Is a computer program to prevent, detect and remove malware from your system.

If possible, it eradicates the virus, disinfects the affected files and restores your machine into a safe state.

If it doesn’t know how to remove a virus, you can quarantine the affected files.

Antiviruses do not only provide protection against viruses, they also help against worms, trojans, logic bombs, etc.

Detection: Signature-based

The vast-majority of anti-viruses are signature based. They have a large database of characteristics of known viruses and compare those to your files. So outdated signature-based anti-viruses often to not protect very well, since their database (outdated definition file) is not up to date with the newest technology.

Example

Windows defender, McAfee

Detection: Heuristic-based

This type of software tracks and analyzes the behavior of software. It tries to find attempts of elevation of privilege coverage of electronic tracks and alteration of unrelated files.

If a suspicious software is detected it’s added to a blacklist and updated into the “virus database”.

Example

Malwarebytes

Detection: Data integrity

This software works by maintaining a database of hash values for all stored files and if any of them is suddenly altered without authorization, the system administrator is alerted.

Example

Tripwire File Integrity Monitoring (FIM)