To:	   VIRUS-L@LEHIGH.EDU
Subject:   VIRUS-L Digest V6 #114
--------
VIRUS-L Digest   Thursday, 19 Aug 1993    Volume 6 : Issue 114

Today's Topics:

A new virus information source
Flash EPROMS
A thinker's thoughts...
origin of term virus
Info about Computer Virus Crime
Forms virus (PC)
Form virus (PC)
Form virus (PC)
Re: Problems with FPROT ?? (PC)
Re: Problems with FPROT ?? (PC)
Re: Sharing .def files between scanners (Novell) (PC)
Re: [mon] virus (PC) whats good? (PC)
Re: Anti-virus software usable on LAN's (PC)
Perfume virus? (PC)
Re: Questions on McAfee Scan Verson 106 (PC)
Any good anti-viral shareware out there (PC)
Re: Dudley [odud] virus ? (PC)
Re: Questions on McAfee Scan Verson 106 (PC)
New virus (?) (PC)
Memoires of a (infected) virus researcher (PC)
Re: Information on the 'Trident' Virus (PC)
Re: [mon] virus (PC) whats good? (PC)
FProt Professional (PC)
Norton A-Virus (PC)
Re: E-Rillutanza virus? (PC)
EICAR '93 conference / members' meeting

VIRUS-L is a moderated, digested mail forum for discussing computer
virus issues; comp.virus is a gatewayed and non-digested USENET
counterpart.  Discussions are not limited to any one hardware/software
platform - diversity is welcomed.  Contributions should be relevant,
concise, polite, etc.  (The complete set of posting guidelines is
available by FTP on CERT.org or upon request.)  Please sign submissions
with your real name; anonymous postings will not be accepted.
Information on accessing anti-virus, documentation, and back-issue
archives is distributed periodically on the list.  A FAQ (Frequently
Asked Questions) document and all of the back-issues are available by
anonymous FTP on CERT.org (192.88.209.5).

Administrative mail (e.g., comments, suggestions, beer recipes)
should be sent to me at: krvw@ASSIST.IMS.DISA.MIL.

All submissions should be sent to: VIRUS-L@Lehigh.edu.

   Ken van Wyk

----------------------------------------------------------------------

Date:    Mon, 16 Aug 93 07:36:46 -0400
From:    A.APPLEYARD@fs1.mt.umist.ac.uk
Subject: A new virus information source

  IPE Corporation Ltd (9-10 Alfred Place, London WC1E 7EB, England,
tel. (UK) 071 436 2244) have started to publish a periodical called
"Secure Times" about computer viruses and antivirals. The first
edition (numbered "vol 1, Sept 1993") arrived today as a free
distribution; it is of four A4 sides including an article about Tremor
virus.

------------------------------

Date:    Tue, 10 Aug 93 10:12:00 +0200
From:    Amir_Netiv@f120.n9721.z9.virnet.bad.se (Amir Netiv)
Subject: Flash EPROMS

padgett@tccslr.dnet.mmc.com (A. Padgett Peterson) writes:

 > Now the real way to protect a system is with hardware.
So true.....!!!

 > The real way to protect a Flash ROM is with a key switch connected
 > to the write-enable pin, one that will not permit the machine to
 > boot if the switch is in the "write" position.
It would be nice, but like you say later in your letter: it costs money.
Anyway remember that every key has at least 2 positions, and the
energy required to move it from one position to another is the same as the 
energy required to move a mountain when it comes to users behaviour (isn't it 
so ? ;-) ). Think of all the long-lost data that could be saved simply by 
backups...
If you read Nemrod Kedem's idea in our last communications he has a great idea 
of combining a Flash ROM with a somple ROM for security.

 > I have yet to see a virus that can throw a physical switch.
I join you...

 > Until I hear of real world added benefit, it is
 > necessary to assume that the marketoids are in charge
 > & added features are for the manufacturer not us.

I disagree with you here: I think that PC manufacturers are with an open ear 
to what is happening in the world and to user demands since the compatition is 
so hard that any feature counts. Moreover it is my believe that we (the public)
influate the configuration of both hardware and software in the world. Is it 
not a fact that MocroSoft swallowed an (BAD) Anti-Virus just to satisfy the 
public? And a Disk-Doubler just for that same reason? And a ..... |-)

Did you here the say that the GARTNER group (making forecasts and predictions 
of the market in future years) are so successful becaus the maket responds to 
their predictions and tries to comply?

