Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!gem.mps.ohio-state.edu!ginosko!uakari.primate.wisc.edu!polyslo!vlsi3b15!vax1.cc.lehigh.edu!sei.cmu.edu!krvw
From: David.M..Chess.CHESS@YKTVMV
Newsgroups: comp.virus
Subject: re: IBM Virus (from EXPERT-L list) (PC)
Message-ID: <0003.8909271119.AA09775@ge.sei.cmu.edu>
Date: 26 Sep 89 00:00:00 GMT
Sender: Virus Discussion List 
Lines: 9
Approved: krvw@sei.cmu.edu

Sounds basically like the Jerusalem Virus; in particular, the
little signature string given occurs in the JV.   Not sure
why they aren't seeing files change in size when they're
infected.   Perhaps the fact that a file gets infected when
it executes (rather than when the original infected file executes)
is causing confusion.  The multiple infections that they're
seeing (and attributing to disk fragmentation) are also
characteristic of the JV.  Or, of course, it could be some
Brand New nasty...                    DC