

                  Sophos Anti-Virus for OS/2 Release Notes
                  ----------------------------------------

                             October 2002 (3.62)

                               www.sophos.com


New users of Sophos Anti-Virus for OS/2 can find installation guidance
beginning at the section "Installation notes" below.


New in this release
-------------------

Sophos Anti-Virus for OS/2 now has an updated look to coincide with our new
corporate image. The underlying software remains unchanged.

There are new information pages available on this CD. You can view these pages
from any computer with an internet browser installed. They include installing
and updating advice, product information, documentation, and contact
information. Open 'index.htm', from the root of the CD, in your browser. If
you have any difficulties viewing the CD's information pages, email
sophoscd@sophos.com.


On-access scanners -- important warning!
----------------------------------------

Sophos strongly recommends that you do not try to run more than one on-access
virus scanning product on the same OS/2 system.  With the current design of
OS/2, an attempt to run more than one on-access scanner will probably cause
serious system malfunction, such as a failure by OS/2 to boot.


Known restrictions in this release
----------------------------------

If you are using the Sophos Anti-Virus for OS/2 installer to install
InterCheck manually on an individual workstation, you should allow the
installer to update CONFIG.SYS. There is a check box for this, at the
beginning of the installation, which is checked by default. Please leave this
box checked.


New features recently released - reminder
-----------------------------------------

In May 2002 we introduced two enhancements to Sophos Anti-Virus for OS/2:

(a)   InterCheck
      ----------

      The InterCheck on-access scanner has been updated to work with OS/2
      Warp Convenience Package 2 (released in December 2001 or January 2002).
      It still works with earlier supported versions of OS/2 Warp:

        Warp 4 GA
        Warp Convenience Package 1

      and with fix packs in the XR_M* and XR_C* series.

      InterCheck also works with uniprocessor versions of eComStation release
      1.0. Please see the section "InterCheck details" below for further
      information.

      Please note that the new version of InterCheck will not become active
      until you reboot your system after updating Sophos Anti-Virus for OS/2.

(b)   New file types
      --------------

      This release includes enhanced file handling for the following file
      types:

          RTF
          MIME
          zipmail
          Unix ELF
          HTML
          UUEncode

      RTF, MIME and HTML are in the default list of executable files. This
      list is unchanged in version 3.57.

      UUEncoded files are now scanned when 'Archive files' or '-ARCHIVE' is
      selected. Zipmail files are also scanned when archive scanning is
      selected.

      Unix ELF files are scanned either when their file extension is in the
      executables list, or if 'All files' or '-ALL' is selected.

In November 2001 we introduced two enhancements to Sophos Anti-Virus for
OS/2:

(c)   New Sophos Virus Library support using the Internet
      ---------------------------------------------------

      The Sophos Virus Library is a collection of descriptions of known
      viruses, their effects, and how to deal with infections by them,
      written in several natural (human) languages. The Library is available
      directly via the Internet, at

        http://www.sophos.com/virusinfo/analyses/

      A URL object to access this page has been added to the Sophos
      Anti-Virus folder on the OS/2 desktop.

      Users who want to access the Library directly in another language
      should access the same page on the Sophos web server for their country,
      for example

        http://www.sophos.de/virusinfo/analyses/

      The Sophos Anti-Virus for OS/2 GUI will now start your default web
      browser and connect it to the above page of the Sophos web server
      whenever you request "virus library" information. You can configure the
      GUI to choose the natural language in which you would like to read
      virus analyses, and to use a web browser different from your default.
      Note that the old IBM "Web Explorer" browser is not supported by this
      feature, because it cannot display the Sophos web pages properly.
      Further details are in the Sophos Anti-Virus for OS/2 reference manual.

      Users who have a dial-up modem connection to the Internet can configure
      the Sophos Anti-Virus for OS/2 GUI to use the OS/2 Internet dial-up
      feature in this way:

      1.  use the "Options | Virus Library" menu item of the GUI to open the
          GUI's Virus Library Viewer configuration dialogue box

      2.  add the word "linkup" in front of the Web browser command, for
          example

            linkup C:\netscape\program\netscape.exe

      3.  save the configuration by pressing the "OK" button.