(The prophecy that fulfills itself).

It is enough that several of VirNet readers will ask the question when they 
come to buy a new PC, that will cause the dealers to complain to the 
manufacturer, and just a few dealers that complain draws a new picture to the 
market's captains...

warmly

* Amir Netiv. V-CARE Anti-Virus, head team *

- ---
 * Origin: <<< NSE Software >>> Israel (9:9721/120)

------------------------------

Date:    Tue, 20 Jul 93 18:43:16 -0400
From:    fergp@sytex.com (Paul Ferguson)
Subject: A thinker's thoughts...

I wrote this commentary (opinion/editorial) last year in hopes of
presenting it at the Ides of March Computer Security Conference
in New York, March 1993. Unfortunately, it was deemed a little
too controversial (or perhaps unimportant enough) to be accepted
for presentation. I am in the midst of writing an "updated" version
of the paper. Comments are always welcome.
 
With recent debate on the closure of Clancy's AIS systems, current
efforts to compile data on virus exchange systems world-wide and
impending legislation sponsored by Rep. Edward Markey (D-Mass.),
I find this commentary more apt than it was when I originally
wrote it.
 
This file may be freely copied and distributed at will.
 
8<----------- Cut Here ---------------------------
 
 
                        ESTABLISHING ETHICS
                              IN THE
                        COMPUTER VIRUS ARENA
 
 
 
                        Paul W. Ferguson, Jr.
                          September, 1992
 
 
 
                             ABSTRACT
 
 
        The introduction of the computer into our already complex
arsenal of tools has opened a door to a world in which the limits
are seemingly boundless.  The possibilities of electronic
information and data exchange alone are enough to boggle the mind.
However, with the computer's acceptance and its growing
implementation, a debate has arisen concerning the manner in which
it is being utilized.
 
        Today, we have a virtual stone wall separating two basic
trains of thought.  On one hand, there are those who wish to make
all computer information and resources publicly available, regardless
of impact or damage afforded to unwitting users.  On the other hand,
we have computer professionals, advocates and users who think
potentially damaging information should be more effectively managed
and controlled, disallowing damaging code to escape into the public
domain.
 
[Moderator's note: The remainder of this document is available via
anonymous FTP from cert.org:/pub/virus-l/docs/ferguson.ethics; the IP
number for cert.org is 192.88.209.5]

Paul Ferguson               |  "Government, even in its best state,
Network Integrator          |   is but a necessary evil; in its worst
Centreville, Virginia USA   |   state, an intolerable one."
fergp@sytex.com             |      - Thomas Paine, Common Sense
 
         I love my country, but I fear its government.

------------------------------

Date:    Wed, 18 Aug 93 10:07:30 -0400
From:    drstrip@isrc.sandia.gov (David Strip)
Subject: origin of term virus 

don't know if it's the first ref, but "virus" in a remarkably prescient use
appears in the SF novel "When Harley was One" by David Gerrold (whose fame
lies in his authorship of the Star Trek episode "The Trouble with Tribbles".

David Strip

------------------------------

Date:    Wed, 18 Aug 93 13:32:06 -0400
From:    clark@umbc.edu (Ms. Kathleen Clark)
Subject: Info about Computer Virus Crime

  I would appreciate any information about where I could telnet
info about crime caused by computer viruses.  Thanks a lot!

Kathleen
clark@umbc.edu

------------------------------

Date:    12 Aug 93 17:27:20 +0000
From:    gt2242a@prism.gatech.edu (Scot Wesley DeLancey)
Subject: Forms virus (PC)

I have the Form virus on my pc.  I think I have infected several other
peoples' machines.  I've run Norton Anti-Virus on it and it supposidly
got rid of the virus.  I also cleaned my floppies with DOS 6's
anti-virual program.  I quit having things bogg down in my CPU for a
while then it started happening again.  Can someone tell me if Form
sleeps somewhere or can it exist on a LAN?

Thanks!
- -- 
Scot Wesley Delancey                |   Don't ever encourage anyone to        
Georgia Institute of Technology     |   become a lawyer. 
Internet : gt2242a@prism.gatech.edu |     

------------------------------

Date:    Tue, 10 Aug 93 18:24:02 +0200
From:    Jos_Callewaert@f907.n292.z2.fidonet.org (Jos Callewaert)
Subject: Form virus (PC)

Hello All,

I just sumbled on a diskette containing the FORM virus.  McAffee
scanv106 finds it, but clean106 gives me a message : Virus cannot
safely be removed.  It seems to be a boot record virus.

