Howdy, diggers how are you all today? Are you feeling healthy today? Is your PC also feeling healthy as well? Most of you who cares about your PC performance, privacy and cyber security must have installed at least one type of antivirus software in your PC. Most of people feeling save already knowing that in their PC there was program installed called antivirus. Nevertheless, what if there is a way to pass the antivirus protection no matter how often you update the antivirus? Well that will be a big problem. So now, let us dig more into the world of virus, where the power of evil will fight with the knights who defend your PC.
Antivirus 101, How They Do It
To learn how some viruses pass the antivirus detection we must learn how antivirus recognizes a virus in your PC. Most of the antivirus, especially old ones recognize viruses by its signature. What is signature? Like human beings signature is a unique sign that belong to certain person, as for the viruses the signature can be name or code that only a certain virus type or version have.
How does the antivirus determine the unique signature of a virus? Well when virus makers make new virus the antivirus developer will get the virus analyzed. After they analyze the new virus, they will determine a unique signature for that virus. After that, the antivirus developer will send the new signature data into their users around the world through antivirus updates.
What if there was a virus out there that no antivirus ever known before? If you refer to the principle on how antiviruses detect a virus, you will find the answers. Yes, the antivirus will not recognize the virus and will let the virus get into your computer. That is why the virus makers always try to make their viruses as fast as possible through a fast cycle of works. In the other hand, the antivirus developers are racing to get the latest viruses’ database so they can determine their signature.
How to Pass the Antivirus Detection
When a virus maker want to know if their new virus can be recognize by antivirus or not, they can upload their virus into websites like Jotti (www.jotti.com) or VirusTotal (www.virustotal.com). In those websites, some antivirus will attempt to detect their new virus. When they found the virus the virus maker will use program such as EXE-packer, which will not only make the malicious software smaller but also will change the signature. In the old days, the virus maker can use the “Do not send sample” option in order to prevent the websites from sending the new malicious software program to the antivirus developer before they can make any changes. Now as far as I know this option is no longer exist due to the deal made between the antivirus developer and the Jotti and VirusTotal.
After the Jotti and VirusTotal make deals with antivirus developers, the virus makers turn to certain kind of software, which helps them to make their virus undetected by antivirus. The anti antivirus software like KIMS and AVFixer has the ability to test the new virus against some antivirus in the world. Not only that, the software can perform some necessary modification to the virus so antivirus cannot detect the virus.
How the Antivirus Developers Counteract
For you web diggers who start to lose faith to the antivirus software which currently protecting your PC, don’t you worry, antivirus developers already made some modification to handle the latest virus evolutions.
Nowadays to help enhancing your PC protection against malicious software, the antivirus developers start to make some changes on how their antivirus works. To stay up to date with the virus evolution some antivirus developers add some features on their antivirus software. The new antivirus is not only relying on the signature scanning but also put some new method called heuristic method. The newer method introduced by antivirus developers is the behavior analysis method and sandbox method. The behavior analysis method use some algorithm to recognize if a program running on your PC which can do something harm to your PC based on the program behavior to your PC’s systems. In other words, the virus is recognized not by its outside looks but more from the inside looks, its behavior for more exact.
The sandbox method is not so popular among most of PC users. Nowadays, only experts use the sandbox method due to complexity of operating this method. This method creates a virtual space on your hard drive. If you run a program, this program first will run in this virtual space, if then you decide that the program currently running is a malicious program you can lock and heal or quarantine the program. Every changes made by the program can be reversed to its initial states just by a single click. Well I hope soon every anti malicious program software will include sandbox method as their feature.
Some Word of Wisdom
I do not think it is wrong to install antivirus in your PC but the question now is how good is your antivirus deals with new viruses in the world? Most people were so confident after they install antivirus software in their PC and make them less careful when they connected to the internet, downloading and putting data on their PC. This kind of behavior will result serious problems because you cannot just give the matters of PC securities to your antivirus software, your PC security is your own problem, and if you want to maintain your PC away from viruses, you must start from yourself.
There is no 100% secured PC even you already install every top of the line, state of the art of technology, security software and patches. If you want to keep your PC 100% save just shut it down, unplug every cable connected to it, put it somewhere safe and go to sleep. If you still want to use your PC, please stay wise with everything you do with your PC, stay up to date with the information and check your PC regularly.
hello hope u visit my blog also
ReplyDelete