How does antivirus detect viruses?

It matches files to known malware signatures and flags suspicious behaviour that looks like an attack, even from unknown threats.

Do I still need antivirus today?

Modern phones and operating systems have strong built-in protection, but safe habits and regular updates matter just as much.

What is a false positive?

When antivirus flags a safe file as a threat by mistake; you can usually review and restore it from quarantine.

Technology

How does antivirus software work?

Antivirus software works by constantly scanning files and behaviour for threats. It compares files against a database of known malware 'signatures', watches for suspicious actions, and quarantines or deletes anything dangerous — updating its threat list often to catch new attacks.

See it in motion.

Watch a 2-minute animated lesson that shows exactly how antivirus software works.

▶ Watch the visual lesson

Step by step

1Scans files against a malware signature database.
2Watches for suspicious behaviour in real time.
3Quarantines or removes detected threats.
4Updates frequently to catch new malware.

Frequently asked questions

How does antivirus detect viruses?: It matches files to known malware signatures and flags suspicious behaviour that looks like an attack, even from unknown threats.
Do I still need antivirus today?: Modern phones and operating systems have strong built-in protection, but safe habits and regular updates matter just as much.
What is a false positive?: When antivirus flags a safe file as a threat by mistake; you can usually review and restore it from quarantine.

How does antivirus software work?

Step by step

Frequently asked questions

Related topics