If suspicious code is detected then the antivirus deletes the file or recommends it for containment.
Heuristic detection describes the method of analyzing the code of a file to determine if it contains code commonly found in malware. Modify the code slightly, and the malware is rendered undetectable.Ĭomodo Antivirus also uses heuristic detection and containment to ensure that even unknown malware cannot compromise our users’ computers. Like a wanted outlaw in the old west, a cybercriminal can disguise a piece of malware to avoid detection.
This process is executed quickly and is an essential feature of an antivirus software, but it is also easy for cybercriminals to evade. Specific detection works by scanning a file for a specific set of characteristics and checking these characteristics against a known list of malware. This is what most people think of when they think about how an antivirus works. The most basic detection process is known as specific detection. Most modern antivirus programs feature multiple scanning detection processes. Whenever you download or launch a file, an antivirus program scans the file for malware.