Almost every computer in service today runs some kind of antivirus software package. An antivirus is a software that stops, identifies and removes malicious software programs like a computer virus, worms, Trojan horses, spywares, etc. that are dangerous for the computer systems.
Most important function of any antivirus is virus scan engine, which scans the information and if the viruses are discovered, it cleans them. This information can be scanned in different ways.
-Size: Antivirus can easily identify if the file is infected or altered. Some viruses add their malicious code at the end of the file. An antivirus scanner scans it and compares it before and after sizes. If there is no modification done by the user so it suspects that there is some malicious activity running.
-Pattern Matching: every virus has a unique signature that they use to infect the files or machines. The scanner compares the information with a virus database (virus signature) and if the information matches any of the virus signatures then antivirus shows that the file is infected by the virus.
– Heuristic: simply it scan activities, this method is known as heuristic scanning. It analyse that how a data acting and comparing it with the list of dangerous activities. For example, if an antivirus finds that an application is attempting to open every EXE file on your machine and infecting it by writing a copy of the original program into it. So an antivirus recognizes this application and declares it a virus.