|
|
 |
www.29soft.com |
How does antivirus software work?
- Scanner (conventional scanner, command-line scanner, on-demand scanner)
- a program that looks for known viruses by checking for recognisable patterns
('scan strings', 'search strings', 'signatures' [a term best avoided for its
ambiguity]).
- TSR scanner - a TSR (memory-resident program) that checks for viruses while
other programs are running. It may have some of the characteristics of a monitor
and/or behaviour blocker.
- VxD scanner - a scanner that works under Windows or perhaps under Win 95,
or both), which checks for viruses continuously while you work.
- Heuristic scanners - scanners that inspect executable files for code using
operations that might denote an unknown virus.
- Monitor/Behaviour Blocker - a TSR that monitors programs while they are
running for behaviour which might denote a virus.
- Change Detectors/Checksummers/Integrity Checkers - programs that keep a
database of the characteristics of all executable files on a system and check
for changes which might signify an attack by an unknown virus.
- Cryptographic Checksummers use an encryption algorithm to lessen the risk
of being fooled by a virus which targets that particular checksummer.
