An antivirus is a computer program that is intended to detect and remove viruses and other harmful programs before or after they enter the system.
That of viruses and antivirus is a race similar to the arms race that in the middle of the cold war pitted the United States against the USSR. And if we find viruses on one side, we have antivirus on the other. What do the latter consist of?
We understand an antivirus as that computer program capable of detecting and stopping computer viruses before they infect a system, or eliminating them when they have already caused the infection.
The arms race between virus and antivirus began with the recognition of signatures; These "signatures" are nothing more than snippets of the virus code, which the antivirus can detect with a thorough scan of all the files on the system.
This way of proceeding has a drawback: false positives. Sometimes programs that used similar codes to, for example, stay resident in memory, were falsely detected as viruses when, in fact, they were not.
Antivirus detection techniques evolved to look at the behavior of programs, detecting those that were suspicious for their actions.
Thus, virus characteristics such as self-replication (which mimics the contagion of biological viruses) were put under the scrutiny of antivirus observation.
Over time, the ways in which a virus reaches a computer has varied; If at the beginning, the main route of infection consisted of the exchange of floppy disks, the irruption and subsequent popularization of the Internet made the network of networks become the main source of infections for end-user and corporate computers.
The virus creators' objectives also varied: if at the beginning of everything it was more about performing a "trick" on the user, with which the viruses acted quickly and visibly, over time the organized mafias saw the potential of these pathogens as a tool.
As a consequence of this, the virus' actions became silent, they are not disclosed to the system, and they have also specialized in various tasks.
Due to this sophistication of computer pathogens, antiviruses have evolved and, with their evolution, incorporating a greater number of functions, which has led to the appearance on the market of the antimalware.
To the antivirus functionalities, a antimalware it adds others in terms of security such as firewalls, antispam, detection and elimination of adware, and active and comprehensive protection of the system.
The antimalware It is intended to be a comprehensive defense against any threat, while the antivirus is more specialized against a specific type of threat.
Let's say that, today, antivirus is one of the components of a much more complete, complex and comprehensive system called antimalware, which protects your computer from all possible threats, including viruses.
Its mission is proactive, maintaining a memory-resident module of the system and an on-demand scan engine to perform system analysis.
Due to the growth rate of malware development, part of the antivirus data has been transferred to the cloud, to gain speed and not depend so much on updates.
As new viruses are created almost constantly, it is always necessary to keep your antivirus program up to date so that it can recognize new malicious versions. Thus, the antivirus can remain running for as long as the computer system remains on, or it can register a file or series of files each time the user requires it.
The consumer model of antivirus products has also evolved over time to an SaS model (Software as a Service, programs as a service), with annual subscriptions and / or monthly payments, and with the possibility of covering both the security of computers and mobile devices with a single product.