Several approaches are followed by a series of anti-virus software downloads to recognize and destroy viruses, personal computers. The two most popular approaches to the dictionary database, or scan and scan the suspicious behavior. The first approach is adapted to the new files to the virus affects the installed files. And the approach that the program file is to follow the model, which usually turns out to be a virus. I will discuss both in this article, and then go on to describe some of the less obvious methods.
Database database or dictionary scan involves scanning an antivirus program to compare files with viruses already known to find a tag team match. Antivirus software has a database of known viruses, which are updated regularly to keep the virus changes. All infected files are then quarantined because the software tries to restore the infected file, or they are completely removed. To follow the work of identifying new viruses spread download antivirus software updated at a daily or at least a week. It is imperative that the antivirus software is updated regularly to keep up with new viruses and malware that can attack the system. The database of known viruses is growing fast communication between software and automatically installed locally and a network of databases, global information exchange. Antivirus software operating system and security files, when opened, closed or by mail.
Each tool is controlled by opening and each file is scanned before being loaded or loaded into the system. However, this method is only suitable for known viruses, but can not deal with polymorphic viruses that are able to hide code in a way puzzling. Not detected and the virus is not found in an analysis. Yet another method used by antivirus software can be a good position to detect it. This is described below.
Suspicious behavior scanning the name suggests, this also applies to all anti-virus software files for viruses. Unlike the previous method, which corresponded to the virus as the database, this process involves the files marked with the code or behavior has changed in some way. If it finds any irregularities in the file, immediately gives a warning to the user. This approach can detect new viruses, or possible future virus attacks. But the program should be desensitized false alerts when someone starts clicking on any post false positive.
Detection of this approach is a sandbox sandbox emulates the operating system and the use of executable files inside it. The files are examined and analyzed the possible infections. This is why anti-virus can occur in a controlled environment, where the infected operating system. This principle is used in the demand for scans.
Database database or dictionary scan involves scanning an antivirus program to compare files with viruses already known to find a tag team match. Antivirus software has a database of known viruses, which are updated regularly to keep the virus changes. All infected files are then quarantined because the software tries to restore the infected file, or they are completely removed. To follow the work of identifying new viruses spread download antivirus software updated at a daily or at least a week. It is imperative that the antivirus software is updated regularly to keep up with new viruses and malware that can attack the system. The database of known viruses is growing fast communication between software and automatically installed locally and a network of databases, global information exchange. Antivirus software operating system and security files, when opened, closed or by mail.
Each tool is controlled by opening and each file is scanned before being loaded or loaded into the system. However, this method is only suitable for known viruses, but can not deal with polymorphic viruses that are able to hide code in a way puzzling. Not detected and the virus is not found in an analysis. Yet another method used by antivirus software can be a good position to detect it. This is described below.
Suspicious behavior scanning the name suggests, this also applies to all anti-virus software files for viruses. Unlike the previous method, which corresponded to the virus as the database, this process involves the files marked with the code or behavior has changed in some way. If it finds any irregularities in the file, immediately gives a warning to the user. This approach can detect new viruses, or possible future virus attacks. But the program should be desensitized false alerts when someone starts clicking on any post false positive.
Detection of this approach is a sandbox sandbox emulates the operating system and the use of executable files inside it. The files are examined and analyzed the possible infections. This is why anti-virus can occur in a controlled environment, where the infected operating system. This principle is used in the demand for scans.
