What is the difference between a virus definition, and an antivirus's engine?
anonymous
2011-07-18 20:44:37 UTC
Can I use an antivirus and just update definition, without updating its engine? What does the engine do?
Three answers:
anonymous
2011-07-19 04:29:44 UTC
"Engines" usually refer to the 'mechanism' or underlying components that do the actual work or task of the application in question. It's the code that makes it 'go' and do whatever it does.
In your specific example, the anti-virus 'program' has the vendors 'engine' for the actual file examination, plus other components that reach out to the 'Net for updates; a user interface; display; and so on.
Version numbers can mean that tweaks to the preceding package (perhaps the engine) have been made to refine sub routines, or have new routines for that engine to perform.
"Definition" update would be adding to the 'library' of known virus signature strings (or fingerprints) which the engine uses to compare on board files to.
Engine versions may not work with fresher definition library updates, so you should always move to the latest engine version and it's corresponding definitions.
Christopher
2016-08-30 00:05:44 UTC
2
Mike S
2011-07-18 20:52:15 UTC
The virus definitions or commonly called the latest known threats are downloaded into the virus database...so that if a signature is detected of those known threats you will get notified...the Engine on the otherhand is simply the Drivers and Executable part of the Antivirus Application itself....most of the time you will get updates for the virus definitions...and when a new version is released it updates the engine with new Drivers and Executable files..............This all may sound complicated..but it's not once you understand how a AV product works......
ⓘ
This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Continue reading on narkive:
Search results for 'What is the difference between a virus definition, and an antivirus's engine?' (Questions and Answers)