History of antivirus software

History of antivirus softwargonAntivirus Softw arHistory of Antivirus SoftwareThere are competing claims for the innovator of the first antivirus product. Possibly the first publicly documented removal of a data processor virus in the wild was performed by Brent Fix in 1987. An antivirus course to counter the Polish MKS virus was released in 1987. Dr. Solomons Anti- virus Toolkit, AIDSTEST and AntiVir were released by in 1988. Dr. Ahn Chul Soo (Charles Ahn, founder of AhnLab Inc) in South Korea also released the Anti-Virus software package called V1 in June 10, 1988. By late(a)ly 1990, nineteen separate antivirus products were available including Norton AntiVirus and McAfee VirusScan. Early contributors to work on ready reckoner viruses and countermeasures included Fred Cohen, Peter Tippett, and John McAfee.Before lucre connectivity was wide go around, viruses were typically spread by septic floppy harrows. Antivirus software came into use, but was updated relatively infrequ ently. During this time, virus checkers essentially had to check executable files and the boot sectors of floppy and hard disks. However, as internet usage became common, initially through the use of modems, viruses spread throughout the meshing.Powerful macros used in word processor applications, such as smallsoft Word, presented a merely risk. Virus writers flummoxed using the macros to write viruses embedded within documents. This meant that electronic computers could now also be at risk from infection by documents with hidden attached macros as programs.Later electronic mail programs, in particular Microsoft Outlook Express and Outlook, were vulnerable to viruses embedded in the email body itself. Now, a users computer could be infected by just opening or previewing a message. This meant that virus checkers had to check many to a greater extent display cases of files. As always-on broadband connectednesss became the norm and more and more viruses were released, it becam e essential to update virus checkers more and more frequently. Even then, a impudently zero-day virus could become widespread before antivirus companies released an update to protect against it.What is an Antivirus program?An antivirus program is used as a security measure and aegis tool against computer viruses. The job of an antivirus program is to scan, let out and pr tied(p)t viruses. non all antivirus programs can perform these basic tasks, but this get out be discussed later on in this publish.Antivirus programs are an essential tool you must suck up installed on your computer or network. Antivirus programs offer real-time, on- vex and on-demand protection for your computer. The way the programs works is based on the version of the antivirus program you have. Antivirus programs can be a standalone or can be included in a protection suite and are distributed in 32 and 64-bit versions on multiple operating administrations such as Windows, Linux and Mac, allowing all dif ferent types of computers to be protected from malicious software.Why is Antivirus Software Necessary?Security is a major concern when it comes to the safety of your personal information. If psyche were to access your information and use it, the consequence would be drastic. Information security is concerned with three main areasConfidentiality peoples information should only be available to someone who has the right to view it.Availability information should only be accessible when someone needs it.Integrity information should only be modified by people who are authorized to edit it.These concepts apply to home meshing users just as much as they would to any corporate or brass network. You probably wouldnt let a stranger look through your serious documents. In the same way, you may want to keep the tasks you perform on your computer mystical, whether its tracking your investments or sending email messages to family and friends. Also, you should have some assurance that the information you enter into your computer remains intact and is available when you need it. approximately security risks arise from the possibility of intentional misuse of your computer by intruders via the Internet. Others are risks that you would face even if you werent connected to the Internet (e.g. hard disk failures, theft, mogul outages). The bad news is that you probably cannot plan for e genuinely possible risk. The good news is that you can take some simple steps to reduce the line up that youll be affected by the most common threats and some of those steps help with both the intentional and accidental risks youre likely to face.Virus? What is a Virus?Before we go on and tell you how an antivirus program scans, detects and prevents viruses and malware, lets discuss what exactly a virus is. Like its genetic equivalent, a computer virus is a program that spreads unwanted and unexpected actions through the insides of your PC. Not all viruses are malicious, but many are wr itten