Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!purdue!gatech!rutgers!netnews.upenn.edu!vax1.cc.lehigh.edu!sei.cmu.edu!krvw
From: ACS1W@uhvax1.uh.edu (Meesh)
Newsgroups: comp.virus
Subject: October 12/13 (PC)
Message-ID: <0003.8909191146.AA07427@ge.sei.cmu.edu>
Date: 18 Sep 89 17:22:00 GMT
Sender: Virus Discussion List <VIRUS-L@IBM1.CC.Lehigh.EDU>
Lines: 19
Approved: krvw@sei.cmu.edu

I'm the editor of our university's computing newletter.  I need to
know how users can detect the October 12/13 virus ahead of time.  Is
there a way at all?  I don't want to alarm users, but I feel they
should know about the possible existence of this problem.

Thanks.

[Ed. In VIRUS-L volume 2 issue 192, Charles M. Preston
<portal!cup.portal.com!cpreston@sun.com> states that a) Viruscan V36
can detect Datacrime and that b) Datacrime can be identified by the
hex string EB00B40ECD21B4 (1168 version) or 00568DB43005CD21 (1280
version).  Note that a hex string search can be done via the DEBUG 'S'
command (e.g., "S CS:100 FFFF hex_string" at the DEBUG prompt), if
my memory of MS-DOS is correct.]

Michelle Gardner
Coordinator, Information Services
Information Technology
University of Houston