You are on page 1of 15

CONTENTS

- Antivirus
- History of Antivirus
- Function of Antivirus Software
- Features of Antivirus Software
- How Antivirus software works?
- Why we need Antivirus?
- Why Should Update Your Antivirus?
- Online detection
- Virus removal tools
- List of antivirus software
- Testing Organizations
- Attacking antivirus
- Top 10 Antivirus
- Bitdefender 2011
- Before You Buy Antivirus Software
- How to make a USB Antivirus
- Issues of concern
- Recommendations

creating a potential avenue of attack. can identify new viruses or variants of existing viruses by looking for known malicious code. History Of Anti Virus Most of the computer viruses written in the early and mid 1980s were limited to self- reproduction and had no specific damage routine built into the code. and other forms of malware.[5] began to develop strategies for antivirus software in 1988[6] that were picked up and continued by later antivirus software developers. .Antivirus Antivirus or anti-virus software is used to prevent. If the antivirus software employs heuristic detection. or slight variations of such code. rather than computer security implemented by software methods. An incorrect decision may lead to a security breach. This page talks about the software used for the prevention and removal of such threats. detect.[2] That changed when more and more programmers became acquainted with virus programming and created viruses that manipulated or even destroyed data on infected computers. generic signatures. Some antivirus software can also predict what a file will do by running it in a sandbox and analyzing what it does to see if it performs any malicious actions. in files. Possibly the first publicly documented removal of a computer virus in the wild was performed by Bernd Fix in 1987. It may also prevent and remove adware. A variety of strategies are typically employed. and remove computer viruses. There are competing claims for the innovator of the first antivirus product. Signature-based detection involves searching for known patterns of data within executable code. To counter such so-called zero- day threats. worms. it can sometimes have drawbacks. who published one of the first academic papers on computer viruses in 1984. Antivirus software can impair a computer's performance.[3][4] Fred Cohen. No matter how useful antivirus software can be. Finally. Inexperienced users may also have trouble understanding the prompts and decisions that antivirus software presents them with. One type of heuristic approach. it is possible for a computer to be infected with new malware for which no signature is yet known. False positives can be as destructive as false negatives. and Trojan horses. antivirus software generally runs at the highly trusted kernel level of the operating system. heuristics can be used. success depends on achieving the right balance between false positives and false negatives. However. spyware.

viruses began to spread online. Most antivirus software programs can usefully identify common and uncommon malware applications that have been unwittingly installed on a computer system Features of Antivirus Software Antivirus software have the capability of searching an entire file on a computer system. This meant that computers could now also be at risk from infection by opening documents with hidden attached macros. Instead of just looking at a small section of an existing computer file. Antivirus software came into use. Hackers frequently embed viruses on popular websites to infect the computer of anyone that visits their website.[8] Over the years it has become necessary for antivirus software to check an increasing variety of files. With antivirus software. and more and more viruses were released. as internet usage became common. However. Even then. Virus writers could use the macros to write viruses embedded within documents. virus checkers essentially had to check executable files and the boot sectors of floppy disks and hard disks. The real time protection will notify you of any irregular file activity that may . rather than just executables. Before internet connectivity was widespread. presented a risk. This prevents viruses. for several reasons: Powerful macros used in word processor applications. and malware from hiding on your computer system and compromising the data stored on it. the antivirus software thoroughly analyzes it.Also in 1988 a mailing list named VIRUS-L[7] was started on the BITNET/EARN network where new viruses and the possibilities of detecting and eliminating viruses were discussed. You'll need to locate a suitable type of antivirus software to stop them from invading your computer system unknowingly. On-access scanning is another useful feature of many antivirus software. viruses and spyware will be properly removed from your infected computer system to protect your important data.[10] As always-on broadband connections became the norm. a new zero-day virus could become widespread before antivirus companies released an update to protect against it. in particular Microsoft's Outlook Express and Outlook. Some members of this mailing list like John McAfee or Eugene Kaspersky later founded software companies that developed and sold commercial antivirus software. spyware. A user's computer could be infected by just opening or previewing a message. During this time. such as Microsoft Word. were vulnerable to viruses embedded in the email body itself. it became essential to update virus checkers more and more frequently. Function of Antivirus Software Antivirus software is used to detect harmful viruses and other spyware on a computer system. but was updated relatively infrequently. viruses were typically spread by infected floppy disks.[9] Later email programs.

