Antivirus software refers to computer programs or tools that are used for identifying, blocking, and removing malicious applications such as computer viruses and malwares from the system. They have become essential tools for any computer user in today’s world of constant threat from virus attacks, spywares, system hijackers, etc.
An antivirus application performs two basic functions. The first is to scan all files, according to user preference, and identify the virus based on matching definitions in its database. This is known as virus dictionary or database approach of identifying viruses. Secondly, if run in real time, it tries to identify and suspicious activities occurring in the system, which may be triggered by other computer programs in the operating system. This is known as suspicious behavior approach. These two functions are the basis on which most antivirus software programs are built.
The Database Approach:
When the antivirus identifies a virus that matches any code or definition in its database, it will alert the user, and the user has the option of repairing, quarantining, deleting or analyzing the infected file. If the virus cannot be removed from the infected file, it is usually set to quarantine. However, users also have the option of immediately deleting the file thereby eliminating any further threats, or before the virus can execute itself. The infected file can also be sent to the software company for analysis and inclusion in the database, or if the antivirus has the feature, the user can analyze the infected file by self.
Since new viruses are created everyday, the virus database of the antivirus has to be updated continually. Almost all database updates are free and they can be scheduled or done manually.
Suspicious Behavior Approach:
There is no attempt to identify known viruses here like in the dictionary approach. Every activity and behavior in the system is monitored here by the antivirus. Therefore, this approach may protect from new viruses which has not yet been identified out of suspicion. However, this approach has mostly been abandoned by many antivirus companies because of its tendency to sound too many false positives. And today, there are so many non-malicious programs which can modify other executable files in disregard to the false positive issue. So this technique has become almost obsolete.
Popular Antivirus Software:
Norton Antivirus: One of the most well-known antivirus software, Norton automatically detects and removes viruses, rids computer of unwanted spyware, and scans email and IM attachments for threats.
McAfee VirusScan: The antivirus detects, blocks, and removes viruses and spyware, and protects irreplaceable documents such as digital photos, family movies, and financial spreadsheets, identity theft and slower PC performance.
PC-cillin Internet Security: From Trend Micro, it is an award-winning antivirus security and a personal firewall. Protects against viruses, worms, Trojans, and hackers, detects and removes spyware and blocks spam. Also protects your wireless network with Wi-Fi Intrusion Detection.
Panda Titanium: It uses TruPrevent Technologies, offering a double layer of protection against unknown viruses and intruders. It also protects system from hackers, phishing and other online fraud.
About the Author:
Antivirus HQ: your online resource to help protect your PC from viruses and spyware.
Article Tags: antivirus, database, viruses
Read more articles by: George Royal
Article Source: www.iSnare.com
Permanent Link: http://www.isnare.com/?aid=32844&ca=Computers+and+Technology
Article published on February 05, 2006 at iSnare.com