Does anybody has any idea as to how to get rid of the beast (and still have 
thedata on the disk)?

Kind regards,

Jos

- ---
 * Origin: Joferan - Directly connected to the A-team HQ (2:292/907)

------------------------------

Date:    Wed, 11 Aug 93 00:56:01 +0200
From:    Luc.Henderieckx@f902.n292.z2.fidonet.org (Luc Henderieckx)
Subject: Form virus (PC)

Jos,

In a msg of <Tuesday August 10 1993>, Jos Callewaert writes to All:

 JC> I just sumbled on a diskette containing the FORM virus.
 JC> McAffee scanv106 finds it, but clean106 gives me a message : Virus
 JC> cannot safely be removed. It seems to be a boot record virus.

 JC> Does anybody has any idea as to how to get rid of the beast (and still
 JC> have the data on the disk)?

Boot from a protected diskette containing the same DOS-version as on your HD 
and perform a "SYS C:" command followed by a "FDISK C: /MBR".

Kind Regards,

Luc

- --- GoldED 2.41+
 * Origin:  --> Fly like an Eagle <--  (2:292/902)

------------------------------

Date:    Mon, 16 Aug 93 16:32:26 +0000
From:    Eugen_Woiwod@mindlink.bc.ca (Eugen Woiwod)
Subject: Re: Problems with FPROT ?? (PC)

Andrew Brennan, LRC Ma writes:

      Actually, VIRSTOP - not FPROT.  I had a run-in with Michelangelo
   recently that was appearing on machines that were set up to check for
   viruses on reboot (/DISK /FREEZE /WARM /BOOT /COPY) and we ran a few
   tests to see what we could do about it.  VIRSTOP does not (??) appear
   to do memory-testing for viruses already loaded?  We set up FPROT to
   load and scan the machine (using cmd line parms) and it can be set to
   scan memory -or- to auto-disinfect the disk.

      FPROT's auto-disinfect is nice, but that's only available if you
   do *not* scan the memory and it leaves the active virus in memory.
   The memory scan is nice, but it appears to detect a virus and continue
   through without locking the machine (if in cmd-line mode).

      Curiously enough, the configuration we toyed with that _did_ work
   as expected (locking on reboot if the diskette was infected) was a
   combination of VIRSTOP *and* VSHIELD.  It seems that VSHIELD's action
   to check the disk triggers VIRSTOP's /COPY (or one of the other parms)
   to detect a virus on the diskette - hanging the machine with a message
   to this effect.

      Anyone planning a package with the future detection abilities of the
   VIRSTOP /COPY and the bulldog attributes of VSHIELD's virus-in-memory
   detection?  I would definitely be interested.

      andrew.  (brennan@hal.hahnemann.edu)

------------------------------

Date:    Mon, 16 Aug 93 11:05:38 -0400
From:    frisk@complex.is (Fridrik Skulason)
Subject: Re: Problems with FPROT ?? (PC)

brennan@hal.hahnemann.edu (Andrew Brennan, LRC Manager) writes:

>      Actually, VIRSTOP - not FPROT.  I had a run-in with Michelangelo
>   recently that was appearing on machines that were set up to check for
>   viruses on reboot (/DISK /FREEZE /WARM /BOOT /COPY) and we ran a few
>   tests to see what we could do about it.  VIRSTOP does not (??) appear
>   to do memory-testing for viruses already loaded? 

Right.  (Well, it checks for a few old boot sector viruses, but that's it...) 
I don't intend to let VIRSTOP do a full memory scan - if you need that
you should run F-PROT /NOFILE /NOBOOT and check the error return.  I did not
want to duplicate large parts of F-PROT in VIRSTOP, and I did not want to
check for a subset of viruses like VSHIELD does.

>      FPROT's auto-disinfect is nice, but that's only available if you 
>   do *not* scan the memory and it leaves the active virus in memory. 
>   The memory scan is nice, but it appears to detect a virus and continue
>   through without locking the machine (if in cmd-line mode).

