Format: UTF8, CRLF, ASCII-DOC
User documentation for MPScan (c) by ROSE SWE, Ralph Roth
__ __ ____ ____
| \/ | _ \/ ___| ___ __ _ _ __
| |\/| | |_) \___ \ / __/ _` | '_ \
| | | | __/ ___) | (_| (_| | | | |
|_| |_|_| |____/ \___\__,_|_| |_|
______________________________________________
/ MPScan is a very fast multi-platform command \
| line virus scanner (CLI) for Windows, DOS |
| and various Linux operating systems that |
| scans for viruses and malware. Separate |
| binaries for Linux, DOS32 and Windows are |
\ provided. /
----------------------------------------------
\ ^__^
\ (OO)\_______
(__)\ )\/\.
||----w |
|| ||
1. About MPScan
MPScan is a fast multi-platform command line virus scanner designed to work efficiently on Windows, DOS and various Linux operating systems. It is capable of detecting a wide range of viruses, including (old) DOS boot and MBR viruses, DOS memory resident viruses, multipartite DOS viruses, scripts, IRC scripts, batch viruses and standard DOS viruses. With separate binaries for Linux, DOS32 and Windows, MPScan is an incredibly versatile virus scanner.
2. Why MPScan?
One of the reasons MPScan stands out from the crowd is that it was created as a proof-of-concept and testing platform for new scanning algorithms. As such, this freeware is designed to provide feedback on detection, usability, errors, heuristic detection rates and possible false positives. It also aims to replace the limited DOS platform program "RHBVS", which has no plans to be ported to modern platforms.
If you are looking for a powerful, fast and efficient virus scanner, MPScan is the perfect choice. It is an excellent tool for those who want to keep their systems safe from viruses and malware. Try MPScan today and experience the benefits of this exceptional virus scanner for yourself!
3. Heuristic Detection?
In addition to its ability to detect known viruses, MPScan goes a step further by using fully heuristic detection and various databases ('virscan.*') of known signatures that match these heuristic detection. As a result, MPScan is able to detect even new, previously unclassified viruses that may be present in large virus collections.
It is worth noting that MPScan’s heuristic detection capabilities are truly remarkable. In fact, it has been so successful at detecting unknown malware that it is now being used to rescan 'unknown' samples with amazing results.
If you are looking for a virus scanner that can not only detect known viruses, but also new and previously undiscovered malware, MPScan is the perfect tool for you. With its advanced heuristic detection capabilities and extensive database of known signatures, MPScan is a powerful weapon in the fight against malware. Try MPScan today and see for yourself how it can help keep your system safe from both known and unknown threats.
3.1. What is Heuristic?
In computer science, a heuristic is a problem-solving technique that priorities efficiency and practicality over absolute correctness. This approach allows heuristics to produce solutions that are usually very good, though not always strictly provable. Often, heuristics are used to solve complex problems by first solving a simplified version of the problem, or by identifying a smaller sub-problem that overlaps with the overall solution.
The primary goal of heuristics is to improve computational performance and simplify the conceptual understanding of a problem. However, it is important to recognize that these benefits may come at the expense of accuracy or precision. Nevertheless, in many practical applications, the speed and practicality of heuristic techniques make them an indispensable tool for solving complex problems efficiently.
In summary, heuristics are a valuable approach to problem solving in computer science, providing a practical and efficient way to tackle complex problems that might otherwise be intractable. By balancing computational power and conceptual simplicity with accuracy and precision, heuristics can be an extremely powerful tool in the arsenal of computer scientists and programmers.
4. Compile Once - Run Everywhere
Revolutionizing Portability with MPScan and RMS: Embracing the "Compile Once - Run Everywhere" Paradigm
The notion of "Compile Once - Run Everywhere" is both intriguing and essential in the realm of software development. This principle is centered around crafting portable software capable of seamless execution across diverse platforms, devoid of any need for modifications or runtime compilation.
