Oil pulling

History : In ancient times, the practice of oil (Thaila in Sanskrit) pulling was (Aabarah in Sanskrit) a popular Indian Ayurvedic treatment...

Anti spam software



Antivirus software refers to computer programs or tools that are used for identifying, blocking, and removing malicious applications such as computer viruses and malwares from the system. They have become essential tools for any computer user in today's world of constant threat from virus attacks, spywares, system hijackers, etc. 

An antivirus application performs two basic functions. The first is to scan all files, according to user preference, and identify the virus based on matching definitions in its database. This is known as virus dictionary or database approach of identifying viruses. Secondly, if run in real time, it tries to identify and suspicious activities occurring in the system, which may be triggered by other computer programs in the operating system. This is known as suspicious behavior approach. These two functions are the basis on which most antivirus software programs are built. 

The Database Approach: 

When the antivirus identifies a virus that matches any code or definition in its database, it will alert the user, and the user has the option of repairing, quarantining, deleting or analyzing the infected file. If the virus cannot be removed from the infected file, it is usually set to quarantine. However, users also have the option of immediately deleting the file thereby eliminating any further threats, or before the virus can execute itself. The infected file can also be sent to the software company for analysis and inclusion in the database, or if the antivirus has the feature, the user can analyze the infected file by self. 

Since new viruses are created everyday, the virus database of the antivirus has to be updated continually. Almost all database updates are free and they can be scheduled or done manually. 

Suspicious Behavior Approach: 

here is no attempt to identify known viruses here like in the dictionary approach. Every activity and behavior in the system is monitored here by the antivirus. Therefore, this approach may protect from new viruses which has not yet been identified out of suspicion. However, this approach has mostly been abandoned by many antivirus companies because of its tendency to sound too many false positives. And today, there are so many non-malicious programs which can modify other executable files in disregard to the false positive issue. So this technique has become almost obsolete.

No comments:

Post a Comment