Well, what do you want ?   I do *NOT* consider it safe to disinfect with a
virus active in memory.  If you want the machine to freeze you should
use the /FREEZE option.   Otherwise the program will simply exit with an
errorcode, that you can check in a batch file.

- -frisk

------------------------------

Date:    Mon, 16 Aug 93 11:12:12 -0400
From:    frisk@complex.is (Fridrik Skulason)
Subject: Re: Sharing .def files between scanners (Novell) (PC)

V2002A@VM.TEMPLE.EDU (The Radio Gnome) writes:

>     Is there or should there be a standard for virus definition files?

There cannot be.

Different scanners use different scanning techniques.  For example, I
sometimes receive list of search patterns for "new" viruses, but those
hex-strings are of no use to me at all, as I need more information to add
detection of a new virus.

Some scanners allow you to add search patterns, but even they are not
compatible...for example some scanners allow variable-length wildcards, but
others do not.

- -frisk

------------------------------

Date:    Mon, 16 Aug 93 11:18:42 -0400
From:    frisk@complex.is (Fridrik Skulason)
Subject: Re: [mon] virus (PC) whats good? (PC)

mingione@acf2.NYU.EDU (mingione) writes:

>I know Clean106 and Scan106 work fairly wellto detect and erase it. What I 
>don't understand is why other programs are not doing as well.  We have 
>purchased a license from frisk@complex.is for the f-prot program but as far
>as I can tell version 2.0.9 still does not have the capability to erase the
>virus from the partition table.  

It should!   As far as I know, F-PROT 2.09 can disinfect all variants of
Monkey.

But...

You have to boot from a clean diskette first - which (for some Monkey variants)
means that the C: partition will appear to have vanished.   If you tell F-PROT
to scan C:, it will refuse, saying that C: does not exist.

However, running F-PROT /DISINF /HARD (or selecting the equivalent options
from the menu) should work .... let me know if it doesn't.

- -frisk

------------------------------

Date:    Mon, 16 Aug 93 11:22:11 -0400
From:    frisk@complex.is (Fridrik Skulason)
Subject: Re: Anti-virus software usable on LAN's (PC)

marc_b@ingres.com (Marc Burckin) writes:

>A friend who is w/o net access has asked me to pose this question.

>	"What types of software and/or methods to people use to keep 
>	 their LAN's free of viruses? Is there a way to run the virus 
>	 software from the server and thereby check all of the connected
>	 PC's?"

It is easy to run anti-virus software on the server if you have a Novell
sever, and several Anti-Virus NLMs exist (from Cheyenne, McAfee, Sophos and
several other companies, including our own US distributor).

Nowever, if you are using another network, this may be impossible, but you
did not include that information..

- -frisk

------------------------------

Date:    Mon, 16 Aug 93 13:01:17 -0400
From:    d.j.e.nunn@durham.ac.uk (Douglas Nunn)
Subject: Perfume virus? (PC)

Can anyone tell me about the Perfume virus? F-Prot209a gave the message
"Possibly a new variant of Perfume" recently, but other scanners found
nothing.

Info that would help:-
- - what does it do?
- - what signature string would find it?
- - can it be removed?

------------------------------

Date:    Mon, 16 Aug 93 13:23:59 -0400
From:    mal@netcom.com
Subject: Re: Questions on McAfee Scan Verson 106 (PC)

Kathy Smith (kathy@oasys.dt.navy.mil) wrote:
: We have found the Version 106 of McAffee Scan and Clean on one of the ftp
: sites.  Was there a announcement posted in this newsgroup that I missed? 
: Also, does anyone have their email address.

The version of SCAN V106 has been out for a while, there is an actual
SCAN V107 Beta release out. I'm not sure if it is present on the ftp
site.

Regarding the mailing address, try support@mcafee.com

Regards,
Michael

------------------------------

Date:    Mon, 16 Aug 93 16:48:53 -0400
From:    dk010b@uhura.cc.rochester.edu ()
Subject: Any good anti-viral shareware out there (PC)

I'm looking for a good anti-viral program that is available as
shareware. If you know af a good one (and how I can easily get it) or
if you have one you wouldn't mind sharing I'd really appreciate it.

