Author: Umakant Mishra
Abstract:
Some computer viruses damage the host file during infection
either partially or fully. These types of viruses are known as “file modifying
viruses”. In these cases, the chance of recovery is less, but the anti-virus
has to apply various methods with hope. The virus cleaner must know the
characteristics of a virus in order to remove that virus. It cannot remove an
unknown virus whose methods of infection are not known. If a virus is wrongly
detected to be a different virus, then the cleaner will do wrong operations and
build a garbage file.
Most viruses are capable of fixing up the first few bytes
and repair the original program because they have to return the control back to
the infected program. This fact is used by a heuristic cleaner to clean the
infected file. As the virus knows how the file is damaged a heuristic cleaner
effectively use the algorithm in virus to repair the infected file.
Keywords: Software Innovation, computer virus,
anti-virus, anti-virus software, virus removal, file repairing, computer
vulnerability, computer security, anti-virus design, inoculation, virus
scanning, virus detection, integrity checking, heuristic scanning,
Mishra,
Umakant, Methods of Repairing Virus Infected Files: A TRIZ Based Analysis (May
15, 2013). Available at SSRN: http://ssrn.com/abstract=2265576 or http://dx.doi.org/10.2139/ssrn.2265576
