Computer Fundamentals 简明教程

Computer Fundamentals - Antivirus

What is Antivirus?

防病毒软件是专门创建的计算机程序,用于检测、预防和删除恶意软件,如病毒。这些程序扫描计算机系统以识别病毒及相关恶意程序,并删除它们以保护系统。防病毒软件的工作原理类似于为患者服用的药,以使他们康复。

Antiviruses are computer programs that are specifically created to detect, prevent and remove malware such as viruses. These programs scan computer systems to identify viruses, and related malicious programs and delete them to protect the system. An antivirus works similarly to the medicine given to the patients to get well.

How does Antivirus Work?

防病毒程序开始工作时会针对不同类型的恶意软件或病毒全面扫描用户的系统计算机和文件。一般来说,黑客会不断创建新病毒,并通过不同的方式散布它们来固定用户的系统;一个好的防病毒软件始终能够扫描来识别新的或未知类型的恶意软件威胁。

Antivirus programs start their working by fully scanning users' systems computers and files against different types of malware or viruses. Generally, hackers constantly create new viruses and distribute them in different ways to fix users' systems; a good antivirus is always able to scan to identify new or unknown types of malware threats.

防病毒软件是一家软件公司开发的软件程序;该程序执行一些必要的功能,如 −

Antivirus software is a software program which is developed by a software company; the program performs some essential functions such as −

  1. Check files and folders for malware and malicious patterns.

  2. Allows users to schedule automatic scanning.

  3. Remove malicious malware automatically, and clean files after detecting a virus, in some cases antivirus notify their users about malware and take consent to clean it.

大多数程序使用特定检测来识别已知的恶意软件,通用检测使用常见代码库来查找恶意软件或模式,启发式检测通过识别可疑文件来扫描未知病毒。如果程序识别出受病毒感染的文件,它会删除它来保护您的设备。防病毒程序使用检测技术,如以下所示:

Most programs use specific detection to identify known malware, generic detection to find malware or patterns using a common codebase, and heuristic detection to scan for unknown viruses by identifying suspicious files. If the program identifies a virus-infected file, it deletes it to protect your device. Antivirus works using detection techniques these are as −

Virus detection techniques

防病毒程序使用不同的技术来检测系统中的病毒。下面列出一些最常用的技术:

Antivirus program uses different techniques to detect a virus in the system. Some of the most commonly used techniques are as follows −

  1. Signature-based detection − In this technique, an antivirus detects viruses using its signatures; every virus has a unique signature as its characteristic of known malware to flag malicious software. These signatures help antivirus programs to recognise viruses and are analysed by security professionals.

  2. Heuristic-based detection − Heuristic-based detection uses the comparison of known signatures of viruses against potential threats. This technique can detect viruses that have not been uncovered yet; it can also detect existing viruses that do not meet signatures because the virus misguides or has different features. This method can also provide false-positive matches when antivirus software misidentifies a programme that behaves like a virus. A Heuristic detection includes −

  3. Behaviour-based detection − Behavior-based virus detection is a proactive technique for detecting and reducing malware threats by analysing the behaviour of programmes and processes rather than relying exclusively on signature-based detection. It includes monitoring system behaviour, setting a baseline of normal behaviour, anomaly detection, response and mitigation. This method works well against zero-day exploits and polymorphic malware that avoid signature-based detection.

  4. Cloud analysis − Cloud-based virus detection approaches use remote servers and large databases to analyse possibly malicious files and activity. Cloud-based antivirus solutions offer faster and more comprehensive protection than traditional antivirus software installed on individual devices. Furthermore, they can provide centralised management and monitoring capabilities, making them ideal for enterprise setups with different devices. It includes file submission, cloud analysis, signature-based scanning, behaviour analysis, heuristic analysis, machine learning & AI, response and mitigation and database update methods to analyse the cloud from suspicious malware.

  5. Sandbox analysis − This detection method runs a programme or file in a virtual sandbox to examine its behaviour before allowing it into the system. Generally, the Sandbox analysis method can detect malicious programs in a controlled and isolated environment called a sandbox.

  6. Host intrusion prevention system (HIPS) − It is used to detect malicious activities within a program using signature-based detection. A HIPS monitors activity and immediately warns users by presenting them with authorisation alternatives such as Allow or Block.

Popular Antivirus Software

一些流行的防病毒程序如下:

Some popular antivirus programs are as −

  1. Norton AntiVirus

  2. McAfee

  3. Avira’s

  4. Trend Micro

  5. Avast

  6. Malwarebytes

  7. ESET

  8. Norton 360 Deluxe

Advantages of Antivirus Software

Benifits Significations of Antivirus Software

  1. Suspicious virus detection and deletion, malware.

  2. Preventing fraud and phishing, as well as identity theft.

  3. Alert yourself before clicking on any links or websites that seem risky.

  4. Scanning the Dark Web for hacked email addresses.

  5. Secure password encryption for online accounts.

  6. To keep safer during online access.

  7. To maintain optimal performance.

Frequently Asked Questions / FAQs on Computer Virus