In the dynamic landscape of software engineering, achieving cross-platform compatibility stands as a paramount objective. The ability to craft code once and witness it execute uniformly across various environments streamlines deployment, maintenance, and enhances overall user experience. Introducing MPScan and RMS embodying the spirit of CO-RE (Compile Once - Run Everywhere), these modern tools offer a contemporary approach to tackling this challenge head-on.
4.1. What is Multi-Platform?
A multi-platform program is a software application designed to run on multiple operating systems or platforms. This means that the same program can be used on different devices or computers running different operating systems. The advantage of multi-platform programs is that they provide greater flexibility and accessibility to users who may have different devices or use different operating systems. It eliminates the need for developers to create separate versions of the same program for each platform, reducing development time and costs, and simplifying maintenance and updates.
5. Installation? Portable Program!
MPScan does not require installation and is delivered as a packed archive without an installer. Simply unpack the distribution archive to a suitable path and copy the required files to a sub-directory of your choice. The package contains binaries for several different platforms.
|
The virscan.* and mpscan.key are required files. |
Open a command line prompt.
For Windows type
mpscan.exe -?
For Linux (multiple platforms are supported) we provide a shell script wrapper:
chmod +x mpscan Linux/mpscan_* ./mpscan -?
For DOS we provide a DOS32 binary, which must replace then the Windows mpscan.exe file. Also we provide DOS helper tools, e.g. to dump MBR tables or Disc images to files.
6. Recommended usage
|
As said, MPScan is a heuristic malware scanner and may produce so-called false positives. If this applies for you try to invoke MPScan which these command line switches to avoid them: |
mpscan c: -nofile -noheur ## Windows whole C: drive
or
mpscan ~ -nofile -noheur ## Linux own home directory
7. Detection Rate?
As said MPScan is not a fully virus scanner (limited to old DOS, MBR and Boot viruses as well as Script viruses) and therefore does not have 100% overall detection rates. But our internal tests are very promising so we decided to dig deeper into this approach of scanner technology.
7.1. Current scan results
Tests against a larger unique virus collection, including all kind of malware.
MPScan Version [Date] Collection (unique, different viruses, mixed)1.02.339 [12.01.2021] 58.406 files checked. 1.976 MB scanned. 20.697 suspicious 1.05.1.108 [30.01.2021] 58.721 files checked. 2.074 MB scanned. 20.627 suspicious 1.07.1.447 [17.02.2021] 58.993 files checked. 2.105 MB scanned. 20.464 suspicious 1.24.3.035 [25.06.2021] 62.389 files checked. 3.776 MB scanned. 21.276 suspicious
1.24.3.035 [25.06.2021] 62.389 files checked. 3.776 MB scanned. 27.037 suspicious 1.30.3.139 [09.07.2021] 62.581 files checked. 2.936 MB scanned. 32.602 suspicious
2.00.4.873 [08.02.2022] 77.401 files checked. 8.505 MB scanned. 35.121 suspicious
2.01.5.019 [11.02.2022] 78.241 files checked. 8.917 MB scanned. 36.834 suspicious2.01.5.019 [11.02.2022] 78.241 files checked. 8.917 MB scanned. 41.106 suspicious 2.02.5.488 [05.03.2022] 80.962 files checked. 9.811 MB scanned. 41.817 suspicious
2.16.11.495 [20.07.2022] 86.614 files checked. 7.115 MB scanned. 46.922 suspicious 2.23.18.285 [28.11.2022] 95.938 files checked. 8.707 MB scanned. 50.790 suspicious
|
Mixed unique collection with a lot non DOS viruses like macro or script viruses that mpscan is not able to scan (yet). No duplicates included. |
|
With option -nofile (introduced with version 1.20) |
|
The number increase comes from the new script engines added (1.30) |
|
With option -nofile -noheur |
8. Command Line Options
|
|
MPScan requires at least the path to scan. You can add additional command line options before or after the path. Command line options are not case sensitive. |
|
|
For Linux an option must start with "-" for Windows it can be "/" or "-". |
To get an overview of currently supported command line options run the program
with the option -? or -h.
mpscan -?
