Path: utzoo!utgpu!watmath!att!tut.cis.ohio-state.edu!rutgers!netnews.upenn.edu!vax1.cc.lehigh.edu!sei.cmu.edu!krvw From: IA96@PACE.BITNET (IA96000) Newsgroups: comp.virus Subject: axe by sea (PC) Message-ID: <0006.8908071130.AA17865@ge.sei.cmu.edu> Date: 5 Aug 89 16:59:00 GMT Sender: Virus Discussion List Lines: 18 Approved: krvw@sei.cmu.edu i did not mean to propse that axe is the cure all or preventative for viral infections. i just wanted to point out what we had found. in most cases, a virus attacking a program which has been axed creates a situation where the axe'd program will not load properly due to the compression used when the program was axe'd. basically axe reads a file and like arc applies a compression formula to the file and then writes the file back to the disk along with a special loader incorporated in the file. when a virus attacks the file, it changes (obviously) some of the compressed data. however it does not really know that the data has been compressed by axe. so when the user goes to load the program the loader cannot un-compress the data and halts operation. while not a cure all or anything like that it is a good way to spot instantly if a file has been tampered with.