Home |General forums | Blackmagik | Hypnotism | Tantra | Spiritual Shopping | Follow me on Twitter

 | Kundalini | Yoga | KSP Healing | Healthy recipes | General knowledge | World-Geography | Computer net | Spiritual keywords | Biology info | Health and Medicine | Become a free magazine member |

| Physical Science | Psychology | Add URL | Forums | Register for hypnotism course at Mumbai-Delhi | Business | Earn $$$ |

Hypno photo gallery | Ghosting hunting gallery | Pujan photo gallery | franchise |   Spiritual Store | Free Horoscope | Basic Hypnosis  Advance Hypnosis  Past-life Regression Therapy  Astral travels

Contact to Acharya ji
Aroma Therapy
Astrology
Aura Reading
Candle Therapy
Chelation  Therapy
Hypnotism
Feng Shui
Handwriting Analysis
I Ching
Light Therapy
Massage Therapy
Chinese Food Therapy
Colour Therapy
Diet Therapy
Glandular Therapy
Herbal Therapy
Hydro Therapy
Meditation
Music Therapy
N.L.P
Pranik Therapy
Prayer Therapy
Shiatsu
Sound Therapy
Telepathy
Urine Therapy
Upavasa  (Fasting)
Yoga Therapy
Eastern Gemology
Vastushastra
Magnet Therapy
Disease
Canker Sores
Cold
Dandruff
Depression
Diabetes
Earache
Food Allergies
Hair Loss
Headache
Hearing Problem
Heart Attack

How does anti-virus software work?

Kaspersky Antivirus Personal    NOD32 Anti-Virus    Command Anti-Virus   McAfee Antivirus Virus Scan   Panda Anti-Virus Titanium & Platinum   Trend PC-cillin Anti-Virus   Norton Anti-Virus   AVG Antivirus   How does anti-virus software work?    What is a trojan horse?     Computer virus (worm)    Malware   protect your network against trojans     Spyware and what you should know about it     Protect your confidential data     Backdoor.Agobot    Win32.Sasser.B    VBS.Redlof.B     How to delete Trojan   How to delete Win32.Worm.Welchia.B

From Wikipedia, the free encyclopedia.

     An anti-virus software program is a computer program that can be used to scan files to identify and eliminate computer viruses and other malicious software (malware).

Anti-virus software typically uses two different techniques to accomplish this:

  • Examining files to look for known viruses by means of a virus dictionary

  • Identifying suspicious behavior from any computer program which might indicate infection

Most commercial anti-virus software uses both of these approaches, with an emphasis on the virus dictionary approach.

Virus dictionary approach

In the virus dictionary approach, when the anti-virus software examines a file, it refers to a dictionary of known viruses that have been identified by the author of the anti-virus software. If a piece of code in the file matches any virus identified in the dictionary, then the anti-virus software can then either delete the file, quarantine it so that the file is inaccessible to other programs and its virus is unable to spread, or attempt to repair the file by removing the virus itself from the file.

To be successful in the medium and long term, the virus dictionary approach requires periodic online downloads of updated virus dictionary entries. As new viruses are identified "in the wild", civically minded and technically inclined users can send their infected files to the authors of anti-virus software, who then include information about the new viruses in their dictionaries.

Dictionary-based anti-virus software typically examines files when the computer's operating system creates, opens, and closes them; and when the files are e-mailed. In this way, a known virus can be detected immediately upon receipt. The software can also typically be scheduled to examine all files on the user's hard disk on a regular basis.

Although the dictionary approach is considered effective, virus authors have tried to stay a step ahead of such software by writing "polymorphic viruses", which encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match the virus's signature in the dictionary.

Suspicious behavior approach

The suspicious behavior approach, by contrast, doesn't attempt to identify known viruses, but instead monitors the behavior of all programs. If one program tries to write data to an executable program, for example, this is flagged as suspicious behavior and the user is alerted to this, and asked what to do.

Unlike the dictionary approach, the suspicious behavior approach therefore provides protection against brand-new viruses that do not yet exist in any virus dictionaries. However, it also sounds a large number of false positives, and users probably become desensitized to all the warnings. If the user clicks "Accept" on every such warning, then the anti-virus software is obviously useless to that user. This problem has especially been made worse over the past 7 years, since many more nonmalicious program designs chose to modify other .exes without regards to this false positive issue. Thus, most modern anti virus software uses this technique less and less.

Other ways to detect viruses

Some antivirus-software will try to emulate the beginning of the code of each new executable that is being executed before transferring control to the executable. If the program seems to be using self-modifying code or otherwise appears as a virus (it immeadeatly tries to find other executables), one could assume that the executable has been infected with a virus. However, this method results in a lot of false positives.

Yet another detection method is using a sandbox. A sandbox emulates the operating system and runs the executable in this simulation. After the program has terminated, the sandbox is analysed for changes which might indicate a virus. Because of performance issues this type of detection is normally only performed during on-demand scans.

Issues of concern

Macro viruses, arguably the most destructive and widespread computer viruses, could be prevented far more inexpensively and effectively, and without the need of all users to buy anti-virus software, if Microsoft would fix security flaws in Microsoft Outlook and Microsoft Office related to the execution of downloaded code and to the ability of document macros to spread and wreak havoc.

User education is as important as anti-virus software; simply training users in safe computing practices, such as not downloading and executing unknown programs from the Internet, would slow the spread of viruses, without the need of anti-virus software.

Computer users should not always run with administrator access to their own machine. If they would simply run in user mode then some types of viruses would not be able to spread.

The dictionary approach to detecting viruses is often insufficient due to the continual creation of new viruses, yet the suspicious behavior approach is ineffective due to the false positive problem; hence, the current understanding of anti-virus software will never conquer computer viruses.

There are various methods of encrypting and packing malicious software which will make even well-known viruses undetectable to anti-virus software. Detecting these "camouflaged" viruses requires a powerful unpacking engine, which can decrypt the files before examining them. Unfortunately, many popular anti-virus programs do not have this and thus are often unable to detect encrypted viruses.

Companies that sell anti-virus software seem to have a financial incentive for viruses to be written and to spread, and for the public to panic over the threat.

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "Anti-virus software".

Spiritual Shopping

 

Spiritual shop | Physical Science | Psychology | Add URL | Forums |  Site Map

 Info Article  Devinfoware Dhyansanjivani Mantra vidya

We at Dhyansanjivani are group of spiritualists, with non commercial purpose. Looking out to spread the message of spirituality through our web site. If you have any matter, articles, point of view or message to share with everybody. You can do so with the help of  www.dhyansanjivani.org  See our Rules and regulations

Kindly note;- Dear visitors, it has come to our notice that people are posting   articles to us ,these articles are borrowed/copied without the writer's consent. if you do so kindly write the website address/the author's name/and your email address. failing which your article will not be posted. Others who have written original articles need not worry about the matter, You can also notify us if any kind of articles have been copied from your website. We will look into the matter personally and add your relevant details. Disputes arising from this matter  will be settled in the Mumbai judiciary. Any enquiry contact dhyansanjivani_1965@ yahoo.com