How Anti-Virus Software Works

Anti-virus software is the equivalent to penicillin of the computer world. These applications stand guard over your system, scanning incoming files and applications. When the need arises it quarantines and cleans up viruses that aim to harm your system. 

Dozens of anti-virus software packages are available today. These applications range in ability; some are designed to protect a single computer at a time, others are designed specifically for servers, and others may take on enterprise – class networks. Most anti-virus packages actively scan files as they are introduced to a system and rely on what is called signature detection to identify potentially hazardous files. 

Anti-virus applications maintain a database of known viruses and compare scanned files that match the characteristics of known viruses. If a scanned files matches those characteristics of known viruses. If a scanned file matches those characteristics, it is quarantined (which means moved to a new, presumably safe location on disk and renamed, so you can find it should you ever need it) so that it cannot affect other files on your system. Once the file is quarantined, the application can attempt to repair it, delete it, or prompt you for a decision on what to do about the file infected. 

Signature detection is just one way of identifying viruses and is only effective if the virus database is up-to-date and contains the signature of a virus. Anti-virus programs also attempt to identify suspicious behavior include an application attempting to write to an executable file, altering needed system files, making suspicious registry entrees, or adding to the list of items that execute automatically upon system start up. This approach helps protect against unidentified or encrypted viruses and can alert you to suspicious behavior happening on your computer. This interesting is an area where anti-spyware/anti-adware and anti-virus software often notice the same kinds of activities, because they are typical for adware and spyware as well as malware.