1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

virus/non virus

Discussion in 'Virus & Other Malware Removal' started by andyoaks, Jan 20, 2002.

Thread Status:
Not open for further replies.
  1. andyoaks

    andyoaks Thread Starter

    Joined:
    Nov 17, 2001
    Messages:
    153
    Can someone explain why some files are considered to be viruses and others not. I downloaded a small programme (56k) with the extention .exe. It is an online timer. What is to stop that programme from infecting files and causing disruption and how does anti virus software know that it is a malicious programme. Is it just that a list of known viruses is used to match it, so meaning that someone first has to be infected and then they inform the anti virus programme makers??

    thanks andy
     
  2. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    That's a good question Andy, unfortunately I couldn't in a quick search come up with a site which gives a detailed explanation of how antivirus programs work, but someone here probably will, so I'll wing it in the mean time and give you a link on how viruses work.

    Basically antivirus programs use two types of methods for detection. One involves a "signature" file which contains identified strings of data that are unique to each virus and allow for identification that way. The second is to include what they call "heuristic" detection analysis. This basically involves looking at the type of behavior exhibited by a specific program and matching it with the type of behavior associated with particular viruses, worms or trojans.

    They get this information primarily from submissions of clients who send suspected files to them for analysis. All major antivirus vendors have posted instructions for doing this.

    Here is the link on how viruses work:

    http://www.zdnet.com/devhead/stories/articles/0,4413,382431,00.html

    Here's a link on how antivirus programs work which I just found by plugging "heuristic detection" into google. They cover four methods, I haven't had time to read it yet though:

    http://cse.stanford.edu/classes/cs201/projects-00-01/viruses/anti-virus.html
     
  3. andyoaks

    andyoaks Thread Starter

    Joined:
    Nov 17, 2001
    Messages:
    153
    Thanks for the links Rog. The second informs us that it is only known viruses that are detected.
    'Currently, when a new virus is discovered (unfortunately only through execution,) samples are sent to virus analysis centers. These centers analyze the virus, and extract a unique string from the virus that will identify it. This and other information about the virus is added into a database that users can then download'
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/65590

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice