Home >Common Problem >What is the function of the anti-virus software currently used?

What is the function of the anti-virus software currently used?

王林
王林Original
2021-01-12 15:09:5730405browse

The function of the anti-virus software currently used is to check whether the computer is infected with viruses and remove some infected viruses. Antivirus software is a type of software used to eliminate computer threats such as computer viruses, Trojan horses, and malware.

What is the function of the anti-virus software currently used?

#The operating environment of this article: windows10 system, thinkpad t480 computer.

The function of anti-virus software is to check whether the computer is infected with viruses and remove some infected viruses.

Introduction to anti-virus software

Anti-virus software, also known as anti-virus software or anti-virus software, is a software used to eliminate computer threats such as computer viruses, Trojan horses and malware. class software.

Anti-virus software usually integrates functions such as monitoring and identification, virus scanning and removal, automatic upgrades, and active defense. Some anti-virus software also has functions such as data recovery, hacker intrusion prevention, and network traffic control. It is a computer defense system. (Including anti-virus software, firewalls, Trojan and malware detection programs, intrusion prevention systems, etc.)

Anti-virus software is a program tool that can remove viruses, Trojans and other program codes that are known to be harmful to computers. "Anti-virus software" was named by the older generation of domestic anti-virus software manufacturers. Later, due to integration with the world's anti-virus industry, it was collectively referred to as "anti-virus software", "security protection software" or "security software". A type of software used to eliminate computer viruses, Trojan horses and malware, such as "Internet Security Suite" and "Full-featured Security Suite" that integrate firewalls, all fall into the category of anti-virus software.

Software Principle

The task of anti-virus software is to monitor and scan the disk in real time. Some anti-virus software enters the system by adding drivers to the system and starts with the operating system. Most antivirus software also has firewall functionality. Antivirus software's real-time monitoring methods vary from software to software. Some anti-virus software divides a part of the memory and compares the data flowing through the memory with the signatures of the virus database (including virus definitions) carried by the anti-virus software itself to determine whether it is a virus. Other anti-virus software virtually executes programs submitted by the system or users in the divided memory space, and makes judgments based on their behaviors or results.

The method of scanning the disk is the same as the first working method of real-time monitoring mentioned above, except here, the anti-virus software will scan all files on the disk (or user-defined scan files within the scope) do a check.

For real-time monitoring of anti-virus software, its working method varies depending on the software:

  • Some anti-virus software divides a part of the space in the memory, and the computer flows through the memory. The data is compared with the signatures of the virus database (including virus definitions) carried by the anti-virus software itself to determine whether it is a virus.

  • Some anti-virus software virtually executes programs submitted by the system or users in the allocated memory space, and makes judgments based on their behaviors or results.

The method of scanning the disk is the same as the first method of real-time monitoring mentioned above, except that when scanning the disk, the anti-virus software will scan all the files on the disk ( Or files within the user-defined scan range) do a check.

Software technology

  • Shelling technology

    Shelling technology is a very common technology that can compress files , technology for analyzing packed files, embellished files, and encapsulated files.

  • Self-protection technology

    Self-protection technology is basically included in every anti-virus software, which can prevent viruses from ending the anti-virus software process or tampering with anti-virus software files. There are two types of process self-protection: single-process self-protection and multi-process self-protection.

  • Repair technology

    Technology for repairing files damaged by viruses. If the virus destroys system files, anti-virus software can repair or download the corresponding files for repair. Antivirus software without this technology often crashes the computer after deleting infected system files and cannot be started.

  • Real-time upgrade technology

    was first proposed by Kingsoft Antivirus. Every time you connect to the Internet, the anti-virus software automatically connects to the upgrade server to query the upgrade information, and upgrades if necessary. However, there are more advanced cloud scanning and killing technologies, which can access the cloud data center in real time for judgment. Users can defend themselves against the latest viruses without frequently upgrading the virus database. Users should not be swayed by manufacturers' claims that virus databases are updated in real time every day.

  • Active defense technology

    Active defense technology uses a dynamic simulation anti-virus expert system to automatically monitor various program actions and automatically analyze the logical relationship between program actions. , comprehensively apply the knowledge of virus identification rules to automatically determine viruses and achieve the purpose of active defense.

  • Inspiration Technology

    The conventional anti-virus method is that after a new virus appears, the anti-virus experts of the anti-virus software company extract the virus characteristics from the virus samples and distribute them to each user's computer through regular upgrades to achieve the killing effect. However, this The method is time-consuming and laborious. So there is heuristic technology. Based on the original feature value identification technology, based on the experience of analyzing suspicious program samples summarized by anti-virus sample analysis experts (transplanted into anti-virus programs), when the feature value comparison is not met, based on the decompiled The win32API function called by the program code (feature combination, frequency of occurrence, etc.) determines whether the specific purpose of the program is a virus or malware. If the judgment conditions are met, an alarm will be issued to prompt the user to find suspicious programs, thereby achieving the purpose of defending against unknown viruses and malware. It solves the shortcomings of single comparison of eigenvalues.

  • Intelligent Technology

    Adopts artificial intelligence algorithms and has the ability of "self-learning and self-evolution". It can be immune to most mutant viruses without frequently upgrading the signature library. The scanning and killing effect is excellent, and to a certain extent, it solves the technical problem of "cannot kill new viruses without upgrading the virus database".

(Learning video sharing: Programming video)

The above is the detailed content of What is the function of the anti-virus software currently used?. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn