- The main tactic antivirus programs use when finding and preventing virus attacks is performing full system scans. During these scans, the program is checking the contents of whatever file it is scanning (you can tell the program to scan just important system files or everything on your computer) against a database of virus signatures. If the program finds a match, that means a particular file is infected. The program will then quarantine the file so that no program can access it and it can't access any others, and then either repair it or delete it to get rid of the virus from your system.
- When not scanning your computer, most antivirus programs will monitor the behavior of the processes currently being run on your computer. The program knows how a computer is supposed to function when working normally, so if a program tries to write data in a peculiar way or connect your computer to an unknown server, the process will be blocked and the user will be prompted for instructions on what to do next.
- As new viruses are hitting the Internet on a daily basis, antivirus programs need to stay updated in order to have a fighting chance against threats. The companies who publish antivirus software have entire legions of employs whose sole responsibility it is to find a "cure" for any and all viruses on the Internet. Instructions on how to get rid of these viruses are then uploaded to a server where they can be downloaded to your antivirus program. It is important to update your virus definitions at least once a week in order to be prepared for the latest threats.
