Antivirus Software Anti Virus
Total Page:16
File Type:pdf, Size:1020Kb
ANTIVIRUS SOFTWARE ANTI VIRUS Antivirus (or anti-virus) software is used to prevent, detect, and remove malware, including computer viruses, worms, and Trojan horses. Such programs may also prevent and remove adware, spyware, and other forms of malware 6/20/2012 TechReg-WelkinRaja HISTORY OF ANTIVIRUS Most of the computer viruses that were written in the early and mid '80s were limited to self-reproduction and had no specific damage routine built into the code (research viruses) The first publicly documented removal of a computer virus in the wild was performed by Bernd Fix in 1987. Fred Cohen, who published one of the first academic papers on computer viruses in 1984, started to develop strategies for antivirus software in 1988 that were picked up and continued by later antivirus software developers. 6/20/2012 TechReg-WelkinRaja IDENTIFICATION METHODS There are several methods which antivirus software can use to identify malware. Signature based detection Heuristic-based detection 6/20/2012 TechReg-WelkinRaja SIGNATURE BASED DETECTION Signature based detection is the most common method. To identify viruses and other malware, antivirus software compares the contents of a file to a dictionary of virus signatures. This can be very effective, but cannot defend against malware unless samples have already been obtained and signatures created. Because of this, signature-based approaches are not effective against new, unknown viruses. Because new viruses are being created each day, the signature-based detection approach requires frequent updates of the virus signature dictionary. 6/20/2012 TechReg-WelkinRaja SIGNATURE BASED DETECTION Although the signature-based approach can effectively contain virus outbreaks, virus authors have tried to stay a step ahead of such software by writing "oligomorphic", "polymorphic" and, more recently, "metamorphic" viruses, which encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match virus signatures in the dictionary 6/20/2012 TechReg-WelkinRaja HEURISTIC-BASED DETECTION Heuristic-based detection, like malicious activity detection, can be used to identify unknown viruses. Many viruses start as a single infection and through either mutation or refinements by other attackers, can grow into dozens of slightly different strains, called variants. Generic detection refers to the detection and removal of multiple threats using a single virus definition. While it may be advantageous to identify a specific virus, it can be quicker to detect a virus family through a generic signature or through an inexact match to an existing signature. Virus researchers find common areas that all viruses in a family share uniquely and can thus create a single generic signature. 6/20/2012 TechReg-WelkinRaja LIST OF COMPUTER VIRUS CREEPER VIRUS SASSER WABBIT VIRUS NUCLEAR RAT ANIMAL VUNDO ELK CLONER BIFROST GHOST BALL SANTY BRONTEK SAMY SXX HAPPY99 ZLOB TROJAN ILOVEYOU BANDOOK RAT BEAST DAPROSY MYDOOM KOOBFACE WITTY This are the some virus. 6/20/2012 TechReg-WelkinRaja LIST OF ANTIVIRUS SOFTWARE'S KASPERSKY AVAST ANTIVIRUS BITDEFENDER CLAM ANTIVIRUS BULLGUARD AVZ Dr. WEB F-SECURE McAfee G-DATA SOFTWARE AVG ANTIVIRUS RISING ANTIVIRUS PANDA ANTIVIRUS ZONEALARM VIRUSBUSTER eSAFE NORMAN nPROTECT IMMUNET PROTECT PANDA CLOUD According to my analysis ratings of antivirus software’s…. 6/20/2012 TechReg-WelkinRaja EICAR TEST The process is called EICAR test which will work on any antivirus and was developed by European Institute of Computer Antivirus Research. Here is a step-by-step procedure to test your antivirus. 1. Open a notepad (New Text Document.TXT) and copy the following code exactly onto it, and save the notepad. X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD- ANTIVIRUS-TEST-FILE!$H+H* 2. Rename the file from New Text Document.TXT to myfile.com 3. Now run the antivirus scan on this myfile.com file. If the antivirus is functioning properly on your computer, then it should generate a warning and immediately delete the file upon scanning. Otherwise you may have to re- install your antivirus. NOTE: Most antivirus will pop-out a warning message in the Step-1 itself 6/20/2012 TechReg-WelkinRaja R A J A R A M A C H A N D R A N . S 6/20/2012 TechReg-WelkinRaja .