Thanks-
Dan
'dk010b@uhura.cc.rochester.edu'

------------------------------

Date:    Mon, 16 Aug 93 17:59:02 -0400
From:    "William H. Lambdin" <73044.2573@compuserve.com>
Subject: Re: Dudley [odud] virus ? (PC)

From:    frisk@complex.is (Fridrik Skulason)

>Never trust anything VSUM says about removal of viruses - that is
>usually the most incorrect part of the description.

I prefer to delete all infected files, and restore them from backup or
originals.

Bill

------------------------------

Date:    Tue, 17 Aug 93 03:15:47 -0400
From:    belinda@cory.EECS.Berkeley.EDU ( )
Subject: Re: Questions on McAfee Scan Verson 106 (PC)

kathy@oasys.dt.navy.mil (Kathy Smith) writes:
>We have found the Version 106 of McAffee Scan and Clean on one of the ftp
>sites.  Was there a announcement posted in this newsgroup that I missed? 
>Also, does anyone have their email address.

I missed the announcement too (if there was one) but McAfee's email address
is mcafee.com

scanv106.zip and clean106.zip both include readme's and specs.

------------------------------

Date:    Thu, 12 Aug 93 00:20:00 +0200
From:    Robert.Hoerner@f7518.n241.z2.fidonet.org (Robert Hoerner)
Subject: New virus (?) (PC)

A new virus has to be reported :

it's a 250 byte direct COM-infector, that infects every comfile in the currect 
directory. Has been found in the wild in germany.

The following scanstring allows SCAN.EXE to detect it :

#SPLIT
"9C FC 8D B6 DF 01 BF 00 01 B9 02 00" split [Split]

TBCLEAN will clean it.

greetings,
      Robert

- ---
 * Origin: Virus Help Service Karlsruhe, 49-721-821355 (2:241/7518)

------------------------------

Date:    Thu, 12 Aug 93 10:52:00 +0200
From:    Amir.Netiv@f120.n9721.z9.virnet.bad.se (Amir Netiv)
Subject: Memoires of a (infected) virus researcher (PC)

8326442@awiwuw11.bitnet (Martin Zejma) writes:

 > Regarding an infection of Dir-II:

 > Your test machine seems to use a DOS version prior to
 > 5.00.  Last week I tried to infect an hardware protected PC running
 > 5.0, and it just freezed the machine.
DIR-II does not work well under DOS-5.0 (and above) due to several reasons: 
one of which you have detected (calling DOS as an absolute adress), the other 
reason is that DIR-II replaced the block-device driver that is responsible of 
accessing the disk tables (FAT, DIR...)...

 > I saw the reason. Dir-II takes an assumption where the entry in the
 > Dos-segment should be, cause it calculates its offset for int 21h
 > calls itself.
True!

 > And under 5.0 (maybe 6.0 , too) it fails.
Just the same.
However in several cases I've seen DIR-II work even on DOS 5.0, but usually at 
a later time the system  will hang and the disk crash.

* Amir Netiv. V-CARE Anti-Virus, head team *

- ---
 * Origin: <<< NSE Software >>> Israel (9:9721/120)

------------------------------

Date:    Tue, 17 Aug 93 17:59:00 +0000
From:    tien_bu@pavo.concordia.ca (BUI, TIEN HY)
Subject: Re: Information on the 'Trident' Virus (PC)

neuro@santafe.edu (Terrance Johnson) writes...
>Brenda Parsons (parson@coulomb.pcc.oz.au) wrote:
>: We've recently had an attack of the 'Trident' virus, and seemed to
>: have gotten rid of it, but no one was able to supply us with information
>: as to what it would do when activated.
> 
>The Trident virus I believe is not actually a virus, it is the Trident
>Polymorphic Engine, akin to the Mutation Engine, which encrypts a virus
>differently every time a new file is infected. Since any number of virii
>may use the Engine, it is impossible to say what the virus would have done
>upon activation.

Well, if that virus was really using the TPE, do you really think
that it would contain the string TRIDENT? I don't think so. What
I think it is, is just a virus created by the group TRIDENT. (maybe
one of their older creations) 
Maybe I'll look into it to find out how many viruses the group
actually made and released.

------------------------------

Date:    Wed, 18 Aug 93 06:20:51 +0000
From:    Eugen_Woiwod@mindlink.bc.ca (Eugen Woiwod)
Subject: Re: [mon] virus (PC) whats good? (PC)

mingione writes:

We have had a lot of trouble here at Academic Computing with the [MON]
virus infecting the boot sectors o our PCs. Has anyone had problems with this
particular virus?

