Stay updated with the latest cybersecurity news.

What do antivirus do?

By Reason Cybersecurity

on Mon Jan 13 2020

Antivirus, aka anti-virus, aka anti-malware, aka security software, has been around since 1971, and yes, that’s a lot of ‘also known as’ names for a single product. Why all the different names? Well, there is a good reason for that (mostly having to do with the origins of computer viruses and how the threat landscape has evolved), but the question you really need to be asking is “what antivirus do?”

What does antivirus software do?

Antivirus software is a program that is designed to protect your computer and your data from viruses by searching for, detecting and removing them. Antivirus (AV) software works by scanning your computer in real-time and comparing the signatures of the files and programs on your computer to the signatures of viruses stored in a virus database. Importantly, the virus signature database is updated whenever new viruses are discovered, and this means that antivirus software must also be regularly updated to assure that it is using the latest virus database.

If a signature of one of the files or programs on the user’s computer matches one of the virus signatures in the virus database, the file or program on the users’ computer with the matching signature is flagged for removal or quarantine, and the user is notified. This is the process used by AV software to detect worms, Trojans, adware, viruses, etc., that are already known.

Most AV programs are automatically updated whenever the virus database is updated, but some require that the user manually update the AV software. Most AV software also come with several scanning options such as full-system scans, which take the longest but are more complete, and specific scans, which are quicker and where you can specify the files or directories you want to scan.

To root out and prevent cyber threats that have not yet been discovered and are therefore not yet in the virus database, modern AV software also use additional detection technologies. Two of the most widely used and most effective of these technologies are behavioral-based detection and heuristics-based detection. Behavioral and heuristics-based detection, combined with real-time scanning, provide excellent cybersecurity for detecting new and emerging threats, which is critically needed for anyone or any organization that goes online.

There are also advanced AV software suites that provide even more comprehensive protection and will safeguard you against additional cyber threats such as ransomware, phishing, malicious URLs, hackers looking to spy on your microphone and camera, and more. Given the nature of cybercrime today and the serious threat they pose to individuals and businesses, many private users and most businesses prefer the more advanced AV software packages because of the more comprehensive protection they provide.