(d)   Improved handling of GUI job schedules
      --------------------------------------

      The Sophos Anti-Virus for OS/2 GUI will now save your scan job
      schedules and configuration information whenever you close the GUI
      window. (Previously the GUI would only save the schedules and
      configuration at system shutdown or when you select the GUI's "Exit and
      close all services" menu item).

      The job schedules and configuration information are saved in a file
      SWEEP.CFG located in the same directory as SWEEP.EXE. If this file is
      copied to a central installation of Sophos Anti-Virus for OS/2, in the
      same directory as SWEEP.EXE, the Sophos Anti-Virus for OS/2 central
      installer will distribute the file to all workstations that update from
      the central installation.

      This provides a convenient way to configure a number of workstations
      equipped with the Sophos Anti-Virus for OS/2 GUI to follow the same
      scanning schedule.

      You need to issue the command

        SETUP -UPDATE

      at the central installation system after adding or changing SWEEP.CFG,
      in the same way as when you update other configuration files at the
      central installation (see the product manuals for details).

      Note that this procedure only works properly if the machine names are
      defined using the SET HOSTNAME method described in the section
      "Computer names - reminder" below. If this is not done, all virus
      reports will appear to come from the machine where the master copy of
      SWEEP.CFG was prepared.

In September 2001 we introduced two major enhancements to Sophos Anti-Virus
for OS/2:

(e)   The default extension list in the GUI is updated automatically
      --------------------------------------------------------------

      Those users who

        *  do not use the Sophos Anti-Virus for OS/2 GUI, or
        *  have configured their Sophos Anti-Virus for OS/2 GUI to scan all
           files

      may ignore this section.

      New types of virus can create new types of file which must be scanned
      in order to detect those new viruses. Up to now, the Sophos Anti-Virus
      for OS/2 GUI has needed to be reconfigured manually to recognise new
      filename extensions associated with new viruses, because this
      information is stored in the user's job configuration file SWEEP.CFG.
      Beginning this month, the Sophos Anti-Virus for OS/2 GUI will be
      updated automatically with new file extension information, which will
      automatically be entered in SWEEP.CFG files without the need for manual
      reconfiguration by users.

      This feature makes it much easier for users of the Sophos Anti-Virus
      for OS/2 GUI to keep their installation up-to-date. (Note: this feature
      is already available in Sophos Anti-Virus for some other platforms.)

(f)   Version 1.0 of the Sophos InterCheck on-access scanner is released
      ------------------------------------------------------------------

      The InterCheck component scans files for viruses as they are about to
      be opened during the normal running of user applications. If a virus is
      detected, the application will be denied access to the file. Removable
      disks will in addition be scanned for boot sector virus infections, and
      access will be denied to the whole disk if an infected boot sector is
      detected. A log is kept on disk of viruses found and other important
      events. Optional utilities alert the user and/or system administrator
      to viruses detected, and maintain a system activity status display.

      The InterCheck component requires OS/2 Warp 4 GA or the OS/2 Warp 4
      Convenience Pack refresh. It also works with the uniprocessor version
      of the "eComStation" product from Serenity Systems International.

      By default, the InterCheck component is not installed by the Sophos
      Anti-Virus for OS/2 installer.

      Users who have installed the beta release of InterCheck for OS/2 must
      uninstall it before installing the full release. Uninstalling Sophos
      Anti-Virus for OS/2 is described in the Sophos Anti-Virus for OS/2 User
      Manual.

      Further information about the new InterCheck component is in the
      section "InterCheck details" below.


Computer names - reminder
-------------------------

We have introduced a new method of specifying the name of a computer, for the
purpose of reporting to a network administrator which computer(s) have been
found to have infected files.

