BUY N FREE ANTIVIRUS SPYWARE

In the following sections we will describe the various technologies used in the fight against viruses as well as the causes that have led to the development of the same.

Study of viruses received

The fact that we have achieved a virus, often difficult in itself, does not mean that is detected by magic, we need to have a team of programmers, experts in machine language, generating multiple copies of the virus, desensamblen code Virus known for its functioning and obtain all information necessary for the detection and disinfection. The rate of emergence of new viruses ensures continuous work for this team real experts in the structure and behaviour of more than 13000 computer viruses.

Quick Analysis

As already mentioned, it is estimated that currently exist in the world around 13000 computer viruses. With this background one of the first problems they find a developer of anti-virus is to seek 13000 viruses in every file in a minimum time. Of course you can not read the files to look out at the tail because the analysis of a hard disk or file server would be eternal. This requires a knowledge of all the file formats potentially infectables and all forms of infection from viruses that developers have been able to design. With this knowledge antivirus can look wherever you can locate saving precious time. But this is not enough to achieve a competitive speed and it is necessary also to develop a system of search strings through trees suffixes and prefixes. Another technique that helps to speed up the analysis, is a classification of viruses by type and allowing families seeking to dismiss certain viruses in certain files or parts of files. This last technique requires the team that studies viruses received to make and keep this classification.

Disinfection reliable

When a user disinfects a file, it expects that it will continue to operate normally. A virus, which has not only detect viruses, in addition must disinfect and reliably. Again developer virus must walk with feet of lead not to confuse variants of the same virus in the disinfected. For example, there are more than 10 known variants of Barrotes who have a different size. Each of these alternatives must be disinfected with a different procedure.

Another difficulty added to the analysis procedures is the ability to search for infected files within compressed files. Logically this operation decompression is performed automatically by the virus in memory, you should know how to decompress compressed file formats most commonly used (ZIP, ARJ, LHA, MS-COMPRESS, etc.). The operation was carried out in memory because it is unthinkable to decompress the file on disk and the speed of analysis would fall sharply and because you can not ensure that there are enough space to perform disk decompression.

Analysis mode isolated

In operating systems such as DOS, viruses have the potential to mislead the virus when they read an infected file. The deception is so subtle that the virus will not detect anything in the file infected because the virus has given gato por liebre. The virus has developed a technique (originally used by a virus, it must be said) that allows the precise location of the service routine operating system. Having this location antivirus contact with the operating system directly disabling virtually any resident programs and therefore viruses that might be active in memory. In this way the virus can never fool the virus.

DSM (Generic Decryption Engine)

The good times in which to detect a virus sufficient to seek a string of bytes in a particular location has been finished. When they made their appearance encrypted viruses there was still a fixed part of the virus that could be used as a search pattern, this was the routine own encryption / decryption. Today the vast majority of viruses are appearing polymorphic viruses. This means that every time the virus is replicated, the new copy is completely different from the previous one. So different that you can not find even one byte matching (in value and position means). The routine of the virus that is responsible for encriptarlo and decrypt also completely changes from generation to generation, so in theory the virus have no where to hold it.