In this article, I'm going to explain how the antiviruses are represented in SES and how they usually work.

Antiviruses are formed of little functions (a single function won't be able to secure a lot, but a lot of different functions will make a computer very secure), the functions are codes and small programs that focus on just 1 activity (check email for spam, erase files…).

There are 3 types of antiviruses functions depending in how they work:

-First we have the most basic function that I like to call “seek and destroy” (or “erase” if you are using SES). As I named it, it justs erases the files that appear suspicious, these functions don't work very well when needing to detect viruses, but surely they will eliminate it from the system.

-Secondly we have a very new type of “antivirusing way”, it is usually called glitching function (or “glitch” in SES) . Long short story, they will modify the code of the virus to make it useless.

-Third we have the antiviruses that work by integrity (the same name for SES) . They are a upgraded version of the erase functions because it digs deeper in the suspicious file´s integrity, it will read the code, check with huge online databases…

The erase functions´ weak spot is to eliminate its signature file.

With glitch functions, it is a good idea to quickly improve your rootkit, in this way, the antivirus will think that you are a program of the computer so they won't modify the virus code (imagine an antivirus modifying a program, it would be disastrous).

About integrity functions… It is very hard to avoid it, just hope the antivirus doesn't use it.

Thanks for reading guys!