Return-Path: Received: from IBM1.CC.Lehigh.EDU by abacus (SunOS 4.1/SMI-4.1-01) with sendmail 4.1/SMI-4.1-01 id AA03069; Fri, 14 Feb 92 14:31:29 +0100 Message-Id: <9202141331.AA03069@abacus> Received: from LEHIIBM1.BITNET by IBM1.CC.Lehigh.EDU (IBM VM SMTP R1.2.2MX) with BSMTP id 2661; Fri, 14 Feb 92 08:19:08 EST Received: from LEHIIBM1.BITNET by LEHIIBM1.BITNET (Mailer R2.08) with BSMTP id 8587; Fri, 14 Feb 92 08:18:46 EST Date: Fri, 14 Feb 1992 08:13:03 EST Reply-To: VIRUS-L@IBM1.CC.LEHIGH.EDU Sender: Virus Discussion List From: "The Moderator Kenneth R. van Wyk" Subject: VIRUS-L Digest V5 #30 Comments: To: VIRUS-L@IBM1.CC.LEHIGH.EDU To: Multiple recipients of list VIRUS-L Status: RO VIRUS-L Digest Friday, 14 Feb 1992 Volume 5 : Issue 30 Today's Topics: Maltese Amoeba report (PC) STONED on MSDOS 4.01 Distribution disks (PC) Fprot (PC) System Troubles... (PC) Info wanted on the Form virus (PC) Re: AUX files (PC) "Variant" virus (PC) Re: Yankee Doodle (PC) Dark Avenger on vendor disks (PC) Viruses and Backups (PC) Mirrors virus info? (PC) Cinderella virus/ does VSHIELD work? (PC) Biological analogy Re: Polymorphic viruses List of all viruses available? virx20.zip on risc (PC) VIRX20.ZIP (PC) VIRUS-L is a moderated, digested mail forum for discussing computer virus issues; comp.virus is a non-digested Usenet counterpart. Discussions are not limited to any one hardware/software platform - diversity is welcomed. Contributions should be relevant, concise, polite, etc. (The complete set of posting guidelines is available by FTP on cert.sei.cmu.edu or upon request.) Please sign submissions with your real name. Send contributions to VIRUS-L@IBM1.CC.LEHIGH.EDU (that's equivalent to VIRUS-L at LEHIIBM1 for you BITNET folks). Information on accessing anti-virus, documentation, and back-issue archives is distributed periodically on the list. Administrative mail (comments, suggestions, and so forth) should be sent to me at: krvw@CERT.SEI.CMU.EDU. Ken van Wyk ---------------------------------------------------------------------- Date: 10 Feb 92 11:40:10 -0500 From: Wolfgang Stiller <72571.3352@CompuServe.COM> Subject: Maltese Amoeba report (PC) Stiller Research Virus Report - Copyright 1992 - The Maltese Amoeba Aliases: Irish (McAfee), Grain of Sand, Amoeba (mistakenly) A destructive memory resident infector of .COM and .EXE files. It will activate on Nov 1st and March 15th. The Maltese Amoeba is another variable encrypting virus. This means that the bulk of the virus code is encrypted and the decryption routine uses variations of several patterns of instructions similar to the technique used in the V2Px series of viruses. The decryption instructions are interspersed with variable numbers of irrelevant instructions and can appear in a varying order. While various (different) series of instructions are used for the decryption, the decryption is always accomplished by a simple exclusive or. The Maltese Amoeba infects only .COM and .EXE files using a different decryption pattern for .COM and than for .EXE files. It uses no stealth techniques and can be detected by doing a simple DIR and noting the file size changes. Its only sophistication lies in its ability to make generation of virus scan strings difficult. This virus spread quite readily on all PCs tested (7). It will infect files on either a DOS open or a load and execute (files read or executed programs will be infected). After the first infected file is executed, the Maltese Amoeba goes resident in memory in the highest available 2K (usually at 9F00:0000 if 655,360 bytes are free). It seems to play by the DOS rules and changes the MCBs (memory control blocks) so that DOS does not overlay the virus code, but it does not issue the DOS TSR request (no doubt in order to bypass monitoring programs). This reduction in memory can be seen by doing a CHKDSK or a MEM command. This virus checks for its own presence in memory by issuing a DOS set date call with an invalid value and also checks for presence (in memory) of Ross Greenberg's anti-virus programs (FluShot+ and Virex-PC) as well as the PSQR virus. If these programs are present the virus will not infect any programs. It reportedly also detects and deactivates the Murphy virus but I have not confirmed this. The virus will replace the (Int 24) critical error handler so you will not see the familiar "Abort, Retry, Fail" if the virus tries to infect a write protected floppy. On