Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


virus definition

  • Please log in to reply
3 replies to this topic

#1 Murrar


  • Members
  • 193 posts
  • Local time:03:40 AM

Posted 28 April 2011 - 04:25 AM

I have Avast anti-virus software installed on my Windows 7 computer. Many times when I turn on my computer in the morning a screen comes up stating that my "virus definitions have been automatically updated". Can anyone tell me what a "virus defintion" is? Thank you. Murrar

BC AdBot (Login to Remove)


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,716 posts
  • Gender:Male
  • Local time:09:40 AM

Posted 28 April 2011 - 05:34 AM

One of the major techniques used by AV programs to detect malware, is to search inside the files they are scanning for specific sequences of bytes.
Such a sequence is often called a "definition" in the AV industry. Another common name is "signature".

AV companies update their set of "definitions" on a daily basis.

Edited by Didier Stevens, 28 April 2011 - 05:43 AM.

Didier Stevens

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019


If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.


Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"

#3 cryptodan


    Bleepin Madman

  • Members
  • 21,868 posts
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:40 AM

Posted 28 April 2011 - 05:47 AM

If you have ever been vaccinated for any diseases like Measels, Mumps, and what not then that installs in your immune system key genetic signatures that allow your body to fight off infection. A Virus Definition file is just that for computer. It contains signatures of known threats, so in the event a virus comes in your computer can fight it.

#4 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,744 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:40 AM

Posted 28 April 2011 - 07:05 AM

Antivirus programs compare their database of virus signatures with the files on a computer's hard drive and removable media during a scan. Most allow options for Full, Quick or Custom scans. Anti-virus programs can use a scanning engine with Behavioral Analysis, Heuristic analysis or a combination of both. Heuristic scanning methods vary depending on the vendor. Some claim to allow emulation of the file's activities in a virtual sandbox. Others scan the file more intensively, searching line by line inspecting the code in a file to see if it contains virus-like characteristics. If the number of these characteristics/instructions exceeds a pre-defined threshold, the file is flagged as a possible virus.

Each security vendor uses their own naming conventions to identify various types of malware in their defintion databases. See Understanding virus names.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users