Until now, the computer name has been set by means of a special menu option,
Options | Machine Name, in the Sophos Anti-Virus for OS/2 GUI. From now on,
the machine name is specified with the environment variable HOSTNAME. Sophos
recommends that this environment variable be set in the CONFIG.SYS file of
each OS/2 computer. For example, to set the name of a computer to LEONARDO
add the line

  SET HOSTNAME=LEONARDO

to the CONFIG.SYS file of that machine. This statement will take effect the
next time the computer is rebooted.

Beginning with the October 2001 release of Sophos Anti-Virus for OS/2, the
Sophos Anti-Virus for OS/2 installation and update processes will
automatically add a SET HOSTNAME line to CONFIG.SYS on each IBM LAN Server
network system where the line is missing. The HOSTNAME value will be the
"ComputerName" configured in the IBM LAN Server configuration file
IBMLAN.INI, or the active LAN Server computer name if IBMLAN.INI cannot be
read. If a SET HOSTNAME line is already present in CONFIG.SYS, no change will
be made.

OS/2 NetWare clients do not have the concept of a machine name, so that users
must handle them manually as described above.

Users of IBM's TCP/IP network software should find that the IBM TCP/IP
product installation has added a suitable SET HOSTNAME line to CONFIG.SYS.

For compatibility with existing installations of Sophos Anti-Virus for OS/2,
if the HOSTNAME variable has not been set, then the machine name defined in
the "Options | Machine Name" menu item of the Sophos Anti-Virus for OS/2 GUI
will be passed to the command file by the GUI, as was done previously.

InterCheck will NOT recognise a name set by Options | Machine Name, and will
not report a machine name if HOSTNAME is not set.


InterCheck details
------------------

(a)   General information
      -------------------

      Adobe Acrobat versions of the manuals are in the files

        Installation guide      \DOCS\ENG\INSTGUID\OS2_IEN.PDF
        Reference manual        \DOCS\ENG\MANUALS\OS2_MEN.PDF

      on the Sophos Anti-Virus for OS/2 CD. They can also be found in the
      download pages of www.sophos.com

      By default, the InterCheck component is NOT installed by the Sophos
      Anti-Virus for OS/2 installer. Installation information may be found in
      the Sophos Anti-Virus for OS/2 Installation Guide (see the section
      "Installation notes" below).

      Although InterCheck for OS/2 will run under Warp Server for e-business,
      Sophos does not recommend using an on-access scanner on a file server.
      The performance of a server is likely to be reduced by an on-access
      scanner. Files resident on servers will in any case be checked by
      clients equipped with InterCheck when the clients request network
      access to the files.

      Because the standard releases of OS/2 are not high security products,
      InterCheck for OS/2 does not give complete security against the
      activities of malicious users. For example, a knowledgeable user can
      disable InterCheck for OS/2 on his or her computer. InterCheck for OS/2
      is believed to be compatible with third party security products that
      use the OS/2 Installable Security Subsystem. It is possible that where
      such a product is installed, it could be used to protect InterCheck for
      OS/2 against malicious users. However, Sophos does not endorse any such
      product.

      It is unnecessary to disable the "opportunistic lock" feature of IBM
      LAN Server networking to allow InterCheck for OS/2 to work. This is of
      particular significance for machines running the IBM Peer Server.

(b)   Prerequisites
      -------------

      Users who have installed the beta release of InterCheck for OS/2 must
      uninstall it before installing the full release. Uninstalling Sophos
      Anti-Virus for OS/2 is described in the Sophos Anti-Virus for OS/2 User
      Manual.

      Sophos InterCheck for OS/2 will run under the following versions of
      OS/2:

        Warp 4 GA
        The December 2000 Convenience Package update (uniprocessor)

      InterCheck for OS/2 should also run under Warp 4 fix packs distributed
      by IBM in its Internet repository at

        ftp://service.software.ibm.com/ps/products/

      However, Sophos has only tested the versions of OS/2 listed above.

