Antivirus idea

I had an idea when recently removing a (fortunately inactive) virus from my PC.

All viruses have to be started in order to do their villainous work. They do this by:

  1. Getting the user to directly run them
  2. Getting the operating environment to run them
    1. Getting a program to run them (EG. Word macro viruses)
    2. Getting the operating system to run them

For option (2)(2), you know that they usually hide in the various “run at startup” locations hidden throughout Windows.

The hard part is that they usually start concurrently with the various antiviruses, so it’s a case of run the race.

I propose that, when a system is being shut down the antivirus takes a second or however long (probably not that long) to check the startup items. If a virus has been quietly inserted into them, to be activated on next start, it can be detected while unable to “fight back” and suppressed.

This has probably already been done, but I wanted to put it out there in the off chance it hasn’t been.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s