Computer problems,Computer help
*AX SOFT>>>Security

How does an antivirus software find out whether a file is a virus or not?

I opened a USB drive today and my AVG popped up - THREAT DETECTED.
i wonder what is the logic behind the functioning of an antivirus software? how can it scan a pc so quickly and find so many different types of virii?

But how can the system compare every file to such a huge database of virii.
because obviously it has to check every file for every type of virus infection.
i am just too curious....

Every virus has a virus signature, much like a finger print. A signature is a unique string of bits, or the binary pattern and virus scan software use this signature to detect and identify specific viruses. it scan through the files and keep comparing it to the signature files (usually dat file) it has. Once a virus signature has been detected, it will flag it as virus. Some viruses share the same signature.

http://antivirus.about.com/od/whatisavir...

A virus is a program that copies itself to the memory and tries to copy itself to other application that are open.
Viruses can come from
1)Email attachments
2)Floppies(if used previously in a infected computer)
3)Pen drives (if used previously in a infected computer)
4)etc.
Viruses basically destroy the system files in the computer so that you have to buy a new one.
As long as you update AVG regularly then you can be 50% safe. The anti-virus software compares a suspicious file to a large database the database is updated regularly when you run the update in the software.

scanned it

Good question - but it's instant technology at work.

It compares the coding of various files to ones that it has in memory (in the "library"). This is why you need to update your antivirus software so often--it needs to download the identities of new viruses.

Antivirus software typically uses two different techniques to accomplish this:

* Examining (scanning) files to look for known viruses matching definitions in a virus dictionary
* Identifying suspicious behavior from any computer program which might indicate infection. Such analysis may include data captures, port monitoring and other methods.

Most commercial antivirus software uses both of these approaches, with an emphasis on the virus dictionary approach. source http://en.wikipedia.org/wiki/Antivirus
Regards,
G.
http://www.howtoguidehome.com

virus has extensions and values that an anti-virus database has stored in it..

edit: it checks for virus in the system files first den goes to the rootkit den registry and so on.. the more files u have the more time it takes..

thyis is a good question .but there is a simple process behind it.

the antivirus softwares only check the extention i.e it only checks any change in the exten. which is suspecious..

and this process is very fast so the antivirus can manage it.
also we update the program for newer virus definitions only.
after the scanning it simply asks the user to delete the suspected file or repair if possible..

there r various extension of viruses through which the anti virus get to know that it is virus.

Tags
  General - Computers & Internet   Software   Security   Programming & Design   Facebook   Flickr   Google
Related information
  • How can I regain a hacked thing?

    Hello, It would have been much better that you should have mentioned that how you are connected to Internet and whether there is a firewall or not. 1) First make sure, are you using Orkut fro...

  • Why Do I get redirected to "http://clickserve.cc-dt.com/....

    1. Download and run firefox to protect your from future spyware attacks and pop ups which are coming in through internet explorer (Trojan downloaders, win32 ) .Then update your windows through fire...

  • How to make any folder on my computer open only on password? mine is windows xp?

    create a new folder. right click on that folder. click properties. here choose (sharing) then select (make this folder private). then enter password and its done. thank you

    ...
  • Are there any good proxies that schools can't block?

    Hello, You should join a proxy mailing list like the one below to keep getting fresh proxies daily. Join the yahoo group that delivers fresh proxies for your needs, just follow the next link: ...

  • When you read webmail, does it write what you read to the hard drive?

    There's a trace somewhere, either at the original writer's puter, server site for the "accounts" and, at the receipt's computer. It's always wise and, prudent to sort...

  • My mom wants to know what will if she adds her bank account to my paypal?

    Don't... Paypal has some rather Draconian policies, and is hacked on a rather frequent basis. If she's offering to do that, have her use her CC instead. That way, if someone hacks t...

  • If someone has my IP address can they see what I'm looking at on my PC?

    They can see only what you are looking on your PC if your PC is infected with trojan hourse. I guess that you are not infected (if you have good AV then you do not need to care about it) and with ...

  • Do I Need Spyware Protection As I Have Avast?

    Avast is one of 4 things you need on your computer. Avast is anti-virus. Spyware are small files put on your computer from web sites that you visit that monitors your activity and what other ...

    •  

    Categories--Copyright/IP Policy--Contact Webmaster