Antivirus software , or anti-virus software (abbreviated AV software ), also known as anti-malware , is a computer program used to prevent, detect, and remove malware.
Antivirus software was originally developed to detect and remove computer viruses, hence its name. However, with the proliferation of other types of malware, antivirus software began to provide protection from other computer threats. In particular, modern antivirus software can protect against: malicious browser auxiliary objects (BHOs), browser hackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious LSPs, dialers, scams, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, fraud and phishing attacks, online identity (privacy), online banking attacks, social engineering techniques, persistent persistent threats (APT) and DDoS botnet attacks.
Video Antivirus software
History
Period1949-1980 (before antivirus)
Although the roots of computer viruses date back to early 1949, when Hungarian scientist John von Neumann published the self-reproducing automata theory, the first computer virus known to have appeared in 1971 and dubbed the "Creeper virus". This computer virus infects mainframe computers PDR-10 Digital Equipment Corporation (DEC) that runs the TENEX operating system.
The Creeper virus was eventually removed by a program created by Ray Tomlinson and known as "The Reaper". Some people consider "The Reaper" the first antivirus software ever written - it may be so, but it is important to note that Reaper is actually a virus itself specifically designed to remove the Creeper virus.
The Creeper virus is followed by several other viruses. The first known to appear "in the wild" was "Elk Cloner", in 1981, which infected Apple II computers.
In 1983, the term "computer virus" was created by Fred Cohen in one of the first academic papers ever published on computer viruses. Cohen uses the term "computer virus" to describe a program that: "affects other computer programs by modifying them in such a way as to include a (probably evolving) copy of itself."/i> (note that newer and more precise definitions of computer viruses have been given by Hungarian security researchers Pà © rà © r Sz? r: "a code that recursively replicates copies that may evolve from itself" )
The first PC PC compatible with the "wild" computer virus, and one of the first widespread infections, was "Brain" in 1986. Since then, the number of viruses has grown exponentially. Most computer viruses written in the early and mid-1980s were limited to self-reproduction and had no specific routine damage built into the code. That changes as more and more programmers get acquainted with computer virus programming and create viruses that manipulate or even destroy data on infected computers.
Before Internet connectivity is widespread, computer viruses are usually spread by infected floppy disks. Antivirus software started to be used, but updated relatively rarely. During this time, viral checking should basically check the executable file and boot sector of the floppy disk and hard disk. However, as internet usage becomes common, viruses start spreading online.
1980-1990 (early days)
There are competing claims for the first antivirus product innovator. Perhaps the first publicly documented "virus in the nature" document of the first "in the nature" computer virus (ie "Vienna virus") was performed by Bernd Fix in 1987.
In 1987, Andreas LÃÆ'¼ning and Kai Figge, who founded G Data Software in 1985, released their first antivirus product for the Atari ST platform. In 1987, Whole Viral Killer (UVK) was also released. This is the de facto industry standard killer for Atari ST and Atari Falcon, the latest version (version 9.0) released in April 2004. In 1987, in the United States, John McAfee founded the McAfee company (part of Intel Security) and, That year, he released the first version of VirusScan. Also in 1987 (in Czechoslovakia), Peter Pa? Ko, Rudolf HrubÃÆ'½, and Miroslav Trnka created the first version of NOD antivirus.
In 1987, Fred Cohen wrote that no algorithm can perfectly detect all possible computer viruses .
Finally, in late 1987, the first two heuristic antivirus utilities were released: Flushot Plus by Ross Greenberg and Anti4us by Erwin Lanting. In his book O'Reilly, Malicious Mobile Code: Virus Protection for Windows , Roger Grimes describes Flushot Plus as "the first holistic program to counter malicious mobile code (MMC)."
However, the type of heuristics used by early AV machines is completely different from those used today. The first product with a heuristic engine resembling a modern machine was the F-PROT in 1991. The initial heuristic machine was based on binary division in different parts: the data part, the code part (in legitimate binary, usually starting always from the same location). Indeed, the original virus reset the part layout, or override the beginning of the section to jump to the very last part of the file where the malicious code resides - just go back to continue the original code execution. This is a very specific pattern, not used at the time by legitimate software, representing an elegant heuristic to catch suspicious code. Other further heuristic types are then added, such as the suspicious part name, wrong header size, regular expression, and pattern matching in partial patterns.
