What Are the Basic Functions, Features and Characteristics of Antivirus Software?
There are several different companies that build and offer anti-virus software and what each offers can vary but all perform some basic functions.
Antivirus programs are designed to protect your computer from malware, a term used to describe malicious software.
With so many antivirus programs available in the marketplace, it may help to understand some of the functions that an antivirus performs so that you can compare them.
Real-time Protection, Alerts, Online Security and On-access Scanner:
Real-time scanner monitors network data as it is coming into the computer to intercept any malware as it enters your system. This means that the antivirus program protects your computer from incoming threats and have the ability to alert you when a program is trying to access your computer. Interception software detects virus-like behavior and warns the user about it. An example would be an online application. Built-in intrusion detection, fraud monitoring, and phishing recognition alert you if someone attempts to access your computer from a remote location. Also The on-access scanner, scans files as they are opened or accessed to detect any malware.
Virus and Threat Detection:
Antivirus program can scan your entire computer or specific files or directories in search of viruses, any malware or known malicious patterns. The primary function of antivirus software is to detect and remove computer viruses. Some important features of antivirus software to develop this task:
- Anti-Malware (protects your computer from infection by malicious software: trojans, viruses, spyware, etc.)
- Protection Against Browser Exploits (website code that is written to take advantage of a vulnerability in a web browser)
- Anti-Virus (guards your computer against infection by checking activity on your computer against a database of 'known suspicious activity')
- Anti-Trojan (identifies and isolates software that may be performing a clandestine activity)
- Anti-Spyware (malware that can secretly steal files and record the activity of an infected computer)
- Anti-Worm (Worm activity can cause a computer to run more slowly and eventually crash)
- Anti-Rootkit (software infection that can integrate into an operating system and replace critical files)
- Anti-Phishing (attempts to identify and notify any phishing content encountered on the web or by email)
- Secure Network (close unnecessarily open ports to your computer and monitor activity on the network)
- Email Protection (scan inbound and outbound email)
- Script Blocking: (Many antivirus programs have the ability to monitor Java, ActiveX, Visual Basic and other script files and detect and block malicious activity.)
Automatic Updates and Heuristic Scanner:
Automatic updating is important because an out of date antivirus program will not be able to detect the newest viruses. Antivirus software typically has a heuristic scanner as well. Heuristic scanning uses what is known about existing malware and what it has learned from past experience to identify new threats even before the antivirus vendor creates an update to detect it. Most antivirus software can be configured to automatically connect with the vendor site and download new updates on a regular basis.
Schedule scans:
Allow you to schedule scans to automatically run for you. Most antivirus software provides some method of creating a schedule to set when the software will automatically perform a scan.
Compressed File Scanner:
Some malware may come inside a compressed file such as a ZIP file, or may even be embedded in a compressed file within a compressed file and so on. Most antivirus programs can scan within a compressed file. The better programs may be able to scan many levels deep to detect malware even if it is buried within multiple compressed files.
Data Protection:
Some antivirus software offers online backups of vital files that can later be restored if the files become infected, corrupted, or otherwise damaged.
Specific Scan(On-Demand Scanner) and Integrity Checking:
Allow you to initiate a scan of a specific file or of your computer, or of a CD or flash drive at any time. The on-demand scanner provides the ability to perform a custom scan of a file, folder or drive initiated by the user. A scanner will search all files in memory, in the boot sector and on disk for code snippets that will uniquely identify a file as a virus, remove any malicious code detected –sometimes you will be notified of an infection and asked if you want to clean the file, other programs will automatically do this behind the scenes. Scanners can find viruses that haven't executed, yet - this is critical for e-mail worms, which can spread themselves rapidly if not stopped. Also integrity checker records integrity information about important files on disk. If a file should change due to virus activity, the file will no longer match the recorded integrity information.This is an extensive process, and some virus checkers today use it.
Email, Webmail and Instant Messaging Protection:
The ability of the antivirus software to monitor incoming and/or outgoing POP3. The better antivirus programs can monitor web-based email traffic such as Hotmail or Yahoo! Mail to detect and block malware in file attachments. Some antivirus software will monitor instant messaging traffic to detect and block malicious threats. Many worms and other malware can now be spread through instant messaging programs such as AOL Instant Messenger (AIM) or Yahoo! Messenger.
Install AntiVirus software and update it regularly. This important advice cannot be overstated.
Always be sure you have the best, up-to-date security software installed to protect your computers, laptops, tablets and smartphones.
