What is antivirus software and how does it work?

Antivirus software has evolved a lot recently, and we need it more than ever

what is antivirus software antivirustock01
Yui Mok - PA Images/GettyImages

You’ve probably been hearing about antivirus software as long as you’ve had a computer. It’s been a staple of almost every pre-built PCs since the early 90s, and if you ask your friendly, neighborhood ‘IT guy’ how to protect your system, invariably they’ll suggest you have some sort of antivirus solution in place. If you use best practices for staying safe online like not clicking on links or attachments in emails, not visiting dodgy websites, and sticking to curated app stores on your mobile devices, your antivirus may simply operate in the background not seeming to do much, even though it does.

But what is antivirus software, and how does it work? There are a number of definitions and depending on which company you go to for their security solution, their tactics for targeting malicious applications like viruses and ransomware can be quite different. Being well-versed in what these sorts of tools can do is the best way to make an informed choice about the best antivirus software for you or your small business.

What is antivirus?

Antivirus software, or as it’s more commonly known today, anti-malware software, is a tool that looks for applications that run on your PC (or smartphone) that shouldn’t be there. It uses a number of methods to differentiate between that Word document you’re editing and a nasty piece of software that’s going to throw up annoying pop up adverts or steal your bank details. It can even spot when otherwise legitimate applications have been hijacked by a virus.

Some antivirus software uses “live” protection to automatically block such viruses and malware from running at all, even stopping you visiting websites or opening emails that may have viruses attached to them. Others, known as remediation tools, offer scanning functionality only, and must be run in order to clean up a malware infection after it has taken hold.

When antivirus software finds a malicious program on your system it will typically offer options for quarantining it — making it unable to operate as intended — or delete it entirely. Although getting rid of them makes sure your system is cleaned from the infection, quarantining does have some benefit in that it makes it easier for the antivirus software companies to analyze the threat and potentially alter their antivirus solution to be more capable of defending against it in the future.

Do you need antivirus software?

Modern operating systems come with a number of built-in protections like firewalls or Windows Defender, to help prevent viruses from taking hold on your system. If you’re careful with how you use your devices and steer clear of links, attachments, and dodgy websites, or even operate on a virtual machine, then you may well be safe from most virus threats.

That said, there are threats out that even the most well-prepared PC or mobile user can’t prepare for. Sometimes legitimate download servers are hijacked and flaws in the Wi-Fi network you connect to could leave you vulnerable in other ways entirely. Having a robust antivirus solution that runs alongside all of the modern operating system and browser protections is a great first step in protecting yourself and your system. At worst, it provides peace of mind that you should be protected against nasty threats like ransomware, and at best, it halts those threats in their tracks should you stumble across them as you venture forth online.

You don’t always have to pay for it, as there are great free antivirus applications out there. However, we’d recommend you have at least one of them running on all your devices, just to make sure you at least have the basic protections in place.

Which antivirus should you choose?

Choosing the right antivirus is much like any other technological decision — it very much depends on you. There are tools that are great remediation scanners, others with plenty of preemptive protective measures, and some that do more than just block malware attacks. But there are some that are worth recommending over others to help you get started. After all, downloading just any old security software can sometimes put you at even greater risk.

Some of our favorite antivirus programs include the likes of BitDefender’s Antivirus Free Edition and Avast Free Antivirus. Out of the premium solutions, MalwareBytes is one of the best, offering protections against all sorts of threats, as well as active web protection to help you avoid dodgy websites entirely.

If you’re looking for the best Mac Antivirus, here are some of our favorites.

How does antivirus work?

Antivirus software has changed a lot over the years. While the earliest iterations of it were bespoke programs designed to specifically target individual viruses, today there are millions upon millions of different pieces of malicious software out there. To combat that ever-evolving threat, antivirus software has changed and expanded in scope. The best anti-malware solutions today use a combination of different tactics to help protect your PC and MacOS desktops, as well as your smart devices and networks.

Here are the three methods antivirus software most commonly use:

Signatures

The most tried, tested, and reactionary of the methods used to combat viruses and other malware, signature-based detection looks for the specific digital code of a virus and if it spots it, quarantines or deletes it. Think of it like a virus’ fingerprint. The upside to it is that once a virus has been identified it can be added to a signature database which is stored locally or in the cloud and then accessed when scanning a system for threats. The downside to it is that it’s not very useful for brand new threats. It requires at least one person or system to be attacked by the malicious software and identify it before everyone else can be protected against it.

With hundreds of thousands of new viruses being created every day, more is needed to keep modern systems safe. That’s why, although MalwareBytes’ free tool provides mere signature scanning, its premium versions do much more.

Behavioral detection

A more modern technique for tracking down known and unknown viruses and malware is behavioral detection. Instead of looking at what a piece of software is, behavior monitoring looks at what software does. The way a human might operate certain programs, or the operating system like Windows or MacOS may perform certain functions is quantifiable and relatively well-defined. Viruses and other malicious programs, however, tend to perform certain functions which aren’t typical of a user.