your antivirus software will effectively keep track of the latest threats that could harm your computer system. Suspicious behaviors approach provides protection against the brand new viruses which are not listed in virus dictionary. A missed malicious file could cause your entire computer system to crash or prevent it from accessing a stable Internet connection. In virus dictionary all known virus are listed. you shouldn't use more than one at a time. With frequent virus database updates. Dictionary approach is very effective to search virus. each antivirus software will prevent the other from correctly functioning How does antivirus works? Antivirus is computer software that can scan to identify computer virus and can remove or eliminates the virus to protect computer’s operating system and other important software. . Virus removal features are also included in antivirus software to take them off your current computer system. Having several antivirus software programs installed on a single computer system will expose it to vulnerabilities. If it can detect any virus then it deletes the virus and quarantines it so that the file is inaccessible to other programs. When antivirus scans computer files then it also try to match files with its virus dictionary. Antivirus program can detect virus which are in virus dictionary. All antivirus can update from internet. Almost every antivirus works in two ways. They are a) Dictionary approach b) Suspicious behavior approach a) Dictionary approach: All antivirus have virus dictionary. For that suspicious behavior approach is not always effective. Sometimes antivirus detects necessary files as virus for suspicious behavior approach. b) Suspicious behavior approach: Antivirus always observes all applications behavior of computer. If it sees that any program is trying to write data to an executable program then it alerts user about the program. When antivirus takes update from internet.indicate your computer system has been infected. then it also updates its virus dictionary. MORE THAN ONE AT A TIME Although there are multiple types of antivirus software to help keep your computer system safe. Instead of tracking a virus threat.

due to man's innovation (or . and Trojans. 5. This means that both inbound and outbound traffic is controlled. Regular antivirus scanning To help keep you safe from viruses. Trojan horses. Continuously updated Antivirus could updates itself automatically to help ensure that your virus. firewall. The firewall is also updated continually to help protect you 3. Enhanced protection from spyware Today's Antivirus have antispyware technology helps protect your computer from spyware programs that secretly monitor your activities or pop-ups that negatively impact your computer's security and performance. But these two approaches are common in every antivirus and most of the antivirus work through these USE Why we need Antivirus? 1. There are many other ways to detect virus. your antivirus program has set definitions for all sorts of worms. DVD. 4.Antivirus doesn’t work only in two ways. viruses. including e-mail attachments as you open them. and spyware protection is always up to date and ready to help protect you from the latest threats. maybe even daily so what you may want to do is to put the antivirus update setting of your program in automatic. nitially. malwares. bugs and other uninvited softwares. Antivirus automatically scans the files and folders on your computer. Easy file backup and restore With Antivirus you can make copies of important files and documents and store them on a CD. However. Some programs have their antivirus update settings turned on but some softwares are placed on manual mode so you may want to check your program's user manual just to make sure. Why Should Update Your Antivirus Once you have purchased an antivirus program. or an external hard drive in case of an emergency. 2. worms. you have to make sure you do an antivirus update as often as you can. Continuous firewall monitoring Firewalls monitor two way traffic.

depending on the action you would command it to do. BitDefender from Romania . Dr. Unlike complete antivirus scanners. True there are some programs that have sophisticated intelligence that even if the virus is not defined in their knowledge. usually more effectively than normal antivirus software. . Virus removal tools A virus removal tool is software for removing specific viruses from infected computers. Doing an antivirus update will make you very sure that you and your program are very much prepared for all those viruses and worms. GFi WebMonitor and GFi MailSecurity . cleaning or is deemed for vault placing. Uniwares Leon Enterprise Anti-Spam Server (with integrated AV) . . Virus Chaser from Korea+Russia. . new viruses and worms are introduced in a basis so frequent that your antivirus program needs an antivirus update to make sure it is up to date to the definitions of new viruses and worms. then your computer is virtually safe from the latest line of computer bugs and traps.. Extremely strong heuristic algorithm for detecting unknown viruses. .email/www security solutions. from Cisco Systems. However.Web by Doctor Web. Sometimes they are also designed to run in places that regular antivirus software can't.email security solutions . Cisco Security Agent (CSA). -. corporate networks protection . Sophos Anti-Virus by Sophos plc (UK) provides antivirus solutions for desktops. Sybari Software had been purchased by Microsoft in early 2005. Examples include Kaspersky Online Scanner and ESET Online Scanner and Bitdefender . can create a customised installer and update from the corporate network rather than the internet. Online detection Some antivirus vendors maintain websites with free online scanning capability of the entire computer. so long as it behaves in a "virus-like" manner.sometimes boredom). critical areas only..Anti-Virus/Adware/Spyware/.. from Russia . rather they are designed to remove specific viruses. local disks.WWW and email security solutions. they are usually not intended to detect and remove an extensive list of viruses. it is dinged and may be up for deletion. this occurs in a very shot-in-the-dark manner as you can only hope that the new virus will behave like virus before it. This is useful in the case of a severely infected computer. Ltd. folders or files. List of antivirus software and companies For corporate market . by GFI Software Security solutions by Sybari Software. Once your program is updated with the latest antivirus updates.

