How Antivirus Works?

We have all heard of antivirus. It protects our PC(s) against various security threats like virus, worm, and other types of malware. Alright. But do you know how antivirus works? Let's take a look at how the most popular security software in the world protects our PC(s) not just against malware attacks but against zero-day threats too.

Malware Identification – Blacklisting and Whitelisting

Of course, like with most security check mechanisms, an identification process for identifying malware is followed. This identification process is dependant upon 'virus signatures' – a way of identifying virus and other malware based on code snippets involved in the respective malicious software – which are contained within the antivirus database. As and when a new virus or malware signature is identified, the antivirus database is updated with it.

How Antivirus Works

Based on these virus signatures, the antivirus performs blacklisting and whitelisting. Blacklisting is the process of putting software which tested harmful in 'a do not allow' list and whitelisting does the exact opposite. That is, putting software which tested not harmful in an 'allowed list'. Your computer starts operating based on these security rules.

Various Scanning Methods

Equipped with these blacklisted and whitelisted lists, the antivirus software protects your computers by scanning it regularly against the blacklisted and whitelisted software – available in its database - to make sure everything is fine and your computer secure. The same check is performed whenever a new application is accessed by your PC. This way your PC is protected from various security threats.

Scanning method employed by antivirus software are usually of two types: i) static scanning and ii) heuristics scanning. Static scanning is solely based on virus signatures and heuristics or dynamic scanning is based on malware behavioral analysis. Heuristics scanning is quite important to combat the modern-day malware.

Real-Time Protection Is Crucial

The rapidly evolving cybersecurity threat landscape throws up different strains of malware almost every day. To challenge them, your antivirus needs to be updated with virus signatures as and when they are created by the security community. Because only an up-to-date antivirus software will be able to handle the emerging threats easily. Therefore only use an antivirus software which updates itself with the latest virus signatures on a regular basis.

Free Vs. Paid? Which Is Best?

Another question which often pop-ups while dealing with Antivirus is whether to go for free or paid ones? Well, the answer depends on what kind of protection you are looking for. If you are looking for simple protection, like securing yourself while online, then free antivirus is enough. Whereas if you are looking for sophisticated protection, like malware removal support, then paid ones would serve you better.

Visit Comodo Website And Learn How Antivirus Works

Comodo Antivirus Protection, which comes equipped with impressive security features like Containment, HIPS, Viruscope and more, ensures PC(s) are well protected against security threats of different kinds. Therefore be it known malware attack or unpredictable and unknown zero-day threats, with Comodo antivirus protection by your side, your PC(s) will be well protected against them.

Comodo's answer to how antivirus works is contained in the following technologies which it makes use of to protect your PC(s):

  • Default Deny Approach - technology unique to and developed by Comodo which ensures all files (be it malicious, good or bad) are denied entry to critical system files and folders until they prove themselves to be harmless. This is extremely useful to counter zero-day attacks which are usually unpredictable and therefore unresolvable.
  • HIPS and Viruscope - Host Intrusion Prevention System (HIPS) which impose security rules for preventing malware intrusion and establishing an intrusion prevention system. And Viruscope for monitoring system processes and stopping or undoing any malicious activity which might be infecting one of these processes.
  • Cloud-Based Malware Analysis - cloud-based system scans to detect if a given file is malware or not. Another useful provision for combating zero-day malware.
  • Advanced Firewall Engine* - The customizable firewall offers solid security against inbound and outbound threats. This implies protection against hackers, malware, identity theft and various other network security threats. (available only with CIS Premium Free)
  • Unlimited Virus Removal Service* - PC users are infected with the virus and other such malware, can get their PC(s) repaired in no time by making use of the unlimited malware removal service which is a part of Comodo Internet Security (CIS) (available only with priced CIS editions)
  • 24/7 Available Support* - Comodo Internet Security (CIS) users are also bestowed with the privilege of seeking the support's assistance anytime. All PC users have to do is just give us a call and our support team will be glad to help you out (available only with priced CIS editions).
  • And Much More* - apart from this, there are several other technologies which come equipped with Comodo Free Antivirus which tackle malware as well as zero-day attacks effectively (available only with priced CIS editions).

Got more than 1 PC? Get 3 Licenses for $9.99 & Save 59%!

Related Resources