Bibliography
'Virus Encounters, 1995: Cost to the World Population'. Testimony, House Subcommittee on Telecommunications and Finance, Tippett, Peter, June 1993.
'The Wildlist'. Maintained by Joe Wells.
'Real World Anti-Virus Product Reviews and Evaluation'. Gordon, Sarah and Ford, Richard, Proceedings of Security on the I-Way, NCSA, 1995.
'An Introduction to General Systems Thinking', p.3, Weinberg, Gerald. John Wiley and Sons, 1975.
'An Introduction to General Systems Thinking', p.51, Weinberg, Gerald. John Wiley and Sons, 1975.
'General Systems Theory: Foundations, Development, Applications', pp.xix-xx, Revised Edition, von Bertalanffy, Ludwig. George Braziller, Inc, 1980.
'Health Promotion Throughout the Lifespan', Edelman, Carole and Mandle, Carole. Mosby, 1994.
'Guide to the Selection of Anti-Virus Tools and Techniques'. Polk, T. and Bassham, L. NIST Special Publication 800-5. NIST, December, 1992.
'Real World Anti-Virus Product Reviews and Evaluation', Gordon, Sarah and Ford, Richard. Proceedings of Security on the I-Way. NCSA, 1995.
'Semantics, Operationalism and the Molecular-Statistical Model in Thermodynamics', Dixon, John and Emery, Alden. American Scientist, 53, 1965.
Quote attributed to Abraham Lincoln.
'Applied General Systems Theory', p.39, Van Gigch. John P. Harper and Row, 1974.
'Applied General Systems Theory', Figure 2.2, Van Gigch. John P. Harper and Row, 1974.
'Directed Graph Epidemiological Models of Computer Viruses', Kephart, Jeffrey O. and White, Steve, R., Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy, 1991.
'The Viability and Cost Effectiveness of an 'In the Wild' virus scanner in a Corporate Environment', Gordon, Sarah, 1995.
'Applied General Systems Theory', p.25, Van Gigch. John P. Harper and Row, 1974.
'The Development of Operations Research as a Science', pp.59-60, as cited in [4]. Ackoff, Russell. Scientific Decision Making in Business.
'Some Mathematical Models in Science', Kac, Mark. Science, 166 No. 3906 695, 1969.
About the Author
Sarah Gordon's work in various areas of IT Security can be found profiled in various publications including the New York Times, Computer Security Journal and Virus Bulletin. She is a frequent speaker at such diverse conferences as those sponsored by NSA/NIST/NCSC and DEFCON. Recently appointed to theWildlist Board of Directors, she is actively involved in the development of anti-virus software test criteria and methods. She may be reached assgordon@low-level.format.com
Thursday, November 19, 2009
Conclusion - Antivirus Strategy
Conclusion
The systems approach proposed here is a 'whole system' optimization. Think of it as the configuration of a system which will facilitate optimal performance. There exists, of course, a dilemma, in that at some time suboptimization may be necessary, or even the only possible approach. An approximation which is used may be a great deal better than an exact solution which is not [17]. Nevertheless, our model will attempt to show ways to optimize system performance. Models are how we express things we want to understand and possibly change, designed in terms of something we think we already understand. Models sometimes present problems when you try to translate them into real world activities. With this in mind, I would like to suggest a simple model which may help us begin to find ways to find a solution to the problem of designing a workable anti-virus strategy.
'Models should not so much explain and predict as to polarize thinking and pose sharp questions.' [18]
Using a holistically modelled approach, we would strive to maintain the existing health of the system. This assumes we have a healthy system to begin with. This requires you not depend on your belief that your software is correctly installed and operational, and that your employees know how to use it and are using it, and that your equipment is functional, and that your policies are correct and being followed... It requires that you actually take it upon yourselves to designate people to ensure that your system is optimal to begin with. If you are not willing to do this, you cannot expect to restore the system to health. The focus should shift from 'blame' to 'responsibility'. This may require investment on your part. You may need to update equipment. You may need to train employees. You may need to purchase software. You may need to subscribe to publications which can keep your employees up to date on trends in virus and security matters.
You will need to monitor feedback between various aspects of your anti-virus strategy system. We have not discussed feedback at any great length in this paper, due to the number of elements of the system and the complexity of the feedback. However, using the empirico-intuitive General Systems theoretical approach defined earlier in this paper, you should be able to determine the sorts of feedback which are required to keep your system functioning optimally. If there is NO feedback, you can rest assured your system will fail. Lack of feedback produces entropy. In simple terms, entropy can be called the steady degradation or disorganization of a society or a system. This is not what you want for your system. You want to move the system into organisation and order, high rates of probability and certainty. As we discussed earlier, this happens when information is processed. The information can be communication of any type between any elements of the system.
Our current focus seems to be on the existing illnesses in our systems. If open systems indeed, as suggested, possess an innate organising principle, perhaps we should be paying more attention to what the elements of our systems are telling us. We could learn the sorts of information required to maintain organised reliability. We could learn the amount and types of feedback required to process information optimally, and to keep the system both desirably adaptive and from adapting negatively. We must examine our systems as a whole, including all of the parts, as best we can, to determine what the elements and the system are telling us. In the case of our anti-virus strategy systems, we have yet to determine what that message is. Many of us have not even yet defined the elements of the system, the system boundaries, or the goal of the system.
It is clear that there are disharmonic conditions in the 'Anti-virus strategy systems' of most companies; if there were not, no one would be attending this conference or reading this paper. It is also clear that the way we traditionally approach these problems is not working. We have been using these approaches for a long time, and the problems are not going away. Drawing from the holism model, one thing we can do is examine causal factors, instead of focusing on symptomatic relief. We need to examine more closely the interdependence of the parts of our system, and as security professionals, should facilitate the potential for healing our systems. It is hoped that some of the ideas mentioned in this paper can provide a starting point for this.
The author would like to thank Louise Yngstrom, University of Stockholm, for late night chats on System Theory, above and beyond the call of even academic duty.
The systems approach proposed here is a 'whole system' optimization. Think of it as the configuration of a system which will facilitate optimal performance. There exists, of course, a dilemma, in that at some time suboptimization may be necessary, or even the only possible approach. An approximation which is used may be a great deal better than an exact solution which is not [17]. Nevertheless, our model will attempt to show ways to optimize system performance. Models are how we express things we want to understand and possibly change, designed in terms of something we think we already understand. Models sometimes present problems when you try to translate them into real world activities. With this in mind, I would like to suggest a simple model which may help us begin to find ways to find a solution to the problem of designing a workable anti-virus strategy.
'Models should not so much explain and predict as to polarize thinking and pose sharp questions.' [18]
Using a holistically modelled approach, we would strive to maintain the existing health of the system. This assumes we have a healthy system to begin with. This requires you not depend on your belief that your software is correctly installed and operational, and that your employees know how to use it and are using it, and that your equipment is functional, and that your policies are correct and being followed... It requires that you actually take it upon yourselves to designate people to ensure that your system is optimal to begin with. If you are not willing to do this, you cannot expect to restore the system to health. The focus should shift from 'blame' to 'responsibility'. This may require investment on your part. You may need to update equipment. You may need to train employees. You may need to purchase software. You may need to subscribe to publications which can keep your employees up to date on trends in virus and security matters.
You will need to monitor feedback between various aspects of your anti-virus strategy system. We have not discussed feedback at any great length in this paper, due to the number of elements of the system and the complexity of the feedback. However, using the empirico-intuitive General Systems theoretical approach defined earlier in this paper, you should be able to determine the sorts of feedback which are required to keep your system functioning optimally. If there is NO feedback, you can rest assured your system will fail. Lack of feedback produces entropy. In simple terms, entropy can be called the steady degradation or disorganization of a society or a system. This is not what you want for your system. You want to move the system into organisation and order, high rates of probability and certainty. As we discussed earlier, this happens when information is processed. The information can be communication of any type between any elements of the system.
Our current focus seems to be on the existing illnesses in our systems. If open systems indeed, as suggested, possess an innate organising principle, perhaps we should be paying more attention to what the elements of our systems are telling us. We could learn the sorts of information required to maintain organised reliability. We could learn the amount and types of feedback required to process information optimally, and to keep the system both desirably adaptive and from adapting negatively. We must examine our systems as a whole, including all of the parts, as best we can, to determine what the elements and the system are telling us. In the case of our anti-virus strategy systems, we have yet to determine what that message is. Many of us have not even yet defined the elements of the system, the system boundaries, or the goal of the system.
It is clear that there are disharmonic conditions in the 'Anti-virus strategy systems' of most companies; if there were not, no one would be attending this conference or reading this paper. It is also clear that the way we traditionally approach these problems is not working. We have been using these approaches for a long time, and the problems are not going away. Drawing from the holism model, one thing we can do is examine causal factors, instead of focusing on symptomatic relief. We need to examine more closely the interdependence of the parts of our system, and as security professionals, should facilitate the potential for healing our systems. It is hoped that some of the ideas mentioned in this paper can provide a starting point for this.
The author would like to thank Louise Yngstrom, University of Stockholm, for late night chats on System Theory, above and beyond the call of even academic duty.
Variations on a theme - Antiviruses
Variations on a theme
How well are our strategies doing? As pointed out early on, not very well. Why not? To help answer that question, next we will examine the problems of our strategy using the concept of variation. We recognise the duality of variables as they relate to information processing; the significant values which variables acquire at the two extremes of their respective spectra. Specifically, in order for a system to continue to thrive, information must be processed. Disorder, uncertainty, variety - all must shift from high to low [Table 2].
The probability of particular events follows by decreasing from small to large. The amount of regulation and control increases from low to high. We become increasingly sure of the output of our systems [13]. However, viruses introduce a form of disorder with which the human components of our systems are not intimately familiar. While the probability of infection can be calculated mathematically [14], we are unable to calculate the probability of other events related to viral infections[15]. In what ways does this introduced unfamiliarity manifest itself? One manifestation is the appearance of problems.
