How Does AntiVirus Work

The Antivirus is a Software that detect harmful Software’s or programs  like Computer Virus, Computer Worms, Trojan Horses, Spyware, Ad-ware. Antivirus are one of the most important part of a computer and save us from many dangers every day. But the Question arises that how do they work?

 The Antivirus Work in two main Ways:
  • Signature based detection
  • Checking for Suspicious Behaviour
Signature Based Detection

The Signature Based Detection is the way in which the antivirus compare the content of the file to the dictionary of the viruses. This is a very effective way because it is able to identify all the viruses that are publicly known. The example of it is like this: If the file is like this 10101010 then the antivirus will compare it with dictionary, if it match’s the 10101010 in dictionary than it will be considered as virus. The effectiveness of this method depends on that the virus or Trojan is public if it is not that it may not be able to detect it. Some hacker uses Crypter software to hide the content of the file e.g 10101010 would become 12121212 now antivirus would not find it in Dictionary because it seems another file to dictionary but in reality the file would still be virus. To encounter with this problem Antivirus Dictionaries also include the entries to identify the Crypted Virus. For Example they would also keep 12121212 in Virus Signature and identify that as virus also.

Suspicious Behaviour
This type include the antivirus running in the real time and observing the behaviour of the the files running. It sees that if the files are overwriting the data without users permission or notification. If this kind of behaviour is observed by the antivirus it will suddenly stop the program and ask the user about the reliability of the file. So User can choose the is it All right to let the program work or if it is a virus s(he) can stop it.

p { margin-bottom: 0.08in; }

Point To Be Consider

p { margin-bottom: 0.08in; }

  • As you have seen that normally the antivirus take the content or signature of a file or program to compare it with its database, now what if the database of an antivirus is not updated and if any new malware try to exploit your computer and your antivirus don’t identify it because it has no information about. So the new threat can easily bypass your antivirus and will cause a harm to your computer, this is called Zero-day threats.
  • Awareness among the user(s) is/are very important rather than antivirus software’s, you should teach your self on how to be safe on the jungle of web where every day, is the day of new threat.
  • You must be aware about the viruses and their effects and how they spread.
  • Do not download and run the unknown programs from Internet.
  • You should know how to secure yourself from malware.
  • You must know about the latest antivirus software for your operating system.

So these are two main ways employed by the antivirus to detect the unwanted files. So now always when you run a scan you would know what is happening.

About The Author
This Article was written by Muhammad Haseeb Javed. He Blogs at

Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Top Suggestions To Minimize Cyber Attack Risks

The Cyber Protection and Cyber Attack definition play an important role in maintaining both global security and operational productivity due to the rapid proliferation...

Policing the Dark Web (TOR): How Authorities track People on Darknet

The darknet, especially the TOR network, can be hacked, or the information of the people using it can be extracted in the plain text....

Best VPNs for Android – and Why You Need One Now

Most people protect their laptops and computers from potential cyber-attacks but only consider the cybersecurity of their mobile devices when it’s too late. In recent...

The Levels of the Internet Surface Web, Deep Web, and Dark Web

The internet, invented by Vinton Cerf and Bob Cahn, has evolved since its creation in the 1960s. In 1990, the World Wide Web transformed...


Then sign up for FREE to the ehacking’s exclusive group. You will get the exclusive tips/tricks, tutorials, webinars & courses that I ONLY share with my fellow on this exclusive newsletter.