Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!csd4.csd.uwm.edu!cs.utexas.edu!usc!polyslo!vlsi3b15!vax1.cc.lehigh.edu!sei.cmu.edu!krvw
From: watmath!ctycal!ingoldsb@uunet.UU.NET
Newsgroups: comp.virus
Subject: Need info on Datacrime virus (PC)
Message-ID: <0003.8908181428.AA27881@ge.sei.cmu.edu>
Date: 17 Aug 89 16:20:54 GMT
Sender: Virus Discussion List 
Lines: 20
Approved: krvw@sei.cmu.edu

Sorry if you get this message twice, I'm not sure if the first attempt
will get to you (its been one of those days :^)

I'm sure this has been discussed, but I just got back from
vacation and missed the info (we're low on disk and things get
purged quickly).

Can anyone tell me how to detect if a machine has been infected
with the Datacrime virus, what it does (I've heard that it is
supposed to erase files on a particular date), and how to get
rid of it.

I'd appreciate a response to this.  It will give me a good
opportunity to demonstrate to our security gurus that Usenet
can be beneficial to security (instead of the open door that is
usually portrayed by the media).

  Terry Ingoldsby                       ctycal!ingoldsb@calgary.UUCP
  Land Information Systems                           or
  The City of Calgary         ...{alberta,ubc-cs,utai}!calgary!ctycal!ingoldsb