Info-IBMPC@WSMR-SIMTEL20.ARMY.MIL ("Info-IBMPC Digest") (06/18/91)
Info-IBMPC Digest Mon, 17 Jun 91 Volume 91 : Issue 148 Today's Editor: Gregory Hicks - Rota Spain <GHICKS@WSMR-Simtel20.Army.Mil> Today's Topics: EDIT 2.45 bugs EMSLB215.ZIP - EMS interface from Borland/Turbo C[++] & MSC EpiInfo 5.01 data entry and validation uploaded to SIMTEL20 FRACTINT v16.0 fractal generator uploaded to SIMTEL20 Fw: Trojan version of VIRUSCAN version 78 Info-IBMPC Digest V91 #131 PROMPTR1.ZIP - 47 illustrations for DOS prompt (customizable) REALFUN.ZIP - Real and complex math library for QuickBASIC Recent msdos uploads to SIMTEL20 RPTP12.ZIP and RFFSRT10.ZIP uploaded to SIMTEL20 TLB-V119.ZIP - 'The Last Byte' memory manager (Version 1.19) XDOS320.ZIP - ExtraDOS: Adds the commands that DOS left out Send Replies or notes for publication to: <INFO-IBMPC@WSMR-SIMTEL20.ARMY.MIL> Send requests of an administrative nature (addition to, deletion from the distribution list, et al) to: <INFO-IBMPC-REQUEST@WSMR-SIMTEL20.ARMY.MIL> Archives of past issues of the Info-IBMPC Digest are available by FTP only from WSMR-SIMTEL20.ARMY.MIL in directory PD2:<ARCHIVES.IBMPC>. ---------------------------------------------------------------------- Date: Mon, 3 Jun 91 12:04:18 EDT From: moy@xp.psych.nyu.edu () Subject: EDIT 2.45 bugs I've had similar locking-up behavior with Dale Chun's Edit 2.45, which I downloaded from SIMTEL20. I was testing it on a Toshiba T-1000, which was running T-DOS 2.11, and a 12-MHz AT-clone running MS-DOS 3.20. I threw out the program, thinking the file might have been damaged in transit (version 2.30 worked quite well). Moy Wong, Dept. of Psychology, New York University ------------------------------ Date: Sun, 2 Jun 91 17:10:12 -0700 From: "James W. Birdsall" <amc-gw!picarefy!jwbirdsa@COCO.MS.WASHINGTON.EDU> Subject: EMSLB215.ZIP - EMS interface from Borland/Turbo C[++] & MSC Summary: Reposted by Keith Petersen I have uploaded to SIMTEL20: pd1:<msdos.turbo-c> EMSLB215.ZIP EMS interface from Borland/Turbo C[++] & MSC EMSLIB provides a high-level interface to LIM EMS control functions for common operations such as allocating, mapping, and freeing EMS, and copying data to and from EMS. More exotic functions are not included. The interface has been made independent of the version of the EMS driver as far as possible, so that parameters and returned data are always in the same format, but the EMS call most appropriate to the EMS version implemented by the driver is used. It is compatible with Borland/Turbo C[++] and should work with MSC. Free for private use; you must register only if you wish to distribute programs using EMSLIB. --James W. Birdsall picarefy!jwbirdsa@amc.com, jwbirdsa@amc.com ------------------------------ Date: Tue, 04 Jun 91 01:22:43 MEZ From: "Gisbert W.Selke" <S00100%DBNRHRZ1.BITNET@CUNYVM.CUNY.EDU> Subject: EpiInfo 5.01 data entry and validation uploaded to SIMTEL20 Summary: Reposted by Keith Petersen I have uploaded to SIMTEL20: pd1:<msdos.statistics> EPI501-1.ZIP EpiInfo 5.01 data entry and validation, 1 of 9 EPI501-2.ZIP EpiInfo 5.01 data entry and validation, 2 of 9 EPI501-3.ZIP EpiInfo 5.01 data entry and validation, 3 of 9 EPI501-4.ZIP EpiInfo 5.01 data entry and validation, 4 of 9 EPI501-5.ZIP EpiInfo 5.01 data entry and validation, 5 of 9 EPI501-6.ZIP EpiInfo 5.01 data entry and validation, 6 of 9 EPI501-7.ZIP EpiInfo 5.01 data entry and validation, 7 of 9 EPI501-8.ZIP EpiInfo 5.01 data entry and validation, 8 of 9 EPI501-9.ZIP EpiInfo 5.01 data entry and validation, 9 of 9 EPI5-MAN.ZIP EpiInfo 5.0 data entry and