PC VIRUS The following is taken from Risks Digest on the Othernet Conference. "Last week, some our student consultants discovered a virus program that's been spreading rapidly throughout Lehigh University. I thought I'd take a few minutes and warn as many of you as possible about this program since it has the chance of spreading much farther than our university. We have no idea where the virus started, but some users have told me that other universities recently had similar problems. The virus: The virus itself is contained in the stack space of COMMAND.COM. When a PC is booted from an infected disk, all a user need to do to spread the virus is to access another disk via type, copy, dir, etc. If the other disk contains COMMAND.COM, the virus code is copied to the other disk. Then a counter is incremented on the parent. When the counter reaches a value of 4, any and every disk in the PC is erased thoroughly. The boot tracks are nulled, as are the FAT tables etc. All Norton's horses couldn't put it back together again. This affects both floppies and hard disks. Meanwhile, the four children that were created go on to tell four friends, and they tell four friends, and so on, and so on. Detection: While the virus appears to be very well written, the author did leave behind a couple of footprints. First, the write date of COMMAND.COM changes. Second, if there is a write protect tab on the uninfected disk, you will get a write protect error. So boot up from a suspected virus disk and access a write protected disk. If an error comes up, then you're sure. Note that the length of COMMAND.COM does not get altered. I urge anyone who comes in contact with publicly accessible disks to periodically check their own disks. Also, exercise safe computing-- always wear a write protect tab. This is not a joke. A large percentage of our public site disks have been gonged by this virus in the last couple of days." Well, that's what the note says. I don't know how it will affect the BBS's, but to be safe, people should know.