In 1988, the growth of antivirus companies continued. In Germany, Tjark Auerbach founded Avira ( H BEDV at the time) and released the first version of AntiVir (named "Luke Filewalker" at the time). In Bulgaria, Dr. Vesselin Bontchev released his first freeware antivirus program (he later joined the FRISK Software). Also Frans Veldman released the first version of ThunderByte Antivirus, also known as TBAV (he sold his company to Norman Safeground in 1998). In Czechoslovakia, Pavel Baudi? and my Eduard? era started avast! (at ALWIL Software ) and release their first avast version! anti virus. In June 1988, in South Korea, Dr. Ahn Cheol-Soo released his first antivirus software, called V1 (he founded AhnLab in 1995). Finally, in the fall of 1988, in England, Alan Solomon founded S & amp; S International and created his book Dr. The Solomon Anti-Virus Device (though it launched commercially only in 1991 - in 1998 the company of Dr. Solomon was acquired by McAfee). In November 1988, a professor at the University of Panamerican in Mexico City named Alejandro E. Carriles was copyrighted for the first antivirus software in Mexico under the name "Byte Matabichos" (Byte Bugkiller) to help solve a rampant virus infestation among students.
Also in 1988, a mailing list called VIRUS-L started on the BITNET/EARN network where new viruses and possibly detect and remove viruses were discussed. Some members of this mailing list are: Alan Solomon, Eugene Kaspersky (Kaspersky Lab), FriÃÆ' Â ° rik SkÃÆ'ºlason (FRISK Software), John McAfee (McAfee), Luis Corrons (Panda Security), Mikko HyppÃÆ'¶nen (F-Secure) PÃÆ'Ã… © ter Sz? R, Tjark Auerbach (Avira) and Dr. Vesselin Bontchev (FRISK Software).
In 1989, in Iceland, FriÃÆ' Â ° rik SkÃÆ'ºlason created the first version of F-PROT Anti-Virus in 1989 (he founded the FRISK Software only in 1993). Meanwhile, in the United States, Symantec (founded by Gary Hendrix in 1982) launched the first antivirus Symantec for Macintosh (SAM). SAM 2.0, released in March 1990, is an integrated technology that allows users to easily update SAM to intercept and eliminate new viruses, including many that were not there during program releases.
In the late 1980s, in the United Kingdom, Jan Hruska and Peter Lammer founded the Sophos security company and began producing their first antivirus and encryption products. In the same period, in Hungary, also established VirusBuster (which was recently merged by Sophos).
1990-2000 period (emergence of antivirus industry)
In 1990, in Spain, Mikel Urizarbarrena founded Panda Security ( Panda Software at the time). In Hungary, security researchers PÃÆ'Ã… © ter Sz? R released the first version of Pasteur antivirus. In Italy, Gianfranco Tonello created the first version of VirIT eXplorer antivirus (he founded TG Soft one year later).
In 1990, the Computer Antivirus Research Organization (CARO) was established. In 1991, CARO released the "Virus Naming Scheme" , originally written by FriÃÆ' Â ° rik SkÃÆ'ºlason and Vesselin Bontchev. Although this naming scheme is now outdated, it remains the only existing standard that most computer security firms and researchers have ever tried to adopt. CARO members include: Alan Solomon, Costin Raiu, Dmitry Gryaznov, Eugene Kaspersky, Fri ° ° rik SkÃÆ'Âllason, Igor Muttik, Mikko HyppÃÆ'¶nen, Morton Swimmer, Nick FitzGerald, Padgett Peterson, Peter Ferrie, Righard Zwienenberg, and Dr. Vesselin Bontchev.
In 1991, in the United States, Symantec released the first version of Norton AntiVirus. In the same year, in the Czech Republic, Jan Gritzbach and TomÃÆ'¡? Hofer founded AVG Technologies ( Grisoft at the time), although they released the first version of their Anti-Virus Guard (AVG) only in 1992. On the other hand, in Finland, F-Secure (founded in 1988 by Petri Allas and Risto Siilasmaa - under the name Data Fellows) released the first version of their antivirus product. F-Secure claims to be the first antivirus company to build a presence on the World Wide Web.
In 1991, the European Institute for Antivirus Computers Research (EICAR) was established for further antivirus research and improved the development of antivirus software.
In 1992, in Russia, Igor Danilov released the first version of SpiderWeb , which later became Dr. Web.
In 1994, AV-TEST reported that there were 28,613 unique malware samples (based on MD5) in their database.
Over time, other companies were founded. In 1996, in Romania, Bitdefender was founded and released the first version of Anti-Virus eXpert (AVX). In 1997, in Russia, Eugene Kaspersky and Natalya Kaspersky founded security firm Kaspersky Lab.
