- Security Center
- English ▾
How does antivirus software detect malware?
The main reason users seek out an antivirus program is to protect their computer against malware threats that can be spread through websites, email attachments, USB keys and other surprising vectors. Antivirus software has grown increasingly complex over the years to combat the creativity of cybercriminals, but most of these programs protect your computer in the same three ways: virus signatures, behavioral detection, and rule-based controls. Here’s a breakdown of how each of these features protects your computer:
A virus signature refers to the specific characteristics of a malicious file which can be identified, similar to identifying a human being by their fingerprints, hair and eye color. Using a virus signature, the software checks the files on your computer against a list of malicious file signatures in a database. This database has to be continuously updated as thousands of new computer viruses are created each day. In Ad-Aware Antivirus, automatic updates download the latest virus signatures to ensure your protection against the latest threats. The program checks for new definition files every hour but the frequency can be adjusted to conserve system and network resources.
Behavioral detection refers to how antivirus software monitors your operating system to detect suspicious activity, particularly irregular behavior from files. For example, if a malicious file mysteriously begins modifying or deleting another file or attempts to contact an online resource, the antivirus program will flag the behavior as dangerous. Subsequently, the antivirus program will warn the user, quarantine and/or delete the file. In Ad-Aware Antivirus, this feature is known as Real-Time Protection, which monitors the actions of applications at the process level to identify potentially malicious activities.
Rule-based control refers to how an antivirus program monitors incoming and outgoing network traffic, blocking specific traffic based on a defined set of rules. Using rule-based control, the software establishes a barrier between secured, controlled networks and untrusted outside networks. In Ad-Aware Antivirus, this feature is known as Network Protection. You can also enable additional protection options, such as port scan detection and stealth mode. The block port scan is a feature that detects port scan attempts, which can be used by hackers to find vulnerabilities on your computer. One of these vulnerabilities could be used to infiltrate your computer. The stealth mode option in Ad-Aware Antivirus allows you to hide your computer on the network, protecting it from such attacks while staying connected to the Internet.
These are just three of the ways in which antivirus software protects you. There are also additional features, such as Email Protection, which scans incoming email and deletes malicious attachments before they have a chance of harming your computer, Web Protection, which protects you from dangerous sites, and Parental Control, allowing you to filter online content according to a user’s age. If you require antivirus protection, Ad-Aware Antivirus is an award-winning free antivirus program.