[sai]

...will detect viruses ??

[blesshisname2005]

Anti virus catch a virus that's on your computer or trying to enter your computer. Be careful which ones you download they can cause trouble try to use the one you have your on line program through.

[Sunny]

I'll tell you in some brief.....Antivirus is not any necessity, it's like, the way you go.....your shadow goes......doesn't matter it sometime heads towards a different direction......So, antivirus is not any big thing like anyone is saying here, the whole lot of publicity is only due to the big companies like norton or mcafee etc......Infact anyone can create antivirus.Antivirus itself is a program. Don't get diverted by it's biological name. And to execute a program we generally need an operating system, so, when you first switch onn your PC.......Operating system like Windows XP ...etc boots up.now, under this XP Graphical enviornment most antiviruses are available like Norton, QuickHeal ...etc. This makes sure that no one except an operating system starts while booting. So, I believe Nick(above) is wrong here, saying antivirus checks something while boot time!Indeed, an antivirus runs under an operating system always....because it's also a program, an executable, an instruction set...... like any other program.But remember, an antivirus is the one that starts off with the higest priority and also before anyother system service or utility is started by the operating system. If I tell you the registry operation....... there is a private key under system registry [in WinXP] named as "000000", and is kept on top due to it's alphabetical order; only for any antivirus, thus, is executed first.The old style antivirus simply calculates the signature of any file by suilable algorithms like md5, sha1 etc, also called as checksums.....and matches it with it's virus database file..... that contains all the suspected signatures of viruses and trojans or any kinda malware program or data file. If the signature matches..... the file is declared as a virus.What is a signature?A signature is like some 20 character or 30 character length combination of alphanumeric symbols. In CRC2 checksums it's I think 16 characters. md5 and sha1 etc vary from 20 to 64.How is a signature generated?Most Antiviruses have there own signature generator, elsewise such checksum generator programs are available free on internet. The basic concept is to assign a unique ID to a particular file, like a determinant is a unique number/identifier of only one matrix element set.What modern Antivirus programs do?Modern antivirus programs have extended the scope of detecting any virus. like Intrusion prevention programs keep record of the running processes in memory, of each and every activity of them. If it's found malicious, it is declared as a threat to Operating system and the next suitable action is performed.How Behavior/activity is checked and compared to viruses?A behavioral attempt to detect viruses is very complex...... sice it rarely ever requires any update.ok, how you will tell that your pet is not well?simply...... you'll notice it's activities, it's body temperature and it's regular diet etc.and if these used-to-remain-constant variables have changed significantly then you'll take it to the doctor......Same approach is followed here...All virus-infection symptoms are noticed and then with the help of REVERSE ENGINEERING (not by the signature, but by the activity), the virus is detected. Say, a Win.Sality virus creates multiple copies of itself....... this activity might be the unique one for Win.Sality......and so it's detected. And if it's not unique... atleast you have majority of the virust list filtered out that don't show this activity...then you apply further filters by recording the activity of virus, and finally reach the most appropriate malware.Things that a good antivirus must take care of.....1. Email monitor: must be able to detect any outgoing or incomming mail.2. Internet monitor: must be able to read and sense html traffic.3. file monitor: the most important.4. self check: it must be able to check the integrity of it's own core files.5. Memory monitor: I means simply go to your RAM and select random memory blocks or active memory blocks whichever good to you..... and create their signature.......match it in the dictionary and go on doing all of that if else crap until a final has come.goodluck! and wish you some viruses!! ;-)