|
Previous | Table of Contents | Next |
The following list examines how the integrity checker performs in each of the seven critical categories:
Behavior blockers are memory-resident programs that install in memory as system service providers. These programs work silently in the background, waiting for viruses or other malicious programs to attempt damaging activities. If the behavior blocker detects such activities, it informs the user of the suspicious behavior and allows the user to decide whether the action should continue.
Unfortunately, some legitimate programs do initiate actions that appear to be virus-like in nature.
Therefore, while the integrity checker can prevent many virus-like activities, the uninformed user might be asked to make decisions theyre not prepared to make.
Behavior blockers can prevent new and unknown viruses from spreading onto a computer. Although a memory-resident virus scanner might miss a new virus, the blocker would detect the virus modification of executable program files and prevent such action.
The following list examines how the behavior blocker performs in each of the seven critical categories:
The heuristic scanner is a program that attempts to identify virus-infected files and boot records without the explicit use of virus signatures or integrity information. The heuristic scanner can detect many new and as yet unknown viruses that would normally evade a virus signature scanner.
Heuristic scanners look for telltale signs of viruses in files and boot records. If the heuristic scanner sees enough virus-like attributes to indicate an infection, the scanner reports the file or boot record as possibly being infected. The user must make the final determination of whether they have a virus and how to deal with it if so.
Most users arent ready to reverse engineer a programs machine language instructions to verify that the heuristic scanner is correct in its assessment. Therefore, unless a heuristic scanner has a 0 percent false identification rate (virtually impossible to accomplish), the heuristic scanner is more a tool for a savvy computer expert than a useful antivirus utility for the average user or corporation.
The following list examines how the heuristic scanner performs in each of the seven critical categories:
End users can take certain simple precautions to protect their computers from viruses. Most of these are specific to a virus type. One wise universal precaution is to use more than one nonmemory-resident antivirus scanner program on workstations. Each antivirus manufacturer encounters different viruses at different times. Often, one scanner might detect some viruses that another does not, and vice versa. This dramatically reduces any chances of infection.
This section describes preventative measures that can be taken to reduce the risk of viral infection. This section also describes some methods antivirus programs use to repair infected items, as well as recommended methods for repairing infected floppy disks, hard drives, and programs using common tools.
Previous | Table of Contents | Next |