validation, manual EpiInfo is a highly customizable (programmable) data entry and validation packet. It allows forms to be set up, entries to be checked by themselves or depending on previous entries. Data can be manipulated in the background during entry. Output is in a variety of formats, including ASCII and dBase. It was developped originally to work together with the statistical package EpiStat; however, its range of applications far exceeds this. It was developped by the Center for Disease Control - Epidemiology Program Office -, Atlanta, GA, USA, and the World Health Organization - Global Programme on Aids -, Geneva, Switzerland.The authors are J.A.Dean, A.G.Dean, K.A.Brendel, A.H.Burton, and R.C.Dicker. - Thanks to Urban Janlert, Lulea, Sweden, for providing me with an on-disk copy. - EpiInfo is copyrighted but free for use and copying. \Gisbert <s00100@dbnrhrz1.bitnet> WIdO, Bonn, Germany ------------------------------ Date: Tue, 4 Jun 91 09:31:13 -0400 From: twegner@MWUNIX.MITRE.ORG (Timothy Wegner) Subject: FRACTINT v16.0 fractal generator uploaded to SIMTEL20 Summary: Reposted by Keith Petersen I have uploaded version 16.0 of Fractint to SIMTEL20: pd1:<msdos.graphics> FRAINT16.ZIP FRACTINTv16.0 multi-featured fractal generator FRASRC16.ZIP C & ASM source for FRACTINT v16.0 fractal gen. Fractint is a freeware fractal generating program for the PC. This update includes online hypertext-style help, a complete keyboard macro facility for demos, improved video support, and much more. Tim Timothy Wegner twegner@mwunix.mitre.org ------------------------------ Date: Mon, 13 May 91 14:50:16 PDT From: Aryeh Goretsky <aryehg%darkside.com@apple.com> Subject: Fw: Trojan version of VIRUSCAN version 78 HEADS UP! TROJAN VERSION OF VIRUSCAN VERSION 78 We have received a trojan horse version of VIRUSCAN. The hacked SCAN has apparently been uploaded to BBSes in Michigan, USA under the filename SCANV78.ZIP. Running PKZIP -V on the file reveals: .PKUNZIP (R) FAST! Extract Utility Version 1.1 03-15-90 .Copr. 1989-1990 PKWARE Inc. All Rights Reserved. PKUNZIP/h for help .PKUNZIP Reg. U.S. Pat. and Tm. Off. . .Searching ZIP: SCANV78.ZIP - Fantasia BBS (313)/788-0882 . . Length Method Size Ratio Date Time CRC-32 Attr Name . ------ ------ ----- ----- ---- ---- ------ ---- ---- . 12816 Implode 5255 59% 04-08-91 14:28 08a87ed8 --w AGENTS.TXT . 9406 Stored 9406 0% 02-03-91 17:04 42cf9931 --w REGISTER.DOC . 23008 Implode 12550 46% 05-06-91 18:15 f9735dd5 --w SCAN.EXE . 6495 Implode 1895 71% 10-31-89 16:16 0449b09d --w VALIDATE.COM . 3626 Implode 1802 51% 11-29-90 01:59 ab76470f --w README.1ST . 21257 Implode 5767 73% 05-06-91 19:35 a0728a17 --w VIRLIST.TXT . 2844 Implode 1406 51% 02-14-91 14:25 aa330b57 --w VALIDATE.DOC . 24515 Implode 9188 63% 05-06-91 19:34 172a967f --w SCAN78.DOC . ------ ------ --- ------- . 103967 47269 55% 8 The number listed for the Fantasia BBS is NOT a BBS number and has no connection with the trojan horse. I have called the phone number and asked the party at the other end to contact me. Running PKUNZIP on the file reveals the following: .PKUNZIP (R) FAST! Extract Utility Version 1.1 03-15-90 .Copr. 1989-1990 PKWARE Inc. All Rights Reserved. PKUNZIP/h for help .PKUNZIP Reg. U.S. Pat. and Tm. Off. . .Searching ZIP: SCANV78.ZIP - Fantasia BBS (313)/788-0882 . Exploding: AGENTS.TXT -AV . Extracting: REGISTER.DOC -AV . Exploding: SCAN.EXE -AV . Exploding: VALIDATE.COM -AV . Exploding: README.1ST -AV . Exploding: VIRLIST.TXT -AV . Exploding: VALIDATE.DOC -AV . Exploding: SCAN78.DOC -AV . . Authentic files Verified! # TJB859 Zip Source: McAFEE ASSOCIATES While the Authentic Files Verified Message appears, the Serial Number is NOT correct. McAfee Associate's Serial Number is NWM405. Examination of the AGENTS.TXT, README.1ST, VALIDATE.