Every single day, dozens of computer viruses, worms, Trojan horses, and other forms of malicious software are developed and spread throughout the world. Increased Internet use has made this even a bigger threat than before. In the pre-Internet days, viruses only spread through diskettes, which was a slow way of propagating malware. But today, a virus can spread in mere minutes, especially considering how connected we all are through email, IM, social networks, and even the mere act of connecting your computer to the Cloud.
Viruses could cost you a lot of time, money and valuable data if and when your computer gets infected. Because of this, antivirus companies usually provide regular updates, which are automatically downloaded by software installed on users’ computers. Software publishers, like Microsoft and Apple, also regularly release security patches, which protect inherent vulnerabilities in their systems, which can be compromised by computer viruses. But how do these providers know about new threats?
Virus signatures. Like their biological counterparts, computer viruses have certain signatures or characteristics that identify them as malicious software. Antivirus companies usually have known viruses on their databases, and this is what they use for comparing the contents of files and memory when you execute a scan on your computer. Antivirus software also compares documents that you open to any possible matches with the virus signatures they have on the database, which is updated whenever the virus definition file is updated from the Internet.
And much like their biological counterparts, new viruses also have similarities or matches with other existing, and known viruses. This is due to the habit of virus authors to reverse-engineer existing viruses and modify these for their own needs. And this is one way by which antivirus software and their creators can detect the presence of a new or unknown virus.
Heuristics. A biological virus causes sickness and symptoms when it infects a person. Likewise, a computer virus also causes certain symptoms, and it is through these patterns that antivirus software can recognize the presence of a virus. Heuristics basically comprises the patterns and behaviors that a computer virus would have when it tries to infect a computer. For instance, a virus might want to load itself into memory as a resident program, and it might want to modify certain sectors of the hard drive. Or it may want to modify certain parts of a file, to embed itself while still being hidden. These activities are not normally done by regular software, so even if a virus is not yet included in an antivirus software’s signature database, it can be detected as a potential threat.
For practical purposes, as a computer user, you don’t necessarily have to manually do a check on each and every piece of software you use to see if it has a computer virus. Your antivirus software should be able to do this automatically for you. Assuming your computer encounters a new virus, though, and if your antivirus software doesn’t have it on the list yet, you can monitor for a few strange behaviors. For instance, if you open your computer’s task manager (if you’re running Windows, press Ctrl-Alt-Del), you will see a list of processes currently running. Some viruses might mask themselves under different application names.
If you notice something that’s not usually there, it might be a virus. Or if you notice websites or applications popping up at random or at startup without your opening your browser, your computer could have some form of unknown malware in it that you need to remove with updated antivirus software. If there are such symptoms on your computer, and your antivirus software cannot fix it, then it might be a good idea to get in touch with your antivirus software’s customer or technical support, so they can study the problem, and possibly include the new malware or virus in their definitions list.