to me immediately (by email if possible).
Thanks to Jan Andersen for sending me this virus so quickly.
xvs.library 33.14
- Added 'Datatypes.Library Trojan'. Thanks to Jan Andersen for
sending this Miami backdoor.
- Please note my new email address in the README file.
xvs.library 33.13
- Added Mad_Roger Short linkvirus.
- Added Robby bootvirus. Thanks to Peter Lindberg for this really
old stuff. It's from 1988 and I've never seen it before!!!
- Added 'C' developper files. Thanks to Dirk Stöcker for creating
them.
xvs.library 33.12
- Added new linkvirus: Fungus/LSD. Thanks to Jan Andersen for
sending this stuff.
xvs.library 33.11
- Added new viruses: UnpackJPEG Trojan, LOBO Simple, LOBO Weird
and its Installer. Thanks to Jan Andersen for sending the viruses
and Dran/Chew-Z for sending them to Jan.
- Finally released the developper files (include, autodoc, fd etc.)
to the public. It's time now to give other skilled coders the
opportunity to develop their own viruskillers...
xvs.library 33.10
- Added the rest of the missing viruses from VTC (see below):
666!-Trojan, Mosh 1.0, Promoter 1, Purge Dropper, Purge Trojan,
TDTJ Trojan, SehrJung Dropper, SehrJung Trojan, Nibbler 1.0ß Link,
Nibbler Installer, New Age (bad linkvirus, can only be deleted).
- Added recognition for 666!-Trojan damages to sector check code.
- Added recognition for files damaged by Cute Little Ponnies and
Inspector X of A.L.F.
- Added AmigaRAR.exe Fake, a packed version of Gathering '95 that
cannot be decrunched by xfdmaster.library at the moment. I will
add the cruncher as soon as possible to xfd.lib, then the extra
recognition is no longer needed. Thanks to Jan Andersen for this
packed trojan.
xvs.library 33.9
- Finally I contacted Soenke Freitag of VTC Hamburg and asked him to
send me the old but still missing viruses from their test. I added
the following viruses until now:
AHM Keymaker 1.1, BBS Blieb6, Miami Fake, BBS MegaMon, DumDum 2,
BBS CLP/InspectorX, BootX Updater, Buzz Bomb MKI, Hexer/Bea 1,
Hexer/Bea 2, Hexer/Bea 3, Conman Format, Compuphagozyte 13,
Disk.info Bomb, Joshua 3 and Christmas Violator.
There are still more to come, I will add them (hopefully) in the
following 2 or 3 weeks.
Special thanks go to Soenke Freitag for the good cooperation and
all the work he had with sending me the virus collection.
Thanks must go to Markus Schmall and Jan Andersen too for giving
Soenke the permission to submit the viruses to me (most of them
were NDA).
- Added MaxDoorControl + Lib. Thanks to Jan Andersen for sending it.
xvs.library 33.8
- Added Mad Roger bootvirus and WAWE trojan. Thanks to Jan Andersen
for sending the trojan.
xvs.library 33.7
- Did some internal reworking for better performance.
- Added bootblock viruses: AHC, Gadaffi 2, Virus Slayer 6.12.
- Added recognition for files damaged by Lisa FuckUp 2.0.
- Fixed removal code for ZIB linkvirus. Now detects all files that
have been infected by the installer directly.
- Added recognition for Doom_CLX Trojan, CompuPhagoLink and
X-Ripper 1.1.
Special thanks for sending all the above mentioned viruses are going
to Jan Andersen. VirusZ did not recognize these viruses at the time
when the VTC-Test 1998 took place, therefore the ranking of VirusZ
in this test would be even better right now.
xvs.library 33.6
- Added HappyNewYear 96/2 clone, HNY 96/3 clone + installer and
Sepultura bootblock virus. Thanks to Jan Andersen for submitting
them.
xvs.library 33.5
- Fixed bug in 'Smeg' recognition. Thanks to Thomas Richter for the
tests and the report.
- Added 'MKey.exe Fake' trojan. Thanks to Jan Andersen for sending
it to me.
- Added 'HANF' linkvirus. This nasty bastard took me a lot of time.
Thanks to Ralph Bernecker and Jan Andersen for sending it to me.
xvs.library 33.4
- Added 'ReOrgIt Fake' trojan. Thanks to Jan Andersen for sending
it to me.
xvs.library 33.3
- Added new viruses: 'Death To Maxs' 1-4 trojans. Thanks to Jan
Andersen for sending them.
- Rewritten some memory checking routines for safer execution.
xvs.library 33.2
- Just did a little fix in the memory checking code. Some strange
patches haven't been accepted.
xvs.library 33.1
- Moved all virus recognition and removal code from VirusZ to
this library. Several support routines have been rewritten
or designed totally new.