Malware might attempt to shut down or bypass anti-virus solutions on the system. It might try to make it so that it runs every time you startup your system without asking, or contact an external server to download other malicious software to your system. Behavioral analysis looks for software attempting to perform these functions and even at the potential for applications to perform them, once again quarantining or deleting them as they are detected.

Although there is greater potential for false positives with behavioral detection than signatures, it’s a crucial component in the antivirus puzzle. Ransomware attacks that encrypt files and demand payment to unlock them, require a very fast response and signatures alone would be unlikely to be able to stop it. Behavioral detection however, like that offered by BitDefender, can spot encryption and halt it in its tracks, even rolling back any encrypting it has done in some cases.

Machine learning

Teaching computers how to do something has always been difficult and time-consuming, but machine learning allows computers to teach themselves in a much more efficient manner. That’s exactly what machine learning in antivirus leverages in order to provide another important layer in modern anti-malware protections.

Antivirus software that uses machine learning can analyze the code of applications and decide based on its understanding of malicious and benign programs, whether that particular piece of software is dangerous or not. It’s effectively an artificial intelligence solution and when used in conjunction with other security protocols has proved extremely effective at combating threats new and old. In some cases, companies like Cylance are using it as their only antivirus solution, though most offer a more rounded toolset.

Machine learning does require internet connectivity so that it can leverage the power of cloud-connected databases of information which it then draws from to detect malicious software. However, it can evolve and adjust far quicker than the more human curated methods of antivirus protections and that helps keep the most modern solutions up to date with the ever-evolving threat landscape.

Computing

Faster new PCIe 5.0 standard leapfrogs the best feature of AMD’s Ryzen 3

PCIe 5.0 will bring even faster data transfers, but it may only be found on HPCs and servers initially. The standard is four times faster than your current PC at transferring data, and new devices could appear later this year.
Computing

Yes, Android apps can run on your PC, and it's easier than you think

Wish you knew how to run Android apps in Windows? It's easier than you might think and there are a number of different ways to do it. In this guide, we break down the steps so you can follow along with ease.
Home Theater

QLED and OLED may have similar names, but they're totally different technologies

The names may look almost identical, but OLED and QLED are two entirely different beasts. In our QLED vs. OLED battle, we dissect the differences between these dueling TV technologies, and help determine which might be best for you.
Computing

Getting Windows 10 updated doesn't have to be so painful

Windows update not working? It's a more common problem than you might think. Fortunately, there are a few steps you can take to troubleshoot it and in this guide we'll break them down for you step by step.
Mobile

Is your smartphone frozen? Here's how to reset your iPhone

You can do a lot with an iPhone, but if you ever run into an issue with it, the first thing you should do is restart it. In this guide, we tell you how to reset your iPhone, and explain how it differs from a factory reset.
Deals

From Chromebooks to MacBooks, here are the best laptop deals for January 2019

Whether you need a new laptop for school or work or you're just doing some post-holiday shopping, we've got you covered: These are the best laptop deals going right now, from discounted MacBooks to on-the-go gaming PCs.
Product Review

LG Gram 14 proves 2-in-1 laptops don’t need to sacrifice battery for light weight

The LG Gram 14 2-in-1 aims to be very light for a laptop that converts to a tablet. And it is. But it doesn’t skimp on the battery, and so it lasts a very long time on a charge.
Computing

Keep your laptop battery in tip-top condition with these handy tips

Learn how to care for your laptop's battery, how it works, and what you can do to make sure yours last for years and retains its charge. Check out our handy guide for valuable tips, no matter what type of laptop you have.
Computing

Protect your expensive new laptop with the best Macbook cases

If you recently picked up a new MacBook, you’ll want something to protect its gorgeous exterior. Here, we've gathered the best MacBook cases and covers, whether you're looking for style or protection.
Computing

Watch out for these top-10 mistakes people make when buying a laptop

Buying a new laptop is exciting, but you need to watch your footing. There are a number of pitfalls you need to avoid and we're here to help. Check out these top-10 laptop buying mistakes and how to avoid them.
Computing

Don't spend a fortune on a PC. These are the best laptops under $300

Buying a laptop needn't mean spending a fortune. If you're just looking to browse the internet, answer emails, and watch Netflix, you can pick up a great laptop at a great price. These are the best laptops under $300.
Computing

Dell XPS 13 vs. Asus Zenbook 13: In battle of champions, who will be the victor?

The ZenBook 13 UX333 continues Asus's tradition of offering great budget-oriented 13-inch laptop offerings. Does this affordable machine offer enough value to compete with the excellent Dell XPS 13?
Gaming

Take a trip to a new virtual world with one of these awesome HTC Vive games

So you’re considering an HTC Vive, but don't know which games to get? Our list of 25 of the best HTC Vive games will help you out, whether you're into rhythm-based gaming, interstellar dogfights, or something else entirely.
Computing

The Asus ZenBook 13 offers more value and performance than Apple's MacBook Air

The Asus ZenBook 13 UX333 is the latest in that company's excellent "budget" laptop line, and it looks and feels better than ever. How does it compare to Apple's latest MacBook Air?