Info-IBMPC@WSMR-SIMTEL20.ARMY.MIL ("Info-IBMPC Digest") (06/18/91)
Info-IBMPC Digest Mon, 17 Jun 91 Volume 91 : Issue 148
Today's Editor:
Gregory Hicks - Rota Spain <GHICKS@WSMR-Simtel20.Army.Mil>
Today's Topics:
EDIT 2.45 bugs
EMSLB215.ZIP - EMS interface from Borland/Turbo C[++] & MSC
EpiInfo 5.01 data entry and validation uploaded to SIMTEL20
FRACTINT v16.0 fractal generator uploaded to SIMTEL20
Fw: Trojan version of VIRUSCAN version 78
Info-IBMPC Digest V91 #131
PROMPTR1.ZIP - 47 illustrations for DOS prompt (customizable)
REALFUN.ZIP - Real and complex math library for QuickBASIC
Recent msdos uploads to SIMTEL20
RPTP12.ZIP and RFFSRT10.ZIP uploaded to SIMTEL20
TLB-V119.ZIP - 'The Last Byte' memory manager (Version 1.19)
XDOS320.ZIP - ExtraDOS: Adds the commands that DOS left out
Send Replies or notes for publication to:
<INFO-IBMPC@WSMR-SIMTEL20.ARMY.MIL>
Send requests of an administrative nature (addition to, deletion from
the distribution list, et al) to:
<INFO-IBMPC-REQUEST@WSMR-SIMTEL20.ARMY.MIL>
Archives of past issues of the Info-IBMPC Digest are available by FTP
only from WSMR-SIMTEL20.ARMY.MIL in directory PD2:<ARCHIVES.IBMPC>.
----------------------------------------------------------------------
Date: Mon, 3 Jun 91 12:04:18 EDT
From: moy@xp.psych.nyu.edu ()
Subject: EDIT 2.45 bugs
I've had similar locking-up behavior with Dale Chun's Edit 2.45, which
I downloaded from SIMTEL20. I was testing it on a Toshiba T-1000,
which was running T-DOS 2.11, and a 12-MHz AT-clone running MS-DOS
3.20. I threw out the program, thinking the file might have been
damaged in transit (version 2.30 worked quite well).
Moy Wong, Dept. of Psychology, New York University
------------------------------
Date: Sun, 2 Jun 91 17:10:12 -0700
From: "James W. Birdsall" <amc-gw!picarefy!jwbirdsa@COCO.MS.WASHINGTON.EDU>
Subject: EMSLB215.ZIP - EMS interface from Borland/Turbo C[++] & MSC
Summary: Reposted by Keith Petersen
I have uploaded to SIMTEL20:
pd1:<msdos.turbo-c>
EMSLB215.ZIP EMS interface from Borland/Turbo C[++] & MSC
EMSLIB provides a high-level interface to LIM EMS control functions for
common operations such as allocating, mapping, and freeing EMS, and
copying data to and from EMS. More exotic functions are not included.
The interface has been made independent of the version of the EMS
driver as far as possible, so that parameters and returned data are
always in the same format, but the EMS call most appropriate to the EMS
version implemented by the driver is used. It is compatible with
Borland/Turbo C[++] and should work with MSC.
Free for private use; you must register only if you wish to distribute
programs using EMSLIB.
--James W. Birdsall picarefy!jwbirdsa@amc.com, jwbirdsa@amc.com
------------------------------
Date: Tue, 04 Jun 91 01:22:43 MEZ
From: "Gisbert W.Selke" <S00100%DBNRHRZ1.BITNET@CUNYVM.CUNY.EDU>
Subject: EpiInfo 5.01 data entry and validation uploaded to SIMTEL20
Summary: Reposted by Keith Petersen
I have uploaded to SIMTEL20:
pd1:<msdos.statistics>
EPI501-1.ZIP EpiInfo 5.01 data entry and validation, 1 of 9
EPI501-2.ZIP EpiInfo 5.01 data entry and validation, 2 of 9
EPI501-3.ZIP EpiInfo 5.01 data entry and validation, 3 of 9
EPI501-4.ZIP EpiInfo 5.01 data entry and validation, 4 of 9
EPI501-5.ZIP EpiInfo 5.01 data entry and validation, 5 of 9
EPI501-6.ZIP EpiInfo 5.01 data entry and validation, 6 of 9
EPI501-7.ZIP EpiInfo 5.01 data entry and validation, 7 of 9
EPI501-8.ZIP EpiInfo 5.01 data entry and validation, 8 of 9
EPI501-9.ZIP EpiInfo 5.01 data entry and validation, 9 of 9
EPI5-MAN.ZIP EpiInfo 5.0 data entry and validation, manual
EpiInfo is a highly customizable (programmable) data entry and
validation packet. It allows forms to be set up, entries to be checked
by themselves or depending on previous entries. Data can be manipulated
in the background during entry. Output is in a variety of formats,
including ASCII and dBase. It was developped originally to work
together with the statistical package EpiStat; however, its range of
applications far exceeds this.
