Xref: utzoo comp.sys.mac.programmer:3447 comp.sys.mac:23732
Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!ukma!rutgers!gatech!hubcap!mikeoro
From: mikeoro@hubcap.UUCP (Michael K O'Rourke)
Newsgroups: comp.sys.mac.programmer,comp.sys.mac
Subject: CODE resources and viruses
Keywords: virus
Message-ID: <3791@hubcap.UUCP>
Date: 7 Dec 88 22:14:17 GMT
Organization: Clemson University, Clemson, SC
Lines: 16

I have decided that I want to write my own application to kill SCORES and
nVIR strains since I dislike the interfaces for all current virus killer
programs.  I understand everything I need to do except one little bit.

I know that a virus installs its own code resource into an application and
then puts a jump into the CODE 0 resource of the application to get itself
called. I know how to use the resource manager to erase the virus' CODE
resource.  However, how can I get rid of the jump that it installed in the
CODE 0 resource?

Please send me a private message as I doubt this will be of interest to   
everyone.

Thanx,
Mike O'Rourke
Clemson University Computer Center