To scan under Linux your "Home Directory" scanning found malware to a log file you can e.g. use:
mpscan ~ -log
Under Windows you must provide the drive letter
mpscan c:\tools -log mpscan c:\users\ralph
Scanning multiple directories or drives in one go is also possible, e.g.
mpscan /home/ralph/Downloads "/home/ralph/dir with space" -log "-copy=/home/ralph/f o u n d"
8.1. Notes on parameter usage
Customers familiar with the American or UNIX parameter syntax (minus sign)
instead of the slash ( / ) can also use the minus sign ( - ) to start an
option. Under Linux the use of the minus sign for command line arguments is
mandatory!
Example: -all is equivalent to /ALL (applies for DOS and Windows)
|
|
There must be at least one blank between the individual arguments! The arguments are not case sensitive. |
8.2. The environment variable MPScan
Instead of always calling MPScan with arguments, MPScan can be controlled with a so-called environment variable. For example, enter the following at the DOS prompt:
SET MPSCAN=/cde -log
If you start MPScan now, MPScan reads all required arguments from the variable. This assumes that the MPScan binary is named MPScan.exe or mpscan.exe etc.
Under Linux do an
export MPSCAN=-cde -log
8.3. Rollback of preset values
Sometimes it might be desired to reset already set options (i.e. set by SET MPSCAN=…) This can simply be done by a minus sign following the option on the command line. With this action the option is being switched off.
For example, you have entered the following:
SET MPSCAN=/log
Then start MPScan with the following argument:
MPScan c: /log-
In this case the command line option overrides the option set by the environment variable! Command line always override environment options.
8.4. Exclude Option (-xdir=)
With the command line option -xdir="fullpath1,fullpath2" it is possible to
exclude (multiple) paths from scanning. On Linux, the pseudo/kernel file systems
/sys, /dev and /proc are added to the exclude list by default. On Windows,
"C:\System Volume Information" is excluded by default.
Multiple paths can be added, separated by a comma, but protected with ="x,y,z".
$ mpscan ~/tmp -move=/home/ralph/found/mps -xdir="/home/ralph/tmp/found,/home/ralph/tmp/test,/home/ralph/tmp/aa"
----=[ MPScan ]=-------------------------------------------------------------- MPScan, Multi-Platform Virus Scanner - Version 3.09.21.779 - Linux-x86_64 (c) 1994-2024 by ROSE SWE, Dipl.-Ing. Ralph Roth, http://rose.rult.at MPScan uses also heuristic detection, so false positives may occur! Licensed to: Freeware, for non-commercial use only!! Command line parameters: >>>|/home/ralph/tmp|-move=/home/ralph/found/mps|-xdir=/home/ralph/tmp/found,/home/ralph/tmp/test,/home/ralph/tmp/aa|<<< Path to quarantine: >>>/home/ralph/found/mps<<< Copy=FALSE Move=TRUE Excluded paths: /home/ralph/found/mps,/home/ralph/tmp/aa,/home/ralph/tmp/found,/home/ralph/tmp/test,/proc,/sys ----=[ /home/ralph/tmp ]=----------------------------------------------------- [!] Note: Directory /home/ralph/tmp/found not scanned, found in exclude list=/home/ralph/tmp/found [!] Note: Directory /home/ralph/tmp/test not scanned, found in exclude list=/home/ralph/tmp/test [!] Note: Directory /home/ralph/tmp/aa not scanned, found in exclude list=/home/ralph/tmp/aa ----=[ Statistics ]=---------------------------------------------------------- 97 files checked. 28 MB scanned. 0 suspicious, 0 deleted/moved! ----=[ Scanning finished! Have a virus free time! ]=--------------------------
$ mpscan / "-xdir=/home,/run" -log
----=[ MPScan ]=---------------------------------------------------------- MPScan, Multi-Platform Virus Scanner - Version 4.1.2-23.599 - Linux-x86_64 (c) 1994-2024 by ROSE SWE, Dipl.-Ing. Ralph Roth, http://rose.rult.at Licensed to: Freeware, for non-commercial use only!! Command line parameters: >>>|/|-xdir=/home,/run|-log|<<< ----=[ / ]=--------------------------------------------------------------- [!] Hint: Directory /home not scanned, found in the exclude list=/home [!] Hint: Directory /dev not scanned, found in the exclude list=/dev [!] Hint: Directory /proc not scanned, found in the exclude list=/proc [!] Hint: Directory /sys not scanned, found in the exclude list=/sys [!] Hint: Directory /run not scanned, found in the exclude list=/run ----=[ Statistics ]=------------------------------------------------------ 6.760 files checked. 1.617 MB scanned. 680 directories. 0 suspicious, 0 deleted/moved! Start: 27.03.2023 17:06 End: 27.03.2023 17:07 Total: 00:00:42 ----=[ Scanning finished! Have a virus free time! ]=----------------------
8.5. Options Move and Copy (Quarantine)
You can use the -copy=Fullpath or -move=Fullpath options to copy or move
suspicious files to a quarantine folder "Fullpath". If that folder does not
exist it will be created. It is important that you use the full path here. Files
to be copied or moved must be smaller than the virtual available memory.
