Path: utzoo!utgpu!watmath!clyde!att!rutgers!deimos!uxc!uxc.cso.uiuc.edu!uxg.cso.uiuc.edu!uxh.cso.uiuc.edu!fons From: fons@uxh.cso.uiuc.edu Newsgroups: comp.sys.mac Subject: Re: Transfers and Viruses Message-ID: <20200014@uxh.cso.uiuc.edu> Date: 3 Dec 88 05:55:00 GMT References: <1006@ccnysci.UUCP> Lines: 20 Nf-ID: #R:ccnysci.UUCP:1006:uxh.cso.uiuc.edu:20200014:000:1369 Nf-From: uxh.cso.uiuc.edu!fons Dec 2 23:55:00 1988 To add more fuel to the fire, a friend of mine at the University of Illinois recently purchased a cms pro 60 from Hardware House and with it came CMS Utility to 80MB. I came over to his apartment the night he unpacked the machine and indeed just about everything on his machine was infected by nVir. (He had a bunch of public domain programs that I though initially was the problem-but his CMS source disk was infected-and it was LOCKED). It must have come from the company in that manner. Note that the CMS utility disk has a copy of the system and the Finder on it hence it CAN infect ones hard disk (resource locking on the code segment of the utility program itself is irrelevent). In any case CMS sent a new version of the program (he had 3.4) and CMS sent a new copy v4.0. Needless to say, I promptly checked the program for him and it was NOT infected-perhaps they have learned their lesson. Paul Fons University of Illinois Coordinated Science Laboratory 1101 W. Springfield Av. Urbana, Illinois 61801 U.S.A. email: Fons@uiucvmd.bitnet or... Fons@uxh.cso.uiuc.edu