VIRUS-L Digest Wednesday, 11 Dec 1991 Volume 4 : Issue 234

VIRUS-L Digest Wednesday, 11 Dec 1991 Volume 4 : Issue 234

Today's Topics:

Administrivia - getting ready for Volume 5
Re: possible virus? (PC)
MDISK? (PC)
Musical Virus ?? (PC)
Dir II in Norway (PC)
M.Angelo Virus (PC)
PC problem - possible virus? (PC)
Latest version of SCAN V85 - validation codes ? (PC)
Information request re: Voronezh virus (PC)
Viral myths
New Release of VIRUSCAN (PC)
McAfee virus utilities (ver 85) updates (PC)
new mcafee programs (PC)

VIRUS-L is a moderated, digested mail forum for discussing computer
virus issues; comp.virus is a non-digested Usenet counterpart.
Discussions are not limited to any one hardware/software platform -
diversity is welcomed. Contributions should be relevant, concise,
polite, etc. Please sign submissions with your real name. Send
contributions to [email protected] (that's equivalent to
VIRUS-L at LEHIIBM1 for you BITNET folks). Information on accessing
anti-virus, documentation, and back-issue archives is distributed
periodically on the list. Administrative mail (comments, suggestions,
and so forth) should be sent to me at: [email protected].

Ken van Wyk

----------------------------------------------------------------------

Date: Wed, 11 Dec 91 14:16:45 -0500
>From: Kenneth R. van Wyk <[email protected]>
Subject: Administrivia - getting ready for Volume 5

As I indicated previously, I'm soliciting for suggestions for
improving VIRUS-L/comp.virus so that we can get 1992 (and Volume 5 of
the digests) off to a good start. So far, I've gotten two real good
selections, which I'll be implementing. The first is effective
immediately, and the second will get started with Volume 5.

- - Re-organize the product reviews into separate "pc" and "mac"
directories. Effective immediately, all PC product reviews are
archived on cert.sei.cmu.edu (192.88.209.5) in:

pub/virus-l/docs/reviews/pc

...and all Macintosh reviews are in:

pub/virus-l/docs/reviews/mac

(Reviewers - I have a bit of a backlog of reviews that I'll be
posting over the next week or two. I haven't forgotten about it.)

- - Change the numbering scheme of the archived issues. Up until, and
including all of Volume 4 (the current volume), the filenames for
the digests themselves have been "v#i#" (e.g., v4i1, v4i11, v4i222).
Starting with Volume 5, I'll be numbering them as "v#i###" (e.g.,
v5i001). This will make it easier to read alphabetized directory
listings. (Pray - and not just for this reason - that we never
reach v#i1000... :-)

Thanks to everyone who has taken the time to jot me a note. Keep 'em
coming.

Ken

Kenneth R. van Wyk
Moderator VIRUS-L/comp.virus
Technical Coordinator, Computer Emergency Response Team
Software Engineering Institute
Carnegie Mellon University
[email protected] (work)
[email protected] (home)
(412) 268-7090 (CERT 24 hour hotline)

------------------------------

Date: Mon, 09 Dec 91 17:20:36 +0000
>From: [email protected] (Brian D. Howard (CS))
Subject: Re: possible virus? (PC)

It sounds like your problem with the Epsons is a hardware one rather
than a virus. Those machines are rather old and I know the wear and
tear the computing lab enviroment causes. (I'm labs manager here at
the UC-GSB)

You didn't mention it, but does the machine boot and ask you to hit
<F1>? Often times when the battery that backs up the CMOS memory
starts to go that is the first symptom. The solution is to get a new
battery pack.

What kind of drives are in the Epsons? The 3-1/5-inch in 5-1/2-inch
frame 20M drives that were in a lot of them (Tandons I seem to recall)
tended to fail. As the machines all tend to get the same number of
hours use in a lab, failures tend to cluster in time. (We have HP EGA
monitors that all started dying the same time) If its the drive,
consider replacing the HD, HD controller and Floppy controller with an
IDE drive and controller. We did that will all of our HP Vectras and
breathed new life into obsolete hardware (also get DOS 5 at the same
time, makes the machines noticably faster to the users.) You chould
be able to get a 40M drive and controller for about 250.00 (if you
can't get it locally I can give you the name and phone number of the
Chinese Bookstore that we buy our computer parts from.)
- --
_______________________________________________________________________________
This space intentionally left what would otherwise be blank were this not here.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

------------------------------

Date: 09 Dec 91 16:13:51 +0000
>From: [email protected] (Matti Joutkoski)
Subject: MDISK? (PC)

This is very short question: What is MDISK, which is mentioned in
McAfee documentation in some Virus infected cases?

Is it like FDISK, which will 'clear' boot-sectors, FAT etc. and
build them without new installation of operating system?

Just wondering.
- --
Matti Joutkoski ICL Personal Systems Oy/PC Div.
[email protected] International Technical Support
tel. + 358-0-567 3866 PL 780, 00101 HELSINKI
fax. + 358-0-567 3238 FINLAND

------------------------------

Date: 10 Dec 91 16:49:45 +0100
>From: Carl Bretteville <[email protected]>
Subject: Musical Virus ?? (PC)

Does anyone out there know of a PC virus playing X-mas tunes ?? Two
tunes have been heard. They are: "Jingle bells" and "Rudolf the
readnosed raindeer".

------------------------------

Date: 10 Dec 91 16:47:08 +0100
>From: Carl Bretteville <[email protected]>
Subject: Dir II in Norway (PC)

Vesselin Bontchev writes in his VALERT message of DEC 05 that the "Dir
II" virus has 6% "of the Norwegian infections". Happy I am to say that
this is not so. He has misunderstood the graphs he got from me in
Washington DC last week at the Anti Virus Prod. Developers Conference.

Vesselin has encuraged me to explain the facts of the matter:

A Norwegian compagny with offices in Sofia "imported" the virus to
Norway. 12 machines at one site was infected. The incident was
reported to us on 14NOV91 at wich time we confirmed the virus to be "Dir
II". It seems that we have been successful in stopping the virus this
time, no other incidents have been reported so far (I guess it is just
a matter of time...).

Carl Bretteville
Arcen Data AS

------------------------------

Date: Tue, 10 Dec 91 11:30:02 -0500
>From: [email protected]
Subject: M.Angelo Virus (PC)

We have been infected with the M.Angelo virus in our student computer
lab. I would like to know what this virus does and how to remove and
innoculate against it.

------------------------------

Date: Tue, 10 Dec 91 14:14:46 -0500
>From: "SFC Kenneth J. Acord" <[email protected]>
Subject: PC problem - possible virus? (PC)

As a 'sometimes' DOS support person within my organization, I was
asked to take a look at one of the user's PCs Monday morning. This
particular machine was one of a series of 31 that were recently
acquired by the Laboratory. A description of the machine, and the
problems I encountered, along with a listing of what I attempted to do
follows. I do not know the cause of the problems, but the user stated
that the machine was functioning properly on Saturday, was shut down
and not turned on again until Monday morning. Is it possible that a
virus, not detected by vscan82, caused this condition, or are you
aware of anything else that could cause such a complete scrambling of
a hard drive?

System Description:

IQ System IBM clone, mid-tower case
33 Mhz 80386DX
AMI Bios
4 Mb RAM
120 Mb Conner hard disk drive
Drive A: 1.2 Mb high-density 5.25" floppy disk drive
Drive B: 1.44 Mb high-density 3.5" floppy disk drive
Trident TVGA video card with 512 Kb of RAM
AAMAZING brand super vga monitor
3COM 3C503 networking card with PC-NFS software
Z-NIX Inc mouse
MicroSoft MS-DOS 5.0 operating system
MicroSoft Windows 3.0
Autoexec.bat:

@ECHO OFF
prompt $p$g
path c:\WINDOWS;c:\dos;c:\nfs;c:\kermit
DOSKEY
explosiv d100 e15 m3 c15 p2
C:\MCAFEE\VSHIELD /COPY /CHKHI /M /WINDOWS

Config.sys:

DOS=HIGH
DEVICE=C:\MOUSE\MOUSE.SYS /C1 /Y
device=c:\windows\smartdrv.sys 2048 512
FILES=20

Description of Problem:

