Antivirus programs

An active antivirus program, also called endpoint protection or virus protection, is an important basic measure for the protection of devices and the data stored on them. It is designed to prevent malware from infecting the device and causing damage. An antivirus program usually has two tasks:

  • It scans the device for malware and tries to clean it in case of an infection.
  • It protects the device against new infections by means of a so-called guard function.

Modern antivirus programs usually include further functions, such as protection against accessing harmful websites or a firewall that blocks unauthorized access to the device.

  • How an Antivirus Program Works

    Virus Analysis through Virus Definition Files

    Generally, all antivirus programs use the same methods to detect malware on the device. To detect malicious programs, they use a so-called (virus) definition file, in which the detection characteristics (signatures) of the virus are recorded. The manufacturers update this file on a regular basis. It is therefore essential for the functionality of the antivirus program to regularly update the definition files. This has the disadvantage that only malware that is already known can be identified and deleted.

    Virus Analysis by Heuristics and the so-called Sandbox

    Other options for detecting malware are the heuristics function and the so-called sandbox. They detect malware by its behavior patterns, by similar file headers (header entries in a file) or by suspicious file formats. In the so-called sandbox, the file is carried out in a protected and sealed memory area, so that potential damage cannot leave the sandbox. The behavioral analysis then decides whether a program can be classified as harmful, for example if it attempts to manipulate system data, or as harmless.

  • Antivirus Programs for Computers

    Current versions of Windows arrive with the so-called Windows Defender pre-installed, which provides sufficient protection. Alternatively, employees and students can use the Sophos Antivirus Home application for private devices without charge. This can be installed on Windows, macOS and Linux.

    For the protection of devices used for work purposes, please contact the responsible administrator or your IVV.

  • Antivirus Programs for Smartphones, Tablets and Co.

    A frequently asked question concerns the antivirus protection of smartphones, tablets and similar devices. Although malware also infects smartphones and tablets more and more frequently, the protective effect provided by antivirus apps is significantly more restricted in contrast to full antivirus programs. As a rule, antivirus apps only provide an estimation of the reputation or requested permissions of installed apps. Antivirus apps from renowned manufacturers, such as Sophos, can nevertheless provide some additional protection.

    For the protection of devices used for work purposes, please contact the responsible administrator or your IVV.