Updating signature files
Depending on the scanning vendor, updates may be offered hourly, or daily, or sometimes even weekly.
Much of the need to provide signatures varies with the type of scanner it is, i.e. For example, adware and spyware are not nearly as prolific as viruses, thus typically an adware/spyware scanner may only provide weekly signature updates (or even less often).
Keeping the signatures up to date doesn't guarantee a new virus will never slip through, but it does make it far less likely.
A signature file is a short text file you create for use as a standard appendage at the end of your e-mail notes or Usenet messages.
These updates add the detection capability to the scan engine.
Depending on the type of scanner being used, it may be a static hash which, in its simplest form, is a calculated numerical value of a snippet of code unique to the virus.This allows the scanner to detect a brand new virus it has never even seen before.This ability is commonly referred to as either heuristics or generic detection.Each time a new virus is discovered that is not detectable by an existing signature, or may be detectable but cannot be properly removed because its behavior is not totally consistent with previously known threats, a new signature must be created.After the new signature has been created and tested by the antivirus vendor, it is pushed out to the customer in the form of signature updates.