The system was used on Saturday, 30 November 1991, and no problems
were noticed. System refused to boot on Monday morning, 2 December
1991. The error message was a non-system disk message. A check of
the CMOS setup showed that the hardware configuration information
pertaining to the drives, both floppy and hard, was missing. The CMOS
showed no floppy or hard drives installed. The clock and the RAM
sizes were correct, however.
The setup information was replaced, and an attempt was made to
re-boot the system. The same error message appeared. A check of the
setup showed the proper information, but the machine would not boot
from the hard drive.
The computer was booted from a floppy disk, and vscan82 was run
on drive c:, with the result of 'No viruses found'. I attempted to
use the DOS sys command, and the error message 'Not enough room to
install system' was returned. I next tried the DOS 'chkdsk c:'
command, and the error messages scrolled off the screen continuously,
until I grew weary and did a Ctrl break to stop it. While the drive
test was running, the list of files being tested filled the screen to
overflowing, then continued to scroll off the screen. The screen was
filled with lines similar to the following:

C:\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\Windows\****
****.*** (*******.*** represents various files), error message.
C:\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\DOS\Windows\****
****.***, error message.

My next step was an attempt to use Norton Utilities' Norton Disk
Doctor (NDD) in an attempt to resolve the problem. Version 4.5 was
the version of Norton's which was used. NDD found the following
errors, which I indicated it should 'fix':
1. Media descriptor byte error
2. Error in partition table
3. Error in FAT tables
4. File size allocation error
5. Cross-linked files
After supposedly fixing these problems, NDD asked if I wished to test
all of the drive surface for defects, and I answered yes. After
completion of the NDD program, an attempt was made to boot the machine
from the hard drive. The original error message was again displayed.
A second attempt was made to run NDD, but the following message
was displayed:
'Drive identifier type error. Return to setup and correct the
drive identifier for the hard drive then attempt to execute NDD.' A
check was made of the CMOS, and the correct drive type identifier was
displayed:

Cyln Head WPcom LZone Sect Size
47 = USER TYPE 874 16 875 875 17 116MB

Another attempt was made to run NDD, but the invalid drive type
identifier message was again displayed.
Vscan was again run, with no viruses found.
I tried to execute the dos 'tree' command and pipe the results to
a file, but the PC simply 'locked up' and had to be rebooted from the
floppy drive. I tried this twice before giving up on it.
I acquired a copy of XTree Gold and used it to log onto drive C:.
Xtree Gold told me that there was 220Mb of files on drive C: with 112
Mb of free space available, and the tree structure looked exactly as
expected after seeing the multiple \DOS subdirectories. The \DOS
branches of the tree extended all the way across the screen, and at
the bottom of each branch were the MCAFEE, KERMIT, UTILS, and WINDOWS
subdirectories, each with copies of the files from the original
directories.
I attempted to 'PRUNE' the erroneous \DOS subdirectory branches,
but received an error message that the directories were not empty. A
further check revealed that each copy of the branch had a directory
with files with read-only and hidden attributes set. I went to the
second from the left branch and manually, using Xtree Gold, changed
the file attributes, erased the files, and deleted the directories
under the \DOS directory. When I tried to move to another branch, the
message 'Drive has been changed' was received. I quit Xtree Gold,
then immediately restarted it. All of the \DOS sub-directories were
still there, but no other sub-directories, or files, showed up.
However, the drive window still showed 220 Mb of files and 112 Mb of
space available. I exited Xtree Gold and attempted to do a 'dir c:',
and the system locked up. I rebooted from a floppy, then executed the
dos command fdisk. I deleted the drive partition table, then
re-partitioned the drive (one large, bootable, dos partition), then
re-formatted the drive as a system drive. After re-installing the
dos, windows, mcafee, and some utility files and re-creating the
autoexec.bat and config.sys files, the system booted from the hard
drive with no problems. Vscan82 was again run, with no virus found.

Any assistance or information you can provide about this problem would
be greatly appreciated. You may reach me at the following address:

Director
U.S. Army Ballistic Research Laboratory
ATTN: SLCBR-SE-A (SFC Ken Acord)
Aberdeen Proving Ground, MD 21005-5066
DSN 298-6272 Comm. (410) 278-6272
Internet [email protected]

------------------------------

Date: Wed, 11 Dec 91 13:43:10 +0000
>From: [email protected] (Jason Mathews - 514)
Subject: Latest version of SCAN V85 - validation codes ? (PC)

New release of McAfee Associate Software Version 85 of SCAN, VSHIELD,
and CLEAN programs.

These were uploaded to garbo.uwasa.fi in the directory pc/virus.

The validation data is as follows:

<file> <method-1> <method-2>
CLEAN.EXE 6251 110C
SCAN.EXE 02B9 0486
VSHIELD 57AA 0E66

Can this be officially confirmed by McAfee Associates?

It was mentioned that a frequently-asked-questions list be maintained
in this news group. This list should include a standard check summing
method of validating the latest anti-virus programs. Whether McAfee's
validate methods or a RSA method, there should be a way to confirm the
integrity of these critical programs.

Jason Mathews

------------------------------

Date: Tue, 10 Dec 91 19:47:00 +0000
>From: [email protected] (Dave Dittrich)
Subject: Information request re: Voronezh virus (PC)

One of the generally available computers in the Chemistry Department
here at the University of Washington was recently infected with the
Voronezh virus.

To date I have not encountered any information on this virus. In
order to best handle the infection here in the department, as well as
helping to stem the spread on this capmus, I need some more
information about this virus.

I would appreciate it if someone could provide me with information on
this virus, similar to that in a recent post on the Michalangelo
virus, Message-ID: <[email protected]>,
(which I also had the pleasure of having to disinfect this week :-(

Thanks in advance!
- --
Dave Dittrich
[email protected] ...!{uunet|ihnp4|ncsu}!u.washington.edu!dittrich

------------------------------

Date: Fri, 06 Dec 91 18:51:24 -0800
>From: [email protected] (Rob Slade)
Subject: Viral myths

DEFMTH1.CVP 911206

Viral Myths - Malice

The old saw "it ain't that folks is so ignorant, it's that they
know so much that ain't so" is true in the computer virus field
as in no other I have ever been involved with. For a variety of
reasons, hard facts about computer viral programs are extremely
hard to come by, while rumours, innuendo and outright lies
abound.

The terms "virus" and "damage" are so closely connected in the
minds of most computer users that "virus" is now being used to
describe any situation in which a computer is damaged,
unavailable or simply not doing what the user wants. (This
leads to the "Hurricane Hugo Virus", the "I-hit-Exit-and-the-
word-processor-stopped Virus" and, the favourite of all
technical support people, the "Not-Plugged-In Virus".) By the
same token, many users fear *any* viral program, regarding all
of them as if they carried the Black Death.

The truth is, relatively few viri perform any overt "damage" to
a system. Of the hundreds of viral strains, only a small number
carry a "payload" intended to corrupt data or erase random
files, and these tend to be correspondingly rare in terms of
number of infections. Those few viral variants which "destroy"
their target files or disks are, by definition, self revealing
and self limiting.

(Of course, I now have to back pedal by defining "overt" damage.
All viral programs make some kind of change to the system. Even
those which are designed to be "benign" may cause unforseen
problems in new situations. It is quite certain that the author
of the "Stoned" virus did not intend any kind of damage to
result from its spread; he just never knew anything about RLL
disk controllers or high density disks. Most "header" or
"integrity" checks in programs were intended only to trap bad
copies or disk sectors; they still stop programs from operating
if a viral infection occurs. In these days of increasingly
multi-layered operating systems and "background" utility
programs, the addition of a resident virus is increasingly
likely to result in unforseen interactions.

It is also important to note that all viri, trojans and
hacking/breaking erode, and may ultimately destroy, the trust
and community which currently supports so much international
research and cooperation on the nets.)

If viral programs are not intended to cause damage, why are they
written? My personal opinion is that this is a kind of
self-reproducing electronic graffiti. Basically, it is an
unsightly nuisance, perpetrated by tiny minds in search of some
place in life. Most of them don't think they are harming
anyone. Most of them don't think.

copyright Robert M. Slade, 1991 DEFMTH1.CVP 911206

=============
Vancouver [email protected] | "Metabolically
Institute for [email protected] | challenged"
Research into CyberStore |
User (Datapac 3020 8530 1030)| politically correct
Security Canada V7K 2G6 | term for "dead"

------------------------------

Date: Wed, 11 Dec 91 03:33:13 +0000
>From: [email protected] (McAfee Associates)
Subject: New Release of VIRUSCAN (PC)