I know Clean106 and Scan106 work fairly wellto detect and erase it. What I
don't understand is why other programs are not doing as well.  We have
purchased a license from frisk@complex.is for the f-prot program but as far
as I can tell version 2.0.9 still does not have the capability to erase the
virus from the partition table.

Does anyone know of other good effective ways of ersing this virus.  Repeated
e-mailings to the author of f-prot (even sent him a disk with the [mon] virus
on it )  have produced no feedback.  So we may have to switch to something
else after we evaluate several products.

Thanx in advance.

Try ThunderByte Anti-Virus v6.04. You can get the latest version via modem
from ThunderByte USA at 1-615-442-2833.

Ttul

------------------------------

Date:    Wed, 18 Aug 93 10:23:49 -0400
From:    "James Ford" <James.Ford@seebeck.ua.edu>
Subject: FProt Professional (PC)

Can someone send me information on the difference between FProt v2.09
and FProt Professional?

Does FProt v2.09 successfully take care of the Chinese Fish virus?  I
haven't seen it, but a user here says that it does not.

Thanks in advance.
- ----------
James Ford - Consultant II, Seebeck Computer Center
             jford@seebeck.ua.edu, jford@risc.ua.edu
             The University of Alabama (in Tuscaloosa, Alabama)

------------------------------

Date:    Thu, 19 Aug 93 01:39:21 -0400
From:    clangenh@cs.uct.ac.za (Clement Langenhoven)
Subject: Norton A-Virus (PC)

Hi All.

It would seem that the earlier posting concerning
the NAV virus-ID files died very, very unnoticed.

A mention/query was made concerning someone uploading 
such files to an Internet-site.  I remember the guy
from Symantec stating quite conclusively that this was
legal.

SO DOES ANYONE KNOW WHETHER SUCH A SITE INDEED EXISTS ???

AND (to prevent any 'witty' straight 'YES' answers)
WHICH ONE ?

Clement
             
             \-\-\-\-\-\-\-\-\-\-\-\-\
            \ My brain's not twisted. /
            \                         / 
            \ It's hopelessly ....... /
            \ SPRAINED.               /
            \|_|_|_|_|_|_|_|_|_|_|_|_|/
              So send sprained
              messages to
              clangenh@cs.uct.ac.za

------------------------------

Date:    Wed, 18 Aug 93 15:55:48 -0400
From:    "William H. Lambdin" <73044.2573@compuserve.com>
Subject: Re: E-Rillutanza virus? (PC)

Date:    Wed, 11 Aug 93 04:44:02 -0400
From:    sci00019@leonis.nus.sg (CHENG MUN WAI)

>What I want to know is that have anyone had a similar report using F-Prot
>which scan106 missed. 

If you will read tthe August LAT, you will see that Scan missed several 
viruses in my collection. 

But Scan 106 is over a month old. I imagine 107 will do quite a bit better. 

Bill

------------------------------

Date:    Thu, 19 Aug 93 06:00:28 -0400
From:    Anthony Naggs <amn@ubik.demon.co.uk>
Subject: EICAR '93 conference / members' meeting

EICAR '93 Conference

    At a recent meeting the board of EICAR (European Institute for Computer
    Anti-Virus Research), decided to cancel the planned London conference
    this year.  I understand this is due to low participation in other
    computer security / anti-virus events this year.

    However, there will instead be a Members' Meeting in Hamburg (Germany),
    the proposed agenda is:
        25 November 1993
                14:00   Working Group 3 (Legal Questions) meeting
                16:00   Working Group 1 (Antivirus Technologies) meeting
                18:00   Joint Dinner

        26 November 1993
                09:00   Discussion of the Working Groups results
                11:00   Members Meeting
                13:00   Lunch

EICAR '94 Conference

    The next EICAR conference is proposed to be from 14 to 16 November 1994
    in the vicinity of London.

(Disclaimer; I am not an official spokesman for EICAR).

- --
Anthony Naggs                 Email:                  Paper mail:
 Software/Electronics Engineer amn@ubik.demon.co.uk    P O Box 1080, Peacehaven
 & Computer Virus Researcher                           East Sussex  BN10 8PZ
 Phone: +44 273 589701                                 Great Britain

------------------------------

End of VIRUS-L Digest [Volume 6 Issue 114]
******************************************