We typically try to solve most of these problems deductively, to determine the reason for a variation between design and operation or design and implementation. This approach is doomed to failure because it places the blame on the subsystems. We attempt to 'restore to normal' instead of redesigning our system. We formulate plans based on incorrect, incomplete or obsolete assumptions. We neglect to factor in spillover effect, that is, the unwanted effect which actions in one system can have in another. Improving an isolated system may seem the epitome of system integrity. You can have your pure clean computer. Of course, it is virtually useless, unconnected to the rest of the world. Or, perhaps it is the solution. Isolated perfect machines. This would probably create a dissatisfied workforce, however, which would ultimately impact business negatively. In the case of anti-virus strategy, 'spillover' takes on many new dimensions - as many as the human beings with which our machines interface. Can you control all of the aspects of this system? You cannot.
Another factor to consider is the size and extent of our system. Further insight may be gained by considering what is sometimes referred to as the generalised thermodynamic law, which states that the probable state is more likely to be observed than the less probable. While this may incite the physicists among us, it has two parts which correspond to the first and second law of thermodynamics. The first law is hardly worth mentioning (physical reason), but the second is of interest to us. We should be concerned with the limited power of observers when viewing large systems. In other words, we cannot expect our managers to be in every place at once, knowing what is going on with every system, every employee. The concept of boundaries can be used to help solve this problem, but their definition is beyond the scope of this paper [16].
System Failure and Measurement
We say the system is failing for three reasons. It is not performing as intended. It is producing results other than expected. It is not meeting its goal. The objective is NO VIRUSES. However, in addition to often neglecting to define what 'no viruses' actually means, we are frequently unaware of how 'no viruses' can mean different things to different people. Not performing as intended could mean it finds some viruses but not all, or it finds all but only removes some. Unexpected results could mean it crashes 1 out of every 6000 machines, or produces system degradation you did not anticipate (if this is the case, does the fault really lie with the product for producing the degradation or you for not anticipating?) Not meeting its goal most likely means failing to keep out viruses. However, to some people, this is a different goal from 'no viruses'.
How is this possible? Isn't 'no viruses' a simple concept? In a word, no. When there is a malfunction, i.e. a virus is found, the natural tendency is to look for the cause within the system. We tend to blame the problem on the variation of the system from its 'desired' behaviour. It could be the fault of the program, the employee, the policy. We tend to blame the program as it is the part of the system most closely identified with the failure as immediately perceived. However, consider for a moment that, to your employee, 'no viruses' means simply that. No viruses are found. Following that line of thought, finding 'no viruses' would be a system success - that is, until it brought your operation to a halt. You see, to some people, 'no viruses' means that none are seen or observed, and not that none are actually operational in the system. We plan grandiose policies and procedures around finding a virus and make no space for 'no viruses' as a possible failed variation. If you find 'no virus', you need to be very sure it is not due to your employees disabling your software, or your software not finding the virus.
Many system 'improvements' are possible which in reality doom the system. Faulty assumptions and goals are often at the root of this problem. For instance, it is obvious that all of your computer workers must, under dire penalty, refrain from bringing disks from home into your office. You implement this policy. You assume they will comply. Your goal is compliance, not 'no viruses'. If the goal was 'no viruses', you would be forced to be more realistic.Consider the following two statements:
We have clean, working computers and by not bringing in software, we can keep them that way. It will save us all a lot of time, and effort!
If you bring in disks, you will probably infect our office computers. It will cost us all a lot of money.
In the first instance, the focus is on the well machine. Everyone wants well machines. People like to be part of winning teams, and participate in things that are nice.
In the second, the focus is on the sick machine. None of your people would have viruses on their home computers. So, this must not apply to them. And if they do break the rule, you have already set them up to be afraid to tell you. After all, they don't want to cost you a lot of money and they certainly don't want to be known as the culprit for infecting the office computers.
How do we measure the performance of our anti-virus strategy system? Not very well. If we find some viruses, we say it's working. If we don't find any viruses, we say it's working. In some cases, you can apply 'we say it's not working' to these same sentences. There is no standard way in which we measure the success of the entire system. Only in the act of being out of control will the system be able to detect and bring back the control.
How well are our strategies doing? As pointed out early on, not very well. Why not? To help answer that question, next we will examine the problems of our strategy using the concept of variation. We recognise the duality of variables as they relate to information processing; the significant values which variables acquire at the two extremes of their respective spectra. Specifically, in order for a system to continue to thrive, information must be processed. Disorder, uncertainty, variety - all must shift from high to low [Table 2].
The probability of particular events follows by decreasing from small to large. The amount of regulation and control increases from low to high. We become increasingly sure of the output of our systems [13]. However, viruses introduce a form of disorder with which the human components of our systems are not intimately familiar. While the probability of infection can be calculated mathematically [14], we are unable to calculate the probability of other events related to viral infections[15]. In what ways does this introduced unfamiliarity manifest itself? One manifestation is the appearance of problems.
We typically try to solve most of these problems deductively, to determine the reason for a variation between design and operation or design and implementation. This approach is doomed to failure because it places the blame on the subsystems. We attempt to 'restore to normal' instead of redesigning our system. We formulate plans based on incorrect, incomplete or obsolete assumptions. We neglect to factor in spillover effect, that is, the unwanted effect which actions in one system can have in another. Improving an isolated system may seem the epitome of system integrity. You can have your pure clean computer. Of course, it is virtually useless, unconnected to the rest of the world. Or, perhaps it is the solution. Isolated perfect machines. This would probably create a dissatisfied workforce, however, which would ultimately impact business negatively. In the case of anti-virus strategy, 'spillover' takes on many new dimensions - as many as the human beings with which our machines interface. Can you control all of the aspects of this system? You cannot.
Another factor to consider is the size and extent of our system. Further insight may be gained by considering what is sometimes referred to as the generalised thermodynamic law, which states that the probable state is more likely to be observed than the less probable. While this may incite the physicists among us, it has two parts which correspond to the first and second law of thermodynamics. The first law is hardly worth mentioning (physical reason), but the second is of interest to us. We should be concerned with the limited power of observers when viewing large systems. In other words, we cannot expect our managers to be in every place at once, knowing what is going on with every system, every employee. The concept of boundaries can be used to help solve this problem, but their definition is beyond the scope of this paper [16].
System Failure and Measurement
We say the system is failing for three reasons. It is not performing as intended. It is producing results other than expected. It is not meeting its goal. The objective is NO VIRUSES. However, in addition to often neglecting to define what 'no viruses' actually means, we are frequently unaware of how 'no viruses' can mean different things to different people. Not performing as intended could mean it finds some viruses but not all, or it finds all but only removes some. Unexpected results could mean it crashes 1 out of every 6000 machines, or produces system degradation you did not anticipate (if this is the case, does the fault really lie with the product for producing the degradation or you for not anticipating?) Not meeting its goal most likely means failing to keep out viruses. However, to some people, this is a different goal from 'no viruses'.
How is this possible? Isn't 'no viruses' a simple concept? In a word, no. When there is a malfunction, i.e. a virus is found, the natural tendency is to look for the cause within the system. We tend to blame the problem on the variation of the system from its 'desired' behaviour. It could be the fault of the program, the employee, the policy. We tend to blame the program as it is the part of the system most closely identified with the failure as immediately perceived. However, consider for a moment that, to your employee, 'no viruses' means simply that. No viruses are found. Following that line of thought, finding 'no viruses' would be a system success - that is, until it brought your operation to a halt. You see, to some people, 'no viruses' means that none are seen or observed, and not that none are actually operational in the system. We plan grandiose policies and procedures around finding a virus and make no space for 'no viruses' as a possible failed variation. If you find 'no virus', you need to be very sure it is not due to your employees disabling your software, or your software not finding the virus.
Many system 'improvements' are possible which in reality doom the system. Faulty assumptions and goals are often at the root of this problem. For instance, it is obvious that all of your computer workers must, under dire penalty, refrain from bringing disks from home into your office. You implement this policy. You assume they will comply. Your goal is compliance, not 'no viruses'. If the goal was 'no viruses', you would be forced to be more realistic.Consider the following two statements:
We have clean, working computers and by not bringing in software, we can keep them that way. It will save us all a lot of time, and effort!
If you bring in disks, you will probably infect our office computers. It will cost us all a lot of money.
In the first instance, the focus is on the well machine. Everyone wants well machines. People like to be part of winning teams, and participate in things that are nice.
In the second, the focus is on the sick machine. None of your people would have viruses on their home computers. So, this must not apply to them. And if they do break the rule, you have already set them up to be afraid to tell you. After all, they don't want to cost you a lot of money and they certainly don't want to be known as the culprit for infecting the office computers.
How do we measure the performance of our anti-virus strategy system? Not very well. If we find some viruses, we say it's working. If we don't find any viruses, we say it's working. In some cases, you can apply 'we say it's not working' to these same sentences. There is no standard way in which we measure the success of the entire system. Only in the act of being out of control will the system be able to detect and bring back the control.
Programs Policy and Procedures
(Selection, Implementation and Maintenance)
Where do we begin in examining the interaction of our chosen system elements? Let's start with the software selection. Anti-virus software is selected based on a wide number of criteria (8). While some of these criteria are beneficial, several are counterproductive at best (9). We need to be aware of exactly how our company's software is being chosen, and not leave this vital aspect of software selection up to people who do not have the experience or expertise to make a selection that will maximize your organisation's protection against viruses.
Does your anti-virus software detect all of the viruses which are a real threat to your organisation? Before you glibly answer yes, you should recognise that all products are far from created equal, and that even the best products will not achieve this goal if not properly maintained. Consider the following:
When asked what happens to two blocks of copper initially at different temperatures left alone together in an insulated container, students will reply that the blocks will come to the same temperature. Of course, if asked how they know, they usually say "Because it is a law of nature"...the opposite is true...it is a law of nature because it happens.[10]
Apply this to your anti-virus software. Does it catch viruses because it is anti-virus software? If so, you can depend on it, as its name defines what it is. But, if you even loosely apply this concept, you will see that it is anti-virus software because it catches viruses - and if it does not, then what does that make it?
