The Danger Of Antivirus Program

The Danger Of Antivirus Program
By The Gadgets!

Since the first time found, virus has very big evolutions, so is program. Unfortunately, program evolution ussualy only follow the virus evolution too, not ahead of it. Expired (in technology) will be danger for users.

When viruses detected, new viruses will always born with newest technology and make become powerless. Old for example, can be cheat with “stealth” technology, so when try to detect other files, stealth virus will spread themselves to every checked files.

You often read about “specific” programs which mean to detect one kind of virus. Ussualy the programmer did not tell you the right way how to use the program, in fact that specific has a big risk if you don’t use it correctly.

Specific can only detect one kind of virus (and maybe some of the varian) and ussualy paralized the virus in memory. If you found a virus and you know the virus name, you can use this kind of antivirus. But if you are not sure with the name of the virus, you better not try it. And if there are other virus in your computer, which obviously not detected by your antivirus, then this will be a trigger for the other virus and spread them to all scanned files.

The most frighten danger is that if is mistaken to detect a virus and clean it and caused a program you try to fix become broken.

THE DANGER SOURCE OF PROGRAM

Antivirus could be danger because of the following reasons:

• Some programs only use simple technique which will be easily trickked by virus programmer. For example, if program only checked in few byte in header of the virus, virus programmer could make other version of the same virus (varian) with the same header, but different in other important part, like encryption routine/ header description. This will make an a file destroyer, not file saver. Some can also be cheated by change the signature file. Signature file is file that contain ID from every virus known by antivirus, if the Id is changed, then won’t recognise them. Good should always check if the signature file is changed.

• An program doesn’t create backup file cleaned. Mostly an program (specially the specific) don’t provide media to create backup file, eventhough this is very important just in case the scanning process fail.

• An anitvirus program doesn’t do self check. Self check is necessary, an program could be change by other people (beside the programmer) before it come to the user. Commercial programs ussualy doing self check to make sure they are not changed by anyone, but some don’t do this, and this is danger. On local programs, which usually included by some computer article, include the source code, you better compile the source your self if you hesitate to the original file exe.

• program residen can be non activated easily. Good residen should be undetected and uninstall easily. Bad residen sample is VSAFE (in DOS package). VSAFE is detectable and turn off from interrupt (try to learn/debug VSAFE program in DOS). Users will get the fake safe feeling by using this kind of antivirus. Better not safe at all than fake safe.

• program don’t warn for expired date. By the time, new viruses will come with their newest technique. A good will warn you if they are out of date. This is necessary to avoid the “antivirus spreading virus” case.