If Fullpath is not specified then the folder 'found_mpscan' in the user home
directory is used (and created).
|
This is a flat copy operation, no sub-directories are retained. Depending on the OS platform file permissions and timestamps of the copied file may be restored. It also does not check if the file already exists in the quarantine directory, in which case it is simply overwritten. |
The quarantine path is automatically added to the list of excluded paths and is not scanned.
Files will get a new name, currently:
Virusname__FileName__HexCounter.Extension
Example for the copy option under Linux:
mpscan ~/Zoo/hashed/ -copy=/home/ralph/sha1dir
This move example also will work under Linux from Bash:
mpscan $HOME/md5dir/ -move=$PWD/mpscan_found
Examples of renamed files (SHA1 as file name) afterwards:
Ear.380__8e91cbc343636798d22203dedfd8111b1115d2c2__004D.Bin Ear.380__fdd0c7681a3fd2d75a5afe22d4ab00bc54671b19__0045.Bin Gobleen.637__13aed7d87988c3682f25ed9d1ff372d69ba9f068__000D.Bin Gobleen.637__2c3c2a073c09efb7b0af230dc8b4000417a22bee__0015.Bin Gobleen.637__30e74de025fe3a0900023f3234b7df82f14d30fc__002B.Bin HeuristicDOS.File86__91336e5fae86a2fe763c4a78eea7b5d1900c0196__003F.Bin HeuristicDOS.File9__f579c710952bcba6b2fae223fb9da8f294cfc67e__0048.Bin Liberty.2857.O__0766dd9c9180f414d11fd358e3797594d510d86f__0037.Bin Liberty.2857.O__0b82706a33c39f5f55aa62067e6feaf4a219f166__0039.Bin Liberty.2857.O__dbb94f8da6355a83842320fc161d65c0d6f10103__0050.Bin Type_File03.85C0+C0C0D5__11229a7c54ecdbfb319fb72aff6683dcd66e935e__0007.Bin Type_File03.98FD+C0BFD5__c80640e8089e7be77b8d20fc65feef5b9c0b83c8__003A.Bin Type_File03.A207+C0C0D5__3325b97949a43fc8f9bfe63cbe53dbc4b2a82502__0028.Bin Type_File03.C6DA+C0C0D5__bf5133c058d1bba83bb89bd63590c87aba9d450a__001F.Bin Type_FileOpen.DEB7-B82D__2e59520b2fcd67b53f2014d279d79831af1978b4__0011.Bin
Example for Windows
mpscan c:\ -log -copy=d:\found
8.6. Option -log, -logall
The option -log creates the additional logfile "mpscan.log". Lines starting
with four "-" can be filtered out/ignored.
grep -v "^----" mpscan.log | grep ";"
Logfile format is comma separated values (CSV), so you can easily load/process it with your favorite spread sheet program or gawk script.
