1. Field of the Invention
The present invention relates generally to computer security, and more particularly but not exclusively to methods and apparatus for combating malicious codes.
2. Description of the Background Art
Computer viruses, worms, Trojans, rootkits, and spyware are examples of malicious codes that have plagued computer systems throughout the world. Malicious codes, which are also collectively referred to simply as “viruses” or “malware,” may be detected using antivirus techniques implemented in software, hardware, or a combination of hardware and software. An antivirus may employ a scan engine and malicious code patterns, which are also referred to as “virus patterns.” To scan data for viruses, the scan engine compares the content of the data to the virus patterns using a pattern matching algorithm. The data is deemed infected if a match is found. In that case, various cleaning steps may be performed to prevent the virus from proliferating including quarantine, disinfection, removal, alerting the user or administrator, and so on. Virus patterns have to be continually updated to keep up with the ever increasing number and sophistication of malicious codes.