ANTI-VIRUS SOFTWAREWhat is it, how does it work, and why is it important?

Anti-virus software

A computer program that can be used to scan files to identify and eliminate computer viruses and other malicious software.

Anti-virus software typically uses two different techniques to accomplish this:

Examining files to look for known viruses by means of a virus dictionary

Identifying suspicious behavior from any computer program which might indicate infection

Anti-virus software

Most commercial anti-virus software uses both of these approaches, with an emphasis on the virus dictionary approach.

Lets look at the dictionary approach.

Anti-virus software Dictionary Approach

Software examines a file

Compares to a dictionary of known viruses Dictionary/repository of virus info managed by the author of the

software

If a piece of code in the file matches any virus identified in the dictionary, then the anti-virus software can delete the file, quarantine it so that the file is inaccessible to other programs and its

virus is unable to spread, or attempt to repair the file by removing the virus itself from the file.

To be successful the virus dictionary approach requires periodic online downloads of updated virus dictionary entries.

Anti-virus software Dictionary Approach

Dictionary-based anti-virus software typically examines files when the computer's operating system creates, opens, and closes them; and when the files are e-mailed.

In this way, a known virus can be detected immediately upon receipt.

The software can also typically be scheduled to examine all files on the user's hard disk on a regular basis.

Although the dictionary approach is considered effective, virus authors have tried to stay a step ahead of such software by writing "polymorphic viruses", which encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match the virus's signature in the dictionary.

Monitors the behavior of all programs. If one program tries to write data to an executable program, for example,

this is flagged as suspicious behavior and the user is alerted to this, and asked what to do.

Provides protection against brand-new viruses that do not yet exist in any virus dictionaries.

However, it also sounds a large number of false positives, and users probably become desensitized to all the warnings.

If the user clicks "Accept" on every such warning, then the anti-virus software is obviously useless to that user.

This problem has especially been made worse over the past 7 years, since many more nonmalicious program designs chose to modify other .exes without regards to this false positive issue.

Thus, most modern anti virus software uses this technique less and less.

Anti-virus software Suspicious Behavior approach

Anti-virus software

User education is as important as anti-virus software; simply training users in safe computing practices, such as not downloading and executing unknown programs from the Internet, would slow the spread of viruses, without the need of anti-virus software.

What is a virus and how does it work?

A virus is a program or code that attaches itself to a legitimate, executable piece of software, and then reproduces itself when that program is run.

Viruses spread by reproducing and inserting themselves into programs, documents, or email attachments.

Commonly transmitted through emails or downloaded files and they can be present on CDs, DVDs, USB-drives and any other sort of digital media.

A virus normally requires action to successfully infect a victim.

For instance - the malicious programs inside email attachments usually only strike if the recipient opens them. The effect of a virus can be anything from a simple prank that pops up messages to the complete destruction of programs and data.

Nowadays, mobile operators are starting to feel the pinch from viruses resulting from the increasing use of emails and Internet browsing on cell phones.

Attacks on cell phones rose five times in 2006, with clients of 83 percent of mobile operators around the world having been hit, an industry study showed.

What is a virus and how does it work?

What are some good anti-virus programs? Norton Anti-virus McAfee Avast Pro PC Tools Spyware Dr. with Anti-virus Bitdefender Anti-virus Plus Kaspersky Anti-virus Panda Anti-virus Pro F-Secure Anti-virus AVG anti-virus