IRMSS907%SIVM.BITNET@VMA.CC.CMU.EDU (09/08/89)
I got this from the PROFS-L discussion list...Mignon Erixon-Stanford *** Forwarding note from KIEFFER --UNCANET 09/06/89 19:48 *** Date: Wed, 6 Sep 89 18:16 PDT A computer virus has just appeared in the CERNVM system in the form of a set of files which copy themselves to your A-disk when you execute the commands RELEASE or DROP. The mechanism is that there is a modified RELEASE EXEC which invokes a module called DVHVIR which copies itself, plus other files, to your A-disk. It is sufficient to be linked to a disk containing these viruses to be vulnerable to them. Some of the copied files pretend to be parts of the directory maintenance system and we do not yet know what damage they may cause. Please take the following action: look for any of the following files on your disks and ERASE them at once RELEASE EXEC DVHGMN EXEC DVHGKB EXEC DMSXMS EXEC DVHVIR MODULE We are attempting to find the source of this virus and are taking other preventative measures. User Support
MBDMD@ROHVM1.BITNET (09/11/89)
Does anyone have any additional information on this? [Ed. Text of recent VM/CMS virus warning deleted.] Martin J. Doyle VM Systems Programming Contractor Rohm and Haas Company Philadelphia, Pennsylvania MBDMD@ROHVM1 (215) 752-2296