Nov 1st or March 15th (March is going to be a rough month!), it will overwrite low numbered tracks on the hard disk and any diskettes, produce a flashing display and hang the PC. The disk will probably be unreadable at this point. I have not actually allowed this virus to destructively activate on my test systems; my results are based upon code inspection and reports published in the (UK) Virus Bulletin. The code written into the partition sector (AKA Master boot record) contains encrypted poetry which displays the first four lines of Blake's Auguries of Innocence from the Pickering Manuscripts: "To see a world in a grain of sand And a heaven in a wild flower, Hold infinity in the palm of your hand And eternity in a hour." The Virus 16/3/91 The next time the PC is booted the above text is displayed -- the PC then hangs. The remainder of the partition sector will contain unencrypted ASCII text. This text names the virus "AMOEBA" and proclaims that the University of Malta "destroyed 5X2 years of human life". This implies that the virus was written by two students who did not do very well at this university. (Note, there is another virus more commonly known as AMOEBA so this name should NOT be used for this virus) =========== End of Virus report ========= Since this virus will soon activate (March 15th), I suggest that you check your software to make sure it can detect this virus. I understand that it is prevalent mostly in the UK and Europe. A little editorial comment here. This virus was not detected prior to its activation in the UK on November 1st 1991. It had managed to spread quite widely! According to the December 1991 Virus Bulletin: "Prior to November 2nd, 1991, no commercial or shareware scanner (of which VB has copies) detected the Maltese Amoeba virus. Tests showed that not ONE of the major commercial scanners in use (the latest releases of Scan, Norton Anti-virus, Vi-Spy, VISCAN, Findvirus, Sweep, Central Point Anti-virus et al.) detected this virus." This indicates the danger of depending upon scanner technology or active monitor technology for virus protection. Regards, Wolfgang (Author of Integrity Master) Stiller Research 2625 Ridgeway St. Tallahassee, FL 32310 USA ------------------------------ Date: Tue, 11 Feb 92 18:16:14 -0600 From: ST6267@SIUCVMB.BITNET (Jerome Grimmer) Subject: STONED on MSDOS 4.01 Distribution disks (PC) [I received the following from another listserv list I am on. I feel that it warrants posting here in this forum, so here it is. --Jerome Grimmer] ===========BEGIN FORWARDED MESSAGE================== >From: "Stephanie A. Hall" Subject: VIRUS ALERT X-To: anthro-l%ubvm.bitnet@ubvm.cc.buffalo.edu To: Multiple recipients of list ANTHRO-L Status: RO Folks: In our office we recently got a practical lesson in virus prevention when one of our PCs crashed with virus-like symptoms. No virus was found, and the PC was backed up, so we are just wiser and not sadder for the experience. The information we learned from the experts involved in virus detection and clean-up is worth passing on -- especially since there is a particularly nasty virus going around right now. Following are the details as best as I know them: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ VIRUS ALERT 1/31/92 A computer virus called "stoned" has been damaging systems in the Washington DC area, and may have spread to other areas. A known source for the "stoned" virus in the Washington area is on commercially duplicated copies of MS DOS 4.01 packaged and sold with new Win brand computers. The virus was apparently put on many diskettes when Win Laboratories in Manassas, VA had DOS 4.01 duplicated by another company. Many federal and private offices purchased Win computers with DOS 4.01 in 1991. This virus is extremely widespread. Not only was it transmitted through duplicates of MS DOS 4.01, it is also extremely contagious. Also, since it is believed that the virus was put on diskettes at a commercial duplication lab (without their knowledge, of course), it is possible that copies of other commercial software may carry the virus. If you have a Win computer with DOS 4.01 installed, the copy installed by the computer dealer should be OK. But do not use the DOS diskettes that came with the computer. These diskettes are clearly marked "Win Laboratories, Ltd." One way to protect yourself in this case is to upgrade to DOS 5.0 and toss your old copies of 4.01. If