NEW RELEASE OF McAFEE ASSOCIATES SOFTWARE

Version 85 of the VIRUSCAN, VSHIELD, CLEAN-UP and NETSCAN programs has
been released.
Seventy-six viruses have been added. Viruses that have
been reported at multiple sites include the Barcelona virus in Spain,
the Haifa virus in Israel, the Hary and Irish viruses in the U.K., the
New 1701 virus in Finland and Norway, the SBC, Stoned III, and SVC 5.0
viruses in North America. Other viruses added in this release are the
123, 233, 370-B, 408, 487, 621, 640, 658, 709, 712, 737, 7th Son, 802,
812, 1193, 1241, 1463, 1530, Ada, Argentina, ASC, Brothers, Cara, Caz,
Color, COP, CRF, CSL, Day10, DM400, Dutch, Einstein, Error, Got-You,
Grape, H-2, Hero-b, Invol, Joke, Karin, Kiev-1, KU-448, LC, Mono, MPS-11,
MSTU, Parasite, PathHunt, Pirate, Plov, Poem, Pregnant, QML, Reset, SCT,
Sentex, Socha, Suriv 4.02, Squeeker, Stink, Sys, SX, Tony, Travel, V82,
V-5, VTS, and Word-1 viruses.
Version 85 of VIRUSCAN adds several new options as well as
enhancing existing ones: The ability to NOT add validation codes to
files with the /AV option by creating an exception list of files to
ignore, the option of beeping whenever a virus is found with the /BELL
switch, the option of displaying messages in Spanish with the /SP switch,
the ability to search a system for files that do not have validation codes
with the /CERTIFY switch, the option to speed up VIRUSCAN's output with the
/FAST switch, the option to skip scanning inside of PKLITE-compressed files
with the /NPKL switch, the abilty to display a help screen by typing /?, /H,
or /HELP, and the ability of storing the options to run VIRUSCAN in a
configuration file.
CLEAN-UP version 85 adds the ability to display messages in
Spanish when run with the /SP switch
Disinfectors have been added for the 903, 1008, 1024, 1253, 1554,
V2000, 2560, 3445, Boys, Cara, Devil's Dance, Enigma, Flash, Greemlin,
Irish, M128, Possessed, SBC, SVC 5.0, SVC 6.0, and V730 viruses.
Clean-Up also now removes generic boot sector viruses and generic
partition table viruses.
Version 85 of VSHIELD adds one new option as well as a new
supplemental program. When VSHIELD is run with the /NOBREAK option,
it can not be broken out of during installation with a Ctrl-C or
Ctrl-Break key combination. The CHKSHLD program can check to see
if VSHIELD is loaded in memory. This is primarly for for network
administrators who want to prevent network access to uses who are not
running VSHIELD. Compatibility with Quarterdeck's QEMM memory
management software has been improved as well.
V85 also now checks the B: drive for boot viruses if the /COPY
option is used.

FTP AVAILABILTY
The files have been uploaded to wsmr-simtel20.army.mil in the
<msdos.trojan-pro> directory. The files have also been uploaded to
garbo.uwasa.fi and are currently in the /pc/incoming directory. The
filenames are:

SCANV85.ZIP Scans stand-alone and networked PC's for viruses
CLEAN85.ZIP Virus removal program for PC's and LAN's
VSHLD85.ZIP Infection-prevention TSR for PC's
NETSCN85.ZIP Scan network file servers for viruses

The validation data is as follows:
CHECKSHIELD 0.3 (CHKSHLD.EXE) S:7,789 D:12-10-91 M1: F9AB M2: 01D2
CLEAN-UP V85 (CLEAN.EXE) S:83,241 D:12-09-91 M1: 6251 M2: 110C
NETSCAN V85 (NETSCAN.EXE) S:59,074 D:12-10-91 M1: B7D3 M2: 1258
VIRUSCAN SCANV85 (SCAN.EXE) S:61,149 D:12-10-91 M1: 02B9 M2: 0486
VSHIELD VSHLD85 (VSHIELD.EXE) S:35,789 D:12-10-91 M1: 57AA M2: 0E66

