How do anti-viruses work?
Problem
So I was thinking about viruses recently, and wondering how exactly antiviruses keep up? Considering anybody who'd been coding for a few weeks could hack together something do do nasty, nasty things to somebody's PC, the quantity alone would make a simple list of hashes prohibitive, so how do antiviruses do it? Do they monitor process activity and have a 3 strikes rule for doing virus-like things? And if so, what's stopping it from triggering on perfectly harmless things (like me moving files around in \system32)? I did a bit of googling, but the regular places didn't particularly help, and I couldn't find a dupe here, so I thought it'd be good to ask :)
Unverified for your environment
Select your OS to check compatibility.
1 Fix
Fix for: How do anti-viruses work?
This This article from 2002 talks about building an antivirus engine. The article will describe the basic ideas, concepts, components and approaches involved in developing an anti-virus program from scratch from a developer’s/software engineer’s point of view. It will focus on the main elements of an anti-virus engine (hereafter referred to as AV engine) and will exclude aspects like graphical user interfaces, real-time monitors, file system drivers and plug-ins for certain application software…
Awaiting Verification
Be the first to verify this fix
Sign in to verify this fix