-> Some years ago, I wrote some programs that were suppose to be virus
-> resistant in that if they detected themselves as infected, they noted the
-> event on the screen and terminated themselves.  The only problem was that 

-> could not locate any viruses to test these programs against.  Now that I
-> have found a source of viruses, I no longer have the programs or the
-> interest.  However, the routines I used could not be used to protect *.EXE
-> files from contamination.
-> Has anyone done anything similar?
        I don't know how sophisticated you got with your virus checking
routines but I did do something similar years ago that would detect any 
changes
made to the main executable (whether virus related or not).
        I simply generated a 32-bit CRC value of the executable at link time
and stored it in the executable itself.  At runtime, the program would 
uickly
generate a CRC of the executable and compare it to what was stored.
If it had changed, it would alert the user that it had become changed or
corrupted in some way and would they like to continue.
        Granted this is very rudimentary but it keeps your executable small 
and
with the 4+ billion possible CRC values 32 bits provides, any bit changed in
your executable (i.e. from a virus attaching itself to it) is bound to change
its CRC.
/---------------------------------------------------------------------------\
|Stephen E. Shoesmith -- AKA Lone Wierdo                                    |
|SysOp, MetroPlex Communications - Free Access To Information - 401.739.8118|
|Email: sysop@mtrplx.com or lone_wierdo@ids.net        Fidonet: 1:323/1212  |
|Send mail to sspublickey@mtrplx.com for my public PGP key.                 |
\---------------------------------------------------------------------------/
--- PCBoard (R) v15.23/2
---------------