Remember the following quote:
'If you call a tail a leg, how many legs has a dog?'
'Five?'
'No, Four. Calling a tail a leg doesn't make it a leg' [11]
Maintenance of your software is another critical issue. Maintenance refers not to the upgrade, but to the maintaining of the software on a daily basis. What does it require to run? Are you supplying what it needs to live? Or is it merely surviving? Does it have adequate memory, power, disk space to run optimally and lessen the chance your employees will disable it? Is it in an environment free from other programs which may hinder its performance? If you cannot answer yes to these questions, you are not providing an environment for this element of your strategy system which will allow it to remain viable. It will not survive. Like living systems, the anti-virus strategy system requires a favorable environment, else the system will adapt. Unfortunately, in the case of this system, adaptation can mean software becoming disabled by the user component of the system, or overridden by a competing software component. All this, and we have not even added viruses which by design cause a problem to the system by the introduction of instability.
Even if you have the best anti-virus software, and are running it optimally, there can still be problems. Software is just one part of the strategy system. Policies and procedures play an important role in the overall strategy. Even the viruses we mentioned earlier play a part in this system. Then there are the least predictable aspects of the system, the human beings. How complex is this system? How much should we expect the people involved to understand?
Ackoff defines an abstract system as one in which all of the elements are concepts, whereas a concrete system is one in which at least two of the elements are objects [12]. As you can see, our system is concrete. It is also by design an open system, one into which new components may be introduced. Some of these components are by nature 'unknown' (i.e. actions of people, how software may react, viruses which may appear).
When these components are introduced, we have to consider first how they behave on their own. Next, we have to consider how they would behave in combination with any and/or all of the other elements. Finally, we have to consider how 'things' in general will be if neither of the objects are present. In its most simple form, a two-part system would require four equations, but of course, you can see that as the number of elements increases, the number of interactive equations grows by leaps and bounds [Table 1].
Linear Equations Nonlinear Equations
Equation One Equation Several Equations Many Equations One Equation Several Equations Many Equations
Algebraic Trivial Easy Essentially Impossible Very Difficult Very Difficult Impossible
Ordinary differential Easy Difficult Essentially Impossible Very Difficult Impossible Impossible
Partial Differential Difficult Essentially Impossible Impossible Impossible Impossible Impossible
Table 1. [From [5]] - Introduction of Elements:
One of the systems theory approaches we can draw from here to help illustrate the problem comes from what is sometimes called the Square Law of Computation. This means basically that unless you can introduce some simplifications, the amount of computation involved in figuring something out will increase at least as fast as the square of the number of equations. Consider all of the interactions between humans, computers, and software, and you will see why it is impossible to precisely calculate what the results of all of those interactions will be. We cannot even measure them. In other words, you cannot possibly anticipate all of the problems you will encounter in trying to keep your company's data safe from viruses, because you cannot possibly calculate the interactions which will occur once you begin trying to formulate a strategy. Needless to say, these interactions create 'problems'.
If we examine our anti-virus strategy in various ways, we may be able to see things more clearly. Another helpful way in which we can view our system is as an expression, such as the terms of a set. For instance, the notation:
Let x stand for marriage Let y stand for carriage Let z stand for bicycle
The set [x,y,z] is simple enough for anyone to understand. Using names in sets takes us to the more complex:[The look on your face when you saw your first child, a proof that Vesselin Bontchev is not the Dark Avenger, an atom of plutonium]; wherein the first no longer exists (or possibly never did); the second has not yet existed, and the third is out of reach of the common man.
If you were to be asked for the meaning of the ... in the set [Alan, Dmitry, Fridrik...] would you say the ... represented men's names? Names of programmers? Names of programmers who make anti-virus software? Names of people not from the United States?What is the rule for determining the meaning of what is unstated? Is there some unwritten heuristic of which your employees are not aware? What is the meaning of the three dots in our set?
This has a particular application to policy. Users can easily understand, 'Do not turn the computer off if you find a virus'. Can they as easily understand, 'Do not reset the computer if you find a virus'? Can they understand, 'In the event of a suspected virus, call the administrator or take appropriate action'? What is a suspected virus? Is it any time the computer system seems to act strangely? Is it only when the letters fall off? After all, that's what viruses do, right? What is appropriate action? [Turn off the computer, Call your supervisor, Reboot the computer, ...] What is the meaning of the ... in this set?
Where do we begin in examining the interaction of our chosen system elements? Let's start with the software selection. Anti-virus software is selected based on a wide number of criteria (8). While some of these criteria are beneficial, several are counterproductive at best (9). We need to be aware of exactly how our company's software is being chosen, and not leave this vital aspect of software selection up to people who do not have the experience or expertise to make a selection that will maximize your organisation's protection against viruses.
Does your anti-virus software detect all of the viruses which are a real threat to your organisation? Before you glibly answer yes, you should recognise that all products are far from created equal, and that even the best products will not achieve this goal if not properly maintained. Consider the following:
When asked what happens to two blocks of copper initially at different temperatures left alone together in an insulated container, students will reply that the blocks will come to the same temperature. Of course, if asked how they know, they usually say "Because it is a law of nature"...the opposite is true...it is a law of nature because it happens.[10]
Apply this to your anti-virus software. Does it catch viruses because it is anti-virus software? If so, you can depend on it, as its name defines what it is. But, if you even loosely apply this concept, you will see that it is anti-virus software because it catches viruses - and if it does not, then what does that make it?
Remember the following quote:
'If you call a tail a leg, how many legs has a dog?'
'Five?'
'No, Four. Calling a tail a leg doesn't make it a leg' [11]
Maintenance of your software is another critical issue. Maintenance refers not to the upgrade, but to the maintaining of the software on a daily basis. What does it require to run? Are you supplying what it needs to live? Or is it merely surviving? Does it have adequate memory, power, disk space to run optimally and lessen the chance your employees will disable it? Is it in an environment free from other programs which may hinder its performance? If you cannot answer yes to these questions, you are not providing an environment for this element of your strategy system which will allow it to remain viable. It will not survive. Like living systems, the anti-virus strategy system requires a favorable environment, else the system will adapt. Unfortunately, in the case of this system, adaptation can mean software becoming disabled by the user component of the system, or overridden by a competing software component. All this, and we have not even added viruses which by design cause a problem to the system by the introduction of instability.
Even if you have the best anti-virus software, and are running it optimally, there can still be problems. Software is just one part of the strategy system. Policies and procedures play an important role in the overall strategy. Even the viruses we mentioned earlier play a part in this system. Then there are the least predictable aspects of the system, the human beings. How complex is this system? How much should we expect the people involved to understand?
Ackoff defines an abstract system as one in which all of the elements are concepts, whereas a concrete system is one in which at least two of the elements are objects [12]. As you can see, our system is concrete. It is also by design an open system, one into which new components may be introduced. Some of these components are by nature 'unknown' (i.e. actions of people, how software may react, viruses which may appear).
When these components are introduced, we have to consider first how they behave on their own. Next, we have to consider how they would behave in combination with any and/or all of the other elements. Finally, we have to consider how 'things' in general will be if neither of the objects are present. In its most simple form, a two-part system would require four equations, but of course, you can see that as the number of elements increases, the number of interactive equations grows by leaps and bounds [Table 1].
Linear Equations Nonlinear Equations
Equation One Equation Several Equations Many Equations One Equation Several Equations Many Equations
Algebraic Trivial Easy Essentially Impossible Very Difficult Very Difficult Impossible
Ordinary differential Easy Difficult Essentially Impossible Very Difficult Impossible Impossible
Partial Differential Difficult Essentially Impossible Impossible Impossible Impossible Impossible
Table 1. [From [5]] - Introduction of Elements:
One of the systems theory approaches we can draw from here to help illustrate the problem comes from what is sometimes called the Square Law of Computation. This means basically that unless you can introduce some simplifications, the amount of computation involved in figuring something out will increase at least as fast as the square of the number of equations. Consider all of the interactions between humans, computers, and software, and you will see why it is impossible to precisely calculate what the results of all of those interactions will be. We cannot even measure them. In other words, you cannot possibly anticipate all of the problems you will encounter in trying to keep your company's data safe from viruses, because you cannot possibly calculate the interactions which will occur once you begin trying to formulate a strategy. Needless to say, these interactions create 'problems'.
If we examine our anti-virus strategy in various ways, we may be able to see things more clearly. Another helpful way in which we can view our system is as an expression, such as the terms of a set. For instance, the notation:
Let x stand for marriage Let y stand for carriage Let z stand for bicycle
The set [x,y,z] is simple enough for anyone to understand. Using names in sets takes us to the more complex:[The look on your face when you saw your first child, a proof that Vesselin Bontchev is not the Dark Avenger, an atom of plutonium]; wherein the first no longer exists (or possibly never did); the second has not yet existed, and the third is out of reach of the common man.
If you were to be asked for the meaning of the ... in the set [Alan, Dmitry, Fridrik...] would you say the ... represented men's names? Names of programmers? Names of programmers who make anti-virus software? Names of people not from the United States?What is the rule for determining the meaning of what is unstated? Is there some unwritten heuristic of which your employees are not aware? What is the meaning of the three dots in our set?
This has a particular application to policy. Users can easily understand, 'Do not turn the computer off if you find a virus'. Can they as easily understand, 'Do not reset the computer if you find a virus'? Can they understand, 'In the event of a suspected virus, call the administrator or take appropriate action'? What is a suspected virus? Is it any time the computer system seems to act strangely? Is it only when the letters fall off? After all, that's what viruses do, right? What is appropriate action? [Turn off the computer, Call your supervisor, Reboot the computer, ...] What is the meaning of the ... in this set?