you use a MS DOS 4.01 or other source diskette with the "stoned" virus you will get a message "Your PC is now stoned," hence the name. The virus attacks the boot files and destroys the file allocation table of both the hard drive and any floppy disks it corrupts. Eventually it makes floppys unreadable and causes hard drives to crash. The "stoned" virus can be readily transmitted by diskette. In this case the warning message does not appear. It is not necessary to copy files from a diskette onto a hard drive, or even read them in order to spread the virus. Just reading the directory of a floppy disk can transmit the virus from hard drive to floppy or vice versa. Write-protect stickers will prevent transmission of the virus by floppy disk. Downloading corrupted files by modem will also transmit this and other viruses. Some fileservers include anti-virus programs to protect users, but it is best to rely on protecting yourself. Current versions of both Norton's Anti-Virus and Central Point Anti-Virus have been used successfully to detect and destroy the "stoned" virus. They have also been used to recover data from corrupted diskettes and hard drives, when the problem was caught in time. (This information should not be construed as an endorsement of these products.) Computer technicians advise the use of general anti-virus precautions to protect your computer and your data. Use an anti-virus program and upgrade frequently. Scan all foreign diskettes, even commercially purchased programs. If files are packed, unpack them to a floppy disk and scan them before copying them to your hard drive. When you download data from a network, download it to a floppy disk, unpack to another floppy if necessary, and scan the data before copying it to your hard drive. Scanning it again after you have loaded it to your hard drive is also a good idea. Scan your hard drive before backing it up and back up frequently. If you do detect a virus on a disk, notify the company or individual who gave it to you so they can stop transmitting it themselves. If your computer system becomes infected, do not transmit any files over the network or give anyone a diskette until you are sure you have gotten rid of the virus. Finally, in case any users reading this have an opportunity to influence young minds with a cautionary tale: this virus has brought down the computer system of at least one area hospital, thus endangering lives as well as data. Apparently the creators of such viruses think of them as practical jokes. No one here is laughing. DISTRUBUTE FREELY Stephanie Hall seq1.loc.gov ------------------------------ Date: Wed, 12 Feb 92 01:29:46 +0000 From: wonge@sfu.ca (Edmund Yat Ming Wong) Subject: Fprot (PC) JFORD@UA1VM.BITNET (James Ford) writes: >The file fprot202b on risc.ua.edu has been replaced by fprot202d.zip. > >- ----------------------------------------------------------------------- >The major change in 2.02D is improved ability to search for viruses in >compressed executables - the program can now search in LZEXE and PKLITE >(version 1.03 and 1.13)-packed files. > >This method is not foolproof, but a considerable improvement, compared >to earlier versions. > >I strongly recommend that anyone using 2.02A, 2.02B and 2.02C switch >to this version - it corrects a few (very minor) bugs in those >versions - those who are using 2.02 and have not bothered to get the >minor updates can just as well ignore this one too - 2.03 will be >released in early March. I've TRIED to use FPROT v2.0 and it doesn't seem to work on my XT computer. All it does is give a blank blue screen and that's all. I've followed it's install.doc file, but it still gives me the blue screen. I know this might be a bit old considering that v2.02d is out, but like I was wondering if FPROT works on XT's. Has anyone else have that kind of problem? - -- wonge@fraser.sfu.ca :\/: | "If you were me, and I were you, =00= | would you be here and I be there?" /\ | = = = = = -- CrazyCat | "Hahahahaha" - Joker ------------------------------ Date: Tue, 11 Feb 92 21:01:00 -0500 From: CALANA95@SNYBUFVA.BITNET Subject: System Troubles... (PC) I'm wondering if anyone can help me with a problem. I am one of the few students/people on campus knowledgeable of computer viri - most students and faculty come to me for help. Admittedly, I am in the weaning stages of becoming a viral-guru and have never ran across this type of problem. Included is