In 1996, there was also the first Linux virus "in the wild", known as "Staog" .
In 1999, AV-TEST reported that there were 98,428 unique malware samples (based on MD5) in their database.
period 2000-2005
In 2000, Rainer Link and Howard Fuhs started the first open source antivirus engine, called the OpenAntivirus Project .
In 2001, Tomasz Kojm released the first version of ClamAV, the first open source antivirus engine to commercialize. In 2007, ClamAV was purchased by Sourcefire, which in turn was acquired by Cisco Systems in 2013.
In 2002, in the UK, Morten Lund and Theis SÃÆ'¸ndergaard founded the BullGuard antivirus company.
In 2005, AV-TEST reported that there were 333,425 unique malware samples (based on MD5) in their database.
2005-2014 period
In 2007, AV-TEST reported a total of 5,490,960 unique new malware samples (based on MD5) only for that year. In 2012 and 2013, antivirus companies report new malware samples ranging from 300,000 to over 500,000 per day.
Over the years it has become important for antivirus software to use several different strategies (eg specific email and network or low level module protection) and detection algorithms, as well as to check for the increase of various files, not just executable files, for several reasons :
- Stronger macros used in word processing applications, such as Microsoft Word, present risks. Virus writers can use macros to write viruses embedded in documents. This means that computers can now be at risk of infection by opening documents with hidden macros attached.
- The possibility of embedding executable objects in non-executable file formats can make opening the file as a risk.
- The next mail program, especially Outlook Express and Outlook from Microsoft, is vulnerable to viruses that are embedded within the body of the email itself. The user's computer can be infected simply by opening or previewing the message.
In 2005, F-Secure was the first security company to develop the Anti-Rootkit technology, called BlackLight .
Given the consideration that most people are currently connected to the Internet all the time, in 2008, Jon Oberheide first proposed a Cloud-based antivirus design.
In February 2008, McAfee Labs added the world's first cloud-based anti-malware functionality to VirusScan by the name of Artemis. It was tested by AV-Comparatives in February 2008 and officially inaugurated in August 2008 at McAfee VirusScan.
Cloud AV creates a problem for comparative testing of security software - parts of the AV definitions are not in the testers' control (on the AV firm server being updated continuously) thereby making the results unrepeatable. As a result, the Anti-Malware Testing Standards Organization (AMTSO) began work on the methodology testing of cloud products adopted on May 7, 2009.
In 2011, AVG introduced a similar cloud service, called Protective Cloud Technology.
2014-present (next-gen increment)
Recently, following the 2014 release of APT 1 report from Mandiant, the industry has seen a shift towards an unsigned approach to problems that are capable of detecting and reducing zero-day attacks. Many approaches to address these new forms of threats have emerged, including behavioral detection, artificial intelligence, machine learning, and cloud-based file explosion. According to Gartner, expected newcomers, such as Carbon Black, Cylance and Crowdstrike will force EPP shareholders into a new phase of innovation and acquisition. One method of Bromium involves micro-virtualization to protect the desktop from malicious code execution initiated by the end user. Another approach of SentinelOne and Carbon Black focuses on behavioral detection by establishing full context in every process execution path in real time, while Cylance utilizes an artificial intelligence model based on machine learning. More and more, this no-sign approach has been defined by media companies and analysts as "generation" antivirus and sees rapid market adoption as an antivirus replacement technology certified by companies like Coalfire and DirectDefense. In response, traditional antivirus vendors such as Trend Micro, Symantec and Sophos have responded by entering "next-gen" deals into their portfolios as analyst companies such as Forrester and Gartner have called traditional "ineffective" and "outdated" traditional signature-based antivirus.
Maps Antivirus software
Identification method
One of the few strong theoretical results in the study of computer viruses is Frederick B. Cohen's 1987 demonstration that no perfect algorithm can detect all possible viruses. However, by using different defense layers, a good level of detection can be achieved.
There are several methods that can be used by the antivirus engine to identify malware:
- Sandbox detection : certain behavior-based detection techniques that, instead of detecting behavioral fingerprints at run time, instead of running the program in a virtual environment, record what action the program performs. Depending on the actions recorded, the antivirus engine can determine whether the program is harmful or not. If not, then, the program is run in a real environment. Although this technique proved to be very effective, given its weight and lag, this technique is rarely used in end-user antivirus solutions.
