How does antivirus software work?

Digg This!     StumbleUpon     Del.icio.us

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

Virus software has a few methods to detect malicious code (virus, Trojan, stealth, ghost). The first thing to understand is most networks use either TCP/IP RFC 793 or IPX. Both are built with layers (OSI Model) to provide communication across cables, airwaves, etc. These layers break down how the communication will take part between computers. Examples are games versus database access.

Virus signatures are patterns that are matched by the antivirus software within these communication layers. Most viruses do have patterns, but some don't. That is when the intelligent engine in the antivirus software takes over. The OSI model has rules applied through RFC793 (www.rfc.net), and when these rules are broken the antivirus program can sense or detect and report.

Most antivirus software will offer to delete or contain (quarantine) the malicious code. Remember, the antivirus program runs in the random access memory (RAM or memory) of a computer. All communication from that computer through TCP/IP or IPX is programmed to be monitored by the antivirus software, thus when malicious code is detected it is stopped before it can damage the computer.

See www.symantec.com or www.mcafee.com for specific product features.