(c)   Other notes
      -----------

      Rebooting systems after InterCheck for OS/2 is installed
      --------------------------------------------------------

      In order to activate InterCheck for OS/2, it is necessary to reboot
      systems after installing InterCheck for OS/2 for the first time. If
      systems are not rebooted, they will continue to run, but without the
      protection of InterCheck; already installed components of Sophos Anti-
      Virus for OS/2 will function normally, using the latest virus data from
      the Sophos Anti-Virus CD.

      It may also occasionally be necessary, in order to activate new
      features, to reboot systems after installing an update of InterCheck
      for OS/2. Rebooting may be deferred to a convenient time. If systems
      are not rebooted, they will continue to run with the old version of
      InterCheck; the other components of Sophos Anti-Virus for OS/2 will
      function normally. The latest virus data from the Sophos Anti-Virus CD
      will be used by all components even if systems are not rebooted.

      Normally, rebooting can be achieved by shutting machines down at the
      end of the working day, and restarting them the next day. This
      information is therefore of most interest to users who do not shut down
      their machines at the end of the day, perhaps because backups are done
      automatically overnight.

      The Sophos Anti-Virus for OS/2 installer will inform users if a reboot
      is needed to activate new InterCheck features. If Sophos Anti-Virus for
      OS/2 is being distributed automatically from a central installation by
      the Sophos Anti-Virus for OS/2 installer, this notification will not be
      given to individual users, but will be given to the network
      administrator after s/he has updated the central installation. If this
      notification is received, the administrator should arrange for machines
      to be rebooted at a convenient time.

      InterCheck log files
      --------------------

      A definitive record of everything that was found on an individual
      computer is contained in the disk log file written by the InterCheck
      for OS/2 scanner. This log file is flushed to disk after each entry is
      written (though a directory listing may not show this). The log file
      may be read by other programs that open it in read-only mode (therefore
      not by some editors). The log file is only actually closed when
      InterCheck is stopped.

      When InterCheck is restarted (for example after an update), or a
      machine is rebooted, the existing log file will be backed up and a new
      log file will be started. Only one backup of the log is kept; an
      already existing backup is deleted. This behaviour prevents the log
      from growing until it fills the user's disk (unless the OS/2 "undelete"
      feature is enabled).

      Users who wish to keep old log information may configure InterCheck to
      append to the log when InterCheck is restarted, instead of starting a
      new log. This configuration is described in the Sophos Anti-Virus for
      OS/2 reference manual. Users who choose this option must take their own
      steps to prevent the log from growing indefinitely.

      Network notification of viruses
      -------------------------------

      Notification of virus infections to network managers is done using the
      network's native messaging utility. Information on how to configure
      this feature is in the Sophos Anti-Virus for OS/2 installation guide.

      Some messaging utilities are quite slow, taking as long as 30 seconds
      to deliver a message. In extreme cases, where infected files are
      accessed frequently, the capacity of the messaging system may be
      exceeded. Then some individual infected files may not be reported to
      the network manager, though s/he will certainly be made aware of which
      computers have virus problems. A definitive record of everything that
      was found on an individual computer is contained in the disk log file
      maintained by InterCheck for OS/2 on that computer (see the previous
      section).

(d)   Limitations of this release of InterCheck for OS/2
      --------------------------------------------------

      1.  Archive (ZIP, RAR, ...) files will not have their contents scanned
          by this release of InterCheck for OS/2 before the archives are
          unpacked. (However, the extraction 'stub' of self-extracting
          archives will be checked prior to extraction.) This is because such
          a process could be too slow for an on-access product. After archive
          files have been unpacked with the archive utility, the InterCheck
          scanner will trap attempts to access any of the unpacked files that
          are infected, so that security is maintained.

      2.  This release of InterCheck for OS/2 only checks files when they are
          opened: it does not check them when they are closed. In practice,
          this means that files are checked before they are read, not when
          they are created.

      3.  Accesses to NetWare file servers by DOS or Win-OS/2 applications
          will not be checked by this release of InterCheck for OS/2. All
          other combinations of application and network will be fully checked.

      4.  Automatic disinfection of viruses detected by InterCheck for OS/2 is
          not implemented in this release.

      5.  InterCheck for OS/2 has not been tested on multiprocessor systems.

      6.  If run on a Warp Server, InterCheck for OS/2 will not check file
          accesses to HPFS386 file systems attempted by the server on behalf
          of network clients.


Configuration options
---------------------

      This is a summary of where customers may configure features of Sophos
      Anti-Virus for OS/2. In all cases details can be found in the reference
      manuals.

      Installer
      ---------

        USERS.ACT         tells which components are to be distributed
                          automatically over the network from a central
                          installation

      InterCheck
      ----------

        CONFIG.SYS        SET HOSTNAME= sets the name of the sending machine
                          in virus notifications to the network administrator

        INTERCHK.CFG      tells what kinds of report InterCheck should give
                          if it detects a virus, and whether the status
                          window should be displayed

                          Also contains detailed InterCheck scanner options.

        NTFY.CMD          notifies the network administrator if InterCheck
                          detects a virus

      GUI (Presentation Manager control program)
      ------------------------------------------

        CONFIG.SYS        SET HOSTNAME= sets the name of the sending machine
                          in virus notifications to the network administrator

        All other options are configured in the program's windows.

      Command line scanner
      --------------------

        A list of disk drives, files and disk sectors to be scanned may be
        given in the file SWEEP.ARE described in the main reference manual
        for Sophos Anti-Virus for OS/2. All other options are set in the
        command line.


Notes on the contents of the Sophos Anti-Virus CD - important!
--------------------------------------------------------------

The kit including MKSTAND, which creates the emergency diskette set used to
disinfect boot sector viruses infecting hard drives, has been separated
completely from the normal Sophos Anti-Virus for OS/2 product installation
kit. There are now 3 Sophos Anti-Virus for OS/2 kits on the Sophos Anti-Virus
CD:

1.  The standard Sophos Anti-Virus for OS/2 product installation kit. This
    kit is in the directory \OS_2 on the Sophos Anti-Virus CD. It is no longer
    possible to create emergency diskettes from this kit.

    The kit is documented in the Sophos Anti-Virus for OS/2 Installation
    Guide. The Installation Guide is in the Adobe Acrobat file

      \DOCS\ENG\INSTGUID\OS2_IEN.PDF

    on the CD.

2.  The kit including MKSTAND, which creates the emergency diskette set
    used to disinfect boot sector viruses infecting hard drives. This kit
    consists of files in the directory \DISKIMGS on the CD. This kit cannot
    install the Sophos Anti-Virus for OS/2 product.

    The kit is documented in the Sophos Anti-Virus for OS/2 Installation
    Guide. The Installation Guide is in the Adobe Acrobat file

      \DOCS\ENG\INSTGUID\OS2_IEN.PDF

    on the CD.

3.  A kit of files used to make transfer diskettes, which will install the
    standard Sophos Anti-Virus for OS/2 product on an OS/2 system which has
    no CD drive. This kit is a duplicate of kit #1, packaged to fit on
    diskettes. This kit is in the directory \DISKIMGS on the CD.

    The kit is documented in the Sophos Anti-Virus for OS/2 reference manual.
    The reference manual is in the Adobe Acrobat file

      \DOCS\ENG\MANUALS\OS2_MEN.PDF

    on the CD.


Central installation and automatic updating under OS/2 Warp 3
-------------------------------------------------------------

During QA testing we have observed that clients running OS/2 Warp 3 Connect
GA or OS/2 Warp 3 Server 4 GA occasionally fail to update when expected. An
error

  "Error loading or initialising SAVHK001.DLL"

is logged in our SETUP log file.

After such events the clients will automatically re-try the update a couple
of times, eventually succeeding. This effect is harmless, inasmuch as the
only result is to delay the update by a period of time depending on the
parameters supplied to our SETUP program.

This behaviour is thought to be caused by a bug in early builds of OS/2 Warp
3. We are not yet able to advise whether any Warp 3 fix pack will prevent the
behaviour.


