What are the various modules that an Antivirus incorporate for protection?

[jackuars]

We all use various antivirus and mostly different ones too. Each one of them uses their own technology to protect you and your system from malware. So i can definitely say that there is no best antivirus out there, as this is subjective.

This thread is an educational one to list out the various modules that are present in antivirus for protection.

For instance you can post like HIPS - "reason why it is there?"

 

[Morvotron]

I always had into my head that AV's were composed by real time protection module, scanning module, heuristic module, virus database, and desinfection tool.

Anyways, i actually never took the job to search and verify this, i might be wrong. I'm now watching this thread to read opinions.

 

[Der.Reisende]

I'm not sure whether my post is to special, but may I list up QTS 360 modules:
HIPS: Those come in handy as soon as you've not an detection for a zero-day malware, by blocking the malware by noticing dangerous behaviour, such as Autostart entries, trying to amend files (photos etc), or just blocking it due to heuristic malbehaviour.
360 Cloud Scan Engine (fast detection of new threats)
360 QVMII AI Engine: kind of a whitelist according to their website
Speedup/Cleanup tools: They help you to remove Temp files, to deactivate unnecessary Startup entries, visualize your startup time on a graph... Pretty nice tools
The sandbox is rather spartanic... It did not work that well for me, I prefer ShadowDefender for real-time tests.
WiFi Security check: I can't speak on that, as it did not support my former routher neither the new one.
Patch up: Nice feature for all systems but Windows 10, kinda Windows Update feature, but get's the update packages you can download manually, too. It automatically scans for new updates and offers to install them.
360 Internet Protection: I've noticed this one in Internet Explorer as well as in Google Chrome. It helps you blocking malicious sites, also has a nice extra feature to scan sensitive areas of your PC automatically when entering online shopping / banking sites.
They have a nice Anti-Ransomware module, I think it is based on those HIPS.
I'm sure someone will lose some words on Avira and Bitdefender, their engines can be added manually to improve Qihoo 360 detection.
Please notice that Avira and Bitdefender will run in Real-time protection regardless if they're activated or not (as long as you installed them). They will only be off when performing manual scans [this is due to the "Security" mode setting, where maximum protection features are enabled). Thanks @silversurfer for pointing that out

Qihoo has also some bonus software found at the Toolbox:
360 Connect is an App avaiable for iOS as well as Android, kinda remote connection to devices registered within the App. You can kick off scans, see the status... Did not try that one out so far.
I already mentioned the Patch Up feature (which is very nice).
Sandbox is also already mentioned.
System Backup Cleaner: Would be careful with that one, I think it clears up those Shadow copies.
Browser Protection: Very nice feature to lock down your browsers settings and help to save them from getting amended (e.g. Start Page, amendmends are blocked automatically).
Firewall: This downloads the free version of GlassWire. Made my computer laggy, although great UI.
Disk compression: In times of huge HDDs, I've never tried this one out - never change a running system

 

[Iapepe]

Kaspersky Anti-Virus 16

1. Antivirus = Real-time Protection from new and emerging viruses, spyware, and more as well as Proactive Detection of unknown malware and rollback of harmful activity.
2. Anti-Spyware = The cloud-based Kaspersky Security Network gathers data from millions of participating users’ systems around the world… to help defend you from the very latest spyware and malware attacks.
3. System Watcher & Rollback = Even if an unknown piece of malware manages to get onto your PC, Kaspersky’s unique System Watcher will detect dangerous behavior and allow you to undo or rollback most malicious actions.
4. Anti-Phishing = Kaspersky Lab’s latest anti-phishing engine helps to prevent you disclosing sensitive information to phishing websites that can try to use your confidential data to steal your identity and your money.
5. Anti-rootkit = The ability to detect active rootkits on a system and to scan hidden files and processes is an important element of antivirus protection. Kaspersky Lab has developed the TDSSKiller utility for removing malicious rootkits.
6. Automatic Exploit Prevention = Vulnerabilities within commonly used applications can give hackers a gateway into your PC. Automatic Exploit Prevention scans your PC for vulnerabilities and controls the actions of any apps that contain vulnerabilities – so hackers can’t exploit them.
7. Anti-Screen-Locker = Anti-Screen-Locker functionality helps unblock your PC if it’s infected with a ransom-ware Trojan
8. Security Optimized for Performance = All of our security technologies have been designed to work ‘behind the scenes’ – and combine efficiency and protection – so your devices can perform as they were designed to.
9. URL Advisor = Whenever you surf the web, Kaspersky’s updated URL Advisor adds color-coded tags to all web links within the list of search results – to warn you about the danger level of any links.
10. Instant Safety Checks = Instant Safety Checks for files & websites

 

[jamescv7]

In Avast Antivirus, its interesting to see where they add vast features however expectations differ at all.

Hardened Mode - Solve on every aspect for a security product, since it will block the file for being unknown hence safe for possible bypass however even though it can be effective however its been influence by other components

• Cloud functionality affects the overall Hardened Mode protection
• Without internet, also affects the detection of Hardened Mode
• Aggressiveness may become a problem for inexperienced users since you need to except on the rules.

Honestly I like the intention of Avast incorporating it however when it comes on HIPS and DeepScreen where needs an improvements.

DeepScreen analysis tends to bypass some threats at all where needs to improve in such worst case scenario where Cloud is not available.
For HIPS which likely based on suspicious detection needs also a little revision because suppose to act as final resort option.

 

[jackuars]

It'd be nice if everyone can contribute the features to their favorite softwares [like what Dr.Reisende and lapepe posted], so that I can update them on my main post for all antivirus software.

 

[Morvotron]

Seeing how people have answered, i'll give you my part.

This is how GData works:

-Real time protection
-Web protection. Links blocking and url scanning.
-E-mail checker. Email file scanner and desinfection tool. (i think it only works with Outlook?)
-Bankguard. Online banking and buying protection.
-Keylogger protection. Avoid keyboard hacking.
-Anti Pishing. Avoid getting scammed online.
-Exploit protection. Protection from software vulnerabilities.
-Boot support. Tool to create a boot cd/usb to check the system for infection when booting.
-Double engine: own and BitDefender
-USB Keyboard Guard. Protect system from malicious USB that simulate fake keyboards. (not sure what the heck is this)