Computer Fundamentals - Antivirus

What is Antivirus?
Antiviruses are computer programs that are specifically created to detect, prevent and remove
malware such as viruses. These programs scan computer systems to identify viruses, and
related malicious programs and delete them to protect the system. An antivirus works similarly to
the medicine given to the patients to get well.

How does Antivirus Work?

Antivirus programs start their working by fully scanning users' systems computers and files
against different types of malware or viruses. Generally, hackers constantly create new viruses
and distribute them in different ways to fix users' systems; a good antivirus is always able to scan
to identify new or unknown types of malware threats.

Antivirus software is a software program which is developed by a software company; the

program performs some essential functions such as −

Check files and folders for malware and malicious patterns.

Allows users to schedule automatic scanning.

Remove malicious malware automatically, and clean files after detecting a virus, in some
cases antivirus notify their users about malware and take consent to clean it.

Most programs use specific detection to identify known malware, generic detection to find
malware or patterns using a common codebase, and heuristic detection to scan for unknown
viruses by identifying suspicious files. If the program identifies a virus-infected file, it deletes it to
protect your device. Antivirus works using detection techniques these are as −

Virus detection techniques

Antivirus program uses different techniques to detect a virus in the system. Some of the most
commonly used techniques are as follows −

Signature-based detection − In this technique, an antivirus detects viruses using its

signatures; every virus has a unique signature as its characteristic of known malware to
 flag malicious software. These signatures help antivirus programs to recognise viruses
and are analysed by security professionals.

Heuristic-based detection − Heuristic-based detection uses the comparison of known

signatures of viruses against potential threats. This technique can detect viruses that
have not been uncovered yet; it can also detect existing viruses that do not meet
signatures because the virus misguides or has different features. This method can also
provide false-positive matches when antivirus software misidentifies a programme that
behaves like a virus. A Heuristic detection includes −

File analysis − This program examines a file's apparent purpose.

Multicriteria analysis (MCA) − MCA decides whether to classify a file as a harmful

file on different detection methods.

Behaviour-based detection − Behavior-based virus detection is a proactive technique for

detecting and reducing malware threats by analysing the behaviour of programmes and
processes rather than relying exclusively on signature-based detection. It includes
monitoring system behaviour, setting a baseline of normal behaviour, anomaly detection,
response and mitigation. This method works well against zero-day exploits and
polymorphic malware that avoid signature-based detection.

Cloud analysis − Cloud-based virus detection approaches use remote servers and large
databases to analyse possibly malicious files and activity. Cloud-based antivirus
solutions offer faster and more comprehensive protection than traditional antivirus
software installed on individual devices. Furthermore, they can provide centralised
management and monitoring capabilities, making them ideal for enterprise setups with
different devices. It includes file submission, cloud analysis, signature-based scanning,
behaviour analysis, heuristic analysis, machine learning & AI, response and mitigation
and database update methods to analyse the cloud from suspicious malware.

Sandbox analysis − This detection method runs a programme or file in a virtual sandbox
to examine its behaviour before allowing it into the system. Generally, the Sandbox
analysis method can detect malicious programs in a controlled and isolated environment
called a sandbox.
Host intrusion prevention system (HIPS) − It is used to detect malicious activities within
a program using signature-based detection. A HIPS monitors activity and immediately
warns users by presenting them with authorisation alternatives such as Allow or Block.

Popular Antivirus Software

Some popular antivirus programs are as −
 Norton AntiVirus

McAfee

Avira's
Trend Micro

Avast

Malwarebytes
ESET

Norton 360 Deluxe

Advantages of Antivirus Software

Benifits Significations of Antivirus Software

Suspicious virus detection and deletion, malware.

Preventing fraud and phishing, as well as identity theft.

Alert yourself before clicking on any links or websites that seem risky.
Scanning the Dark Web for hacked email addresses.

Secure password encryption for online accounts.

To keep safer during online access.

To maintain optimal performance.

Frequently Asked Questions / FAQs on Computer Virus

What is an antivirus product?

Detect and prevent viruses and malicious programs on your system.

How do antivirus products work?

Antivirus working principles include services by detecting viruses, deleting malicious code,
prevent devices from suspicious applications. Modern antivirus software automatically updates
after a time to protect the system against new viruses and spyware.
 Which antivirus product should I use?

Some Antivirus programs are available default once a user purchases a new system or takes
authentic operating systems that run Windows and Apple computers. Apart from this, a user can
use the latest one by searching it on Google.

How do I use my antivirus product?

Install it and run a full scan. It by default scans all new files during downloaded from the internet
or stores using USB devices, external hard disks, SD cards etc.

What else should I do to keep my devices and my personal information safe?

Don't allow untrusted applications to access the system, don't open untrusted websites and keep
the system's firewall on.