Microsoft Cabinet files
-----------------------

The scanning of Microsoft Cabinet files will not be enabled when "Scan inside
archive files" is selected. This applies to both the GUI and command line
versions of Sophos Anti-Virus.


Listing format (command line program OSWEEP only)
-------------------------------------------------

When the /NS qualifier is given, the names of all files scanned are listed.
Files within archive files are flagged by default with a variable length arrow
symbol. The format of this flagging can be changed thus:

  /NS=F   Do not list files within archive files at all. List only the names
          of the outermost archive files which appear in the OS/2 file system.

  /NS=P   Flag files within archive files with arrow symbol (default).

  /NS=U   No flagging. List the full paths of all files within archive files.
          Include the names of archive files, including those nested inside
          other archive files, in these paths as though they were directories.

The /NS=F option is intended to facilitate the rapid identification at the
file system directory level, and the manual quarantining, of archives
containing infected material. The /NS=U format reveals full details if a
manual rescue of the infected archive is to be attempted.

If the /NS qualifier is omitted, only the full paths of infected archives are
listed (in the /NS=U style).

These listing options may be extended to the GUI in a future release if users
so request.


Using Archive Handling with the OS/2 InterCheck Server
------------------------------------------------------

The Sophos Anti-Virus InterCheck Server for OS/2 checks inside archive files.
This feature is enabled in the InterCheck Server by default. InterCheck
clients by default do NOT send archive files to InterCheck servers for
checking. Clients can be instructed to do so with the "ProgramExtensions"
keyword in the InterCheck Client configuration file INTERCHK.CFG  See the
chapter "Configuring InterCheck Clients" in the Sophos Anti-Virus manual for
further details.


Known problems in this release - OS/2 InterCheck Server
-------------------------------------------------------

Background:

      If a Sophos InterCheck Server scans a file and finds a virus there, it
      will do two things to report the discovery:

(a)   it will record the event in its log file

(b)   it will, at the system manager's option, call a customer-supplied
      command procedure with information about the event, so that further
      customer-defined processing may take place. (Such processing often
      involves broadcasting notification of the event by means selected by
      the customer.)

Problem:

      If a Sophos InterCheck Client, which is able to scan files itself
      (locally) on access by a client application, detects a virus, it will
      send a message reporting the event to its InterCheck Server. InterCheck
      Servers will record such messages in their log files, as described
      above. Some InterCheck Servers, including that for OS/2, will not,
      however, present _client_ messages to the optional customer-defined
      command procedure for further processing.

This problem has been found to be complex, and is under further investigation
at this time.


Installation notes
------------------


Which version of Sophos Anti-Virus for OS/2 should you use?
-----------------------------------------------------------

This release contains both a GUI and a command-line-only version of Sophos
Anti-Virus for OS/2.

The command-line-only version is designed for users who want to run Sophos
Anti-Virus for OS/2 "invisibly" under the control of a command procedure,
without interacting with the product. Such an arrangement might be appropriate
for client machines where the software is pre-configured by a company's
Information Services department, for example where the overall user interface
allows access only to an approved set of applications.

The Sophos Anti-Virus for OS/2 GUI is designed for users who want to control
Sophos Anti-Virus for OS/2 by interacting directly with it.

The InterCheck on-access scanner for OS/2 is an optional component that can be
installed as an adjunct to either the command-line-only version or the GUI
version of Sophos Anti-Virus for OS/2.

New installations
-----------------

      The steps for creating a central installation and automatic update
      environment are:

      1.  Use our SETUP utility to create a central installation on a file
          server. There is only one central installation, regardless of
          whether it is to be used to deploy the GUI or the command-line-only
          version of Sophos Anti-Virus for OS/2.

      2.  Configure the central installation to deploy either the GUI or the
          command-line-only version of Sophos Anti-Virus for OS/2. If desired,
          add the InterCheck on-access scanner to the components to be
          deployed.

