MSAV

Last updated
Microsoft Anti-Virus
Developer(s) Central Point Software
Initial releaseMarch 30, 1993;29 years ago (1993-03-30)
Operating system DOS, Windows 3.1x
Platform IA-32
Size MSAV.EXE:236 KB
VSAFE.COM:62 KB
Virus Definitions:60 KB
Available in English
Type Antivirus software
License Proprietary

Microsoft Anti-Virus (MSAV) is an antivirus program introduced by Microsoft for its MS-DOS operating system. [1] The program first appeared in MS-DOS version 6.0 (1993 [2] ) and last appeared in MS-DOS 6.22. The first version of the antivirus program was basic, had no inbuilt update facility (updates had to be obtained from a BBS and manually installed by the user) and could scan for 1,234 different viruses. [3] Microsoft Anti-Virus for Windows (MWAV), included as part of the package, was a front end that allowed MSAV to run properly on Windows 3.1x.

Contents

In 2009, Microsoft launched an in-house antivirus solution named Microsoft Security Essentials, which later was phased out in favor of Microsoft Defender.

History

Microsoft Anti-Virus was supplied by Central Point Software Inc. (later acquired by Symantec in 1994 and integrated into Symantec's Norton AntiVirus product) and was a stripped down version of the Central Point Anti-Virus (CPAV) product which Central Point Software Inc., had licensed from Carmel Software Engineering in Haifa, Israel. Carmel Software sold the product as Turbo Anti-Virus both domestically and abroad.

Microsoft Anti-Virus for Windows was also provided by Central Point Software. [4]

Features

MSAV featured the "Detect and Clean" strategy and the detection of boot sector and Trojan horse-type viruses (which were typical virus problems at that time).

The program also had an anti-stealth and check sum feature that could be used to detect any changes in normal files. This technology was intended to make up for the unavailability of regular update packages. The final update of MSAV was released in June 1996 by Symantec. [5] The update added the ability to detect polymorphic viruses and the virus definitions were updated to scan for a total of 2,371 viruses.

VSafe TSR

VSafe TSR running on MS-DOS 6.22 VSafe.png
VSafe TSR running on MS-DOS 6.22

VSafe is a terminate and stay resident component of MSAV that provided real-time virus protection.

By default, VSafe does the following:

There are more features that can be enabled, VSafe can:

VSafe had a number of virus definitions embedded within its executable and was capable of loading additional signatures (updates) from an external definition file.

See also

Related Research Articles

BIOS Firmware for hardware initialization and OS runtime services

In computing, BIOS is firmware used to provide runtime services for operating systems and programs and to perform hardware initialization during the booting process. The BIOS firmware comes pre-installed on an IBM PC or IBM PC compatible's system board and exists in UEFI-based systems too. The name originates from the Basic Input/Output System used in the CP/M operating system in 1975. The BIOS originally proprietary to the IBM PC has been reverse engineered by some companies looking to create compatible systems. The interface of that original system serves as a de facto standard.

Malware Portmanteau for malicious software

Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive users access to information or which unknowingly interferes with the user's computer security and privacy. By contrast, software that causes harm due to some deficiency is typically described as a software bug. Malware poses serious problems to individuals and businesses on the Internet. According to Symantec’s 2018 Internet Security Threat Report (ISTR), malware variants number has increased to 669,947,865 in 2017, which is twice as many malware variants as in 2016. Cybercrime, which includes malware attacks as well as other crimes committed by computer, was predicted to cost the world economy 6 trillion dollars in 2021, and is increasing at a rate of 15% per year.

Timeline of computer viruses and worms Computer malware timeline

This timeline of computer viruses and worms presents a chronological timeline of noteworthy computer viruses, computer worms, Trojan horses, similar malware, related research and events.

Boot sector Sector of a persistent data storage device

A boot sector is the sector of a persistent data storage device which contains machine code to be loaded into random-access memory (RAM) and then executed by a computer system's built-in firmware.

Rootkit Software designed to enable access to unauthorized locations in a computer

A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software. The term rootkit is a compound of "root" and the word "kit". The term "rootkit" has negative connotations through its association with malware.

Antivirus software Computer software to defend against malicious computer viruses

Antivirus software, also known as anti-malware, is a computer program used to prevent, detect, and remove malware.

A boot disk is a removable digital data storage medium from which a computer can load and run (boot) an operating system or utility program. The computer must have a built-in program which will load and execute a program from a boot disk meeting certain standards.

ESET NOD32 Computer protection software

ESET NOD32 Antivirus, commonly known as NOD32, is an antivirus software package made by the Slovak company ESET. ESET NOD32 Antivirus is sold in two editions, Home Edition and Business Edition. The Business Edition packages add ESET Remote Administrator allowing for server deployment and management, mirroring of threat signature database updates and the ability to install on Microsoft Windows Server operating systems.

