Anti-Virus Key Terms

Understand the key components of your anti-virus program

As the popularity of the Internet has grown, computers have become an integral part of nearly every business in the country. The advent of high-speed Internet has created a situation where most computers are connected to the Internet at least eight hours a day. That high degree of connectivity brings with it an equal amount of risk. Almost every computer now has some kind of anti-virus protection, and if it doesn't, it should. Learn how different parts of your anti-virus program work together to protect you by understanding anti-virus terminology.

Virus definition files and virus database

Most anti-virus programs update on a regular basis by downloading the most current virus definition files and placing them in a virus database. Included in these files are signatures for all known viruses. A virus signature is a unique sequence of bytes that identifies malicious code.

Heuristic analysis

Heuristic analysis is used by anti-virus programs to detect viruses that aren't contained in the virus definition file. It detects these previously unknown viruses by several different methods. One method involves decompiling a suspicious program - breaking down and analyzing the source code and comparing it to known virus codes. Another method is to run the suspicious file in a virtual machine, allowing the anti-virus to see what the file will do without allowing it to interact with your computer. Heuristic analysis can suffer from false positives.

Anti-virus engine

The heart of any anti-virus product is the anti-virus engine. The engine finds and removes malicious code. The reliability and security level of your anti-virus program is determined by the quality and sophistication of its engine.

Rootkit scanner, or rootkit detector

Rootkits are particularly nasty viruses that are very effective at hiding other malware, trojans or viruses from your anti-virus program. Rootkit detectors are specialized to find and remove these threats. Some anti-virus programs, like Avira Antivir, include a rootkit scanner. There are also many stand-alone rootkit detectors to choose from, such as the free Panda Anti-Rootkit.

Intrusion-detection systems, or intrusion-prevention systems

Intrusion-detection systems (IDS) are included in some anti-virus suites, such as Norton 360. They can also be called intrusion-prevention systems, or IPS. They protect your computer from external attacks by analyzing traffic that flows into and through your network. There are also third-party IDS that can be either installed on individual computers or deployed on the network to monitor entire network segments.

Personal firewall

Most anti-virus programs include a software-based personal firewall component that is more robust than the Windows firewall. This integrated firewall protects a single computer from hacker attacks. Different personal firewalls have different degrees of fine tuning built in.

Find Pre-Screened Vendors

Compare quotes and save: