ProtectionfromVirusandMaliciousCodes.pdfVIP

InfoSec – FAQs Protection from Virus and Malicious Codes 1. What is EICAR? EICAR refers to the European Institute for Computer Anti-Virus Research. The Institute provides an independent and impartial platform for IT security experts in the field of science, research, development, implementation and management. The aim is to develop best practice scenarios and guidelines with the efforts of a bundled Know-how-pool. EICAR can be found at . 2. What is the WildList? The WildList is a list of the most common computer viruses found spreading around the world at the present time. The list is available on the website of WildList Organization International. Joe Wells and Sarah Gordon founded the organisation in 1996. They work closely with anti-virus professionals and volunteers around the world to update the list regularly, aiming to provide accurate, timely and comprehensive information about current computer viruses. The organisation makes the WildList available to the public free of charge. 3. Are there any CMOS viruses? Although a computer virus can write to (and corrupt) a PCs CMOS memory, it can NOT “hide” there, because CMOS memory is not “addressable”. A malicious virus could alter the values in CMOS as part of its payload, causing the system to fail on reboot, but it cannot spread or hide itself in the CMOS. A virus could use CMOS memory to store part of its code, but executable code stored there must first be moved to the computer’s main memory in order to run. There is no known virus that stores code in CMOS memory. There were reports of a “trojanised” AMI BIOS. This was not a computer virus, but a “joke” program that did not replicate. The malicious program was not on the disk, nor in CMOS, but was directly coded into the BIOS ROM chip on the system board. If the date is 13th of November, the virus stops the boot process and plays Happy Birthday through the PC speaker. 4. Are there any BIOS viruses? Theore