to damage particular types of files, applications or even operating systems. Some examples of viruses are Trojan horse viruses, worms, spyware, adware, rootkits, and many other types of malware.Viruses have been around since the early 1970s. Even though they never had an internet joining back in the 70s viruses still infected computers by floppy disks. Yes, FLOPPY DISKS, the old 5 14 disks. The first recorded virus was in 1971 and it was called the creeper Virus, which was written by Bob Thomas. What the Creeper virus did was it infected a remote computer by the ARPNET and copied itself displaying the message IM THE CREEPER CATCH ME IF YOU CAN. ironically the Reaper was created to delete the Creeper. The Reaper program was not like the anti-virus programs we know today, but in fact was a virus itself in that it was self replicating and spread through a network.How an Antivirus Program WorksThe first and most important task of an antivirus program is to protect, prevent, or b lock any malicious activity in your computer or home and office network in real-time. The real-time protection should trigger an alert or provide automatic action whenever a suspected or positively set malware activity is detected. Most antivirus programs will only monitor some critical areas in your computer.When an antivirus program is installed, it will start monitoring the activity of the system by searching files that are being accessed, transferred, or stored to or from the hard disks and external/removable gets. Files that are being downloaded from the Internet are scanned. If a suspicious activity is detected, the antivirus program will automatically remove the file or stop the processes that are posing risk to your system, your contacts, or other computers or devices in on your network, un slight you trust the file that you are receiving.Antivirus programs offer several types of detection methods to identify malware, but the most common detection methods is heuristic ana lysis and by using traditional virus detection (signature-based).1. Characteristics of a program This is called heuristics scanning. Heuristic scanning engines work on the principle that viruses will usually use certain tricks or methods of infecting, and therefore if a program looks like it might be using those tricks, there is a possibility that the program is a virus. Sound simple? No, not really, its actually incredibly hard to write a foolproof 100% effective heuristics engine. (Engine, simply put, is just a word we use to describe the bit that drives the virus detector and compares files to the database of known infection agents) The more aggressive heuristic scanner may well detect large numbers of so called False Positives i.e. files that are really totally innocent but look like they might alter other files, the less aggressive ones might miss files that really are viruses. A method of heuristic analysis is for the anti-virus program to decompile the suspicious program, an d then analyze the source label contained within. In reality heuristics work quite well for some types of viruses, such as Macro Viruses, but not so well for other types. However, they are a reasonable attempt at providing protection against currently unknown viruses. The advantage to this method is the fact that there is no time period when the computer is not protected after specific viruses are released. The disadvantages include the fact that sham positives may occur and some viruses may not be identified during the length of a scan. The first heuristic engines were introduced to detect DOS viruses in 1989. However, there are now heuristic engines for nearly all classes of viruses.2. Footprint or Signature-based detection of virus program A virus signature is a particular pattern of bits or information contained in a virus that appears in no other file or program in the world, except for that virus. This method is the most common method used to identify viruses and false posi tives are very rare. It compares the virus footprint against a library of known footprints which match viruses. A footprint is a pattern in the data included in a file. Using this method, viruses must be identified as viruses, and then added to the library of footprints. The advantage to this method lies in the fact that false positives are very rare. The disadvantage to this method is the fact that there is a time period between when the virus is released to when the library of known footprints is updated. During this time period, the virus will not be recognized and could infect a computer.How do antivirus programs rate possible risk?Antivirus programs use a threat level index to determine what type of action to take. If the program is adware only, most antivirus programs will display a dialog box to inform the user why a program or link up file of an adware program was detected. If the detected object is posing security and privacy risks, the threat level is medium, high, or sev ere. The threat