Option -logall will log all files examined. Files that are considered not to
contain malware are logged as "- OK? -"
/home/ralph/virus/unk/MP.Spyryted.512/SMALL39.COM;MP.Spyryted.512.A /home/ralph/virus/unk/MP.Spyryted.512/SMALL97.COM;MP.Spyryted.512.A /home/ralph/virus/unk/MP.Spyryted.512/dumpC_1665401925.dat;Heuristic: DOS.File(41%) /home/ralph/virus/unk/MP.Spyryted.512/dumpC_1665403488.dat;Heuristic: DOS.File(41%) /home/ralph/virus/unk/MP.Spyryted.512/img2/Babec.C[1.2MB].IMG;- OK? - <---- not found!?
|
|
Option -logall explicitly sets the option -log
|
9. Stopping a running Scan?
Simply press the [ESC] key (Escape) or any other key to stop the program!
10. Features Not Implemented
The functionality to search for DOS viruses in the OS memory and Master Boot Record (MBR) or partitions of disks is no longer considered relevant in contemporary computing environments. To assist in Linux and DOS environments, supplementary tools provided by ROSE SWE are available. These tools facilitate the extraction of the MBR and partition table into files, which can then be scanned by MPScan.
Limitations exist regarding the directory structure for MPScan. Presently, the program can only process one directory per execution.
11. Different Operating System Supported
MPScan is available for different operating system. When you start MPScan a banner with the program version, build number and target platform is printed.
E.g.:
----=[ MPScan ]=-------------------------------------------------------------- MPScan, Multipartite Virus Scanner - Beta-Version 1.21.2.548 - Linux-x86_64
^ ^ ^
| | |
Program version ------(1.21)-----------------------/ | |
Build ----------------(2548)-----------------------------/ |
Platform ----------------------------------------------------------/
|
|
Program version naming has changed to Semantic Versioning 2.0.0 (https://semver.org/) with MPScan version 4 |
----=[ MPScan ]=-------------------------------------------------------------- MPScan, Multi-Platform Virus Scanner - Version 4.0.2-23.110 - Linux-x86_64
^ ^ ^
| | |
Program version ------(4.0.2)--------------------/ | |
Build ----------------(23110)--------------------------/ |
Platform --------------------------------------------------------/
11.1. Build Schema
The build number is a unique increasing number that is incremented with each build. A higher build number means a newer program version.
11.2. Different Computing Platforms
The following platforms are currently supported
-
Win32 (and therefore also Win64) - Windows console, runs under Win95/98/ME, NT, 2000 & XP, Win 8/10/11 etc., Pentium (i686) or higher required. We provide native binaries for Windows 32 bit and Windows 64 bit.
-
DOS32 - runs under Win32 + DOS, Pentium required, for DOS a DPMI extender is required. Long file names supported under Windows 98, 2000 & XP and better. Does not run under Windows 64bit! The DOS32 version is deprecated and supported only on a best effort approach!
-
Linux (x32/x64) - runs under 2.6.x and higher kernels. LFN under native Linux and mounted Win32/FAT/NTFS volumes supported (e.g. CIFS or NFS). Fasted platform! The 64 bit Linux version needs a COREAVX2 or better CPU and a AVX2 or better co-processor! The 32 bit version requires a SSE2 co-processor and a Pentium-4 CPU or better.
-
Linux (aarch64) ARM64 - other ARM architectures on request
|
|
Long file names (LFN) supported on all platforms. |
All platforms requires at least 256 MB of free memory and a Pentium CPU.
12. History
4.25.1 07.06.2024 Re-consolidated virus signatures. New viruses added
4.24.1 02.05.2024 Maintenance release
4.23.3 23.04.2024 Maintenance release
4.21.1 18.01.2024 Re-consolidated virus signatures. New viruses added
4.20.2 08.12.2023 Better overall DOS detection.
4.13.2 06.12.2023 Better VCl detection. New viruses added.
4.12.3 17.11.2023 Enhanced heuristics. New viruses added.
