Anti-virus programs protect a computer system from viruses by examining the computer's memory and file system for signs of virus infestation. This examination process is called scanning. Anti-virus programmers use two main scanning strategies - on demand and on access scanning. In on-demand scanning, users voluntarily activate a virus-scanning program each time they want to examine the computer for viruses. In on-access virus scanning, the virus scanner that continually examines the computers memory and file system automatically activates each time one of these resources is accessed by a program.
While on-access and on-demand scanners may have some similarities, including some of the same programming code, the on-access scanner must do more that just examine files: it shoulders most of the active anti-virus burden for the user. The on-access scanner places itself between programs and the operating system. It examines programs as they interact with files, memory areas and network functions. It has to examine a suspicious program's behavior and halt malevolent software before the software executes. Viruses, trojan horses, and other malevolent Web applications are all part of the on-access scanner's patrol. Part of the challenge of an effective on-access scanner is that it must be diligent and capable of scanning each accessed file while not interfering with the functionality of the machine.
The link for this article located at SecurityFocus is no longer available.