Computer viruses are malicious programs that can damage systems by replicating themselves and infecting other files. Antivirus software works to detect and remove viruses using techniques like scanning files against a dictionary of known viruses and monitoring programs for suspicious behaviors. However, antivirus software has limitations as well, such as not detecting new viruses immediately, potentially reducing system performance, and occasionally containing unwanted advertising software.
OBJECTIVES
Introduction
What Is Virus?
Why Virus Are Called “Virus”?
How Do Virus Spread?
Virus Operation
How Virus work?
Common Virus Entry Points
Symptoms Of Virus Attack
Types of Computer Virus
Techniques used by Viruses
Anti-Virus Software
Methods used by Antivirus Software
Actions to Prevent Virus Infection
Conclusion
OBJECTIVES
Introduction
What Is Virus?
Why Virus Are Called “Virus”?
How Do Virus Spread?
Virus Operation
How Virus work?
Common Virus Entry Points
Symptoms Of Virus Attack
Types of Computer Virus
Techniques used by Viruses
Anti-Virus Software
Methods used by Antivirus Software
Actions to Prevent Virus Infection
Conclusion
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detectionNeel Pathak
Slide briefly describes various av mechanisms, how they actually work, where any file signature is stored etc. And finally discusses av bypassing techniques.
Hackers already knows these techniques but do we know these ? These are just few techniques but there are many.
Related document can be found at
http://www.scribd.com/doc/176058721/Anti-Virus-Mechanism-and-Anti-Virus-Bypassing-Techniques
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...Lumension
Today, more than 1.6 million new malware signatures are identified each month. And more organizations are falling prey to "zero-day" attacks - malware for which an anti-virus signature does not exist. It’s no surprise that roughly half of the organizations surveyed in a 2010 Ponemon Institute study reported an increase in their IT operating expenses - a main driver of that cost increase was malware. Traditional anti-virus simply can't keep up in the malware arms race and relying on it as your primary defense will prove costly.
In this webcast, Paul Henry, security and forensics expert, and Chris Merritt, Director of Solution Marketing with Lumension, will examine:
* The true cost of anti-virus in terms of PC performance, network bandwidth, IT helpdesk costs, prevention of malware and more
* Why application whitelisting is a better approach to defend against rising targeted attacks
* How application whitelisting has evolved to provide a new level of intelligence that delivers more effective security and necessary flexibility to improve productivity - in even rapidly changing endpoint environments
This Presentation explains about Firewalls, Viruses and Antiviruses. I hope this presentation may help you in understanding about Viruses, Firewall and Antiviruses Software.
The virus then spreads through the software or document that it is connected to via drives, networks, file-sharing applications, or virus-infected attachments to emails.
Read how to turn off malwarebytes notifications
2. Definition of a Computer Virus Computer viruses can vary greatly from one another, but they are based in computer code – or a series of ones and zeros. Though not all computer viruses are malicious, most tend to “infect” computer systems and overwrite or damage the software in an attempt to spread itself and comprise the system. Viruses can be based in a number of formats: Java code, HTML code, hidden applets, text documents and several other things. In short, it is a computer program that is able to attach itself to disks or other files and replicate itself repeatively, often without the users knowledge. Although most viruses damage a system, it is not necessary for the definition of a virus.
7. Fast Infector Fast infector viruses, when active in memory, infect not only executed programs, but also those that are merely opened. Thus running an application, such as anti-virus software, which opens many programs but does not execute them, can result in all programs becoming infected . Macro Virus A macro virus is a malicious series of instructions designed to simplify repetitive tasks within a program. Macro viruses are written a macro programming language and attach to a document file (such as Word or Excel). When a document or template containing the macro virus is opened in the target application, the virus runs, does its damage and copies itself into other documents. Continual use of the program results in the spread of the virus Mutating Virus A virus that stays in memory after it executes and infects other files when certain conditions are met.
8. Resident Virus A resident virus loads into memory and remains inactive until a trigger event. When the event occurs the virus activates, either infecting a file or disk, or causing other consequences. All boot viruses are resident viruses and so are the most common file viruses. Trojan Horse Program A Trojan horse program is a malicious program that pretends to be a benign application; a Trojan horse program purposefully does something the user does not expect. Trojans are not viruses since they do not replicate, but Trojan horse programs can be just as destructive. Worm Worms are parasitic computer programs that replicate, but unlike viruses, do not infect other files. Worms can create copies on the same computer, or can send the copies to other computers via a network.
9. Zoo Virus A zoo virus exists in the collections of researchers and has never infected a real world computer system
10.
11.
12.
13. SUSPICIOUS BEHAVIOUR The suspicious behavior approach, by contrast, doesn't attempt to identify known viruses, but instead monitors the behavior of all programs. If one program tries to write data to an executable program, for example, the antivirus software can flag this suspicious behavior, alert a user, and ask what to do. Unlike the dictionary approach, the suspicious behavior approach therefore provides protection against brand-new viruses that do not yet exist in any virus dictionaries. However, it can also sound a large number of false positives , and users probably become desensitized to all the warnings. If the user clicks "Accept" on every such warning, then the antivirus software obviously gives no benefit to that user. This problem has worsened since 1997, since many more non-malicious program designs came to modify other .exe files without regard to this false positive issue. Therefore, most modern antivirus software uses this technique less and less