Anti-Virus Strategy System
Holism
Our definition of holism, drawing where appropriate from the medical profession, is health-oriented, and focuses on maintaining and improving the existing health of the system. It does not focus on disease and illness. It is interesting to note that, while we have many terms that relate to compromised and infected systems, we do not seem to have many terms relating to 'well' computers. Holism operates under the assumption that the open system possesses an innate organising principle, with the interdependence of the parts having an effect on the total system health. Holism views symptoms of distress as signalling disharmonic conditions, from which we can learn how to adjust the system (feedback); it is open to a variety of approaches for attaining balance. The focus of holism is heavily slanted toward the correction of causal factors, not symptomatic relief. Thus, the role of the holistic practitioner is to facilitate the potential for healing [7].
Anti-Virus Strategy Systems
Where do our anti-virus strategy systems fit in this picture? We hope to explore some answers to that question by first examining the components of our model system. Keep in mind, however, that the goal of this paper is not to provide you with answers, but rather to stimulate new ways of thinking about the problems we face daily.
Components
Each of the components in Diagram 1 contributes to the overall health of the system. Conversely, each can contribute to the illness of the system. For instance, our computer can contribute to the health of the system by functioning properly. If the hard drive crashes, a disharmonic condition is introduced. Our managers contribute to the overall well-being of the system, as long as they perform correctly. However, if one of them intentionally or unintentionally infects a computer with a virus, he or she contributes to the illness of the system. Our software contributes to the wellness by keeping employees reassured, and by keeping viruses out. If it is disabled by an employee desirous of more speed upon boot, or if it does not do its job in virus detection, it contributes to the illness or chaos in the system. There are other factors not shown, as the anti-virus strategy system model does not stop at the boundary of the company. The model includes your Internet service provider, virus writers, makers of electronic mail front-ends, anti-virus product tech support people and more. For the purposes of this paper, we must draw an artificial boundary. We mention the rest to give you food for thought, and to illustrate that boundaries are not static.
Our definition of holism, drawing where appropriate from the medical profession, is health-oriented, and focuses on maintaining and improving the existing health of the system. It does not focus on disease and illness. It is interesting to note that, while we have many terms that relate to compromised and infected systems, we do not seem to have many terms relating to 'well' computers. Holism operates under the assumption that the open system possesses an innate organising principle, with the interdependence of the parts having an effect on the total system health. Holism views symptoms of distress as signalling disharmonic conditions, from which we can learn how to adjust the system (feedback); it is open to a variety of approaches for attaining balance. The focus of holism is heavily slanted toward the correction of causal factors, not symptomatic relief. Thus, the role of the holistic practitioner is to facilitate the potential for healing [7].
Anti-Virus Strategy Systems
Where do our anti-virus strategy systems fit in this picture? We hope to explore some answers to that question by first examining the components of our model system. Keep in mind, however, that the goal of this paper is not to provide you with answers, but rather to stimulate new ways of thinking about the problems we face daily.
Components
Each of the components in Diagram 1 contributes to the overall health of the system. Conversely, each can contribute to the illness of the system. For instance, our computer can contribute to the health of the system by functioning properly. If the hard drive crashes, a disharmonic condition is introduced. Our managers contribute to the overall well-being of the system, as long as they perform correctly. However, if one of them intentionally or unintentionally infects a computer with a virus, he or she contributes to the illness of the system. Our software contributes to the wellness by keeping employees reassured, and by keeping viruses out. If it is disabled by an employee desirous of more speed upon boot, or if it does not do its job in virus detection, it contributes to the illness or chaos in the system. There are other factors not shown, as the anti-virus strategy system model does not stop at the boundary of the company. The model includes your Internet service provider, virus writers, makers of electronic mail front-ends, anti-virus product tech support people and more. For the purposes of this paper, we must draw an artificial boundary. We mention the rest to give you food for thought, and to illustrate that boundaries are not static.
Anti-Virus Strategy
Definitions
The definitions used here are pretty generic, and are adapted for use in an interdisciplinary approach to the problems addressed. Some among us would argue that the systems movement was born out of science's failures [4], but in this paper, we take the view that General System theory is a child of successful science, and as most children, it sees things through optimistic eyes. We have specifically avoided in-depth discussion of categorical schemes, generalizations, and other commonly used 'tools' of General Systems thought, and have focused instead on the simplest of the simple. The ideas in this paper are drawn heavily from very basic works in systems theory. They are not new ideas, but it is our hope that their application to the management of security and computer viruses will help us identify some of the problems we may be overlooking.
General Systems Theory
A system is a set, or group, of related elements existing in an environment and forming a whole. Systems can be made up of objects (computers), subjects (your employees) and concepts (language and communication); they can be made up of any one or more of these elements. There are 'real systems' (those which exist independent of an observer), and 'conceptual systems' (those which are symbolic constructs). Our system, 'The anti-virus strategy system', is not so different from many others, in that it is composed of all three elements: computers (objects), people (subjects) and concepts (policies and ideas). Each of these systems has its own subsystems. For example, your system of networked computers consists of individual computers. These computers are comprised of yet more subsystems; microprocessors, resistors, disk drives, etc. Our system consists of both real and conceptual subsystems. A system can also be said to be a way of looking at the world, or a point of view [5].
Concepts, laws, and models often appear in widely different fields [6] based upon totally different facts. This appears to be at least in part due to problems of organization, phenomena which cannot be resolved into local events, and dynamic interactions manifested in the difference of behaviour of parts when isolated or in higher configurations. The result is, of course, a system which is not understandable by investigating their respective parts in isolation. One reason these identical principles have been discovered in entirely different fields is because people are unaware of what those in other disciplines are doing. General Systems theory attempts to avoid this overlap in research efforts.
There are two main methodologies of General Systems research; the empirico-intuitive and the deductive theory. The first is empirical, drawing upon the things which regularly exist in a set of systems. It can be illustrated fairly easily, but lacks mathematical precision and can appear to the 'scientist' to be na‹ve. However, the main principles which have been offered by this method include differentiation, competition, closed and open systems, and wholeness - hardly na‹ve or worthless principles. The second method, basically, can be described as 'the machine with input', defined by a set 'S' of internal states, a set 'I' of input and a mapping 'f' of the product I x S into S (organisation is defined by specifying states and conditions). Self-organising systems (those progressing from lower to higher states of complexity, as in many social organisations) are not well suited to this approach, as their change comes from an outside agent. Our anti-virus strategy system is such a system and for this reason we will use the empirico-intuitive methodology.
Classical system theory uses classical mathematics to define principles which apply to systems in general or to subclasses. General System theory can be called the doctrine of principles applying to defined classes of systems. It is our hope that we can stimulate thought on how already-known principles can help us in managing our anti-virus protection by examining the system as a whole.
The definitions used here are pretty generic, and are adapted for use in an interdisciplinary approach to the problems addressed. Some among us would argue that the systems movement was born out of science's failures [4], but in this paper, we take the view that General System theory is a child of successful science, and as most children, it sees things through optimistic eyes. We have specifically avoided in-depth discussion of categorical schemes, generalizations, and other commonly used 'tools' of General Systems thought, and have focused instead on the simplest of the simple. The ideas in this paper are drawn heavily from very basic works in systems theory. They are not new ideas, but it is our hope that their application to the management of security and computer viruses will help us identify some of the problems we may be overlooking.
General Systems Theory
A system is a set, or group, of related elements existing in an environment and forming a whole. Systems can be made up of objects (computers), subjects (your employees) and concepts (language and communication); they can be made up of any one or more of these elements. There are 'real systems' (those which exist independent of an observer), and 'conceptual systems' (those which are symbolic constructs). Our system, 'The anti-virus strategy system', is not so different from many others, in that it is composed of all three elements: computers (objects), people (subjects) and concepts (policies and ideas). Each of these systems has its own subsystems. For example, your system of networked computers consists of individual computers. These computers are comprised of yet more subsystems; microprocessors, resistors, disk drives, etc. Our system consists of both real and conceptual subsystems. A system can also be said to be a way of looking at the world, or a point of view [5].
Concepts, laws, and models often appear in widely different fields [6] based upon totally different facts. This appears to be at least in part due to problems of organization, phenomena which cannot be resolved into local events, and dynamic interactions manifested in the difference of behaviour of parts when isolated or in higher configurations. The result is, of course, a system which is not understandable by investigating their respective parts in isolation. One reason these identical principles have been discovered in entirely different fields is because people are unaware of what those in other disciplines are doing. General Systems theory attempts to avoid this overlap in research efforts.
There are two main methodologies of General Systems research; the empirico-intuitive and the deductive theory. The first is empirical, drawing upon the things which regularly exist in a set of systems. It can be illustrated fairly easily, but lacks mathematical precision and can appear to the 'scientist' to be na‹ve. However, the main principles which have been offered by this method include differentiation, competition, closed and open systems, and wholeness - hardly na‹ve or worthless principles. The second method, basically, can be described as 'the machine with input', defined by a set 'S' of internal states, a set 'I' of input and a mapping 'f' of the product I x S into S (organisation is defined by specifying states and conditions). Self-organising systems (those progressing from lower to higher states of complexity, as in many social organisations) are not well suited to this approach, as their change comes from an outside agent. Our anti-virus strategy system is such a system and for this reason we will use the empirico-intuitive methodology.
Classical system theory uses classical mathematics to define principles which apply to systems in general or to subclasses. General System theory can be called the doctrine of principles applying to defined classes of systems. It is our hope that we can stimulate thought on how already-known principles can help us in managing our anti-virus protection by examining the system as a whole.
The Anti-Virus Strategy System
By Sarah Gordon
E-mail:sgordon@low-level.format.com
© 1995 Virus Bulletin. This document may not be reproduced in whole or in part, stored on any electronic information system, or otherwise be made available without prior express written consent of Virus Bulletin.
Abstract:
Anti-virus protection is, or should be, an integral part of any Information Systems operation, be it personal or professional. However, our observation shows that the design of the actual anti-virus system, as well as its implementation and maintenance, can range from haphazard and sketchy to almost totally nonfunctional.
