How Does Antivirus Software Identify Potential Viruses?
When selecting an antivirus program for your home or business it’s important to take into consideration more than just the detection rate in controlled tests. It is important to make sure that it can detect new viruses and malware. Virus writers are constantly searching for ways to beat antivirus software. They create viruses that disable their own detection methods, or bypass the antivirus software itself.
One of the early types of antivirus programs operated by comparing files that came into devices against their database of malware signatures that they have identified. This is a type of signature detection that works well with older malware, but the problem is that virus authors can create new signatures for new types of viruses at any moment so the antivirus protection would always be playing catch-up.
The most recent antivirus programs employ the heuristic method to identify possible threats. Instead of focusing on exact matches, heuristics examine patterns in files and programs to see if they match those of known malware. This technique has been augmented by a method called behavior-based detection that examines how the program or file behaves in order to determine whether it is infected with malware.
Some viruses try to defeat anti-virus software by hiding, preventing access to an antivirus program’s update webroot vs windows defender system, or corrupting code or library files needed for a virus scanner to function. Certain viruses are more sophisticated, and can directly alter or disable elements of the antivirus software. These kinds of virus are becoming more frequent and typically include features such as a worm component that spreads from computer to computer.