How does antivirus software work?

From Kayleigh Tees

Antivirus software basically does two jobs. First it identifies a virus threat, then it does something about it. The major technique for identifying viruses is to compare what’s happening on your computer with a ‘dictionary’ of viruses, and react if a match is detected. As there are always new viruses, the dictionary needs to be regularly updated. However, antivirus software also looks out for programs behaving suspiciously,
doing the sort of things viruses do, so it can alert you to things that might be viruses but aren’t in its dictionary. Antivirus software runs constantly, checking on your computer’s activities as they happen, but can also scan all your computer’s files. Depending on how a virus is detected, the antivirus software might warn you not to use an infected program or webpage before the virus actually strikes, or if your files are infected, it will quarantine them or delete the virus code.

Answered by Tom Lean for Brain Dump, How It Works issue 92

To feature in our Brain Dump section, send us your questions to [email protected] or message us on Facebook or Twitter