- Data mining techniques : one of the latest approaches applied in malware detection. Data mining and machine learning algorithms are used to try to classify file behavior (either as malicious or benign) given a feature set of files, which is extracted from the file itself.
Signature-based detection
Traditional antivirus software relies heavily on signatures to identify malware.
Substantially, when malware arrives at the hands of antivirus companies, it is analyzed by malware researchers or by a dynamic analysis system. Then, once determined to be malware, the exact signature of the file is extracted and added to the signature database of the antivirus software.
Although signature-based approaches can effectively contain outbreaks of malware, malware authors have tried to stay one step ahead of the software by writing "oligomorphic", "polymorphic" and, more recently, "metamorphic" viruses, which encrypt parts of themselves they themselves or otherwise modify themselves as a method of disguise, so it does not match the virus signature in the dictionary.
Heuristics
Many viruses begin as a single infection and either through mutations or constriction by other attackers, can grow into dozens of slightly different strains, called variants. Generic detection refers to the detection and removal of multiple threats using a single virus definition.
For example, the Vundo trojan has several family members, depending on the classification of antivirus vendors. Symantec classifies Vundo family members into two different categories, Trojan.vundo and Trojan.Vundo.B .
While it may be useful to identify a particular virus, it can more quickly detect the virus family through common signatures or through inappropriate matches with existing signatures. Virus researchers find common areas that all viruses in a family share uniquely and thus can create a single singular signature. These signatures often contain non-contiguous code, using wildcard characters where there is a difference. This wildcard allows the scanner to detect viruses even if they are equipped with meaningless additional code. Detection using this method is said to be "heuristic detection."
Rootkit detection
Anti-virus software can try to scan for rootkits. Rootkits are a type of malware designed to gain administrative level control over a computer system without being detected. Rootkits can change how the operating system functions and in some cases damage the anti-virus program and render it ineffective. Rootkits are also difficult to remove, in some cases requiring complete reinstallation of the operating system.
Real-time protection
Real-time protection, access scanning, background guards, population shields, autoprotect, and other synonyms refer to the automatic protection provided by most antivirus, anti-spyware, and other anti-malware programs. It monitors computer systems for suspicious activity such as computer viruses, spyware, adware and other malicious objects in real-time, in other words when data is loaded into the computer's active memory: when inserting CDs, opening emails, or browsing the web, or when the file already exists on the computer is opened or executed.
Attention concern
Unexpected update cost
Some commercial antivirus end-user license software licenses include a clause that the subscription will be automatically updated, and buyer's credit card is automatically billed, at the time of renewal without explicit consent. For example, McAfee requires users to unsubscribe at least 60 days before the end of their current subscription while BitDefender sends a notification to unsubscribe 30 days before the update. Norton AntiVirus also automatically renews subscriptions by default.
Rogue security app
Some real antivirus programs are actually malware disguised as legitimate software, such as WinFixer, MS Antivirus, and Mac Defender.
Problems caused by false positives
"False positive" or "false alarm" is when antivirus software identifies non-malicious files as malware. When this happens, it can cause serious problems. For example, if an antivirus program is configured to immediately delete or quarantine infected files, as is common in Microsoft Windows antivirus applications, false positives in important files can make the Windows operating system or some applications unusable. Recovering from such damage to critical software infrastructure raises the cost of technical and business support can be forced to temporarily close the corrective action taken. For example, in May 2007, incorrect virus signatures issued by Symantec mistakenly deleted important operating system files, causing thousands of PCs unable to boot.
Also in May 2007, the executable file required by Pegasus Mail on Windows was detected incorrectly by Norton AntiVirus as Trojan and automatically deleted, preventing Pegasus Mail from running. Norton AntiVirus has incorrectly identified three Pegasus Mail releases as malware, and will delete Pegasus Mail installer files when they occur. In response to Pegasus Mail it is mentioned:
In April 2010, McAfee VirusScan detected svchost.exe, a normal Windows binary, as a virus on machines running Windows XP with Service Pack 3, causing reboot loops and loss of all network access.
In December 2010, an incorrect update on the AVG anti-virus package damaged the 64-bit version of Windows 7, so it could not boot, because a non-existent boot loop was created.
In October 2011, Microsoft Security Essentials (MSE) removed the Google Chrome web browser, its own rival Microsoft Internet Explorer. MSE flags Chrome as a Zbot banking trojan.
As of September 2012, Sophos's anti-virus suite identifies various update mechanisms, including hers, as malware. If configured to automatically delete detected files, Sophos Antivirus can make itself unable to update, manual intervention is required to fix the problem.