While systems theory in sociological disciplines has come under much attack, it has much to offer in the management of integration of technological applications into daily operations. We will examine the 'anti-virus' strategy (Policy, Procedure, Software [selection, implementation, maintenance]), focusing on areas where the 'system' can fail. We will address this interaction from a business, rather than a personal computing, point of view.
The Anti-Virus Strategy System will examine anti-virus strategies from a Holistic General Systems Theory perspective. By this, we mean that we will concern ourselves with the individual parts of the system, their functionality, and their interaction. We will draw from various IT models specifically designed to provide a holistic, forward-thinking approach to the problem, and show that for our strategy to flourish, we must concern ourselves with the system as a whole, not merely with its individual components
Introduction
Computer virus. System failure. These words bring to mind a computer system brought to its knees - data corrupted and time wasted. Is this an accurate picture? We hear arguments against investing in virus protection: 'Viruses are mythical. Your chances of getting hit by one are pretty rare.' Others tell us anti-virus software is a necessity: 'Viruses can cost your company a lot of money. Better safe than sorry.' What are we to believe?
Let's assume that you don't have any anti-virus software. If you are 'hit' by a virus, the cost will be proportional to the value of your data and the value of your time. Independent studies [1] have shown that this cost can be quite high, depending on these factors as well as environmental factors such as how many computers you have (Note: If your data is of little or no value, and if your time is worthless, then you can well afford not to have an anti-virus strategy).
We will assume here that your data is worth something to your company, and that your time also has a significant value. In this case, you will want to protect your computer system from viruses. We will concede for the purists among us that not all viruses are intentionally harmful, but stipulate that intentional harm is not requisite for actual harm. For our purposes, allocating disk space and CPU time and/or modification of files without knowledge and consent (implied or otherwise) constitutes damage, as do deliberate or unintentional disruption of work, corruption of data and the lost time mentioned earlier. Basically, we are saying viruses are bad and we want to protect against them (there may be some wonderful new virus out there in development that can help us, but that is beyond the scope of this paper).
Fortunately, we are in luck. The very thing we need already exists: software, which will detect 100 percent of viruses listed by the Wildlist [2] as being known to be in the wild. In tests run against a library matched with the Wildlist, several programs were capable of detecting all such viruses. The necessity of detection of 'lab' viruses is another matter, and will not be covered at this time, although it is addressed in [3].
Since we have such software, we should have no problems. However, there are problems. Something is wrong. Before examining the sources of the problem, a few comments on definitions we will be using are in order
E-mail:sgordon@low-level.format.com
© 1995 Virus Bulletin. This document may not be reproduced in whole or in part, stored on any electronic information system, or otherwise be made available without prior express written consent of Virus Bulletin.
Abstract:
Anti-virus protection is, or should be, an integral part of any Information Systems operation, be it personal or professional. However, our observation shows that the design of the actual anti-virus system, as well as its implementation and maintenance, can range from haphazard and sketchy to almost totally nonfunctional.
While systems theory in sociological disciplines has come under much attack, it has much to offer in the management of integration of technological applications into daily operations. We will examine the 'anti-virus' strategy (Policy, Procedure, Software [selection, implementation, maintenance]), focusing on areas where the 'system' can fail. We will address this interaction from a business, rather than a personal computing, point of view.
The Anti-Virus Strategy System will examine anti-virus strategies from a Holistic General Systems Theory perspective. By this, we mean that we will concern ourselves with the individual parts of the system, their functionality, and their interaction. We will draw from various IT models specifically designed to provide a holistic, forward-thinking approach to the problem, and show that for our strategy to flourish, we must concern ourselves with the system as a whole, not merely with its individual components
Introduction
Computer virus. System failure. These words bring to mind a computer system brought to its knees - data corrupted and time wasted. Is this an accurate picture? We hear arguments against investing in virus protection: 'Viruses are mythical. Your chances of getting hit by one are pretty rare.' Others tell us anti-virus software is a necessity: 'Viruses can cost your company a lot of money. Better safe than sorry.' What are we to believe?
Let's assume that you don't have any anti-virus software. If you are 'hit' by a virus, the cost will be proportional to the value of your data and the value of your time. Independent studies [1] have shown that this cost can be quite high, depending on these factors as well as environmental factors such as how many computers you have (Note: If your data is of little or no value, and if your time is worthless, then you can well afford not to have an anti-virus strategy).
We will assume here that your data is worth something to your company, and that your time also has a significant value. In this case, you will want to protect your computer system from viruses. We will concede for the purists among us that not all viruses are intentionally harmful, but stipulate that intentional harm is not requisite for actual harm. For our purposes, allocating disk space and CPU time and/or modification of files without knowledge and consent (implied or otherwise) constitutes damage, as do deliberate or unintentional disruption of work, corruption of data and the lost time mentioned earlier. Basically, we are saying viruses are bad and we want to protect against them (there may be some wonderful new virus out there in development that can help us, but that is beyond the scope of this paper).
Fortunately, we are in luck. The very thing we need already exists: software, which will detect 100 percent of viruses listed by the Wildlist [2] as being known to be in the wild. In tests run against a library matched with the Wildlist, several programs were capable of detecting all such viruses. The necessity of detection of 'lab' viruses is another matter, and will not be covered at this time, although it is addressed in [3].
Since we have such software, we should have no problems. However, there are problems. Something is wrong. Before examining the sources of the problem, a few comments on definitions we will be using are in order
Latest Antivirus Reviews
Norton AntiVirus 2010 treads lightly on your CPU, while bolstering last year's reputation-based detection engine with a new behavioral detection system.
8.1 Editors' Rating
Norton Internet Security 2010 treads surprisingly lightly CPU power, while bolstering last year's reputation-based detection engine with a new behavioral-detection system.
8.4 Editors' Rating
Trend Micro Internet Security Pro 2010 has one of the most comprehensive security suites we've seen, with everything covered from basic threat detection to a behavior-based prevention system and security for Symbian and Windows Mobile devices.
6.9 Editors' Rating
Global antivirus software conspiracy
IT Security TechGuides
Why there is no global antivirus software conspiracy
By Jonathan Yarden, TechRepublic
Tuesday, November 15, 2005 11:19 AM
Many believe that there's an ongoing conspiracy between virus writers and antivirus software makers, but Jonathan Yarden says the theory has no basis. Find out why such a conspiracy just isn't possible.
Since the first computer viruses appeared in the DOS era, there's been an ongoing digital arms race between the authors of malicious code and the companies that write antivirus software. Many people believe there's a global conspiracy going on between these two factions to benefit both groups. And for some, increasing virus and worm outbreaks only strengthen this belief.
It's certainly true that antivirus software wouldn't exist if there were no worms and viruses, but that doesn't mean antivirus companies hire people to write worms and viruses. In my opinion, there are many intelligent people in the world who enjoy nothing better than creating malicious code and preying on the incompetence of people using computer systems.
The majority of computer users expect computers to work properly without any maintenance at all. These are the same people who mindlessly click executable e-mail attachments, causing worms and viruses to spread unchecked.
From what I've seen in more than 20 years of working as an IT pro, the conspiracy argument doesn't hold a lot of water--because it doesn't take into account the incompetence of the average computer user. I think it's safe to say that at least 90 percent of the people using computers are ignorant to the details of how they work.
For a conspiracy to occur, there would need to be collusion and incentive. Money is usually good enough for most people, and companies that produce antivirus software obviously make money. But no one has managed to locate a trail of money from antivirus companies to the people who are writing worms and viruses.
Let's look at how we find out about vulnerabilities in the first place. Security researchers, both independent and affiliated with Internet security firms, are usually the ones who find the vulnerability in a specific piece of software.
While there is no formal, worldwide-sanctioned procedure, it's customary for security researchers to notify the author or publisher when they find an exploitable software defect. Whether researchers receive compensation for their work does not justify a conspiracy.
After notification, the author of the vulnerable software then has time to evaluate and respond to the vulnerability with patches and a formal advisory. After determining corrective measures and making them available, the author then announces the vulnerability to the public. But it's then up to individual users to patch their systems.
Once the author publishes the information about a vulnerability, it's only a matter of time before someone takes that information and writes an exploit. After the author discloses the vulnerability, anyone with a moderate programming ability can use the information to produce a worm or virus.
The fact that laws exist against releasing malicious code doesn't stop the majority of virus and worm authors from writing them. And their incentive to write an exploit has much more to do with bravado and bragging rights than money.
If an antivirus conspiracy existed on a global level, I'm certain that the various law enforcement agencies around the world would have already found a money trail leading from antivirus companies to worm and virus authors.
Worm and virus authors simply use publicly available details on vulnerabilities and exploits and write their code from that information. Antivirus software companies only benefit from this indirectly.
Would you rather have the information about vulnerabilities kept secret? Now that would be a conspiracy--one that makes sure that people know even less than they already do about their computers
Virus Definitions & Security Updates
Virus Definitions
View threats newly detected or recently modified.
Detections Added – Certified Defs*
Detections Added – Rapid Release Defs*
Definitions Feed
Get the latest virus definitions status
Multiple Daily Updates Learn More
Symantec Endpoint Protection 11
Norton AntiVirus 2008 and newer
Virus Definitions created 10/20/2009
Virus Definitions released 10/20/2009
Defs Version: 111020ay
Sequence Number: 101585
Extended Version: 10/20/2009 rev. 51
Total Detections (Threats & Risks): 4953017
View threats newly detected or recently modified.
Detections Added – Certified Defs*
Detections Added – Rapid Release Defs*
Definitions Feed
Get the latest virus definitions status
Multiple Daily Updates Learn More
Symantec Endpoint Protection 11
Norton AntiVirus 2008 and newer
Virus Definitions created 10/20/2009
Virus Definitions released 10/20/2009
Defs Version: 111020ay
Sequence Number: 101585
Extended Version: 10/20/2009 rev. 51
Total Detections (Threats & Risks): 4953017
Wednesday, October 21, 2009
Kaspersky Anti-Virus Update October 21, 2009
Kaspersky Anti-Virus Update description
Sets of threat signatures and databases of network attacks
This is a special update application to install the latest virus databases and various fixes to AntiViral Toolkit Pro for Windows 95/98/NT version 3.0.129 and above.
