Wednesday, October 21, 2020

Antivirus Works. Types, Functions and Their Limitations

The protection of a good antivirus application is essential to maintain the security of any computer system. That is why it is worth knowing how an antivirus works, what its functions are, and also its limitations.

Antivirus Works. Types, Functions and Their Limitations

Antivirus software tries to cover the main forms of attack on your device, be it a computer or a smartphone, and not having any kind of protection, knowing how an antivirus works, is foolish since there are many threats that you can find browsing the Internet or copying files to your device.

Currently, it is possible to find good free antivirus.

Antivirus must be updated frequently to ensure protection against the latest threats. Almost all antivirus can be configured to update automatically, it is advisable that this option is enabled

How an Antivirus Works

All antivirus act in the background, inspecting every file or page that is opened on the device where they are installed.

Antivirus Software uses three methods to protect the system:

  1. Analyze our files by comparing them to a database of malicious software or programs
  2. Monitor computer files as they are opened or created to ensure that they are not infected. This is real-time protection against viruses, which can affect system performance.
  3. Periodically inspect the entire system to verify if there are corrupt files and eliminate existing viruses, in case they could have entered your computer.

The antivirus compares each file on the hard disk with a dictionary of known viruses. If any piece of code in a file on the hard drive matches the virus known to the dictionary, the antivirus software kicks in, taking one of the possible actions.

Types of Antivirus

Basically, antivirus is divided into several categories, depending on the function for which they were designed: prevention, identification, or elimination of viruses.

  1. Preventive Antivirus, which fulfills the function of anticipating infection by intercepting and analyzing all data input and output operations. This type of antivirus, to perform its task, must be installed on the disk and reside in the computer's memory, so they tend to consume a considerable amount of resources that in the end slow down the computer.
  2. Identifying Antivirus, whose main function is to identify threats that may already be active in the system. To achieve its mission, this type of antivirus analyzes all files on the computer in search of byte strings related to malware.
  3. Decontaminating Antivirus, whose purpose is to eliminate an infection when it has already occurred and attacked the computer. Many of these antiviruses will also try to revert to the state before the infection occurred.
  4. Heuristic Antivirus, which acts as a simulator, that is, they pretend the launch or the usefulness of various programs to observe their behavior and identify possible suspicious situations.

In general, modern security solutions combine these three types of antivirus, also integrating other functionalities.

Antivirus Functions

  • Repair the file. The antivirus tries to repair the infected file by removing the virus.
  • Put it in quarantine. The antivirus will try to provide protection against the virus, making programs inaccessible to this file, preventing its propagation and execution.
  • Delete the file. The antivirus removes the file. If it cannot be removed from the file, it will always ask us first if we want to do this.
  • Analyze the behavior of system files. In this case, the antivirus will monitor all the programs that are running on a system. For example, if a program tries to perform a suspicious activity, such as writing data to an executable program, the antivirus alerts the user of this fact and informs him of the measures to take.

One of the advantages of scanning files for suspicious behavior is that it offers protection against new viruses for which no information is yet available and is not part of the list of known viruses.

When a new virus is created, antivirus software companies analyze its characteristics, how to eliminate the virus (if possible), and update the database with this information to ensure that the antivirus can detect new threats.

On the other hand, it is very common for these types of programs to incorporate other types of features that allow them to expand the security they offer, such as:

  • Firewall. It acts as a barrier between the computer and the Internet. It is used to control who accesses the information stored on the equipment and what information comes out of it.
  • Analyze web addresses (URL's).  It allows you to check if a web address links to a page that contains viruses or if, on the contrary, it is safe.
  • Email protection. Scans incoming and outgoing emails to verify they do not contain viruses. They usually include an antispam filter to prevent "junk mail" from entering the inbox and an anti-phishing filter to detect attempts to impersonate trusted pages, banks, public administrations, prestigious companies, etc.
  • Antispyware. Capable of detecting and eliminating spyware, that is, those that are installed in the computer or device in a hidden way in order to know the user's browsing habits, passwords, and other data, which could later be transmitted to an unauthorized entity.
  • Anti-pop-ups. Its main objective is to prevent the opening of annoying pop-up windows that may appear while browsing the Internet. Various spyware can be hidden in some of these windows.
  • Backups. Make backup copies of the most important documents stored on your computer.

Limitations of Antivirus

Antivirus programs, despite being constantly updated and offering more and more features, also have certain limitations when it comes to keeping your computer system safe.

Therefore, when selecting an antivirus you must bear in mind some of the tasks that basic antivirus does not perform:

  • They do not prevent Spam, which must be examined with specific Anti-Spam software.
  • They do not prevent direct attacks from a hacker on the system.
  • They do not prevent criminal activities online. The antivirus is not capable of preventing these actions.

Despite its limitations, you should never stop the antivirus operation because it will leave your system more exposed to external attacks.

In the same way, if you do not update your antivirus with the latest virus definitions available on the Internet, the software will become practically useless, since it will not be able to detect or eliminate the most recent viruses.

Having an antivirus installed on your computer almost always means that your computer slows down a bit, that is, it works slower than it should. This is mainly due to the fact that antivirus programs use a lot of system resources.

A general rule of thumb in this regard is that the more functions the antivirus provide, the more resources such as RAM and CPU cycles it will use. Our recommendation will be total security as the best functional antivirus with less cost

at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

November 27 is Black Friday and November 30 is Cyber ​​Monday

One of the strongest sales campaigns in shops and online sales recently established in Spain is Black Friday and Cyber ​​Monday. A tradition...