There are several different companies that build and offer anti-virus software and what each offers can vary but all perform some basic functions.
Antivirus programs are designed to protect your computer from malware, a term used to describe malicious software.
With so many antivirus programs available in the marketplace, it may help to understand some of the functions that an antivirus performs so that you can compare them.
Real-time Protection, Alerts, Online Security and On-access Scanner:
Real-time scanner monitors network data as it is coming into the computer to intercept any malware as it enters your system. This means that the antivirus program protects your computer from incoming threats and have the ability to alert you when a program is trying to access your computer. Interception software detects virus-like behavior and warns the user about it. An example would be an online application. Built-in intrusion detection, fraud monitoring, and phishing recognition alert you if someone attempts to access your computer from a remote location. Also The on-access scanner, scans files as they are opened or accessed to detect any malware.
Virus and Threat Detection:
Antivirus program can scan your entire computer or specific files or directories in search of viruses, any malware or known malicious patterns. The primary function of antivirus software is to detect and remove computer viruses. Some important features of antivirus software to develop this task:
- Anti-Malware (protects your computer from infection by malicious software: trojans, viruses, spyware, etc.)
- Protection Against Browser Exploits (website code that is written to take advantage of a vulnerability in a web browser)
- Anti-Virus (guards your computer against infection by checking activity on your computer against a database of 'known suspicious activity')
- Anti-Trojan (identifies and isolates software that may be performing a clandestine activity)
- Anti-Spyware (malware that can secretly steal files and record the activity of an infected computer)
- Anti-Worm (Worm activity can cause a computer to run more slowly and eventually crash)
- Anti-Rootkit (software infection that can integrate into an operating system and replace critical files)
- Anti-Phishing (attempts to identify and notify any phishing content encountered on the web or by email)
- Secure Network (close unnecessarily open ports to your computer and monitor activity on the network)
- Email Protection (scan inbound and outbound email)
- Script Blocking: (Many antivirus programs have the ability to monitor Java, ActiveX, Visual Basic and other script files and detect and block malicious activity.)
Automatic Updates and Heuristic Scanner:
Automatic updating is important because an out of date antivirus program will not be able to detect the newest viruses. Antivirus software typically has a heuristic scanner as well. Heuristic scanning uses what is known about existing malware and what it has learned from past experience to identify new threats even before the antivirus vendor creates an update to detect it. Most antivirus software can be configured to automatically connect with the vendor site and download new updates on a regular basis.
Schedule scans:
Allow you to schedule scans to automatically run for you. Most antivirus software provides some method of creating a schedule to set when the software will automatically perform a scan.
Compressed File Scanner:
Some malware may come inside a compressed file such as a ZIP file, or may even be embedded in a compressed file within a compressed file and so on. Most antivirus programs can scan within a compressed file. The better programs may be able to scan many levels deep to detect malware even if it is buried within multiple compressed files.
Data Protection:
Some antivirus software offers online backups of vital files that can later be restored if the files become infected, corrupted, or otherwise damaged.
Specific Scan(On-Demand Scanner) and Integrity Checking:
Allow you to initiate a scan of a specific file or of your computer, or of a CD or flash drive at any time. The on-demand scanner provides the ability to perform a custom scan of a file, folder or drive initiated by the user. A scanner will search all files in memory, in the boot sector and on disk for code snippets that will uniquely identify a file as a virus, remove any malicious code detected –sometimes you will be notified of an infection and asked if you want to clean the file, other programs will automatically do this behind the scenes. Scanners can find viruses that haven't executed, yet - this is critical for e-mail worms, which can spread themselves rapidly if not stopped. Also integrity checker records integrity information about important files on disk. If a file should change due to virus activity, the file will no longer match the recorded integrity information.This is an extensive process, and some virus checkers today use it.
Email, Webmail and Instant Messaging Protection:
The ability of the antivirus software to monitor incoming and/or outgoing POP3. The better antivirus programs can monitor web-based email traffic such as Hotmail or Yahoo! Mail to detect and block malware in file attachments. Some antivirus software will monitor instant messaging traffic to detect and block malicious threats. Many worms and other malware can now be spread through instant messaging programs such as AOL Instant Messenger (AIM) or Yahoo! Messenger.
Install AntiVirus software and update it regularly. This important advice cannot be overstated.
Always be sure you have the best, up-to-date security software installed to protect your computers, laptops, tablets and smartphones.
Comments
Post a Comment