Path: utzoo!utgpu!watmath!clyde!att!pacbell!ames!mailrus!ncar!gatech!udel!mmdf
From: gay%elde.epfl.ch@cunyvm.cuny.edu (David Gay)
Newsgroups: comp.sys.amiga
Subject: Re: IRQ virus
Message-ID: <6434@louie.udel.EDU>
Date: 10 Jan 89 07:40:56 GMT
Sender: mmdf@udel.EDU
Lines: 8


Instead of doing a checksum, why not check the size of the executable file ?
This would still allow you to "newzap" the file, but should detect any virus
which prepends itself to the executable (though it could still search for a
convenient block of nulls ...).

David Gay
GAY@ELDE.EPFL.CH$