*, and VIRLIST.TXT files revealed that these are straight from VIRUSCAN Version 77--the version number in the VIRLIST.TXT file was still V77. The SCAN78.DOC file had been modified so that all occurrences of V77 were switched to V78. Additionally, the following text was added for the validation data: . The validation results for Version 77 should be: . . FILE NAME: SCAN.EXE . SIZE: 23,008 . DATE: 05-06-1991 . FILE AUTHENTICATION . Check Method 1: 2C21 . Check Method 2: 022E . For the What's New section, the following text was added: . WHAT'S NEW . Version 78 of SCAN removes a few small bugs and continues . to optimize the procedures SCAN uses to find viruses, as in Version 77, . as well as adding a few more to the list of known viruses. SCAN is now much . more compressed than was previously thought possible, so please enjoy the . shortened file size, it should still work just fine. . Refer to the enclosed VIRLIST.TXT file for a schematic . description of the new viruses. For a complete description, please . refer to Patricia Hoffman's VSUM document. . Examination of the SCAN.EXE file has show that it contains the help message that VIRUSCAN displays as well as the program information message. However, the program does not contain any of the other messages that VIRUSCAN has in it. The REGISTER.DOC file distributed with the trojan version of VIRUSCAN is not a text file, but rather another .ZIP file containing a file named TB1.COM: . PKUNZIP (R) FAST! Extract Utility Version 1.1 03-15-90 . Copr. 1989-1990 PKWARE Inc. All Rights Reserved. PKUNZIP/h for help . PKUNZIP Reg. U.S. Pat. and Tm. Off. . . Searching ZIP: REGISTER.DOC . Extracting: TB1.COM -AV . . Authentic files Verified! # TJB859 Zip Source: McAFEE ASSOCIATES . When unZIPped, the REGISTER.DOC file displays the same Authentic Files Verified Message as the SCANV78.ZIP file did. Examination of the of the TB1.COM file revealed that it contains the Whale virus. This is all I currently know about the SCANV78.ZIP trojan. If you see any copies of this file, please ask the system administrator or sysop to remove it and ask them to contact the uploader to warn them that it contains a virus. Aryeh Goretsky McAfee Associates Technical Support - - - aryehg@tacom-emh1.army.mil ------------------------------ Date: Tue, 04 Jun 91 11:24:36 CDT From: "Bill Ball" <C476721@UMCVMB.MISSOURI.EDU> Subject: PROMPTR1.ZIP - 47 illustrations for DOS prompt (customizable) Summary: Reposted by Keith Petersen I have uploaded to SIMTEL20: pd1:<msdos.screen> PROMPTR1.ZIP 47 illustrations for DOS prompt (customizable) PROMPTER can add to your DOS prompt 47 different customizable illustrations. Prompter requires ANSI.SYS to be installed and works best on (but does not require) a color monitor. Can also save out prompts into batch files for reloading. Some of Prompter's prompts may be too long (approaching 127 bytes) for some systems. Bill Ball c476721@umcvmb.missouri.edu ------------------------------ Date: Sun, 2 Jun 1991 17:03:13 EDT From: MITCHELL@ACODVAX.LARC.NASA.GOV Subject: REALFUN.ZIP - Real and complex math library for QuickBASIC Summary: Reposted by Keith Petersen I have uploaded to SIMTEL20: pd1:<msdos.qbasic> REALFUN.ZIP Real and complex math library for QuickBASIC RealFun is a collection of 4 libraries for QuickBASIC that allows the user to do more sophisticated calculations than are supported in