Content
Antiviruses have become necessities in every computer. With increasing threat from viruses and other harmful programs, it is important that everyone knows how an antivirus works and why it is actually important. There are multiple strategies that are being integrated by antiviruses to detect viruses and stop them from spreading. These may differ from one antivirus to another antivirus from another designer.
One of the most common methods employed in detecting viruses is by using a signature based approach where viruses are detected by the patterns they show. The suspected file is scanned for patterns that are scanned in a stored dictionary which is known as signatures. The files are compares with all the known signature pattern. If any fragment of code matches with the code in the files, then it is marked as a virus and deleted or quarantined. In some cases the antivirus tries to repair the file too. Although this method is pretty effective in scanning against known set of antiviruses, it is ineffective against the constantly improving malwares and antiviruses that keep evolving to get around the antiviruses.
Another improved method of detecting viruses employed by antiviruses is the Heuristic based method where softwares are monitored for suspicious behavior. Programs with a certain level of suspicion are deleted or asked for the user for permission. Programs trying to write a data, upload information or alter system files are targeted as viruses and stopped. This has been very effective in antiviruses and makes the number of updates quite less. File emulation is one of the best modes of heuristic based detection is File emulation where a program is run in an virtual environment and let to do all the damage it possibly can. This way an antivirus can stop a virus from spreading to the user’s computer by checking it in a testing environment.