Some anti-virus software is memory resident and loaded on start up. It then actively monitors systems and programs that are ran, for infections. Such examples include boot files, discs and files which are accessed during start-up
Category Archives: 1. Computer Systems
FAQ: Description of anti-virus software detection techniques: heuristic detection
Some more sophisticated antivirus software uses heuristic analysis to identify new malware or variants of known malware.
Many viruses start as a single infection and through either mutation or refinements by other attackers, can grow into dozens of slightly different strains, called variants. Generic detection refers to the detection and removal of multiple threats using a single virus definition
FAQ: Description of anti-virus software detection techniques: searching for virus signature
-
This is a unique pattern of bits within a virus code.
-
The anti-virus software searches for the presence of the virus signature and may remove it.
- Useful only for known viruses.
FAQ: What is a Trojan horse
A Trojan horse, or Trojan, is a non-self-replicating type of malware which appears to perform a desirable function but instead facilitates unauthorized access to the user’s computer system. Trojans do not attempt to inject themselves into other files like a computer virus. Trojan horses may steal information, or harm their host computer systems.
FAQ: What is a worm?
A worm is a virus which spreads from computer to computer, normally through security holes inside a network, which is able to reproduce itself.
Worms usually spread themselves by attaching copies of themselves, sometimes using email documents. The virus then uses these to move around to other servers emails and from there to users system.
FAQ: What is a Virus
A virus is a self replicating program that can destroy or cause damage to data stored on a computer system.
A virus program must be executed in order to infect a computer system. Viruses can attach themselves to other programs in order to ensure that this happens. Viruses are spread through file downloads or infected storage media such as floppy disks.
Common symptoms of virus infection:
- Displaying unwanted messages
- Unusual visual or sound effects
- Loss of data from a storage medium
- Computers restarting unexpectedly
- Unwanted generation of e-mails
FAQ: Description of the virus code action: delivery
Delivery is the method by which the virus arrives on the computer. The main vectors are boot sector, email, IM, network or infected file.
The virus may be deliberately introduced to the computer or the infection may be accidental.
FAQ: Classification of viruses by type of file infected: macro virus
A macro virus is a computer virus that “infects” a Microsoft Word or similar application and causes a sequence of actions to be performed automatically when the application is started or something else triggers it. Macro viruses tend to be surprising but relatively harmless. A typical effect is the undesired insertion of some comic text at certain points when writing a line. A macro virus is often spread as an e-mail virus. A well-known example in March, 1999 was the Melissa virus virus.
FAQ: Classification of viruses by type of file infected: boot sector virus
Floppy disks and hard disks store a small program known as the boot record which is run when the computer starts up. Boot sector viruses attach themselves to this program and execute when the computer tries to start up from the infected disk. Once a computer has been infected, any unprotected floppy disk put into the computer will also be infected.
FAQ: Classification of viruses by type of file infected: file virus
File viruses infect executable files by inserting their code into part of the original code so that when the file is accessed it starts to infect.