It was developped by the Center for Disease Control - Epidemiology
Program Office -, Atlanta, GA, USA, and the World Health Organization -
Global Programme on Aids -, Geneva, Switzerland.The authors are
J.A.Dean, A.G.Dean, K.A.Brendel, A.H.Burton, and R.C.Dicker. - Thanks
to Urban Janlert, Lulea, Sweden, for providing me with an on-disk copy.
- EpiInfo is copyrighted but free for use and copying.
\Gisbert <s00100@dbnrhrz1.bitnet> WIdO, Bonn, Germany
------------------------------
Date: Tue, 4 Jun 91 09:31:13 -0400
From: twegner@MWUNIX.MITRE.ORG (Timothy Wegner)
Subject: FRACTINT v16.0 fractal generator uploaded to SIMTEL20
Summary: Reposted by Keith Petersen
I have uploaded version 16.0 of Fractint to SIMTEL20:
pd1:<msdos.graphics>
FRAINT16.ZIP FRACTINTv16.0 multi-featured fractal generator
FRASRC16.ZIP C & ASM source for FRACTINT v16.0 fractal gen.
Fractint is a freeware fractal generating program for the PC. This
update includes online hypertext-style help, a complete keyboard macro
facility for demos, improved video support, and much more.
Tim
Timothy Wegner
twegner@mwunix.mitre.org
------------------------------
Date: Mon, 13 May 91 14:50:16 PDT
From: Aryeh Goretsky <aryehg%darkside.com@apple.com>
Subject: Fw: Trojan version of VIRUSCAN version 78
HEADS UP!
TROJAN VERSION OF VIRUSCAN VERSION 78
We have received a trojan horse version of VIRUSCAN. The hacked SCAN
has apparently been uploaded to BBSes in Michigan, USA under the
filename SCANV78.ZIP. Running PKZIP -V on the file reveals:
.PKUNZIP (R) FAST! Extract Utility Version 1.1 03-15-90
.Copr. 1989-1990 PKWARE Inc. All Rights Reserved. PKUNZIP/h for help
.PKUNZIP Reg. U.S. Pat. and Tm. Off.
.
.Searching ZIP: SCANV78.ZIP - Fantasia BBS (313)/788-0882
.
. Length Method Size Ratio Date Time CRC-32 Attr Name
. ------ ------ ----- ----- ---- ---- ------ ---- ----
. 12816 Implode 5255 59% 04-08-91 14:28 08a87ed8 --w AGENTS.TXT
. 9406 Stored 9406 0% 02-03-91 17:04 42cf9931 --w REGISTER.DOC
. 23008 Implode 12550 46% 05-06-91 18:15 f9735dd5 --w SCAN.EXE
. 6495 Implode 1895 71% 10-31-89 16:16 0449b09d --w VALIDATE.COM
. 3626 Implode 1802 51% 11-29-90 01:59 ab76470f --w README.1ST
. 21257 Implode 5767 73% 05-06-91 19:35 a0728a17 --w VIRLIST.TXT
. 2844 Implode 1406 51% 02-14-91 14:25 aa330b57 --w VALIDATE.DOC
. 24515 Implode 9188 63% 05-06-91 19:34 172a967f --w SCAN78.DOC
. ------ ------ --- -------
. 103967 47269 55% 8
The number listed for the Fantasia BBS is NOT a BBS number and has no
connection with the trojan horse. I have called the phone number and
asked the party at the other end to contact me.
