I’m pretty sure that you’re quite cognizant of the terms “anti-virus software” or anti-malware software”. Since you’re looking at this article, you are probably acquainted with the severe penalties of your PC being infected by a virus or by spyware, but do you know how an anti-virus program actually works? A knowledge of how this kind of software works can help you to choose the correct protection program for your computer.

In the beginning, anti-virus software was invented to focus on and get rid of malware, specifically viruses, but with the passing of time, as the criminals developed more complex malware, so the defenses against computer infection matched the sophistication of the attacks. Nowadays, most anti-virus software will protect against spyware, adware, worms, trojans and a host of other kinds of attacks and infections which could infect your personal computer system.

There are basically two methods used by anti-virus software to defend your PC: scanning files and scrutinizing suspicious activities (also known as the Heuristic Method).

Scanning Files

In the scanning approach, it accesses a database of known virus code and uses it to compare the suspect code on your PC to this known threat. That’s why it’s essential to keep your Anti-virus ’s program up-to-date, because it can only compare already identified malware against your files. New malware is constantly appearing on the Internet and only a regular update of your threat database will ensure that your PC is clean.

When it has been established that your PC is infected by a known virus, your anti-virus application can initiate defensive measures, which may take the form of any of three different actions:

-           Repair the damaged area. Your anti-virus program will try to remove the threat by removing the virus

-            Segregate the infected code. The anti-virus program will stop the infection from growing by making the infected code inaccessible to other applications

-           Delete the file. The anti-virus program will eradicate the affected file and the virus with it.

The method described above requires the PC owner to regularly update their virus database so that any newly discovered threats can be tackled.

Scanning is usually initiated when the operating system receives or sends and email or opens and closes a file, or launches a new program. It is strongly recommended, however, that a regular schedule of scanning your entire system be set up at a pre-defined time. This need not interrupt your work on your PC, as you can schedule the system scan to begin in the middle of the night, when you’re asleep.

The Heuristic Process

This methodology is unlike the scanning approach in that, instead of comparing files to known viruses it scrutinizes the activities of code on a PC. If unwanted conduct is detected (and the current crop of advanced anti-malware programs can separate innocuous activity from potentially damaging actions, then a pre-defined range of responses is activated. The response can range from asking the PC owner how to proceed, all the way up to automatically deleting the offending code.

Heuristics offer the ability to defend against unknown sources of infection, purely based on the way that they behave. Heuristic-based programs can knock out threats before they can cause any damage.

Both methods are effective and some anti-malware programs are combining these approaches so that you, the user, can benefit from the best of both worlds.