a letter sent to me from a faculty member here at our college. I'm not sure exactly what machine he's working on, but I know he had a Dark Avenger infection last semester and reformatted his HD to remove it. I haven't had a chance to check out his system yet (I use McAffe's Scan/Clean V85) but I'm guessing it may be a virus - not to cry wolf :) Please send to my address as to not clutter up the list. Any help will be appreciated. Thanks. >Have you ever heard of a virus that: >I was unzipping a file dl'd from a bbs and only a few files uncompressed >and the process stopped. I grabbed for the power switch but... When I >tried to reboot, the hd wasn't able. I brought the system up on a floppy >and couldn't get to the hd at all--the config was still in cmos and accurate. >After sys c: and copying command.com to the hd (this I could do), it booted. >Half the root was erased but easily recovered with Unerase. But the >boot files, command.com, autoexec.bat and config.sys were missing, vanished. >It was no mere glitch that went after just those files. >I've never heard of a virus that emerges will being uncompressed. It >shouldn't be possible since the file wasn't executing. I've checked my >unzipper and it's fine and I've used it since. >Any ideas would be appreciated. mcc +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+ | Michael C. Calanan -- SUNY College at Buffalo, N.Y. | | Computer Information Systems | | Consultant/User Support | +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+ | BITnet ID : CALANA95@SNYBUFVA | | DECnet ID : SBUFVA::CALANA95 | | INTERnet ID : CALANA95@SNYBUFVA.CS.SNYBUF.EDU | +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+ ------------------------------ Date: Wed, 12 Feb 92 07:58:49 +0000 From: kjell@hpa.rf.no (Kjell Sivertsen) Subject: Info wanted on the Form virus (PC) I Have recently found the Form virus on a diskette. Can anyone give me some information about this virus? Thank you in beforehand. ================================================================== || Kjell Sivertsen || Telefax: +47-4-875199 || || Rogaland Research || Phone: +47-4-875000 || || P.O.Box 2503 Ullandhaug || Direct line: +47-4-875362 || || N-4004 Stavanger , Norway || E-mail: kjell@rf.no || ================================================================== ------------------------------ Date: 12 Feb 92 11:07:53 +0100 From: "Otto.Stolz" Subject: Re: AUX files (PC) Hi gang, on 07 Feb 92 21:41:05 +0000, Vesselin Bontchev said: > [...] I think to recall that I observed the same situation, when > booting from an old DOS version (I was using 3.30 then), and running > Norton Utilties' (version 4.5) program FileFind: > FF C:AUX*.* > > I got a report that the file AUX is "found" in each directory of drive > C:. The same was true for any other device driver - CON, PRN, LPT, > COM... [...] > > If somebody has DOS 3.3 and FF from version 4.5 of NU, could you please > check and confirm or deny this? [...] I've just checked with IBM Personal Computer DOS Version 3.30 and FF-File Find, Advanced Edition 4.50: The above command produces the response no files found. Maybe an older DOS would do the trick? Doubtfully, Otto Stolz ------------------------------ Date: Wed, 12 Feb 92 09:51:20 +0000 From: Anthony Appleyard Subject: "Variant" virus (PC) On Thu, 06 Feb 92 12:19:57 -0500 JOHNSON@tarleton.edu (Subject: Variant Virus (PC)) wrote: "We have been infected with the variant virus here on the Tarleton State University campus. Can anyone educate me on this virus? We are detecting more and more virus infections since obtaining Untouchable Software. Others have included Stoned, Michelangelo, Brain and now Variant. We are constantly having to guard against these infections in our labs. Thanks in advance. Danny Johnson, Computer Systems Manager, TSU, Stephenville, Texas.". Does this virus exist? or does it only infect computers fitted with a key labelled "ANY" :-) ? More likely he found "a variant of some virus". {A.Appleyard} (email: APPLEYARD@UK.AC.UMIST), Wed, 12 Feb 92 09:45:24 GMT ------------------------------ Date: Wed, 12 Feb 92 08:54:59 -0500 From: JEDI Subject: Re: Yankee Doodle (PC) To whom it may concern: To my knowledge, Yankee Doodle just infects .COM and .EXE files. From what I've seen, it likes BASICA.COM to start off with. It also likes to inhabit the Windows directory also. Yankee Doodle isn't a malicious virus like 'Possessed' is... To put it in my