subject: How Does Antivirus Software Protect [print this page] How Does Antivirus Software Protect How Does Antivirus Software Protect
Antivirus software is a program which scans all of the files on your computer; it will then identify any programs it believes to be suspicious and will flag them for removal. Antivirus software does a check of your computer for viruses normally every time you create, open, close or email files. This allows for the software to identify viruses as soon as possible. Virus scans can be set to be run periodically, at the same time each day.
Good antivirus software will use a couple of methods to spot security threats. One way is to check your files to see whether any of them match the known viruses in its database. The other is to see whether any abnormal activity occurs, when a file is executed, which could be a virus.
Because antivirus software makes heavy use of its antivirus database it is essential your virus protection software has up to date virus definitions. New viruses are created everyday in the hope that users with outdated virus definitions will not recognise the threat and it will sneak past your defence system.
Searching For Viruses
When you perform a virus scan you will tell your antivirus tool to check each file on your computer or you can select specific drives. The security software will then check the code in the files on your PC for matches to anything in the database. If a match is found the antivirus program will delete the file, put it in quarantine or repair the file by removing any malicious code.
On some antivirus software you can specify a particular action to take when a suspicious file is found. If you quarantine files they are isolated so no other programs can use the file and this stops the virus from spreading.
Viruses can be identified through odd behaviour. For example if a program tries to add data to an executable file your security software should alert you to decide whether this is acceptable. You can choose whether to let the program continue or block the action to prevent the virus.
By tracking unusual activity on your computer your antivirus software will protect you from new viruses which may not be in your virus database. The one problem with this approach is your virus software can track a lot of false positives which will give you a pop up message with a warning every time. If you always accept these actions then you may become oblivious to the warnings and one day accept something you shouldn't.
How Virus Databases Work
Virus databases are kept updated with the latest virus threats by people sending their infected files to anti-virus software providers. The virus protection companies then update their virus definitions to allow the software to protect your computer from viruses which they have indentified. This is why not all antivirus products will protect you from all viruses. This is why it is a good idea to invest in a well known brand so you can be sure they are investing time and money into ensuring they know about all the latest virus threats giving you the best protection.
