Antivirus software uses several techniques to detect malware.
Antivirus software uses several techniques to detect malware. Modern antivirus programs don't just look for known viruses—they also analyze behavior and suspicious patterns. 1. Signature-Based Detection This is the oldest and most common method. How it works: Every known malware sample has a unique "signature" (a pattern of bytes). Antivirus compares files against a database of known signatures. If a match is found, the file is flagged as malware. Example: File → Scan → Signature Match → Malware Detected Advantages ✅ Fast ✅ Accurate for known threats Disadvantages ❌ Cannot detect brand-new malware 2. Heuristic Analysis Looks for suspicious code patterns rather than exact signatures. Example: The antivirus may notice a program that: Modifies system files Disables security tools Attempts to replicate itself Even if the malware has never been seen before, it may be flagged. Advantages ✅ Detects some unknown threats Disadvantages ❌ Can gen...