Antivirus Software

A good antivirus program is essential to any computer. Without one a computer is susceptible to thousands of malicious viruses just waiting to wreak havoc on a computer.

To understand the importance of an antivirus program you must first understand how they work, and what they do. Obviously their main objective is to identify, detect and remove viruses from a computer, but how do they do it?

There are multiple methods, each with its own advantages and disadvantages.

There are two general systems used by antivirus programs: some identify viruses by examining behavior of running programs on a computer, and others identify viruses by scanning files and looking for files that match known viruses.

Commonly both systems are used to create the strongest form of defense. Most antivirus programs use what is called a dictionary to keep track of common viruses.

This dictionary usually updates automatically to keep an accurate record. When files or file signatures match up with part of the dictionary the suspected file is usually either quarantined or deleted. The other most common detection system, monitoring files for suspicious behavior, is commonly used together with a dictionary detection system. Monitoring for suspicious behavior is more reliable because it doesn’t depend on an updated dictionary of viruses, rather it keeps track of changes to executable (EXE) files.

This system is much more prone to false positives, detecting a virus when one is not present, and as a result it is being used less and less.

The effectiveness of an antivirus program is always questioned because it is impossible to guarantee detection, most programs will use as many detection methods to clean the computer as best as possible.

One of the reasons it is so difficult to accurately detect all viruses is the multitude of virus forms. Every virus spreads, multiplies, and infects computers in its own unique manner. Because there are so many variables in a virus, it is impossible for an antivirus program to detect all new viruses without updates.

Updating the program makes it possible to detect and remove the newest, and most dangerous viruses much easier.

TrojanHorseVirus.net