What does antivirus software do?
The purpose of anti-virus software is to try and identify and block viruses, Trojans and other malicious software (often referred to as malware) before it can infect your computer and to remove any infections that may be present at the point that anti-virus software is installed.
Different Antivirus packages take slightly different approaches to detecting an infection but generally speaking they usually scan the computer for patterns or "signatures" associated with known viruses. Some anti-virus packages also offer "heuristic" scanning which attempts to recognise the characteristics of malware even if the package does not have a specific signature for the virus, the functionality is included as there is often a short time lag between a virus appearing and antivirus vendors releasing new signatures for their products. Most modern packages will scan the computer's memory and files held of the computer's hard drive or removable storage; typically files will be scanned either a part of a scheduled scan, a manual scan or when they are accessed by the user.
What happens when antivirus software detects a virus?
The response to an infection varies from package to package but typically the software will attempt to clean the file (remove the virus); if it is unable to clean the file it will offer you an option to quarantine the file (move it to a special directory for infected files) or delete the file. Depending on the package and configuration you may be prompted to confirm some or all of these actions; you should ensure that you are familiar with how your antivirus software responds to particular situations.
Best Practice for Using Antivirus Software
Once you have installed antivirus software you need to ensure that the virus signatures are kept up to date. Most modern antivirus packages include some kind of automatic update function that will retrieve updates from the company providing the software. The detail of how this is achieved will vary from package to package but the end result is the same. It should be noted that most antivirus software companies charge an annual subscription for these updates, so it is important to keep your subscription in good standing so that you continue to receive the updates; most antivirus software will warn you if your subscription expires. If your antivirus software requires manual updates make sure that you update the virus signatures on a regular basis (at least once a week).
Immediately after installing your antivirus software you should run a complete system scan. This will enable you to detect any infections that may have been present prior to the installation of the antivirus software. Most packages prompt the user to perform a complete system scan after installation but, in the event that your package does not, make sure that you take this step.
Ensure that you enable file access scanning (it is usually enabled by default), this will cause your antivirus package to scan files as they are accessed and report on any infections.
Configure a scheduled scan of your PC for once a week; depending on the performance of you PC your computer may become unusable during the scan and you may want to schedule the scan for a time when you are not using the computer.
For removable media such as CD-Roms, DVDs, USB memory sticks etc., consider disabling auto-run behaviour (where you computer will attempt to automatically run software on the removable media) and manually scan the removable media before you open any files.
When opening email attachments or downloading files from web sites, save them to you PC before opening them to ensure that your antivirus software has an opportunity to scan the file.