supervisor's words, it's a fun virus. When it's done it's work, it plays the tune of 'Yankee Doodle'. It's readily cleaned up with CPAV or Mcaffee (SP?) software. - -- JEDI ------------------------------ Date: Wed, 12 Feb 92 08:57:52 -0500 From: KM2G000 Subject: Dark Avenger on vendor disks (PC) I assume this is old news, but I figured I would report it anyway. At least some of the Sony Laser Library Distribution Install disks are infected with "Dark Avenger." I opened a box, straight from a distributer and found it infected. Chris ------------------------------ Date: 12 Feb 92 17:34:35 +0000 From: guccione@ccwf.cc.utexas.edu (Steve Guccione) Subject: Viruses and Backups (PC) I'm not sure if this has been discussed here or not, but I have been wondering about the danger of backups being damaged by viruses. A friend recently backed up his PC hard disk using a popular backup utility. This utility uses a non-MS-DOS format. After performing the backup, the hard disk was reformatted, and an attempt was made to restore the files. But the data on the backup disks had been damaged and could not be restored. The company who made the backup program was called, and they were not able to repair the disks. It was later discovered that all of the machines in this particular lab were infected with Stone-related viruses. Could Stone have overwritten what it thought was "safe" space on an MS-DOS diskette, only to damage backup data? This seems like a significant problem. At least it was for my friend, who lost the entire contents of his hard drive. - -- Steve - -- guccione@ccwf.cc.utexas.edu - -- 2/12/92 ------------------------------ Date: 12 Feb 92 18:35:27 +0000 From: baylor@ccwf.cc.utexas.edu (Baylor) Subject: Mirrors virus info? (PC) Tis teh season it seems. Our lab and sone others seem to be breeding groundas these days. Does anyone know of the Mirrors virus? Our slightly older versions of mcaffrey scan (sorry about spelling) don't seem to know it, but i think the newest version might. Anyone know what it infects or what it does? Any decenmt ways to check for it (i was told by one person who came in that it leaves a huge file called mirrors on the drive, but can't say i verified it)? - -- - ----------------------------------------------------------------------- Baylor Wetzel baylor@ccwf.utexas.edu "There is no such thing Biafra for president 1992 as an innocent Kennedy" "All opinions are soley those of the unix guys playing with my account" - ----------------------------------------------------------------------- ------------------------------ Date: 12 Feb 92 18:51:17 +0000 From: baylor@ccwf.cc.utexas.edu (Baylor) Subject: Cinderella virus/ does VSHIELD work? (PC) I have recently had a very bad run in with Cinderella, losing about 200 files. I think i found my problem after a while, but i'm still a bit paranoid. When my compiler started acting up (keys wouldn't work), i, on a n off chance, scanned my system. It seemed a good number of files were infected (about 20, at which point i simply quit the scanner and rebooted).I booted from a write protected floppy with vshield and scan (the one that was new two months ago or so) and scanned again. Command com was gone of course, as were every other .com file i had. I checked the other partition, same there. After deleting all .com files (mcaffery said it couldn't fix any of them and just wiped them out), i rebooted again off disk then copied command.com to the harddrive. Here's the problem. Everytime i scanned it, it came out bad. After scanning 12 times or so (scanned the one on teh disk i was copying from. it was good), i tried copying cc to the hardrive then doing a dir (and viewing it with norton). The file was 47k. I then thought great, it works, and scanned it, and post-scan it was 48k and infected. I think i finally figured out it was hooked in memory (i warm booted- will cinderella survive this?) and when i touched anything with scan, scan infected the file (scan itself passed the scan check with three other scanners; not infected and writeprotected). So effectievly, scanning my whole hard drive infected my whole harddrive. What's up? Actually, i was just wondering, if cindy was following in scans tracks, why wasn't vshield picking it up? At work we always say vshiled is worthless (it's failed to protect against stoned, michelangelo and liberty), but i used it anyway at home (blind faith, or, could more hurt?). It should