How an antivirus works-behind the scenes
All of us know about antivirus but many few know how an antivirus works.Here I am explaining it in detail So that everyone have a knowledge
about it.Below are the methods by which antivirus software detect and eliminate viruses.
1.Dictionary detection- Every antivirus has a database or dictionary of virus signatures.When we scan our computer it match every file with it’s database.When any file match with any virus signature antivirus tells us that it has found a virus and remove it according the programming it has.That’s why we should keep antivirus software up to date.If our antivirus has no database it can’t detect any virus by this method.
2. Heuristic-based detection:- In this method computer runs a program in virtual environment if antivirus has a doubt on any program.If in virtual environment it infects anything antivirus tells us that this is a virus.This method is very powerful in detecting new or a variant or an altered version of malware, even in the absence of the latest virus definitions.
3.Behavioral-based detection:-This method concentrates in detecting the characteristics of the virus during execution. This method detects virus only while the malware performs malware actions.If we do not execute a program virus remains hidden in that program.
4.Cloud based detection:- Most of antivirus programs keep virus signature on our computer so that it can scan even if we are offline.But this makes antivirus program very heavy.On the other hand some light weight antivirus programs keep virus signature on their server and when we start scan they match every file with virus signatures on their servers.Microsoft security essential is one such antivirus.
5.Boot time detection:- When our operating system is using a file any other program can’t use that file.So if a virus is hidden in files that our system uses after starting windows that can’t be caught by antivirus.But solution is boot time scan.It scan files even before starting windows.If a virus is present in boot sector it can be found only by boot time scan.
Must to do about antivirus
1.Never run two antivirus at a time on your system.They will heat up your machine and can cause hardware problems.
2.Always keep your antivirus updated So that it can find newest viruses and remove them accordingly.Without update there is no benefit to having an antivirus.
3.Never run web-based antivirus.Mostly they are Trojan horses or malware.Download an antivirus program from a legitimate website on the web, but never use any antivirus software that runs from a web page.