4.11.2 10.10.2023 New viruses added. Maintenance release.
4.10.1 12.09.2023 Consolidated virus signatures. New viruses added.
4.9.3 02.09.2023 AVR_WashBurn, AVR_CryptCom added. New viruses
4.8.2 28.08.2023 New viruses added. Internal enhancements.
4.6.2 13.07.2023 Small enhancements around the AVR-Trivial engine.
New viruses added.
4.5.1 27.06.2023 Changes to the Trojan Signature database
Small enhancements and new viruses added.
4.4.1 11.06.2023 Merged the virus signatures.
4.3.4 06.06.2023 Enhancements for AVR_Mini/Tiny. Bug fixing.
Enhanced entry-point engine. New viruses added.
4.3.3 31.05.2023 Better handling of corrupted COM files. Enhanced entry-point
engine. New viruses added.
4.3.1 15.05.2023 Massive internal changes. Consolidated virus signatures.
New viruses added.
4.2.2 10.05.2023 Enhanced entrypoint engine. New viruses added.
Internal enhancements.
4.1.8 02.05.2023 Small internal bug fixes, new viruses added.
4.1.6 25.04.2023 Small bugfix for error handling. New viruses added
4.1.1 28.03.2023 * Rewritten file and directory handling code.
Now the number of directories scanned are included into
the statistics! Option '-cde' obsoleted!
4.0.7 22.03.2023 New viruses. Rewritten code.
4.0.0 March 2023 Internal release: Complete rewritten file and directory
handling. Switched to semantic version numbering. Many
small enhancements.
3.32 24.02.2023 Now in the statistic the start and end time and total
time needed is included.
3.31 22.02.2023 Internal changes (option -?), new viruses. Option -? now
return with error code=0 instead as older version with 7.
3.30 06.02.2023 Added scan engine for all kinds of *NIX scripts
3.20 30.01.2023 Rewritten IRC and Script scan engine
3.11 19.01.2023 Consolidated signatures. New viruses.
3.10 16.01.2023 Added option -xdir to exclude paths from scanning.
Symlinked directories are not scanned anymore.
3.00 07.01.2023 Rewritten command line engine, supporting spaces in
directories to scan etc. New viruses added.
MPScan can now can multiple directories
2.53 30.12.2022 Consolidated signatures. New viruses added.
-copy & -move without argument will assume a default path
2.51 14.12.2022 Added the AVR:Trivial and AVR:Mini detection engines.
MP in MPScan now stands for "Multi-Platform", was we now
support at least six different platforms/operating systems
2.50 08.12.2022 Tons of viruses added. The Linux executable will be
renamed to "mpscan_" + architecture, plus a wrapper
will also be provided. With 2.50 we will drop the DOS32
executable support. Please let us know if you have a
business case for a DOS32 version.
2.23 26.11.2022 New viruses added. No user visible changes.
2.22 14.11.2022 Internal version. New viruses added. No user
visible changes (e.g. better engines). Virus names renamed
2.21 12.10.2022 Output of -logall changed to "- OK? -", to be the same text
as RMS uses for it's -logall output. New viruses.
2.20 09.10.2022 Added around 1000 viruses. Enhanced entry point engine.
Added option -logall.
2.19 06.10.2022 Logfiles contains now MPScan version and some statistics.
New viruses added.
2.18 16.09.2022 Internal version. New viruses added. No user
visible changes. Virus names renamed
2.17 21.07.2022 New viruses added. No user visible changes.
2.16 21.06.2022 Enhanced entry point engine. New viruses added.
2.15 10.06.2022 Viruses added
2.14 19.05.2022 Fixed a few false positives. Small enhancements. New
viruses added.
2.12 10.05.2022 Public release. Added more than 1000 viruses.
2.10 04.04.2022 First working version as a release candidate. Improved
DOS detection speed over 500% (this time we don't need
to keep an eye on hash tables and their size as it was
in the old DOS days). Added around 2000 viruses.
