A computer anti-virus is a computer program that protecting you in
real time not just from viruses, but Trojans, root kits, and all other forms of
malicious software (malware). It detect virus and infected files and try to
remove, repair or quarantine them.Now how computer anti-virus software does works?Normally computer anti-virus software uses two different techniques
to accomplish this: (1) Scanning files to
investigate for known viruses by means of a virus dictionary (Virus dictionary
approach) (2) Identifying suspicious
behavior (Suspicious behavior approachNearly all commercial anti-virus software uses both of these
approaches, with an emphasis on the virus dictionary approach.Virus dictionary approachIn the virus dictionary approach, when the anti-virus software
scans a file, it refers to a dictionary of known viruses that have been
identified by the developer of the anti-virus software.To be successful in the medium and long term, the virus dictionary
approach needs periodical online virus dictionary updating, to identify new
viruses and protect your computer from them.Dictionary-based anti-virus software typically scans files when the
computer's operating system creates, opens, and closes them; and when the files
are e-mailed. In this way, a known virus can be detected immediately upon
receipt. The software can also typically be scheduled to examine all files on
the user's hard disk on a regular basis.Suspicious behavior approachThis approach, doesn't scan files to identify known viruses, but as
an alternative monitors the behavior of all programs. If one program tries to
write data to an executable program, for example, this is flagged as suspicious
behavior and the user is alerted to this, and asked what to do.In contrast to dictionary approach, the suspicious behavior
approach therefore provides protection against brand-new viruses that do not
yet exist in any virus dictionaries.Other ways to detect virusesSome antivirus-software will try to emulate the beginning of the
code of each new executable that is being executed before transferring control
to the executable. If the program seems to be using self-modifying code or
otherwise appears as a virus (it immediately tries to find other executable),
one could assume that the executable has been infected with a virus.
Yet another detection method is using a sandbox. A sandbox emulates
the operating system and runs the executable in this simulation. After the
program has ended, the sandbox is analyzed for changes which might point out a
virus. Because of performance issues this type of detection is normally only
performed during on-demand scans.Deans Techno has a verity of most advance software and also
develops software’s & sites on demand. Deans Techno is also providing other
services in the field of programming efficiently and effectively.