by FRISK Software International in Iceland . AVG Anti-Virus by Grisoft .HouseCall Onlinescanner by Trend Micro Testing Organizations .com .http://www.AntiVir PersonalEdition Classic by Avira from Germany .Avast! by Alwil from Czech Republic .http://www.Commercial and shareware .http://www.http://www. by BullGuard from Denmark/UK . West Coast Labs .AVG Free Edition by Grisoft . NOD32 by Eset from Slovak Republic.org . Norton AntiVirus by Symantec . Firewall and Backup. Command Antivirus by Authentium from USA . Rising AntiVirus from China .c . McAfee VirusScan by McAfee from USA. AV-Test. shareware .BitDefender Free Linux and Windows editions .org .http://www. F-Secure Antivirus by the eponymous firm from Finland .westcoastlabs. ICSA Labs . Pocket Antivirus by JSJ Software . LinuxShield by McAfee . F-Prot. PC-cillin Internet Security by Trend Micro . AV Comparatives . Windows Live OneCare by Microsoft Freeware . Virex by McAfee .org .http://www.com . Kaspersky Anti-Virus by Kaspersky Lab from Russia .av-test. .This section includes usable free-of-charge versions of commercial software.org GFI Software .virusbtn. Panda Software from Spain . Norman from Norway . Bullguard Antivirus Software.emailsecuritytest. also driving Dr.icsalabs.av-comparatives. Virus Bulletin . Solomon's antivirus packages .

or with the latest patch. documents. People have complete faith in it The use of antivirus software has become something of an act of faith. but with some antivirus software installed in their systems. Attacking Antivirus WHAT MAKES ANTIVIRUS A PERFECT TARGET 1. the installed antivirus on his computer will scan the incoming files automatically (The user may manually scan it if it looks suspicious). were developed without holistic security in mind. Quite clearly.). But what if those very files hurt their solution software itself? The threat to antivirus security is thus helped along by two things:  The user’s blind acceptance of the antivirus as a silver bullet. Developers would assume that non. The questions are: Is that enough? Is such blind faith justified? What if attackers attack the antivirus software itself instead of the operating system? Now that would turn the game on its head. And with this the antivirus would serves the security gate for incoming files.  And the overconfidence of antivirus vendors in their software’s immunity against all files. wouldn’t it? Consider an average user. who gets some files (executables. etc.trusted files were safely being scanned by their software. media. Incoming Antivirus Trusted files AV Antivirus serves the security gate for incoming files. A recent study [3] shows that 81 % of all computer users have antivirus software installed on their computers. . What he or she does not know is that many antivirus solutions developed in the past. People seem to feel more safe not with a more secure operating system. antivirus software is a must-have for most users.

pdf. allocates memory. tar. etc). xls. mew. Top 10 Antivirus . wmf. avi. etc). etc). elf. The problem with the decompression of executables and data is that both the processes are highly complicated. This is amply clear in recent research into antivirus vulnerabilities. media files (jpg. Hence. nspack. hlp.  compressed archives (arj. It has to deal with hundreds of file types and formats:  executables (exe. Antivirus software will try to decompress the compressed executable and data before processing them. com. mp3. rar. chm. The antivirus makes complex calculations. ocx. rm. pif. ace. z. Any mistake in these throws open the door for vulnerabilities. it is extremely difficult for antivirus software process all these format appropriately. etc).  executable packers (upx. aspack. iso. cpl. 2. scr. and extracts data according to the calculation. Each of these formats can be quite complex. Antivirus processes are error-prone Antivirus software is one of the most complicated applications. dll. wwpack. swf. zip. It reveals that most vulnerabilities exist in the following two components:  Executable decompression [4].  documents (doc. arc. lha. rtf. sys.  Data decompression [5]. lzh. msi. wmv. zoo. cab. gif. etc). ppt. fsg.

Bitdefender 2011 .

