For example, if a file that can format a hard disk is detected, the antivirus will warn the user. Although it may be a new formatting system that the user is installing on the computer rather than a virus; the action is dangerous. Once the antivirus has sounded the alarm, it is up to the user whether the danger should be eliminated or not.

Both of these methods have their pros and cons. If only the virus signatures system is used, it is important to update it at least once a day. When you bear in mind that 15 new viruses are discovered everyday, an antivirus that is left for two or three days without being updated is a serious danger.

The heuristic system has the drawback that it can warn you about items that you know are not viruses. If you have to work with a lot of items that may be considered dangerous, you could soon tire of the alerts. Programmers in particular may prefer to disable this option.


Permanent and on demand scans

When describing antivirus programs, it is important to clearly distinguish between the two types of protection on offer. The first is permanent scans, which are more complex and essential. These scans constantly monitor the operations performed on the computer to prevent any kind of intrusion.

The other type of protection available is on demand scans. These use the same scan engine as the permanent protection and check any parts of the system whenever the user wants. These are normally used under special circumstances. For example, a user may want to perform an on demand scan when using a new floppy disk or to check information stored on the computer that hasn't been used for a while.