Understanding Antivirus software

May 15th, 2015

Understanding Antivirus software: What is Anti-virus? Why do I need it?

Antivirus programs are  essential on Windows & Mac computers. If you've ever wondered how antivirus programs detect viruses and what they’re doing on your computer, then read on.

An antivirus program is an essential part of a multi-layered security strategy – even if you’re a smart computer user, the constant stream of vulnerabilities for browsers, plug-ins, and the Windows operating system itself make antivirus protection important.

Microsoft Security Essentials: Green is Good

Green means everything is OK!


How it really all works

Antivirus software runs in the background on your computer, checking every file you open when you use them or download them. This is referred to as on-access scanning, background scanning, resident scanning, real-time protection, or something else, depending on your antivirus program.

When you double-click an EXE file, it may seem like the program launches immediately – but it doesn’t. Your antivirus software checks the program first, comparing it to known viruses, worms, and other types of malware. Your antivirus software also does “heuristic” checking, checking programs for types of bad behavior that may indicate a new, unknown virus.

Most Antivirus software is reported to work only 25% of the time, give or take 10%, when trying to detect new threats.

However, Heuristic scanning does not always work correctly. Most Antivirus software is reported to work only 25% of the time, give or take 10%, when trying to detect new threats. Therefore It is still very possible to miss potential virus', allowing the infection on the PC where it can wreak havoc. It is estimated that over 200,000 virus' and or malware programs are created every day.

Antivirus programs also scan other types of files that can contain viruses. For example, a .zip archive file may contain compressed viruses, or a Word document can contain a malicious macro. Files are scanned whenever they’re used – for example, if you download an EXE file, it will be scanned immediately, before you even open it. Or the files and or system is scan when the user schedules it!

 

Microsoft Security Essentials: Code Orange

Orange means take caution! Pay attention to the alerts

False Positives

Because of the large amount of software out there, it’s possible that antivirus programs may occasionally say a file is a virus when it’s actually a completely safe file. This is known as a “false positive.” Occasionally, antivirus companies even make mistakes such as identifying Windows system files, popular third-party programs, or their own antivirus program files as viruses. These false positives  can damage users’ systems when the anti-virus removes the falsely identified.

If your antivirus says a file is malicious, you should generally follow through with the recommended actions provided by your Anti-virus software.

 

Heuristics can also increase the rate of false positives. An antivirus may notice that a program is behaving similarly to a malicious program and identify it as a virus. Despite this, false positives are fairly rare in normal use. If your antivirus says a file is malicious, you should generally follow through with the recommended actions provided by your Anti-virus software.

Microsoft Security Essentials: Code Red

Red means there's definitely a problem! Take advised action unless you know it's a false positive!