Running PKUNZIP on the file reveals the following:
.PKUNZIP (R) FAST! Extract Utility Version 1.1 03-15-90
.Copr. 1989-1990 PKWARE Inc. All Rights Reserved. PKUNZIP/h for help
.PKUNZIP Reg. U.S. Pat. and Tm. Off.
.
.Searching ZIP: SCANV78.ZIP - Fantasia BBS (313)/788-0882
. Exploding: AGENTS.TXT -AV
. Extracting: REGISTER.DOC -AV
. Exploding: SCAN.EXE -AV
. Exploding: VALIDATE.COM -AV
. Exploding: README.1ST -AV
. Exploding: VIRLIST.TXT -AV
. Exploding: VALIDATE.DOC -AV
. Exploding: SCAN78.DOC -AV
.
. Authentic files Verified! # TJB859 Zip Source: McAFEE ASSOCIATES
While the Authentic Files Verified Message appears, the Serial Number
is NOT correct. McAfee Associate's Serial Number is NWM405.
Examination of the AGENTS.TXT, README.1ST, VALIDATE.*, and VIRLIST.TXT
files revealed that these are straight from VIRUSCAN Version 77--the
version number in the VIRLIST.TXT file was still V77.
The SCAN78.DOC file had been modified so that all occurrences of V77
were switched to V78. Additionally, the following text was added for
the validation data:
. The validation results for Version 77 should be:
.
. FILE NAME: SCAN.EXE
. SIZE: 23,008
. DATE: 05-06-1991
. FILE AUTHENTICATION
. Check Method 1: 2C21
. Check Method 2: 022E
.
For the What's New section, the following text was added:
. WHAT'S NEW
. Version 78 of SCAN removes a few small bugs and continues
. to optimize the procedures SCAN uses to find viruses, as in Version 77,
. as well as adding a few more to the list of known viruses. SCAN is now much
. more compressed than was previously thought possible, so please enjoy the
. shortened file size, it should still work just fine.
. Refer to the enclosed VIRLIST.TXT file for a schematic
. description of the new viruses. For a complete description, please
. refer to Patricia Hoffman's VSUM document.
.
Examination of the SCAN.EXE file has show that it contains the help
message that VIRUSCAN displays as well as the program information
message. However, the program does not contain any of the other
messages that VIRUSCAN has in it.
The REGISTER.DOC file distributed with the trojan version of VIRUSCAN
is not a text file, but rather another .ZIP file containing a file
named TB1.COM:
. PKUNZIP (R) FAST! Extract Utility Version 1.1 03-15-90
. Copr. 1989-1990 PKWARE Inc. All Rights Reserved. PKUNZIP/h for help
. PKUNZIP Reg. U.S. Pat. and Tm. Off.
.
. Searching ZIP: REGISTER.DOC
. Extracting: TB1.COM -AV
.
. Authentic files Verified! # TJB859 Zip Source: McAFEE ASSOCIATES
.
When unZIPped, the REGISTER.DOC file displays the same Authentic Files
Verified Message as the SCANV78.ZIP file did. Examination of the of
the TB1.COM file revealed that it contains the Whale virus.
This is all I currently know about the SCANV78.ZIP trojan. If you see
any copies of this file, please ask the system administrator or sysop
to remove it and ask them to contact the uploader to warn them that it
contains a virus.
Aryeh Goretsky
McAfee Associates Technical Support
- - -
aryehg@tacom-emh1.army.mil
------------------------------
Date: Tue, 04 Jun 91 11:24:36 CDT
From: "Bill Ball" <C476721@UMCVMB.MISSOURI.EDU>
Subject: PROMPTR1.ZIP - 47 illustrations for DOS prompt (customizable)
Summary: Reposted by Keith Petersen
I have uploaded to SIMTEL20:
pd1:<msdos.screen>
PROMPTR1.ZIP 47 illustrations for DOS prompt (customizable)
PROMPTER can add to your DOS prompt 47 different customizable
illustrations. Prompter requires ANSI.SYS to be installed and works
best on (but does not require) a color monitor. Can also save out
prompts into batch files for reloading. Some of Prompter's prompts may
be too long (approaching 127 bytes) for some systems.
