What Is Antivirus Software?
Antivirus (AV) software is a baseline layer of protection for your computer or mobile device, against malware threats that can compromise the integrity of your system and/or data. AV programs typically scan files, programs, and other data in real time to identify and prevent attacks before they can infect your system or cause any harm.
When a threat is detected, antivirus software isolates the infected program or file from other files and processes to avoid spreading the infection. It also often deletes the dangerous program or file and displays an alert to let you know that the threat has been removed.
Virus detection primarily relies on a database of known malware signatures. More advanced malware can evade signature-based detection by encrypting parts of themselves or otherwise changing their structure to avoid matching virus definitions in the databases of anti-virus programs. To combat this, many AV programs use cloud analysis and more modern methods like sandboxing to analyze suspicious files in an isolated environment.
In addition to identifying malware and viruses, most antivirus software can protect against spyware—malware that aims to steal your information, such as keystrokes, email messages, passwords, or credit card numbers. Spyware can take several forms, from hidden programs that log your activity to Trojans that disguise themselves as legitimate programs while mining your data.
Antivirus protection may include a tool called behavioral analysis, which can recognize malicious behavior and infer whether a program is dangerous. This can include things like attempting to access a large number of files or programs rapidly, changing settings for other programs, monitoring your keystrokes, and remotely connecting to your computer.