: Completely deleting the malicious file or application from the device. What Is Antivirus Software? - Sophos
: This is the traditional method where the software compares file code patterns (signatures) against a database of known threats. It is highly effective for established malware but cannot detect "zero-day" threats that haven't been cataloged yet.
: This method looks for suspicious code structures or characteristics shared with known malware. It helps identify new variants or "polymorphic" viruses that have altered their code to avoid signature detection. How Does Antivirus Software Work? – AZMATH
: Moving the file to a secure, hidden folder where it cannot execute or interact with the system.
: Instead of looking at what a file is , this analyzes what a file does . If a program attempts suspicious actions—like encrypting files (ransomware behavior) or disabling security tools—it is flagged, even if the software has never seen that specific code before. Advanced Protection Features : Completely deleting the malicious file or application
: Many products send data about unknown files to a cloud database for rapid analysis based on collective threat intelligence from millions of other users.
: Suspicious files are run in an isolated virtual environment (a "sandbox") to safely observe their behavior without risking the main system. It is highly effective for established malware but
: Often called "on-access scanning," the antivirus constantly monitors active files, network traffic, and system calls to block threats as they arrive.