2. avast! About Us
Avast! (styled avast!) is a freemium antivirus computer program
available to Microsoft Windows, Mac OS X and Linux users, with a
user interface available in 41 languages. The name Avast is an
acronym of "Anti-Virus – Advanced Set". The official, and current
logo of Avast! is a white orb with the letter 'a' on it and an orange
circle around it, sticking out to four directions.
2
3. 3
avast! Signature Based Detection
Traditionally, antivirus software heavily relied upon signatures to identify malware. This can be
very effective, but cannot defend against malware unless samples have already been obtained
and signatures created. Because of this, signature-based approaches are not effective against
new, unknown viruses.
As new viruses are being created each day, the signature-based detection approach requires
frequent updates of the virus signature dictionary. To assist the antivirus software companies,
the software may allow the user to upload new viruses or variants to the company, allowing
the virus to be analyzed and the signature added to the dictionary.
Although the signature-based approach can effectively contain virus outbreaks, virus authors
have tried to stay a step ahead of such software by writing "oligomorphic", "polymorphic" and,
more recently, "metamorphic" viruses, which encrypt parts of themselves or otherwise modify
themselves as a method of disguise, so as to not match virus signatures in the dictionary.
4. 4
avast! Malicious Activity Detection
Malicious activity detection like Heuristic-based detection , can be
used to identify unknown viruses.
avast! free isn't the best at malware and not every program
Antivirus catches everything, remember it is a free program, all that
is are windows(MS-DOS) programs.
5. 5
Avast Heuristic detection
Some more sophisticated antivirus software uses heuristic analysis to identify new malware or
variants of known malware.
Many viruses start as a single infection and through either mutation or refinements by other
attackers, can grow into dozens of slightly different strains, called variants. Generic detection
refers to the detection and removal of multiple threats using a single virus definition.
For example, the Vundo trojan has several family members, depending on the antivirus
vendor's classification. Symantec classifies members of the Vundo family into two distinct
categories, Trojan.Vundo and Trojan.Vundo.B.
While it may be advantageous to identify a specific virus, it can be quicker to detect a virus
family through a generic signature or through an inexact match to an existing signature. Virus
researchers find common areas that all viruses in a family share uniquely and can thus create a
single generic signature. These signatures often contain non-contiguous code, using wildcard
characters where differences lie. These wildcards allow the scanner to detect viruses even if
they are padded with extra, meaningless code. A detection that uses this method is said to be
"heuristic detection."
6. 6
avast! File emulation
» File emulation is another heuristic approach. File emulation involves
executing a program in a virtual environment and logging what actions
the program performs. Depending on the actions logged, the antivirus
software can determine if the program is malicious or not and then carry
out the appropriate disinfection actions.
7. 7
avast! Performance
Evaluate the performance impact and system resource usage of using anti-virus software in three
ways:
Overall system performance measured before and after installation using PCMark
Memory footprint
Avast took up about 12 MB of system memory
Time it took to perform a full system scan
Avast took 34 minutes to scan our computer's hard drive with 122GB of data
8. avast! "false positive"
A "false positive" is when antivirus software identifies a non-
malicious file as a virus. When this happens, it can cause serious
problems. For example, if an antivirus program is configured to
immediately delete or quarantine infected files, a false positive in
an essential file can render the operating system or some
applications unusable.
All virus scanners produce false positive results as well,
identifying benign files as malware.
8
9. 9
avast! Renewal Cost
Renewal Cost
FREE OF COST
PROS:
FREE of charge
Simple interface
Highly pro-active, extensive protection
10. 10
Public Malware Database Website
Example Malware Database Website report:
http://www.malwaredomainlist.com/mdl.php
http://urlquery.net/index.php