Non-Resident Virus

A non-resident virus is a classic file-infector that performs its work synchronously and quickly: when its host program runs, it locates target files (often executables in the current directory or PATH), appends or prepends its code, then returns control to the host and exits memory. Because it does not stay resident, it cannot hook system calls or monitor activity in real time, but it is also simpler and harder to detect by tools that focus on running processes. Defences include behaviour-based anti-malware that watches new file modifications and process creation, code signing and integrity checks for executables, and least-privilege execution that prevents unprivileged programs from modifying system binaries.