2.0x Feb. 2022 Added the DOS scan engine from VSP. Internal versions.
Better entry point detection.
==========================================================================
1.37 [07.02.2022] Added scan engine for DOS Debug Scripts. More viruses
added.
1.36 [14.01.2022] Internal (non user visible) enhancements. Added tons
of viruses.
1.35 [27.11.2021] Enhanced heuristic engine for 'DOS.File' detection.
Added viruses.
1.34 [22.11.2021] Small internal code changes. New viruses added.
1.33 [06.10.2021] Better entry point handling to avoid false positives.
Added more viruses/signatures.
1.32 [18.09.2021] Added around 400 signatures
1.31 [09.09.2021] Updates virus signatures. /copy and /move now add an
counter to the file name to make it (more) unique.
1.30 [09.07.2021] Added for test purposes the Script and IRC detection
routines. The format of all databases were changed.
1.24 [14.06.2021] Around 1000 viruses added.
1.23 [11.06.2021] Internal DB format: Extended. New viruses added.
Small bug fix: Number of removed files was incorrect.
1.22 [07.06.2021] Added options -copy and -move
Added a lot of new viruses and enhanced the overall
detection rate.
1.21 [28.05.2021] Added more viruses. Enhanced the DOS.File detection
engine. Changed error reporting output.
1.20 [25.05.2021] Added an other heuristic engine for DOS based file
viruses. Currently suspicious files will be flagged
like (will change in future releases)
/home/ralph/demo/CK.183.exact.com;Heuristic: DOS.File(36%) <- New
/home/ralph/demo/CPP.266.exact.com;Tiny.MS
/home/ralph/demo/CAZ.1159.A.exact.com;Caz
/home/ralph/demo/Chad.750.com;Chad.750
/home/ralph/demo/CSL.381.A.exact.com;Heuristic: DOS.File(26%) <- New
Currently we know that this approach creates
too much false positives
1.09 [08.05.2021] No user visible changes, new viruses.
1.08 [internal] Internal version. New viruses added...
1.07 [18.02.2021] Added the option "-noheur". New viruses added.
1.06 [06.02.2021] Internal code re-design, no user visible changes.
Added new viruses.
1.05 [30.01.2021] New virus signatures. Small program enhancements.
1.04 [19.01.2021] Small updates and new viruses. Now with mpscan.key key file
1.03 [14.01.2021] Small updates (documentation and signatures), Internal DB
version updated to DB 4.00
1.02 [12.01.2021] Initial public release
13. License = Anyware
Please note that MPScan is distributed as freeware, with full copyright held by the author, ROSE SWE, over the entire program package, utilities, and documentation. Personal use of the program is free, similar to other freeware. However, if you intend to use MPScan in a commercial environment, you will need to obtain a commercial license, which is facilitated by a license key file. To inquire about acquiring a site license and receive a quote based on the number of users required, please send an email to the author.
The author appreciates any (hence the name AnyWare) form of support or feedback to enhance the program. Whether it’s through emails, bug reports, malware/virus samples, or even monetary contributions, all contributions are welcomed. Therefore, if you find MPScan useful and wish to see it further improved, please don’t hesitate to reach out.
See ROSEBBS.TXT for contact details.
14. Copyright
©opyright by
__________ ________ ____________________ ___________ _____________
\______ \\_____ \ / _____/\_ _____/ / _____/ \ / \_ _____/
| _/ / | \ \_____ \ | __)_ \_____ \\ \/\/ /| __)_
| | \/ | \/ \ | \ / \\ / | \
|____|_ /\_______ /_______ //_______ / /_______ / \__/\ / /_______ /
\/ \/ \/ \/ \/ \/ \/
-------------------------------------=----------------------------------- ROSE SWE See ROSEBBS.TXT for Dipl.-Ing. Ralph Roth full address, FAX and PGP keys. http://rose.rult.at rose_swe@hotmail.com All Rights Reserved! rose_swe@gmx.net -------------------------------------=-----------------------------------
15. End
End of the documentation! Thank you for reading it. Bye!