How Does Norton Antivirus work?

Norton antivirus gives you a variety of products with a range of different virus detection methods. The regular Norton antivirus scan can protect your system from vulnerable threats. Norton anti-virus utilizes suspicious behavior, emulation, virus definitions and sandbox to detect viruses on your system.

To know more about this site do visit: norton setup

What is suspicious behavior detection?

This suspicious behavior detection is not based on the virus definition. This method typically relies on the active monitoring of your computer programs to identify suspicious behavior. When Norton uses this method of detection, you may need to accept or deny the running programs on your system until the Norton learns to differentiate safe and unsafe programs running on your system. This virus detection method helps to secure your system from unknown or new viruses. Sometimes you may face false positives issue with this method.

What is the Emulation detection method?


Emulate code is another virus detection method used by Norton antivirus. In this method, Norton emulates the first part of the code of a running program.


This method checks for the self-modifying code of the programs; once this kind of code gets identified, Norton won’t allow executable to run on your 
system. However, this method also creates a lot of false positives and sometimes a trusted program will also not run on your system.

What is the Virus definitions detection method?


This is the most popular method of detecting viruses. Norton antivirus has defined virus definition database stored and when it scans your computer, start comparing memory, hard drive, boot sectors or removable drives with stored virus’s definitions. Norton stores patterns or binary code definitions unique for known viruses in the database. Once this comparison is done, Norton UK discovers the viruses and flag the virus quarantine or removal warning. This Virus detection method is only suitable for known viruses.

What is the Sandbox detection method?


This method is primarily used for scanning individual files on-demand basis. In this method, the sandbox will analyze the executable files and detects the changes in the executables. Norton sandbox works on-demand basis compare to other detection methods like suspicious behavior detection. It runs executable files on the emulated operating system so your operating system remains non – infected.

Leave a Reply

Your email address will not be published. Required fields are marked *