As of September 2017, Google Play Protect anti-virus began to identify the Motorola Moto G4 Bluetooth app as malware, causing the Bluetooth function to be disabled.
Running (real time protection) of multiple antivirus programs simultaneously can degrade performance and create conflict. However, using a concept called multiscanning, several companies (including G Data Software and Microsoft) have created applications that can run multiple machines simultaneously.
Sometimes it is necessary to temporarily disable virus protection when installing major updates such as Windows Service Packs or updating graphics card drivers. Active antivirus protection may prevent the installation of major updates partially or completely. Anti-virus software can cause problems during installation of an operating system upgrade, e.g. when upgrading to a newer version of Windows "in place" - without deleting previous versions of Windows. Microsoft recommends that anti-virus software be disabled to avoid conflict with the installation installation process. An active anti-virus software may also interfere with the firmware update process.
The functionality of some computer programs may be hampered by active anti-virus software. For example, TrueCrypt, the disk encryption program, states on the troubleshooting page that an anti-virus program can conflict with TrueCrypt and cause it to malfunction or operate very slowly. Anti-virus software can damage the performance and stability of games running on the Steam platform.
Support issues also exist around the interoperability of antivirus applications with common solutions such as SSL SSL remote access and network access control products. This technology solution often has a policy assessment app that requires the latest antivirus to be installed and run. If an antivirus application is not recognized by a policy assessment, whether or not the antivirus application has been updated or is not part of the policy assessment library, the user will not be able to connect.
Effectiveness
The study in December 2007 showed that the effectiveness of antivirus software has decreased in the previous year, particularly against unknown or zero day attacks. Computer magazines found that the detection rate for this threat has dropped from 40-50% in 2006 to 20-30% in 2007. At that time, the only exception was the NOD32 antivirus, which manages detection rate of 68%. According to the ZeuS tracker site, the average detection rate for all well-known ZeuS trojan variants is as low as 40%.
The problem is enlarged by the intention of virus writers to change. A few years ago it was clear when there was a viral infection. Today's viruses, written by amateurs, show destructive behavior or pop-ups. Modern viruses are often written by professionals, financed by criminal organizations.
In 2008, Eva Chen, CEO of Trend Micro, stated that the anti-virus industry is too much about how effective its products are - and has misled customers - over the years.
Independent testing of all major virus scanners has consistently shown that no one provides 100% virus detection. The best is provided as high as 99.9% detection for real-world situation simulations, while the lowest gives 91.1% in tests conducted in August 2013. Many virus scanners produce false-positive results as well, identifying benign files as malware.
Although the methodology may be different, some of the leading independent quality testing agencies include AV-Comparatives, ICSA Labs, West Coast Labs, Virus Bulletin, AV-TEST and other members of the Anti-Malware Testing Standards Organization.
New virus
Anti-virus programs are not always effective against new viruses, even those using non-signature based methods that should detect new viruses. The reason for this is that virus designers test their new viruses on major anti-virus applications to ensure that they are undetectable before releasing them into the wild.
Some new viruses, especially ransomware, use polymorphic code to avoid detection by virus scanners. Jerome Segura, a ParetoLogic security analyst, explains:
Proof of concept virus has used Graphics Processing Unit (GPU) to avoid detection of anti-virus software. The potential for this success involves going through the CPU to make it much more difficult for security researchers to analyze how the malware works.
Rootkits
Detecting rootkits is a major challenge for anti-virus programs. Rootkits have full administrative access to the computer and are invisible to the user and hidden from the list of processes running in the task manager. Rootkits can modify the inner workings of the operating system and tamper with antivirus programs.
The file is corrupted
If a file has been infected by a computer virus, the anti-virus software will attempt to remove the virus code from the file during disinfection, but not always able to restore the file to undamaged state. In such circumstances, damaged files can only be recovered from an existing backup or a shadow copy (this also applies to ransomware); installed software that is broken requires reinstallation (however, see System File Checker).
Firmware infections
Any firmware that can be written on the computer can be infected by malicious code. This is a major issue, since infected BIOS can require an actual BIOS chip to be replaced to ensure the malicious code is completely removed. Anti-virus software is not effective in protecting the firmware and motherboard BIOS from infection. In 2014, security researchers discovered that USB devices contain writeable firmware that can be modified with malicious code (nicknamed "BadUSB"), which can not be detected or prevented by anti-virus software. Malicious code can run undetected on the computer and may even infect the operating system before booting.
Performance and other deficiencies
Antivirus software has several disadvantages, first of which can affect computer performance.