Regards,

Aryeh Goretsky
McAfee Associates Technical Support
- --
- - - -
McAfee Associates | Voice (408) 988-3832 | [email protected] (business)
4423 Cheeney Street | FAX (408) 970-9727 | [email protected](personal)
Santa Clara, California | BBS (408) 988-4004 | "Il est mort, Jean-Luc"
95054-0253 USA | v.32 (408) 988-5190 | CompuServe ID: 76702,1714
ViruScan/CleanUp/VShield | HST (408) 988-5138 | or GO VIRUSFORUM

------------------------------

Date: Wed, 11 Dec 91 06:49:01 +0000
>From: [email protected] (Timo Salmi)
Subject: McAfee virus utilities (ver 85) updates (PC)

>From: Harri Valkama <[email protected]>
Subject: Re: your mail
To: [email protected] (McAfee Associates)
Date: Wed, 11 Dec 91 7:50:54 EET

> I have uploaded to garbo.uwasa.fi
>
> /pc/incoming
> SCANV85.ZIP Scans stand-alone and networked PC's for viruses
> CLEAN85.ZIP Virus removal program for PC's and LAN's
> VSHLD85.ZIP Infection-prevention TSR for PC's
> NETSCN85.ZIP Scan network file servers for viruses
>
> NEW RELEASE OF McAFEE ASSOCIATES SOFTWARE
>
> Version 85 of the VIRUSCAN, VSHIELD, CLEAN-UP and NETSCAN programs has
> been released.
>
> The validation data is as follows:
> CHECKSHIELD 0.3 (CHKSHLD.EXE) S:7,789 D:12-10-91 M1: F9AB M2: 01D2
> CLEAN-UP V85 (CLEAN.EXE) S:83,241 D:12-09-91 M1: 6251 M2: 110C
> NETSCAN V85 (NETSCAN.EXE) S:59,074 D:12-10-91 M1: B7D3 M2: 1258
> VIRUSCAN SCANV85 (SCAN.EXE) S:61,149 D:12-10-91 M1: 02B9 M2: 0486
> VSHIELD VSHLD85 (VSHIELD.EXE) S:35,789 D:12-10-91 M1: 57AA M2: 0E66

Thanks. These are available now as:

garbo.uwasa.fi:/pc/virus/scanv85.zip
garbo.uwasa.fi:/pc/virus/clean85.zip
garbo.uwasa.fi:/pc/virus/vshld85.zip
garbo.uwasa.fi:/pc/virus/netscn85.zip

- --
== Harri Valkama, University of Vaasa, Finland ==========================
P.O.Box 700, 65101 VAASA, Finland (tel:+358 61 248426 fax:+358 61 248465)
Anon ftp garbo.uwasa.fi (128.214.87.1) and nic.funet.fi (128.214.6.100)
Mailserver: [email protected],Subject:garbo-request,body:send help

"If you do not know how to go about getting these packages you are
welcome to email me for the prerecorded garbo.uwasa.fi instructions,
Keith Petersen ([email protected]) for SIMTEL20
information, or Craig Warren ([email protected]) for Oceanian garbo
mirror information. North American users are advised first to
search on SIMTEL20 or its mirror wuarchive.wustl.edu. Oceanian
users are referred to rana.cc.deakin.oz.au (for recent files)."

..................................................................
Prof. Timo Salmi
Moderating at garbo.uwasa.fi anonymous ftp archives 128.214.87.1
School of Business Studies, University of Vaasa, SF-65101, Finland
Internet: [email protected] Funet: gado::salmi Bitnet: salmi@finfun

------------------------------

Date: Wed, 11 Dec 91 07:27:00 -0500
>From: [email protected]
Subject: new mcafee programs (PC)

Hello.

The "85" serie of McAfee's product is now available from either:

oak.oakland.edu in: /pub/msdos/trojan-pro
or
urvax.urich.edu in: [.msdos.antivirus]

for anonymous FTP.

The files are: SCANV85 .ZIP
CLEAN85 .ZIP
NETSCN85.ZIP
VSHLD85 .ZIP

Regards, Claude

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Claude Bersano-Hayes HAYES @ URVAX (Vanilla BITNET)
University of Richmond [email protected] (Bitnet or Internet)
Richmond, VA 23173

------------------------------

End of VIRUS-L Digest [Volume 4 Issue 234]
******************************************

Downloaded From P-80 International Information Systems 304-744-2253