Bill Ball c476721@umcvmb.missouri.edu
------------------------------
Date: Sun, 2 Jun 1991 17:03:13 EDT
From: MITCHELL@ACODVAX.LARC.NASA.GOV
Subject: REALFUN.ZIP - Real and complex math library for QuickBASIC
Summary: Reposted by Keith Petersen
I have uploaded to SIMTEL20:
pd1:<msdos.qbasic>
REALFUN.ZIP Real and complex math library for QuickBASIC
RealFun is a collection of 4 libraries for QuickBASIC that allows the
user to do more sophisticated calculations than are supported in
regular QuickBASIC. The RealFun libraries (Quick and stand-alone
libraries) are 38 functions that support circular and hyperbolic trig
functions, minimum and maximum, floating point modulo, and more, in
single- and double-precision.
Also included are the CompFun libraries (Quick and stand-alone
versions), which allow the user to manipulate complex numbers.
Supported are arithmetic, powers & roots, exponentiation & logs, and
trig functions, in single- and double-precision.
The package includes 4 demo programs and documentation. Shareware.
Thanks,
Kerry Mitchell
mitchell@acodvax.larc.nasa.gov
- or -
mitchell@acodkris.larc.nasa.gov
------------------------------
Date: Mon, 3 Jun 91 15:52:41 EDT
From: David Kirschbaum <kirsch@usasoc.soc.mil>
Subject: Recent msdos uploads to SIMTEL20
>The following files have been recently uploaded to SIMTEL20
>(between 26-May-91 and 1-June-91)
[deleted]
>Directory PD1:<MSDOS.DSKUTL>
>FR20.ZIP B 3783 910527 Shows free space on all drives (v2.0)
Regrettably, this locks right up if there isn't a floppy in drive A:.
I don't have a drive B:, but I'll bet that would be a choke point too.
Sure, we could override it with "FR C" or whatever, but that's not the
point!
If there's strong need for such a utility, EMail me and I'll rewrite
this (trivial) utility. Too bad author didn't provide source.
David Kirschbaum
Toad Hall
kirsch@usasoc.soc.mil
or kirsch@sesi.com
------------------------------
Date: Sun, 26 May 91 15:30:35 GMT
From: Loewy_Ron@f51.n405.z2.fidonet.org (Loewy Ron)
Subject: RPTP12.ZIP and RFFSRT10.ZIP uploaded to SIMTEL20
Summary: Reposted by Keith Petersen
I have uploaded to SIMTEL20:
pd1:<msdos.printer>
RPTP12.ZIP Ron's Print To Printer - Text file formatter
RPTP is a printer utility for text files, it allows the user to format
text files to print on different printers, with different forms,
headers and footers.
pd1:<msdos.filutl>
RFFSRT10.ZIP Ron's fix-sized record file sort program
RFFSORT allows the user to sort files with a fixed record size with up
to 10 different keys.
Loewy Ron
- -
Internet: Loewy_Ron@f51.n405.z2.fidonet.org
------------------------------
Date: Sun, 2 Jun 1991 15:28 PDT
From: DLEWIS@SCUACC.SCU.EDU
Subject: TLB-V119.ZIP - 'The Last Byte' memory manager (Version 1.19)
Summary: Reposted by Keith Petersen
I have uploaded to SIMTEL20:
pd1:<msdos.sysutl>
TLB-V119.ZIP 'The Last Byte' memory manager (Version 1.19)
The Last Byte memory manager loads device drivers, TSRs, DOS buffers,
master environment, and more above 640k. It supports shadow ram memory
controller chips from C&T, TI, VLSI Technologies, SunTac, and now OPTi.
It can also be installed if you have a 386 or better cpu, Expanded
Memory hardware, or fixed read/write memory resident between 640k and 1
meg. It does not use protected mode, and is compatible with Windows
3.0, 4DOS, and DOS 5.0.
Dan Lewis, owner
Key Software Products
(415) 364-9847
E-Mail: DLEWIS@SCU.BITNET
DLEWIS@SCUACC.SCU.EDU
------------------------------
Date: Tue, 4 Jun 91 10:59:46 EDT
From: David Kirschbaum <kirsch@usasoc.soc.mil>
Subject: XDOS320.ZIP - ExtraDOS: Adds the commands that DOS left out
Summary: Reposted by Keith Petersen
A *huge* package called XDOS320.ZIP was recently uploaded to the
SIMTEL20 <MSDOS.SYSUTL> directory. It's a collection of DOS utilities.
