Antivirus is a type of software used to secure, detect and remove computer viruses from computer systems. Antivirus Virus Protection Software is also called. This application can determine whether a computer system has been infected with a virus or not. Generally, this software runs in the background (background) and do a scan of all files that are accessed (opened, modified, or when saved).
Antivirus - antivirus is now not only detect the virus. An antivirus program now also been equipped with the ability to detect spyware, rootkits, and malware - other malware. Not only that, now equipped with antivirus firewall to protect your computer from hacker attacks and anti-spam to prevent the entry of junk email and / or viruses into the user's inbox.
In general, how the virus is:
1. Detection by using virus signature database (virus signature database): The workings of this antivirus is an approach that is widely used by traditional antivirus, looking for signs of the presence of the virus by using a fraction of the virus code that has been analyzed by antivirus vendors, and has dikatalogisasi according to the type, size, power and destruction of several other categories. This method is particularly fast and reliable way to detect viruses that have been analyzed by antivirus vendors, but can not detect new viruses until the virus signature database into the newly installed system. Virus signature database can be obtained from the antivirus vendor and can generally be obtained free of charge via download or by subscription (subscription), and / or
2. Detection by the way how the virus works: How it works like this antivirus is a new approach borrowed from the technology applied in the Intrusion Detection System (IDS). This method is often referred to as Behavior-blocking detection. This method uses policy (policies) that must be applied to detect the presence of a virus. If any software behavior that is "not fair" according to the policy being applied, as well as software that tries to access the address book to send out mass e-mails to e-mail list within the address book (this way is often used by virus to transmit the virus through e-mail), then the antivirus will stop the process performed by the software. Antivirus also can isolate the code that is suspected as a virus until the administrator determines what to do next. The advantage of this method is an antivirus can detect new viruses that have not been recognized by the virus signature database. The drawback, obviously because of the antivirus software to monitor the workings of a whole (rather than monitor the file), then the antivirus often create a false alarm or "False Alarm" (if the configuration of the antivirus too "hard"), or even allow the virus to multiply in the system (if antivirus configuration is too "soft"), false positives occur. Some manufacturers call this technique as a heuristic scanning. Heuristic Scanning technology has progressed so far that now. Some anti-virus check on a file with the usual definition. If the usual escape detection, then the file is run in a virtual environment. All changes made file is like a virus, then the user will be warned.
Source :http://id.wikipedia.org/wiki/Antivirus