regular QuickBASIC. The RealFun libraries (Quick and stand-alone libraries) are 38 functions that support circular and hyperbolic trig functions, minimum and maximum, floating point modulo, and more, in single- and double-precision. Also included are the CompFun libraries (Quick and stand-alone versions), which allow the user to manipulate complex numbers. Supported are arithmetic, powers & roots, exponentiation & logs, and trig functions, in single- and double-precision. The package includes 4 demo programs and documentation. Shareware. Thanks, Kerry Mitchell mitchell@acodvax.larc.nasa.gov - or - mitchell@acodkris.larc.nasa.gov ------------------------------ Date: Mon, 3 Jun 91 15:52:41 EDT From: David Kirschbaum <kirsch@usasoc.soc.mil> Subject: Recent msdos uploads to SIMTEL20 >The following files have been recently uploaded to SIMTEL20 >(between 26-May-91 and 1-June-91) [deleted] >Directory PD1:<MSDOS.DSKUTL> >FR20.ZIP B 3783 910527 Shows free space on all drives (v2.0) Regrettably, this locks right up if there isn't a floppy in drive A:. I don't have a drive B:, but I'll bet that would be a choke point too. Sure, we could override it with "FR C" or whatever, but that's not the point! If there's strong need for such a utility, EMail me and I'll rewrite this (trivial) utility. Too bad author didn't provide source. David Kirschbaum Toad Hall kirsch@usasoc.soc.mil or kirsch@sesi.com ------------------------------ Date: Sun, 26 May 91 15:30:35 GMT From: Loewy_Ron@f51.n405.z2.fidonet.org (Loewy Ron) Subject: RPTP12.ZIP and RFFSRT10.ZIP uploaded to SIMTEL20 Summary: Reposted by Keith Petersen I have uploaded to SIMTEL20: pd1:<msdos.printer> RPTP12.ZIP Ron's Print To Printer - Text file formatter RPTP is a printer utility for text files, it allows the user to format text files to print on different printers, with different forms, headers and footers. pd1:<msdos.filutl> RFFSRT10.ZIP Ron's fix-sized record file sort program RFFSORT allows the user to sort files with a fixed record size with up to 10 different keys. Loewy Ron - - Internet: Loewy_Ron@f51.n405.z2.fidonet.org ------------------------------ Date: Sun, 2 Jun 1991 15:28 PDT From: DLEWIS@SCUACC.SCU.EDU Subject: TLB-V119.ZIP - 'The Last Byte' memory manager (Version 1.19) Summary: Reposted by Keith Petersen I have uploaded to SIMTEL20: pd1:<msdos.sysutl> TLB-V119.ZIP 'The Last Byte' memory manager (Version 1.19) The Last Byte memory manager loads device drivers, TSRs, DOS buffers, master environment, and more above 640k. It supports shadow ram memory controller chips from C&T, TI, VLSI Technologies, SunTac, and now OPTi. It can also be installed if you have a 386 or better cpu, Expanded Memory hardware, or fixed read/write memory resident between 640k and 1 meg. It does not use protected mode, and is compatible with Windows 3.0, 4DOS, and DOS 5.0. Dan Lewis, owner Key Software Products (415) 364-9847 E-Mail: DLEWIS@SCU.BITNET DLEWIS@SCUACC.SCU.EDU ------------------------------ Date: Tue, 4 Jun 91 10:59:46 EDT From: David Kirschbaum <kirsch@usasoc.soc.mil> Subject: XDOS320.ZIP - ExtraDOS: Adds the commands that DOS left out Summary: Reposted by Keith Petersen A *huge* package called XDOS320.ZIP was recently uploaded to the SIMTEL20 <MSDOS.SYSUTL> directory. It's a collection of DOS utilities. Extracted from EXTRADOS.TXT: > ExtraDOS is a compilation of tools useful to Microsoft DOS users. I >originally wrote these tools under MS-DOS because I found a need for >them and there were no commercially available products which provided >these functions. Some ExtraDOS tools were designed to