have picked up any attempt to infect a file. right? Does it just not work (tried three version releases of vshield)? Or was my file getting infected another way (i turned off the machine for an hour and no more infections during scan)? What am i missing here? - -- - ----------------------------------------------------------------------- Baylor Wetzel baylor@ccwf.utexas.edu "There is no such thing Biafra for president 1992 as an innocent Kennedy" "All opinions are soley those of the unix guys playing with my account" - ----------------------------------------------------------------------- ------------------------------ Date: Tue, 11 Feb 92 23:51:55 -0500 From: councill@levy.bard.edu (John Councill) Subject: Biological analogy Greetings. A student here at Bard is interested in doing a senior project about the similarities between computer viruses and the biological kind, most notibly bacteriophage. I know that this topic has at times been discussed here (or perhaps even beaten to death), so I was wondering if anyone reading this knows of anything scholarly or otherwise that has been written on the subject. Thanks! Please post replies to the address below. John Councill Technical Assistant / Henderson Computer Resources Ctr / Bard College Annandale NY / etc... councill@levy.bard.edu ------------------------------ Date: 10 Feb 92 22:16:04 +0000 From: bontchev@fbihh.informatik.uni-hamburg.de (Vesselin Bontchev) Subject: Re: Polymorphic viruses Otto.Stolz.RZOTTO@DKNKURZ1 writes: > If (when?) viruses will be able to operate on various hosts, we should > coin a new term for them, perhaps something resembling the terms "cross- > compiler" and "cross-assembler". Maybe "multi-host" viruses? I expect them to appear pretty soon; especially a PC/Atari ST boot sector virus seems quite trivial to me... Regards, Vesselin - -- Vesselin Vladimirov Bontchev Virus Test Center, University of Hamburg Bontchev@Informatik.Uni-Hamburg.De Fachbereich Informatik - AGN, rm. 107 C Tel.:+49-40-54715-224, Fax: -226 Vogt-Koelln-Strasse 30, D-2000, Hamburg 54 ------------------------------ Date: Wed, 12 Feb 92 09:22:31 From: PR2JBC@primea.sheffield.ac.uk Subject: List of all viruses available? Apologies if this has been asked before, is there a listing of the known viruses, their names, major symptoms and possible cures? It would help when trying to follow discussions on the list as I'm new around here. Many thanks Joe Claxton ------------------------------ Date: Wed, 12 Feb 92 08:13:56 -0600 From: James Ford Subject: virx20.zip on risc (PC) The file virx20.zip has been placed on risc.ua.edu for anonymous FTP in the directory pub/ibm-antivirus. Thanks to C. Glenn Jordan for the file. James Ford - Consultant II, Seebeck Computer Center jford@ua1vm.ua.edu, jford@seebeck.ua.edu The University of Alabama in Tuscaloosa - ----------------------- message follows ------------------------------- From: C. Glenn Jordan Subject: VIRx 2.0 is released ! Microcom and Ross Greenberg have released an update to the ongoing VIRx series of anti-virus scanners. This version, 2.0 will detect 20 new viruses, and also disinfect (up through March 6) the MICHELANGELO virus. Still free, mostly. virx20.zip VIRX v2.0: Easy to use mostly free virus checker - ------------------------- end message --------------------------------- ------------------------------ Date: Tue, 11 Feb 92 20:27:00 -0500 From: HAYES@urvax.urich.edu Subject: VIRX20.ZIP (PC) Hi. Just received and made available VIRX20.ZIP. The file was sent to me directly from C. Glenn Jordan of Microcom. As usual the file is in our [.msdos.antivirus] directory. Following is the message from Glenn: - ----- begin forwarded message -- Date: Tue, 11 Feb 92 14:44:01 -0500 From: "C. Glenn Jordan -- Microcom" Subject: VIRx 2.0 is released ! Microcom and Ross Greenberg have released an update to the ongoing VIRx series of anti-virus scanners. This version, 2.0 will detect 20 new viruses, and also disinfect (up through March 6) the MICHELANGELO virus. Still free, mostly. VIRX20.ZIP VIRX v2.0: Easy to use mostly free virus checker - ----- end forwarded message -- Thanks, Glenn! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Claude Bersano-Hayes HAYES @ URVAX (Vanilla BITNET) University of Richmond hayes@urvax.urich.edu (Bitnet or Internet) Richmond, VA 23173 ------------------------------ End of VIRUS-L Digest [Volume 5 Issue 30] *****************************************