Blog article
See all stories »

The Role of Antivirus Software

The purpose of antivirus (AV) software is to detect, neutralize or eradicate malware (malicious software).

AV software not only will identify and destroy the computer virus, but it’s also designed to fight off other kinds of threats such as phishing attacks, worms, Trojan horses, rootkits and more.

How does AV software work?

  • It will first scan (either on automatic timer that the user selects or manual) the computer’s files to seek out any viruses that fit the description that’s in a virus dictionary.
  • Using a method called heuristic analysis, it will also try to detect suspicious activity from any program that might seem to be infected.

Antivirus programs come in different flavors, but the common denominator is that they seek out viruses and other malware, and neutralize them.

The computer’s hard drive and external drives are also included in the scanning process.

What’s really important is that you make sure that your AV software is set for automatic updates—and on a daily basis at that—so that any new viruses or malware can be quickly pounced upon and rendered disabled.

Cybercrimes are more prevalent than ever, says the McAfee Threat Report. Check out some findings:

  • Fairly recently (first quarter of 2013) was a time that was the most active, ever, for the entire gamut of malicious software generation.
  • More than 14 million new samples were identified by McAfee.
  • Malware is evolving, becoming savvier. An example is the Zeus malware that gets spread when the user unintentionally downloads it (from being tricked into doing so), or, when the user opens an attachment in an e-mail, not knowing it’s poised to infect his computer. This malware is smart because it evades anti-spam software by presenting as graphics instead of text in the e-mails.
  • Every month means about six million new botnet infections.
  • Between the first and second halves of 2013, new phishing websites doubled in number.
  • Sixty percent of the leading Google search terms returned malicious sites just in the first 100 search results alone.

The key is simply to have antivirus installed, let it run its updates automatically and pay for the annual license. As long as you have it, it will prevent most infections.

 

a member-uploaded image
4478

Comments: (4)

Boris Taratine
Boris Taratine - visa - London 17 August, 2014, 14:38Be the first to give this comment the thumbs up 0 likes

I am wondering if the author aware that the modern most devastating malware attacks are specifically designed to circumvent antimalware defences?

Robert Siciliano
Robert Siciliano - Safr.me - Boston 17 August, 2014, 14:53Be the first to give this comment the thumbs up 0 likes Yes Boris. The author is aware. Did you read it? Or do you just like to wonder?
Boris Taratine
Boris Taratine - visa - London 17 August, 2014, 18:54Be the first to give this comment the thumbs up 0 likes

Great, we are on the same page then! So, if we both are aware and agreed on the fact that the modern most devastating malware attacks are specifically designed to circumvent antimalware defences, I am not sure I see how would the recomendation to "simply have antivirus installed, let it run its updates automatically and pay for the annual license. As long as you have it, it will prevent most infections" be "the key" to resolve the problem which causes the most concerns? In situation where not an infection per se but adversary's objectives is what causes the pain, not the quantity of those stoped matters, but the quality of those missed. Do not you think? And that is not clear from the arcticle.

 

Robert Siciliano
Robert Siciliano - Safr.me - Boston 17 August, 2014, 20:46Be the first to give this comment the thumbs up 0 likes Agreed. But this post isn't about the Stuxnets. Generally, most devices connected to the internet are consumer. For them, AV is essential. Including Android mobiles. The majority of infections aren't designed to shut down AV and AV will prevent most of them.