In addition, inexperienced users can be lulled by a false sense of security when using a computer, deeming themselves immune, and may have problems understanding the instructions and decisions provided by antivirus software. A wrong decision may lead to a security breach. If antivirus software uses heuristic detection, it must be adjusted to minimize the error of identifying malicious software as wrong (false positives).
The antivirus software itself typically runs at the highly trusted kernel level of the operating system to allow it to access all potential malicious files and processes, creating potential attack opportunities. The US National Security Agency (NSA) and the United Kingdom's Office of Communications (GCHQ) intelligence agencies, respectively, have exploited anti-virus software to spy on users. The anti-virus software has very special and trusted access to the underlying operating system, which makes it a much more attractive target for remote attacks. In addition, anti-virus software "is behind years of client-side applications that have security awareness like browsers or document readers", according to Joxean Koret, a researcher with Coseinc, a Singapore-based information security consultant.
Alternative solution
Although the antivirus solution that is installed running on individual computers is the most common, this is only one method of guarding against malware. Other solutions are also used, including Unified Threat Management (UTM), network hardware and firewalls, Cloud-based antivirus, and online scanners.
Hardware and network firewall
Network firewall prevents unknown programs and processes from accessing the system. However, they are not antivirus systems and are not trying to identify or delete anything. They can protect against infections from outside a protected computer or network, and limit the activity of malicious software that comes by blocking incoming or outgoing requests on certain TCP/IP ports. Firewalls are designed to handle the wider system threats that come from network connections into the system and are not an alternative to virus protection systems.
Antivirus Cloud
Cloud antivirus is a technology that uses lightweight agent software on a protected computer, while unpacking most of the data analysis into the provider's infrastructure.
One approach to implementing cloud antivirus involves scanning suspicious files using multiple antivirus engines. This approach is proposed by a preliminary implementation of the cloud antivirus concept called CloudAV. CloudAV is designed to send programs or documents to a network cloud where multiple antivirus and behavior detection programs are used simultaneously to improve detection rates. Scanning parallel files using potentially incompatible antivirus scanners is achieved by bringing up virtual machines per machine detector and therefore eliminating any potential problems. CloudAV can also perform "retrospective detection," in which the cloud detector engine retrieves all files in the access history of the file when new threats are identified thereby increasing the speed of detection of new threats. Finally, CloudAV is a solution for effective virus scanning on devices that do not have the computing power to perform the scan itself.
Some examples of anti-virus cloud products are Panda Cloud Antivirus, Crowdstrike, Cb Defense, and Immunet. The Comodo Group has also produced cloud-based anti-virus.
Online scanning
Some antivirus vendors manage websites with free online scanning capabilities from all computers, just important areas, local disks, folders, or files. Periodical online scanning is a good idea for those who run antivirus applications on their computers because the app is often slow to catch threats. One of the first things that malware does in attack is to disable existing antivirus software and sometimes the only way to find out an attack is to switch to an online resource that is not installed on the infected computer.
Custom tools
Virus removal tools are available to help remove stubborn infections or certain types of infections. Examples include Anti-Malware Anti-Malware , AVG AntiVirus FREE , and Avira AntiVir Removal Tool .
Bootable rescue disks, such as CDs or USB storage devices, can be used to run antivirus software outside of the installed operating system, to remove infections when they are inactive. A bootable antivirus disk can be useful when, for example, an installed operating system can no longer be booted or has malware that rejects all attempts to be removed by the installed antivirus software. Examples of some bootable disks include Avast Rescue Disc , Avira Rescue System , and Windows Defender Offline . Most Rescue CD software can also be installed to USB storage devices, which can be booted on newer computers.
Usage and risk
According to an FBI survey, big businesses lose $ 12 million annually in regards to virus incidents. A survey by Symantec in 2009 found that one third of small to medium businesses did not use antivirus protection at the time, while more than 80% of home users had some kind of antivirus installed. According to a sociological survey conducted by G Data Software in 2010, 49% of women did not use an antivirus program at all.
See also
- Anti-virus and anti-malware software
- CARO, Organization of Computer Antivirus Research
- Comparison of antivirus software
- Comparison of computer viruses
- EICAR, European Institute for Computer Anti Virus Research
- Firewall software
- Internet Security
- Linux malware
- Quarantine (computation)
- Sandbox (computer security)
- Time frame of computer viruses and worms
- Virus hoax
References
Bibliography
External links
Source of the article : Wikipedia
0 Comments