Abstract: To effectively detect unknown Windows PE viruses,a novel approach that roots in artificial immune system and uses the self-relocation module to generate antibodies is presented.The logical structure of Windows PE virus is briefly described.The dynamic evolution of self and nonself,the presentation of antigen,and the generation of antibody are proposed.The experiment results indicate that this approach not only has relatively high detection rate of unknown Windows PE virus,but also has better capability of self-adaptive and self-learning.