level ratings by antivirus programs are not all the same. Some antivirus programs may not detect or even scan for tracking cookies. Some of these are installed when legitimate software downloaded from third-party websites is bundled with another installer from a company that is known to have a spyware or adware business.Quarantine and False Positives in Antivirus ProgramsAntivirus programs work also by quarantining suspect and malware files. This process is to prevent the offend objects from doing any damage in the system and to allow the end-user to restore back a quarantined object to its original location if it is found to be a false positive.A false positive detection is when a malware signature detected an uninfected file or process. In some cases, a false positive can cause a system to not to boot or run properly. If another program is affected by the false detection, the system will run normally, but not the program that the Antivirus have falsely identified and removed.Types of Antivirus Programs That Are AvailableOn the next page there is a list, in alphabetical order, of some the companies who provide Antivirus programs and the platforms on which they are supported.CompanyWindowsAppleLinuxMobileFree?AntiVirYesNoYesNoYesAVGYesNoNoNoYesAviraYesNoYesYesYesBitDefenderYesNoYesYesNoClamWinYesNoNoNoYesESET NOD32YesNoYesYesNoF-ProtYesNoYesNoNoKasperskyYesYesYesYesNoMcAfeeYesYesYesYesNoMSEYesNoNoNoYesNetwork AssociatesYesYesYesYesNoPanda SoftwareYesNoYesNoNoRAVYesYesYesNoNoSophosYesYesYesNoNoSymantec (Norton)YesYesYesYesNoTrend MicroYesNoNoYesNoVipreYesNoNoNoNo meshworkrootYesNoNoNoNoAntivirus SoftwareNow that you have a basic understanding of how an antivirus program works and why you need one, here are some examples of three of the main antivirus programs available today. The main three that this report is going to discuss is Norton, Bitdefender, and Kaspersky. There are different types of antivirus programs available for each manufacturer and the following information is going to discuss these types of programs.Norton by SymantecNorton offers 3 antivirus programsNorton AntivirusNorton Internet SecurityNorton 360Here is a full list of what Norton by Symantec offers for their product line. (Symantec)Core ProtectionBlocks viruses, spyware, Trojan horses, worms, bots, and rootkitsDefends against hackers with quiet two-way firewall round updates every 5 15 minutes for up-to-the minute protectionAdvanced ProtectionNorton Bootable Recovery Tool repairs, restores and boots severely infected, unbootable PCsLeverages cloud-based online intelligence for real-time detection of threatsDownload Insight proactively warns of authority dangers in newly downloaded files and applications before you install or run themGuards against Web attacks that exploit software vulnerabilitiesStops threats unrecognized by traditional antivirus techniquesFilters unwanted email with professional-strength antispamHelps keep your kids safe online wi th parental controllers (Microsoft Windows only)NetworkingHelps secure and monitor your home network automatically secures your PC when connecting to public wireless networks identity element ProtectionBlock hackers from accessing your computerBlocks phishing websites and authenticates trusted sitesSecures, stores, and manages login and personal informationPrevents hackers from eavesdropping and stealing information as you typeIdentifies unsafe Web sites in your search resultsBackup and RestoreAutomatically saves important files locally or to secured online storageRestores lost files and foldersPC TuningOptimizes the hard drive to free up disk spaceOptimizes PC performance with disk cleanupProvides clear insight into recent PC activities to help prevent slowdownsOptimizes application performance with one-clickSupportFree email, chat, or phone supportAutomatically finds and fixes common PC problemsThe following is a table of what exactly the three antivirus programs from Norton offer .Norton Internet SecurityNorton 360Norton AntivirusBlocks viruses, spyware, Trojan horses, worms, bots, and rootkitsYesYesYesDefends against hackers with a quiet two-way firewallYesYesNoPulse updates every 5-15 minutes for up-to-the minute protectionYesYesYesIntelligence-driven technology for faster, fewer, shorter scansYesYesYesNorton Bootable Recovery Tool repairs, restores and boots severely infected, unbootable PCsYesYesYesLeverages cloud-based online intelligence for real-time detection of threatsYesYesYesDownload Insight proactively warns of potential dangers in newly downloaded files and applications before you install or run themYesYesYesGuards against Web attacks that exploit software vulnerabilitiesYesYesYesStops threats unrecognized by traditional antivirus techniquesYesYesYesFilters unwanted email with professional-strength antispamYesNoNoHelps keep your kids safe online with parental controls (Microsoft Windows only)YesYesNoHelps secure and monitor your home networkYesY esNoAutomatically secures