Use this if you already have AntiViral Toolkit Pro installed.
The antivirus databases currently contain 2338308 records.
If your Kaspersky installed application does not contain the protection module against network attacks, feel free to use mirrors 2, 4 and 6 to download 'light' versions of the update signatures.
It is essential to update antivirus databases on a regular basis. If you do not do this, your antivirus program will not detect new malicious programs. This is why we release updates every hour, to ensure that users are protected against the latest malware.
Antivirus solutions from Kaspersky Lab not only detect malicious software, but other programs which are potentially harmful, such as:
- Adware
- Remote administration programs
- Utilities which can be used by malicious programs or users
Zip-archives should be unpacked into a separate directory, which should then be indicated in the automatic update module as a local folder.
Daily - contains all updates and modifications released during the current week. The current week starts from the previous Friday, when the last weekly update was released. It is placed on the update server every hour. You should download daily.zip if you update your antivirus databases at least once a week.
Previous week's updates - contains all updates and modifications released during the previous week (a full version of the week's daily.zip). It is placed on the server once a week, on Friday. When this file is placed on the server, it will cause the size of daily.zip to be equal to zero. You should download this file if you update your antivirus databases less than once a week, but more often than once every two weeks.
Complete update - contains all the updates and modifications released at the time of the previous week's update. This is placed on the sever at the same time as the new weekly.zip. You should download this file if you have not updated your antivirus databases in the last two weeks.
NOTE: After the archives have been downloaded, unpack them to a separate folder on a disc. If you have downloaded several archives, unpack them in the following order: first unpack av-i386-cumul.zip, then - av-i386-weekly.zip and the last - av-i386-daily.zip. Unpacking, click Yes when you are suggested to replace files with the same name.
After the archives have been unpacked, launch automatic update of the anti-virus database. As an update source define folder with the unpacked archives in the anti-virus database update task.
Monday, October 19, 2009
User's Reviews
"Excellent program"
by ceo51378 on September 5, 2008
So far, I think this is the most polished and complete of the free AV's out there. Antivirus, Antispyware, POP/SMTP protection, Anti Rootkits, automatic updates. Easy interface to navigate. It also got the VB100 award...seems to have everything.
"Good,Comparable with Avast,may be even better.."
by scorpionstings on September 10, 2008
good detection rates, faster scan speed, has a scan on reboot option,will ask for the option every time we start the comp,
System Requirments:
OS:Win98/Me/NT/2000/XP/2003/Vista;
Language:English,Russian,Turkish,
German and Traditional Chinese.
Patent :
Unknown Virus Scan&Clean(Patent No.:ZL 01 1 17726.8);
Fully automatic SmartUpdate(Patent No.:ZL 01 1 42155.X).
by ceo51378 on September 5, 2008
So far, I think this is the most polished and complete of the free AV's out there. Antivirus, Antispyware, POP/SMTP protection, Anti Rootkits, automatic updates. Easy interface to navigate. It also got the VB100 award...seems to have everything.
"Good,Comparable with Avast,may be even better.."
by scorpionstings on September 10, 2008
good detection rates, faster scan speed, has a scan on reboot option,will ask for the option every time we start the comp,
System Requirments:
OS:Win98/Me/NT/2000/XP/2003/Vista;
Language:English,Russian,Turkish,
German and Traditional Chinese.
Patent :
Unknown Virus Scan&Clean(Patent No.:ZL 01 1 17726.8);
Fully automatic SmartUpdate(Patent No.:ZL 01 1 42155.X).
Functions and Advantages
Zero day protection with Rising Cloud Security:
Rising Cloud Security users communicate with the Rising virus lab to form a rapid response network which quickly catches Trojans and other malware.
Antivirus & Antispyware Protection:
Protection from Trojans, worms, rootkits and other malware. With unparalleled expertise in combating malware, Rising offers you actual protection against today’s cyber threats without putting a strain on your computer’s resources.
File Monitor:
Automatically detects viruses in active files and prevents them from infecting your computer.
Email Monitor:
Scans inbound (POP3) and outbound (SMTP) emails for malware.
Application Control:
Monitor the operational status of applications and block suspicious activities.
Malicious Behavior Interceptor:
Monitors programs in the system for possible malicious behavior.
USB/CD/DVD Monitor:
Blocks malware on USB storage media, CDs/DVDs and network drives.
Embedded Scan:
Provides integrated protection for instant messengers, download managers and other popular tools.
Web Trojan Defense:
Automatically blocks malicious web scripts and viruses while you are browsing the web.
Self-Protection:
Prevents malware from making changes to the Rising Antivirus software.
Rising Cloud Security users communicate with the Rising virus lab to form a rapid response network which quickly catches Trojans and other malware.
Antivirus & Antispyware Protection:
Protection from Trojans, worms, rootkits and other malware. With unparalleled expertise in combating malware, Rising offers you actual protection against today’s cyber threats without putting a strain on your computer’s resources.
File Monitor:
Automatically detects viruses in active files and prevents them from infecting your computer.
Email Monitor:
Scans inbound (POP3) and outbound (SMTP) emails for malware.
Application Control:
Monitor the operational status of applications and block suspicious activities.
Malicious Behavior Interceptor:
Monitors programs in the system for possible malicious behavior.
USB/CD/DVD Monitor:
Blocks malware on USB storage media, CDs/DVDs and network drives.
Embedded Scan:
Provides integrated protection for instant messengers, download managers and other popular tools.
Web Trojan Defense:
Automatically blocks malicious web scripts and viruses while you are browsing the web.
Self-Protection:
Prevents malware from making changes to the Rising Antivirus software.
Rising Antivirus Free Edition
Rising Antivirus Free Edition 2009 protects your computers against all types of viruses, Trojans, worms, rootkits and other malicious programs. Ease of use and Smartupdate technology make it an "install and forget" product and entitles you to focus on your own jobs with your computer. RISING Antivirus powerful engine has been certified by Virus Bulletin,Checkmark, TUV.
Download Rising Antivirus Free Edition
Download Here
NOTICE - For Upgrade!
Rising Antivirus Free Edition Upgrade
Dear RISING Users:
, the famous security vendor, has released Rising Antivirus Free Edition 2009.
Because of technical issue, some users who get upgrade through old Rising Antivirus Free Edition will get Rising Antivirus 2009 trial version product, or failed to get upgrade.We are very sorry about this issue.
In order to continue using Rising Antivirus Free Edition, please uninstall Rising Antivirus Free Edition 2008 or Rising Antivirus 2009 trial version product, then download and install Rising Antivirus Free Edition 2009.
The latest Rising Antivirus Free Edition has the same service and function as Rising Antivirus 2009 paid version, but there are some differences which need users to know:
1. Information centre service:
Rising Antivirus Free Edition has Information centre window in its main interface, and this window drive users get latest news of RISING. But Rising Antivirus 2009 paid version not;
2. Update Service:
RISING paid version product gets update through high speed update server each day, but Rising Antivirus Free Edition product does not;
3. Technical support:
RISING provides fast response technical support to each paid version product user; but the support to RISING free version product user may be limited;
4. Users buy Rising Antivirus paid version can get a Rising Firewall with same service life in FREE; but Rising Antivirus Free version users could not.
Users who get problem in upgrade, please contact Rising Support Centre Spport Centre
Click Here to know more about RISING security product.
RISING Team
Sunday, October 18, 2009
Norton AntiVirus 2010 17.0.0.136
Norton AntiVirus 2010 description
Industry-leading protection against detected viruses, spyware and more
Norton AntiVirus defends your PC against detected viruses, spyware, bots, worms, and more while minimising the performance impact or getting in your way. The improved Norton Protection System features multi-layered protection technologies that work together to proactively block attacks and detect and remove threats before they can harm your PC.
Pulse Updates every 5 to 15 minutes and real-time online security checks help ensure continuous, up-to-the-minute protection against the latest threats. New SONAR 2 (Symantec Online Network for Advanced Response) technology monitors your PC for suspicious behavior to help detect and eliminate the latest breaking threats.
Intrusion Protection defends your PC from web-based attacks so you can surf with confidence. And new Vulnerability Protection blocks security holes in your PC’s operating system, applications, browsers, and browser plug-ins to prevent hackers from exploiting them.
The new Norton Performance System ensures strong protection that won’t swallow up system resources and will minimise performance impact. Norton AntiVirus offers the fastest install time, the fastest boot time and the lowest memory requirements of any antivirus and antispyware solution. Norton Insight technology identifies and targets only files at risk, for less frequent, shorter scans and the fastest scan speeds in the industry.
In addition to usual anti-virus protection, Norton AntiVirus provides easy-to-understand threat and performance information to help you prevent future infections and keep your PC running fast. Plus, only Norton AntiVirus is backed by Symantec Security Response, which provides comprehensive, global, Internet security expertise to guard against today's complex threats.
The Norton AntiVirus application scans faster and uses less memory than any other antivirus product on the market
Key Benefits:
Stops viruses, worms, spyware, bots, and more—Keeps your system protected against all types of malicious threats.
Norton Insight—Delivers innovative intelligence-driven technology for faster, fewer, shorter scans.
Rapid pulse updates every 5 to 15 minutes—provides up-to-the-minute protection.
Prevents virus-infected emails and instant messages from spreading—Feel secure while you keep in touch.
Blocks browser exploits and protects against infected Web sites
NOTE:
In order to test the new Norton Antivirus you need to register an account here.
· The BETA product comes with a 14 day-trial period.
Here are some key features of "Norton AntiVirus 2010":
Engineered for Speed:
Scans only files and processes at risk using Norton Insight.