Top 10 Antivirus Bitdefender 2011 .

and if you have only manual updates your computer may get infected simply because you went online before you checked for the latest updates for your antivirus system. Since new threats are being created every day. and that is how antivirus systems recognize new threats. makes up a good antivirus system? The answer depends on you. you must have an antivirus program that updates its virus definitions consistently and frequently. They will scan emails for possible attached viruses. because without constant updates. . 2. This is vital. for each known virus. safe. monitor files as they are downloaded. it is imperative to have a good program on your PC to keep your data.Before You Buy Antivirus Software The 5 Questions You Must Ask Before You Buy Antivirus Software As the threat of computer viruses continues to grow. exactly. By what method are the virus definitions updated? Viruses spread quickly. How often are the virus definitions updated? Every new virus has its own signature. Basically. 1. there are some vital questions that you must ask before you buy or download any spyware blocker or similar program. or definition. But. antivirus systems keep your vulnerable areas protected from attack. your data is vulnerable to attack. and you. as well as on what you are willing or able to spend. But what. Look for a program that updates the definitions automatically. Security firms will create a signature. and detect and remove any viruses that have made their way on to your computer. opened or created. and perform system-wide scans to detect any infections. and antivirus systems try to keep pace. your computer habits and your level of experience.

ask if the program comes with a firewall. you must know the facts.many do not. In addition to virus detection. you'll be able to narrow down your choices and choose the system that offers the best protection and performance for your data. look for software that includes them. Does the system allow scheduled scans? Your computer can have a virus without you being aware of it. 4.. Also.they offer no way to actually remove them from your computer. and for you.. scheduled system-wide scans. and I am not going take any responsibility of any damage of your data. Before you try or buy antivirus systems. How to make a USB Antivirus I want to warn you again to be careful when using this e book. look for spyware.. because you may loose data on your hard disk or usb memory device.every time you go online. highest level virus protection without you even having to think about it. it is often more convenient and economical to choose an antivirus system that has a suite of security tools. phishing and spam protection. protection and removal. Does the program dispose as well as detect? Some systems simply detect viruses. You want a program that will snatch the virus. so make sure you ask if and how the program does this. Step 1: Open your notepad or any text editor Step 2: Type the exact text . If you want parental controls. and at least quarantine it so that it presents no threat to your data. The most effective way to remain virus free is to choose an antivirus system that can be configured to perform regular. 5. an infection will hibernate. so you know that you are always getting the latest. When you ask these 5 questions. 3. Often. and have no obvious symptoms.. Does the software have any additional security features? For true internet security. You should ideally be able to fully remove the virus from your system.

inf "del" is the command that deletes the desired file from the drive "d:" which "d:" is your usb drive letter and you can change it as you wish "*. Running multiple antivirus programs concurrently can harm performance and create conflicts. If an antivirus program is configured to immediately delete or quarantine infected files (or does this by default).bat Step 4: Test your simple antivirus by creating a dummy autorun.inf Issues of concern 1.inf" is the file that must be deleted Step 3: Save the file giving the extension bat to the created file so it should be like that mysimpleantivirus. 2. It is sometimes necessary to temporarily disable virus protection when installing major updates such as Windows Service Packs or updating graphics card drivers . .inf file on your usb drive. 3.bat it will delete the autorun.inf @ echo file deleted or no file exists pause Explanation: @ echo off is a dos command that makes the system provides no confirmation messages del d:\*.@ echo off del d:\*. false positives in essential files can render the operating system or some applications unusable. When you double click the file mysimpleantivirus.

. Attacks may come from everywhere .en.wikipedia.org . www. Securing your information in an insecure world: what you must know about hackers and identity thieves by Hassan Osman. Computer users should not always run with administrator access to their own machine.microsoft.wikipedia. www.com .symantec. www. Viruses and Malware by Ed Tittel. Blocking spam and spyware for Dummies by Peter H. Users may disable the antivirus protection to overcome the performance loss.6starreviews. www. www. .mcafee. Users may disable the antivirus protection to overcome the performance loss.bitdefender. Don’t trust everything. the agreement may include a clause that your subscription will be automatically renewed. thus increasing the risk of infection. . www.com . Some antivirus software can considerably reduce performance. . www. Recommendations .microsoft.com . thus increasing the risk of infection.com .com . When purchasing antivirus software. Computer users should not always run with administrator access to their own machine. . Gregory and Mike Simon. . Some antivirus software can considerably reduce performance.antivirus-software.com . and your credit card automatically billed at the renewal time without your approval. PC Magazine Fighting Spyware.org . 4. Don’t trust everything. Attacks may come from everywhere References . . www.