enhance programs >already found in MS-DOS. Other tools were familiar to the Unix world, >but were not available in MS-DOS. In addition, ExtraDOS compliments >PC-Tools and Norton Utilities with added tools these programs do not >provide. > The ExtraDOS utilities are Copyright (c) 1985-91 by Foley Hi-Tech >Systems. These programs are not public domain, but are "shareware." Ok, so far so good. Until I started looking at some of these programs. Then something smelled fishy. I've worked with public domain utilities for a *long* time, tweaked a fair share of them myself, and (again and again) these Foley utilities seemed familiar: ALARMCLK - Alarm Clock Program - SETALARM ALLSUB - Perform Task In All Subdirectories AREA - Telephone Area Code Search Utility BANNER - DOS Banner Display BOOT - PC Rebooting Utility BOOTLOCK - Lock Out Reboot Keys and Break Keys BOOTPAST - Boot Past a Floppy to the Hard Disk BRKBOX - COM Port Break Out Box Display CAL - DOS Calendar Display CAT - DOS Cat Text File Utility CHIMES - DOS Clock Chimes CLEAN - Floppy Drive Cleaning Program CLEANUP - Cleanup Your Drives from Duplicate Files CURLOCK - Lock Cursor Shape Permanently CURSOR - Change Cursor Shapes Need I go on? EVERY SINGLE ONE of these *strongly* resembles a similar public domain utility. On closer examination, BRKBOX is IDENTICAL in appearance and function to an old BREAKBOX utility I've used for years. Except it how has a "Foley Hi-Tech' copyright! CURSOR is ABSOLUTELY identical (and even has the original SSI copyright on the screen!). Yet now it has a Foley Hi-Tech copyright! CHIMES is ABSOLUTELY identical to NJCHIME.ARC (right on SIMTEL20) (right down to the choice of chimes), but now it has a Foley Hi-Tech copyright! EVAL - DOS Command Line Calculator FILEATTR - Change File Attributes FILEINFO - File Information Program FILESIZE - File Size Listing Utility It goes on and on. Sorry but I do suspect Foley of stealing every public domain utility he could find and stuffing his copyright into the source. Maybe I'm wrong. Maybe he *did* write an original utility, or make significant changes and improvements to entitle him to a copyright. But for the most parts this smacks strongly of piracy. How can you pirate from the public domain? Well, legally there's no such offense. But morally there is. And in the documentation he includes a list of "projects" Foley Hi-Tech is currently working on. Heck, it reads like an extract of SIMTEL20's PD:<MSDOS.SYSUTL> catalog! I've had a gutfull of commercial enterprises ripping off the public domain. Using our stuff I don't mind, but trying to OWN it? No way. I'm ready to fight. And there's another wee problem: Foley compressed most of the .EXE programs with PKLITE. This did nothing to reduce the size of his 600+Kb .ZIP archive, of course .. matter of fact, the PKLITE'd files made the .ZIP bigger! But that's not the problem: it was just a royal pain to PKLITE -x all those files to do a virus check! And some files could NOT be restored to their uncompressed state: EVAL.EXE :wrong version (compressed with PKLITE 1.0) LS.EXE :some unknown proprietary Foley Hi-Tech compressor MAZE.EXE :ditto TEXTSRCH.EXE :ditto TURBOBAT.COM :Has internal PKWARE copyright, but PKLITE 1.2 fails So I can't check ANY of these for viri! Perhaps an Info-IBMPC or Usenet reader can check with the Foley BBS and get an explanation. You do what you want about this archive. Me: I'm trashing this sucker. David Kirschbaum Toad Hall kirsch@usasoc.soc.mil ------------------------------ End of Info-IBMPC Digest V91 #148 ********************************* -------