· NEW! Installs in under one minute on average, requires less than 8 MB of memory
Up-to-the-minute Protection:
Delivers up-to-the-minute protection with rapid pulse updates every 5 to 15 minutes.
· IMPROVED! Provides multilayered security through the Norton Protection System.
· Prevents bots from taking control of your PC.
· Detects and automatically removes malicious threats.
· IMPROVED! Defends against Web-based attacks.
· Automatically detects and removes spyware, viruses, Trojans, bots and Internet worms.
· Recovery tool boots and repairs badly infected PCs. Delivers our most complete, deep cleaning scan possible.
· Norton Ongoing Protection provides continuous protection updates and new product features as they become available throughout your product subscription period, helping to keep your computer protected against the latest Internet threats and risks.
· Norton Automatic Renewal Service helps to ensure that you’re protected by automatically renewing your product subscription before it expires.
Control without disruptions:
Automatically schedules scans and updates to occur while PC is idle.
· Review the security status of every process on your PC.
· Silent mode helps ensures movies and games are never interrupted.
· Maps your wireless home network.
Requirements:
300 MHz or faster processor
· 256 MB of RAM (512 MB RAM required for the Recovery Tool)
· 150 MB of available hard disk space.
· Email scanning supported for POP3- and SMTP-compatible email clients.Required for all installations:
· CD-ROM or DVD drive (if not installing via electronic download)
· Support for AntiSpam feature
Limitations:
60 days trial
What's New in This Release:
· New and Improved Features
· Performance Enhancements
· The 2010 products improve on the very high performance bar already set by the 2009 products. The Beta builds will be regularly updated, with later builds improving on performance and functionality.
· Enhanced Norton Insight
· Norton Insight is built on the Symantec Quorum backend intelligence technology first introduced in the 2009 products. In 2009 Norton Insight only quantified trustworthiness, in 2010 Norton Insight also provides information on prevalence, age, and runtime performance data.
· Download Insight
· Download Insight is a new line of defense against the introduction of untrusted applications on your system. Download Insight monitors new application or installer downloads, automatically analyzes and classifies the application using the Quorum technology, and provides you with a trust rating for the application before allowing the application or installer to execute.
· Performance Monitoring
· The system performance
Industry-leading protection against detected viruses, spyware and more
Norton AntiVirus defends your PC against detected viruses, spyware, bots, worms, and more while minimising the performance impact or getting in your way. The improved Norton Protection System features multi-layered protection technologies that work together to proactively block attacks and detect and remove threats before they can harm your PC.
Pulse Updates every 5 to 15 minutes and real-time online security checks help ensure continuous, up-to-the-minute protection against the latest threats. New SONAR 2 (Symantec Online Network for Advanced Response) technology monitors your PC for suspicious behavior to help detect and eliminate the latest breaking threats.
Intrusion Protection defends your PC from web-based attacks so you can surf with confidence. And new Vulnerability Protection blocks security holes in your PC’s operating system, applications, browsers, and browser plug-ins to prevent hackers from exploiting them.
The new Norton Performance System ensures strong protection that won’t swallow up system resources and will minimise performance impact. Norton AntiVirus offers the fastest install time, the fastest boot time and the lowest memory requirements of any antivirus and antispyware solution. Norton Insight technology identifies and targets only files at risk, for less frequent, shorter scans and the fastest scan speeds in the industry.
In addition to usual anti-virus protection, Norton AntiVirus provides easy-to-understand threat and performance information to help you prevent future infections and keep your PC running fast. Plus, only Norton AntiVirus is backed by Symantec Security Response, which provides comprehensive, global, Internet security expertise to guard against today's complex threats.
The Norton AntiVirus application scans faster and uses less memory than any other antivirus product on the market
Key Benefits:
Stops viruses, worms, spyware, bots, and more—Keeps your system protected against all types of malicious threats.
Norton Insight—Delivers innovative intelligence-driven technology for faster, fewer, shorter scans.
Rapid pulse updates every 5 to 15 minutes—provides up-to-the-minute protection.
Prevents virus-infected emails and instant messages from spreading—Feel secure while you keep in touch.
Blocks browser exploits and protects against infected Web sites
NOTE:
In order to test the new Norton Antivirus you need to register an account here.
· The BETA product comes with a 14 day-trial period.
Here are some key features of "Norton AntiVirus 2010":
Engineered for Speed:
Scans only files and processes at risk using Norton Insight.
· NEW! Installs in under one minute on average, requires less than 8 MB of memory
Up-to-the-minute Protection:
Delivers up-to-the-minute protection with rapid pulse updates every 5 to 15 minutes.
· IMPROVED! Provides multilayered security through the Norton Protection System.
· Prevents bots from taking control of your PC.
· Detects and automatically removes malicious threats.
· IMPROVED! Defends against Web-based attacks.
· Automatically detects and removes spyware, viruses, Trojans, bots and Internet worms.
· Recovery tool boots and repairs badly infected PCs. Delivers our most complete, deep cleaning scan possible.
· Norton Ongoing Protection provides continuous protection updates and new product features as they become available throughout your product subscription period, helping to keep your computer protected against the latest Internet threats and risks.
· Norton Automatic Renewal Service helps to ensure that you’re protected by automatically renewing your product subscription before it expires.
Control without disruptions:
Automatically schedules scans and updates to occur while PC is idle.
· Review the security status of every process on your PC.
· Silent mode helps ensures movies and games are never interrupted.
· Maps your wireless home network.
Requirements:
300 MHz or faster processor
· 256 MB of RAM (512 MB RAM required for the Recovery Tool)
· 150 MB of available hard disk space.
· Email scanning supported for POP3- and SMTP-compatible email clients.Required for all installations:
· CD-ROM or DVD drive (if not installing via electronic download)
· Support for AntiSpam feature
Limitations:
60 days trial
What's New in This Release:
· New and Improved Features
· Performance Enhancements
· The 2010 products improve on the very high performance bar already set by the 2009 products. The Beta builds will be regularly updated, with later builds improving on performance and functionality.
· Enhanced Norton Insight
· Norton Insight is built on the Symantec Quorum backend intelligence technology first introduced in the 2009 products. In 2009 Norton Insight only quantified trustworthiness, in 2010 Norton Insight also provides information on prevalence, age, and runtime performance data.
· Download Insight
· Download Insight is a new line of defense against the introduction of untrusted applications on your system. Download Insight monitors new application or installer downloads, automatically analyzes and classifies the application using the Quorum technology, and provides you with a trust rating for the application before allowing the application or installer to execute.
· Performance Monitoring
· The system performance
Saturday, October 17, 2009
Antivirus Software
Mcafee virus scan plus 2009
Research & Compare Laptops Reviews, Deals, Coupons & Pricing!
McAfee VirusScan Plus 2009 offers ultimate security for computers and helps keep users safe from viruses, adware and hackers during web surfing. It provides antivirus, antispyware and multidirectional firewall protection. Additionally, it incorporates the latest antiphishing technology for protection from online scam schemes.
Panda Antivirus Platinum
Antivirus protection for stand-alone computers
The antivirus for the Internet Generation
Panda Antivirus Platinum offers unrivalled protection for the Internet and e-mail, the main virus entry points in your system. This solution detects and disinfects viruses in the most frequently-used browsers (Explorer, Netscape, Mosaic...) and e-mail systems (Outlook, Outlook Express, Eudora, Netscape Mail, Pegasus...). In addition, Panda Antivirus Platinum can block outbound service ports (telnet, http, ftp...etc). It even protects connections to IP addresses, scanning at the Winsock level - without needing to write messages to disk as is the case with many other antiviruses- , with the enormous gains in speed and reliability that this entails.
$29.95
Research & Compare Laptops Reviews, Deals, Coupons & Pricing!
McAfee VirusScan Plus 2009 offers ultimate security for computers and helps keep users safe from viruses, adware and hackers during web surfing. It provides antivirus, antispyware and multidirectional firewall protection. Additionally, it incorporates the latest antiphishing technology for protection from online scam schemes.
Panda Antivirus Platinum
Antivirus protection for stand-alone computers
The antivirus for the Internet Generation
Panda Antivirus Platinum offers unrivalled protection for the Internet and e-mail, the main virus entry points in your system. This solution detects and disinfects viruses in the most frequently-used browsers (Explorer, Netscape, Mosaic...) and e-mail systems (Outlook, Outlook Express, Eudora, Netscape Mail, Pegasus...). In addition, Panda Antivirus Platinum can block outbound service ports (telnet, http, ftp...etc). It even protects connections to IP addresses, scanning at the Winsock level - without needing to write messages to disk as is the case with many other antiviruses- , with the enormous gains in speed and reliability that this entails.
$29.95
#5 ZoneAlarm Anti-virus 2010
Review date: 09.10.2009 Description:
New engine delivers the best virus protection with significantly enhanced detection and removal capabilities. A configuration wizard leads you through setup, making it easy for everyday users to secure their systems fast.
Main Features:
Compatible with Windows 7
Advanced antivirus, spyware removal protection
On demand scanner interface
Simple to install and run
Advanced virus removal technology
Software Summary:
The ZoneAlarm online forums are active, with users worldwide eager and willing to answer your question.
Review:
Enhanced detection and removal capabilities stop even the latest and most aggressive viruses before they infect your PC.
Wireless PC Protection: it sets appropriate security
Pre-loaded security settings provide easy, instant virus protection.
Minimum PC resources and bandwidth consumption.
Proactive firewall protection with multiple layers of security.
Not certified by any of the three major independent testing labs (Virus Bulletic, Checkmark, or ICSA).
Unlike other antivirus products, Auto-Learn from Check Point is a system that automatically configures security settings based on a user's unique computer environment and behavior, making the initial set-up virtually si
New engine delivers the best virus protection with significantly enhanced detection and removal capabilities. A configuration wizard leads you through setup, making it easy for everyday users to secure their systems fast.
