Some Antivirus Software

Some antivirus software is more sophisticated uses heuristic analysis to identify new malware or variants of known malware. Many viruses began as a single infection and through either mutation or repair by another attacker, can grow to dozens of slightly different variants are known. Generic detection refers to detection and removal of multiple threats using a single virus definitions.

For example, Vundo trojan has several family members, depending on the classification of antivirus vendors. Symantec classifies Vundo family members into two distinct members, Trojan.Vundo and Trojans. Vundo.B. While it may be advantageous to identify a particular virus, it would be quicker to detect a family of viruses through a generic signature or via exact match to an existing signature. Virus researchers find common areas of all existing viruses in the family is unique and thus can create a single generic signatures. These signatures often contain non-contiguous code, to use his wildcard characters where the differences lie. Wildcard allows the scanner to detect the virus even if they are solidified with the addition, the code means. [15] is used to confuse the padded code scanner so that it can not recognize the threat. A detection method is said to be "heuristic detection."