Norton AntiVirus is an anti-virus or anti-malware software product, developed and distributed by NortonLifeLock since 1991 as part of its Norton family of computer security products. It uses signatures and heuristics to identify viruses. Other features included in it are e-mail spam filtering and phishing protection.

Norton Utilities Computer utility software

Norton Utilities is a utility software suite designed to help analyze, configure, optimize and maintain a computer. The current version of Norton Utilities is Norton Utilities 16 for Windows XP/Vista/7/8 was released 26 October 2012.

Norton Internet Security, developed by Symantec Corporation, was a computer program that provided malware protection and removal during a subscription period. It used signatures and heuristics to identify viruses. Other features included a personal firewall, email spam filtering, and phishing protection. With the release of the 2015 line in summer 2014, Symantec officially retired Norton Internet Security after 14 years as the chief Norton product. It was superseded by Norton Security, a rechristened adaptation of the Norton 360 security suite.

PC Tools (software) Collection of software utlities

PC Tools is a collection of software utilities for DOS developed by Central Point Software.

DriveSpace is a disk compression utility supplied with MS-DOS starting from version 6.0 in 1993 and ending in 2000 with the release of Windows Me. The purpose of DriveSpace is to increase the amount of data the user could store on disks by transparently compressing and decompressing data on-the-fly. It is primarily intended for use with hard drives, but use for floppy disks is also supported. This feature was removed in Windows XP and later.

The Windows NT booting process is the process by which Windows NT 4.0, Windows 2000, Windows XP and Windows Server 2003 operating systems initialize. In Windows Vista and later, this process has changed significantly; see Windows NT 6 startup process for information about what has changed.

Stoned (computer virus) Computer virus

Stoned is a boot sector computer virus created in 1987. It is one of the first viruses and is thought to have been written by a student in Wellington, New Zealand. By 1989 it had spread widely in New Zealand and Australia, and variants became very common worldwide in the early 1990s.

Central Point Software, Inc. was a leading software utilities maker for the PC market, supplying utilities software for the DOS and Microsoft Windows markets. It also made Apple II copy programs. Through a series of mergers, the company was ultimately acquired by Symantec in 1994.

Computer virus Computer program that modifies other programs to replicate itself and spread

A computer virus is a type of computer program that, when executed, replicates itself by modifying other computer programs and inserting its own code. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus, a metaphor derived from biological viruses.

MS-DOS Microsofts discontinued operating system

MS-DOS is an operating system for x86-based personal computers mostly developed by Microsoft. Collectively, MS-DOS, its rebranding as IBM PC DOS, and a few operating systems attempting to be compatible with MS-DOS, are sometimes referred to as "DOS". MS-DOS was the main operating system for IBM PC compatibles during the 1980s, from which point it was gradually superseded by operating systems offering a graphical user interface (GUI), in various generations of the graphical Microsoft Windows operating system.

DOS Group of closely related PC-compatible operating systems

DOS is a platform-independent acronym for disk operating system which later became a common shorthand for disk-based operating systems on IBM PC compatibles. DOS primarily consists of Microsoft's MS-DOS and a rebranded version under the name IBM PC DOS, both of which were introduced in 1981. Later compatible systems from other manufacturers include DR DOS (1988), ROM-DOS (1989), PTS-DOS (1993), and FreeDOS (1998). MS-DOS dominated the IBM PC compatible market between 1981 and 1995.

Sality is the classification for a family of malicious software (malware), which infects files on Microsoft Windows systems. Sality was first discovered in 2003 and has advanced over the years to become a dynamic, enduring and full-featured form of malicious code. Systems infected with Sality may communicate over a peer-to-peer (P2P) network to form a botnet for the purpose of relaying spam, proxying of communications, exfiltrating sensitive data, compromising web servers and/or coordinating distributed computing tasks for the purpose of processing intensive tasks. Since 2010, certain variants of Sality have also incorporated the use of rootkit functions as part of an ongoing evolution of the malware family. Because of its continued development and capabilities, Sality is considered to be one of the most complex and formidable forms of malware to date.

References

  1. A History of Microsoft MS-DOS and Windows (and its main competitors) on the 8086 Processor family Archived 2006-02-24 at the Wayback Machine
  2. Wolverton, Van (2003). Running MS-DOS Version 6.22 (20th Anniversary Edition), 6th Revised edition. Microsoft Press. ISBN   0-7356-1812-7.
  3. List of viruses detectable by MSAV
  4. "MS-DOS MSAV command help". Computer Hope. Retrieved 2017-07-09.
  5. "Archived copy". Archived from the original on 2014-07-14. Retrieved 2007-02-04.{{cite web}}: CS1 maint: archived copy as title (link)