Extracted from EXTRADOS.TXT:
> ExtraDOS is a compilation of tools useful to Microsoft DOS users. I
>originally wrote these tools under MS-DOS because I found a need for
>them and there were no commercially available products which provided
>these functions. Some ExtraDOS tools were designed to enhance programs
>already found in MS-DOS. Other tools were familiar to the Unix world,
>but were not available in MS-DOS. In addition, ExtraDOS compliments
>PC-Tools and Norton Utilities with added tools these programs do not
>provide.
> The ExtraDOS utilities are Copyright (c) 1985-91 by Foley Hi-Tech
>Systems. These programs are not public domain, but are "shareware."
Ok, so far so good. Until I started looking at some of these programs.
Then something smelled fishy. I've worked with public domain utilities
for a *long* time, tweaked a fair share of them myself, and (again and
again) these Foley utilities seemed familiar:
ALARMCLK - Alarm Clock Program
- SETALARM
ALLSUB - Perform Task In All Subdirectories
AREA - Telephone Area Code Search Utility
BANNER - DOS Banner Display
BOOT - PC Rebooting Utility
BOOTLOCK - Lock Out Reboot Keys and Break Keys
BOOTPAST - Boot Past a Floppy to the Hard Disk
BRKBOX - COM Port Break Out Box Display
CAL - DOS Calendar Display
CAT - DOS Cat Text File Utility
CHIMES - DOS Clock Chimes
CLEAN - Floppy Drive Cleaning Program
CLEANUP - Cleanup Your Drives from Duplicate Files
CURLOCK - Lock Cursor Shape Permanently
CURSOR - Change Cursor Shapes
Need I go on? EVERY SINGLE ONE of these *strongly* resembles a similar
public domain utility. On closer examination, BRKBOX is IDENTICAL in
appearance and function to an old BREAKBOX utility I've used for years.
Except it how has a "Foley Hi-Tech' copyright! CURSOR is ABSOLUTELY
identical (and even has the original SSI copyright on the screen!).
Yet now it has a Foley Hi-Tech copyright! CHIMES is ABSOLUTELY
identical to NJCHIME.ARC (right on SIMTEL20) (right down to the choice
of chimes), but now it has a Foley Hi-Tech copyright!
EVAL - DOS Command Line Calculator
FILEATTR - Change File Attributes
FILEINFO - File Information Program
FILESIZE - File Size Listing Utility
It goes on and on. Sorry but I do suspect Foley of stealing every
public domain utility he could find and stuffing his copyright into the
source. Maybe I'm wrong. Maybe he *did* write an original utility, or
make significant changes and improvements to entitle him to a
copyright. But for the most parts this smacks strongly of piracy. How
can you pirate from the public domain? Well, legally there's no such
offense. But morally there is.
And in the documentation he includes a list of "projects" Foley Hi-Tech
is currently working on. Heck, it reads like an extract of SIMTEL20's
PD:<MSDOS.SYSUTL> catalog!
I've had a gutfull of commercial enterprises ripping off the public
domain. Using our stuff I don't mind, but trying to OWN it? No way.
I'm ready to fight.
And there's another wee problem: Foley compressed most of the .EXE
programs with PKLITE. This did nothing to reduce the size of his
600+Kb .ZIP archive, of course .. matter of fact, the PKLITE'd files
made the .ZIP bigger! But that's not the problem: it was just a royal
pain to PKLITE -x all those files to do a virus check! And some files
could NOT be restored to their uncompressed state:
EVAL.EXE :wrong version (compressed with PKLITE 1.0)
LS.EXE :some unknown proprietary Foley Hi-Tech compressor
MAZE.EXE :ditto
TEXTSRCH.EXE :ditto
TURBOBAT.COM :Has internal PKWARE copyright, but PKLITE 1.2 fails
So I can't check ANY of these for viri!
Perhaps an Info-IBMPC or Usenet reader can check with the Foley BBS and
get an explanation.
You do what you want about this archive. Me: I'm trashing this
sucker.
David Kirschbaum
Toad Hall
kirsch@usasoc.soc.mil
------------------------------
End of Info-IBMPC Digest V91 #148
*********************************
-------