f3aml@fyvax2.fy.chalmers.se (MATS LEJON) (12/11/89)
In the message WDEF Virus Alert (MAC) John Norstad writes >Unfortunately, the virus manages to avoid detection by all of the >popular protection INITs, including Vaccine 1.0.1, GateKeeper >1.1.1, SAM Intercept 1.10, and Virex INIT 1.12. What about the RWatcher INIT? It would be no problem to configure it to look for a WDEF resource, but this would of course be of no use if the WDEF virus uses a system call to propagate whitch RWatcher does not watch for. Does anyone have any more info about the virus, its size for example, or how it is possible that a resource with the name WDEF gets executed, I guess it must contain executable code to propagate itself? Mats Lejon, Chalmers Univ. Tech. Sweden.