      3.  Grant users network access to the central installation.

      4.  Modify users' logon scripts to run our SETUP utility when they
          logon.

      Details on how to perform these steps are to be found in the manuals
      referenced below.

      IMPORTANT NOTE
      --------------

      By default, new installations will be configured to deploy the command-
      line-only version of Sophos Anti-Virus for OS/2, because we believe
      that this what the majority of our large network customers use. If you
      want to deploy the GUI version or the InterCheck on-access scanner, you
      must take care to perform step (2) above.

Updating your installation
--------------------------

      When you want to update users' copies of Sophos Anti-virus for OS/2,
      you need only do one or other of the following:

      1.  Use our SETUP utility to update the central installation with a new
          release of Sophos Anti-Virus.

      2.  For interim virus information obtained from Sophos' Web server, copy
          the virus information files to the central installation, then run
          our SETUP utility to flag that the central installation has been
          updated.

      The update will be deployed automatically to all OS/2 network clients
      at the next convenient opportunity. Again, details on how to perform
      these steps are to be found in the manuals referenced below.

Customers installing from the Sophos Anti-Virus CD:
--------------------------------------------------

      All components of Sophos Anti-Virus for OS/2 are on the Sophos Anti-
      Virus CD. The program files are in the directory

        \OS_2

      on the CD.

      Adobe Acrobat versions of the manuals are in the files

        Installation guide      \DOCS\ENG\INSTGUID\OS2_IEN.PDF
        Reference manual        \DOCS\ENG\MANUALS\OS2_MEN.PDF

      on the CD. The "Adobe Acrobat Reader for OS/2" product, which can be
      used to read this on-line manual, is provided in the file

        \DOCS\ACROREAD\ENG\ARO2E30.EXE

      Note that this file is an installation kit, from which the reader
      program itself is obtained.

Customers wanting Sophos Anti-Virus on diskettes:
------------------------------------------------

      Diskette images are in the directory \DISKIMGS on the Sophos Anti-Virus
      CD. Instructions for using them are in the file

        \DISKIMGS\DISKIMGS.TXT

      There are two Sophos Anti-Virus for OS/2 diskette kits in \DISKIMGS

      1.  an emergency diskette generation kit, containing files needed to
          create the emergency diskettes used to disinfect boot sector viruses
          infecting the hard drive. This kit is supplied only in these images;
          it cannot install the standard Sophos Anti-Virus for OS/2 product.
          Use of this kit is documented in detail in the Sophos Anti-Virus for
          OS/2 reference manual.

      2.  a product installation kit, containing all the files in the standard
          \OS_2 product directory on the CD packaged to fit on diskettes. This
          kit is only used to transfer the product installation kit to an OS/2
          system without a CD drive. Use of this kit is documented in detail
          in the Sophos Anti-Virus for OS/2 reference manual.

      Adobe Acrobat versions of the manuals are in the files

        Installation guide      \DOCS\ENG\INSTGUID\OS2_IEN.PDF
        Reference manual        \DOCS\ENG\MANUALS\OS2_MEN.PDF

      on the CD. The "Adobe Acrobat Reader for OS/2" product, which can be
      used to read this on-line manual, is provided in the file

        \DOCS\ACROREAD\ENG\ARO2E30.EXE

      Note that this file is an installation kit, from which the reader
      program itself is obtained.


Copyright notice
----------------

Most of the GUI installer files are copyright material, property of
INTERNATIONAL BUSINESS MACHINES CORPORATION. Use, copying and distribution of
the installer files as provided by Sophos Plc are subject to the condition
that these files form an integral part of Sophos Plc's product "Sophos Anti-
Virus for OS/2", and may be used only in conjunction therewith as documented
by Sophos Plc and in conformity with Sophos Plc's licence conditions
applicable to "Sophos Anti-Virus for OS/2". However, IBM also distributes
versions of the installer independently of Sophos Plc: copies and versions of
installer files so distributed are not subject to the foregoing condition,
but are subject to conditions of use as notified by IBM.


                              ----------------


