Protecting your computer: what is the action of an antivirus program based on?

Table of contents:

Protecting your computer: what is the action of an antivirus program based on?
Protecting your computer: what is the action of an antivirus program based on?
Anonim

Users increasingly prefer to install anti-virus out of habit, or even not to install it at all, believing that it is not needed anyway. In this article, we will understand what the action of the anti-virus program is based on and why it is still needed.

What is antivirus software based on?
What is antivirus software based on?

How antivirus programs work

Anti-virus programs work on the principle of detecting and removing malicious code. For this, a complex of necessary technologies is used. As malware evolves, so does antivirus software.

During a computer scan, suspicious files are found and sent to "quarantine". "Quarantine" is an isolated place in the system where they cannot perform any action. Malicious code is removed from isolated files. If this is not possible, the entire file is deleted.

Classification of the action of antiviruses

What the action of an anti-virus program is based on depends directly on the threat that it neutralizes.

There are two types of protection:

  • Reactive protection - is aimed at known threats, which the software learns about from the built-in database. For successful anti-virus protection, all types of anti-virus programs need to be updated regularly so that the database contains the latest information about viruses. During the update, the software connects to the server and receives information. Thus, virus data is what a reactive antivirus program is based on.
  • Proactive defense is protection against new threats about which little or nothing is known. What is the action of the anti-virus program based on, if it, in fact, knows nothing? Proactive defense isn't perfect, but it's better than nothing. It is based on the knowledge of the features that any virus has.
malicious files
malicious files

Classification by analysis method:

  • code analysis - looking at the source code of a suspicious object;
  • behavior analysis - software monitors what a suspicious object is doing;
  • analysis of file changes on the device - if the changes seem suspicious to the software, it notifies the user about it.

Usually anti-virus software includes all kinds of protection and analysis, on which the anti-virus program is based.

Types of antiviruses

The differences between antiviruses are determined by the components (or modules) that are included in the software.

Modules are divided into the following groups:

  • detector - responsible for finding viruses;
  • doctor - treats viruses by removing the original virus code from infected files;
  • auditor - rememberscomputer states and compares them: checks the size and checksums of files; an increase in size may indicate the addition of virus code to the file;
  • filter - passes through all the actions of the program, in case of suspicious ones it asks the user whether to allow them or prohibit them.
antivirus protection types of antivirus programs
antivirus protection types of antivirus programs

While the first antiviruses consisted of a single module, modern software contains several components of different groups at once.

So should I install an antivirus?

Antivirus is an automatic system. If you are able to perform all the above actions manually yourself, you can not bet. In all other cases, it makes no sense to hope that you do not download anything from the Internet and do not catch a virus. Protect yourself early.

Popular topic

Editor's choice

  • What is a proxy server and what is it for?
    What is a proxy server and what is it for?

    The word "proxy" has ever been heard by any of us, but not everyone knows what a proxy server is and what its purpose is

  • Google Chrome not working. What to do?
    Google Chrome not working. What to do?

    So why doesn't Chrome launch when we click on its desktop icon? Google Chrome not working for several reasons

  • Recovery console. Main benefits of using
    Recovery console. Main benefits of using

    Computers are quite technically complex devices. In this regard, many users from time to time encounter failures in the operation of the operating system and other programs. In most cases, you can fix problems in a matter of minutes, especially if the computer technician has the necessary skills. If a critical failure occurs, it is recommended to use the recovery console

  • What is the cluster size?
    What is the cluster size?

    The space of any storage medium (hard drive or flash drive) is not a whole piece, but a system of memory cells called clusters

  • What is defragmentation and why is it needed?
    What is defragmentation and why is it needed?

    Modern users are often spoiled by powerful computers and inexpensive components to such an extent that they do not even know the basic concepts. That is why they often find themselves in a situation where the car begins to shamelessly “slow down” and respond with extreme reluctance to any commands. As a rule, “evil viruses” that have entered the computer are blamed for everything, but sometimes the reality turns out to be much more prosaic

Best reviews

Trends