Mainly rely on
a database of identifiable pieces of known suspicious code (file signatures)
behavioral and pattern-matching analysis (heuristics)
It can be useful to run several different antivirus programs against the same piece of suspected malware
Malware can easily change its signature and fool the antivirus
VirusTotalarrow-up-right is convenient, but using it may alert attackers that they’ve been caught
Last updated 5 years ago