Virus scan/repair updates: "Virus scan/repair updates

Whenever a new virus is discovered, it is very quickly distributed among an informal, international group of virus collectors who exchange samples among themselves. Many such collectors are in the anti-virus software business, and they set out to obtain information about the virus which enables:

1. detection of the virus whenever it is present in a host program, and
2. restoration of an infected host program to its original uninfected state (which is usually possible.)

Typically, a human expert obtains this information by disassembling the virus and then analyzing the assembler code to determine the virus's behavior and the method that it uses to attach itself to host programs. Then, the expert selects a ``signature'' (a sequence of perhaps 16 to 32 bytes) that represents a sequence of instructions that is guaranteed to be found in each instance of the virus, and which (in the expert's estimation) is unlikely to be found in legitimate programs. This ``signature'' can then be encoded into the scanner, and the knowledge of the attachment method can be encoded into the repairer.

Such an analysis is tedious and time-consuming, sometimes taking several hours or days, and even the best experts have been known to select poor signatures -- ones that cause the scan"

Enter your email address to get free software's windows and virus removal tricks: SMS Alerts: Get news headlines on your mobile phone for freeMOBILE ALERTS

0 comments

Post a Comment

Blog Widget by LinkWithin

Like us on FaceBooooooook

About author

Vishnu vardhan Reddy Boda is Tech Blogger and Software Engineer.

know more about vishnu

Recently Digged Indanam (fuel)

Get our posts as email

http://lh6.ggpht.com/_s0ANCL8E8sQ/SY7SyZ6WkXI/AAAAAAAAAhg/-qr1lvldUdA/Newspaper_Feed_128x128newcopy-1.png Sign up for our daily email newsletter

Dont miss any thing Enter your email address:

SMS Alerts: Get news headlines on your mobile phone for free