Q2. How does antivirus software work?
Ans. Antivirus software installed in your computer works by finding out whether the virus that has attacked your computer is already known or unknown. If it is a known virus (one that has already been detected and has an antidote written for it), the software looks for the virus’s signature, a unique string of bytes similar to a fingerprint that identifies the virus, and removes it from your computer. Most scanning software is able to detect not only an initial virus but also several of its variants because the signature code usually remains intact.
In the case of new viruses for which no solution has been created, the virus scanning software employs heuristics that look for unusual virus-like activity on your computer. If the program finds any suspected activity, it quarantines the questionable program and broadcasts a warning to you about what the program may be trying to do (such as modifying your Windows Registry).