your PC when connecting to public wireless networksYesYesNoBlock hackers from accessing your computerYesYesNoBlocks phishing websites and authenticates trusted sitesYesYesNoSecures, stores, and manages login and personal informationYesYesNoPrevents hackers from eavesdropping and stealing information as you typeYesYesNoIdentifies unsafe Web sites in your search resultsYesYesNoAutomatically saves important files locally or to secured online storageNoYesNoRestores lost files and foldersNoYesNoOptimizes the hard drive to free up disk spaceNoYesNoOptimizes PC performance with disk cleanupNoYesNoProvides clear insight into recent PC activities to help prevent slowdownsYesYesYesOptimizes application performance with one-clickYesYesYesFree email, chat, or phone supportYesYesYesAutomatically finds and fixes common PC problemsYesYesYesBitdefenderBitdefenders product line for antivirus software isBitdefender AntivirusBitdefender Internet SecurityBitdefender Total Secu rityHere is a list of what Bitdefender offers for there product line. (Bitdefender)ProtectionAntivirusProtects against viruses and other malware with industry-leading technologyMulti-layered proactive protection against new and unknown threatsAntispywareBlocks concealed programs that track your online activitiesAntiphishingBlocks web pages that attempt to steal your credit card dataAntispamStops unwanted e-mails from reaching your InboxFirewallAutomatically secures your Internet connection wherever you areHelps prevent outsiders form accessing your Wi-Fi networkPerformanceSpecial Operating ModesGame Mode reduces system load postpones scansLaptop Mode prolongs bombing lifeTune-upRemoves unnecessary files registry entries, for optimized performancePrivacyIM encryptionKeeps your conversations private on Yahoo And MSN MessengerFile VaultLocks up confidential files in an encrypted vaultFile ShredderEnsures that no traces of deleted sensitive files remain on your PCControlParental Cont rolBlocks access to inappropriate websites and e-mailLimits kids access to the Internet, games, etc to specific timesHome NetworkManages the security of your entire network from a single locationData BackupAutomatically backs up files and foldersThe following is a table of what exactly the three antivirus programs from Bitdefender offer.Bitdefender AntivirusBitdefender Internet SecurityBitdefender Total SecurityAntivirusYesYesYesAntispywareYesYesYesAntiphishingYesYesYesAntispamNoYesYesFirewallNoYesYesSpecial Operating ModesYesYesYesTune-upNoYesYesIM EncryptionNoYesYesFile VaultNoYesYesFile ShredderNoNoYesParental ControlsNoYesYesHome NetworkYesYesYesData BackupNoNoYesKasperskyKasperskys product line for antivirus software isKaspersky AntivirusKaspersky Internet SecurityHere is a list of what Kaspersky offers for there product line. (Kaspersky)Protection fromViruses and spywareInfected websitesHacker attacksSpam and phishingIdentity theftFeatures ComparisonVirus and vulnerability sc annerProactive protection against programs based on their behaviourRestriction of access to private data by suspicious programsApplication controlSafe run mode (sandbox) to test questionable programsNetwork ProtectionTwo-way personal firewallSecure wireless connections in public areasEmail ProtectionReal-time scanning of emailAnti-spam, Anti-phishingWeb ProtectionVirtual keyboard to safely enter sensitive dataRemoval of Internet activity (history, cookies, etc)Parental ControlKaspersky AntivirusKaspersky Internet SecurityViruses and spywareYesYesInfected WebsitesYesYesHacker attacksNoYesSpam and phishingNoYesIdentity theftNoYesVirus and vulnerability scannerYesYesProactive protection against programs based on their behaviorYesYesRestriction of access to private data by suspicious programsNoYesApplication controlNoYesSafe run mode (sandbox) to test questionable programsNoYesTwo-way personal firewallNoYesSecure wireless connections in public areasNoYesReal-time scanning of emailYesYes Anti-spam, Anti-phishingNoYesVirtual keyboard to safely enter sensitive dataYesYesRemoval of Internet activity (history, cookies, etc)YesYesParental ControlYesYesAs you can see from the previous lists, there is a difference in what the manufacturers of these programs offer. They all offer virus and spyware on their basic applications. If you want more features/protection you are going to have to spend the extra money to obtain those features/protection.All of these versions of Antivirus software offer real-time protection and do regular scans. variant of a behind the scenes scan. Which is a good feature to have, shrewd that most users just want it there to do its own thing, kind of like knowing it is protecting you but dont want to have to deal with it.Norton and Kaspersky offer protection for one year. At the end of that year you have to spend more money before you can obtain more updates from them. The good thing about Bitdefender is that when you purchase a subscription from th em you get it for 2 years. S