Main Features:
Compatible with Windows 7
Advanced antivirus, spyware removal protection
On demand scanner interface
Simple to install and run
Advanced virus removal technology
Software Summary:
The ZoneAlarm online forums are active, with users worldwide eager and willing to answer your question.
Review:
Enhanced detection and removal capabilities stop even the latest and most aggressive viruses before they infect your PC.
Wireless PC Protection: it sets appropriate security
Pre-loaded security settings provide easy, instant virus protection.
Minimum PC resources and bandwidth consumption.
Proactive firewall protection with multiple layers of security.
Not certified by any of the three major independent testing labs (Virus Bulletic, Checkmark, or ICSA).
Unlike other antivirus products, Auto-Learn from Check Point is a system that automatically configures security settings based on a user's unique computer environment and behavior, making the initial set-up virtually si
Main Features:
Automatically eliminates viruses
Anti-Malware Engine
On-demand scanning
Smart auto-configuration
Automatic Virus Pattern Updates
Anti-Rootkit Technology detects and removes silently-installed rootkits used by
malware or intruders to evade traditional antivirus products.
Intrusion prevention blocks known and unknown hacker attacks and vulnerability.
Identity protection: Anti-Phishing Filter, Anti-Banking Trojans Engine.
Incorporates an advanced heuristic scan that detects more identity theft.
Identity protection: Anti-Phishing Filter, Anti-Banking Trojans Engine.
Personal Firewall protects you against Internet-borne worms and hacker attacks.
Removes all traces of clutter left by spyware on your PC.
Panda 2010 products offer a better customer experience than before, thanks to the new registration process and the new user interface.
The Web filter lets you browse safely without the risk of infections, vulnerabilities exploits or phishing websites. The scanning features have been sped up and the new interface is a clean and modern take on a time-tested product.
Anti-Malware Engine
On-demand scanning
Smart auto-configuration
Automatic Virus Pattern Updates
Anti-Rootkit Technology detects and removes silently-installed rootkits used by
malware or intruders to evade traditional antivirus products.
Intrusion prevention blocks known and unknown hacker attacks and vulnerability.
Identity protection: Anti-Phishing Filter, Anti-Banking Trojans Engine.
Incorporates an advanced heuristic scan that detects more identity theft.
Identity protection: Anti-Phishing Filter, Anti-Banking Trojans Engine.
Personal Firewall protects you against Internet-borne worms and hacker attacks.
Removes all traces of clutter left by spyware on your PC.
Panda 2010 products offer a better customer experience than before, thanks to the new registration process and the new user interface.
The Web filter lets you browse safely without the risk of infections, vulnerabilities exploits or phishing websites. The scanning features have been sped up and the new interface is a clean and modern take on a time-tested product.
#4 Panda Antivirus Pro 2010
Review date: 09.02.2009 Description:
Panda Antivirus features a new ultraFast scan engine, 30% faster than its predecessors, Panda's exclusive SmartClean technology. In a nutshell, a good antivirus solution for Windows, that keeps your computer protected from any Internet threats.
Panda Antivirus features a new ultraFast scan engine, 30% faster than its predecessors, Panda's exclusive SmartClean technology. In a nutshell, a good antivirus solution for Windows, that keeps your computer protected from any Internet threats.
Review:
Best of all, the anti-virus engine protects against computer viruses, worms, Trojan horse
programs, and related security threats.
Free phone, email and chat support, with your annual subscription.
Block websites with inappropriate content based on specific categories.
Protect your privacy by getting rid of records listing Web sites and files recently opened.
Stops viruses, worms, spyware and bots.
Automatically download the latest signature updates. Quarantined file recovery.
Real-time protection. You can run scheduled and manual scans.
Keeps your system protected against all types of malicious threats.
Remote File Lock safeguards your private files in case your laptop is lost or stolen.
Powerful anti-spyware technology guards your personal information and privacy against spyware, rootkits and other malicious software. Trend Micro Antivirus 2010 covers the basics, providing antivirus, antispyware, antiphishing, antispam, two-way firewall, and, unlike other Internet Security suites, includes parental controls.
programs, and related security threats.
Free phone, email and chat support, with your annual subscription.
Block websites with inappropriate content based on specific categories.
Protect your privacy by getting rid of records listing Web sites and files recently opened.
Stops viruses, worms, spyware and bots.
Automatically download the latest signature updates. Quarantined file recovery.
Real-time protection. You can run scheduled and manual scans.
Keeps your system protected against all types of malicious threats.
Remote File Lock safeguards your private files in case your laptop is lost or stolen.
Powerful anti-spyware technology guards your personal information and privacy against spyware, rootkits and other malicious software. Trend Micro Antivirus 2010 covers the basics, providing antivirus, antispyware, antiphishing, antispam, two-way firewall, and, unlike other Internet Security suites, includes parental controls.
Advanced Features:
Effective Antivirus Protection
Customizable security for your home PCs
Prevents virus-infected emails
Home Protection for up to 3 PCs
Spyware and Adware Protection
Automatic Virus Pattern Updates
Enhanced Software History Cleaner
Effective Antivirus Protection
Excellent value
Customizable security for your home PCs
Prevents virus-infected emails
Home Protection for up to 3 PCs
Spyware and Adware Protection
Automatic Virus Pattern Updates
Enhanced Software History Cleaner
Effective Antivirus Protection
Excellent value
#2 Trend Micro Antivirus Internet Security 2010
Review date: 28.08.2009 Description:
Trend Micro AntiVirus plus AntiSpyware 2010 provides comprehensive and easy to use protection from viruses, intruders, and other Internet-based threats. Inexpensive product received excellent scores in our performance tests.
Trend Micro AntiVirus plus AntiSpyware 2010 provides comprehensive and easy to use protection from viruses, intruders, and other Internet-based threats. Inexpensive product received excellent scores in our performance tests.
#3 Norton Antivirus 2010
Description:
Norton AntiVirus 2010 provides fast, responsive defense against all types of malicious software. The new Norton Protection System employs a multilayered set of security technologies that work in concert to detect, identify, and block attacks.
Price:
$39.99
Buy from the Publisher
Main Features:
Advanced antivirus with anti-spyware
Best proactive protection
Rapid pulse updates every 5 to 15 minutes
Rootkit detection, two way firewall
Defends against Web-based attacks
Automatic Virus Pattern Updates
Review:
The most trusted Symantec Norton Antivirus have updates their latest product Norton Antivirus 2010, have released and gives a faster and better performance of your pc against Viruses and spywares.
Secures, stores and manages login and personal information
Automatically saves important files locally or to secured online storage
Maps your wireless home network
Free chat and phone support.
Monitor your home network and more safely connect to Wi-fi networks.
AutoFix technology will diagnose and fix common problems for you.
Automatically schedules scans and updates to occur while PC is idle.
Blocks browser exploits and protects against infected Web sites.
Prevents unauthorized users from changing your critical applications.
Monitors all processes and registry changes.
New Norton Internet Worm Protection blocks certain more sophisticated worms (such as Blaster and Sasser) before they enter your computer. A good product for keeping your computer safe from viruses. All regular telephone technical support calls are free.
Norton AntiVirus 2010 provides fast, responsive defense against all types of malicious software. The new Norton Protection System employs a multilayered set of security technologies that work in concert to detect, identify, and block attacks.
Price:
$39.99
Buy from the Publisher
Main Features:
Advanced antivirus with anti-spyware
Best proactive protection
Rapid pulse updates every 5 to 15 minutes
Rootkit detection, two way firewall
Defends against Web-based attacks
Automatic Virus Pattern Updates
Review:
The most trusted Symantec Norton Antivirus have updates their latest product Norton Antivirus 2010, have released and gives a faster and better performance of your pc against Viruses and spywares.
Secures, stores and manages login and personal information
Automatically saves important files locally or to secured online storage
Maps your wireless home network
Free chat and phone support.
Monitor your home network and more safely connect to Wi-fi networks.
AutoFix technology will diagnose and fix common problems for you.
Automatically schedules scans and updates to occur while PC is idle.
Blocks browser exploits and protects against infected Web sites.
Prevents unauthorized users from changing your critical applications.
Monitors all processes and registry changes.
New Norton Internet Worm Protection blocks certain more sophisticated worms (such as Blaster and Sasser) before they enter your computer. A good product for keeping your computer safe from viruses. All regular telephone technical support calls are free.
#1 Shield Deluxe - Antivirus Protection
Description:
The best part of using Security Shield 2009 is the fact that is powered by BitDefender. This antivirus company protects tens of millions of home and corporate users across the globe. The Shield Deluxe 2009 will protect your PC and personal data from theft, making it worth considering.
Price:
$19.99
Buy from the Publisher
Advanced Features:
Total virus and spyware protection
Free technical support
Intelligent scanning
Real time threat detection
Hourly updates, Vista compatible
Decides best security actions to take
Stealth web browsing
Excellent extended parental controls
Uses minimal system resources
Review:
Buy from the Publisher
You can set your computer to update viruses weekly and run a complete virus scan. The system can be restored after malicious activity. It controls the status of the system registry and notifies users of any suspicious objects.
Monitors the activity of programs and processes that have been launched in the computer’s memory.
Controls over changes in the file system. Proactive protection.
Removes spyware parasites to protect your privacy and prevent system crashes and slow-downs.
Protection from rootkits and worms.
Blocks access to inappropriate websites and e-mail.
Reduces the system load and postpones updates, allowing for secure gaming at top speed.
Scans all Web, e-mail and instant messaging traffic in real-time.
Advanced system maintenance tools.
Best of all, no additional or hidden charges for the technical support services assistance while most of antivirus companies charge an additional amount to correct virus or spyware damage either per minute or per incident.
The best part of using Security Shield 2009 is the fact that is powered by BitDefender. This antivirus company protects tens of millions of home and corporate users across the globe. The Shield Deluxe 2009 will protect your PC and personal data from theft, making it worth considering.
Price:
$19.99
Buy from the Publisher
Advanced Features:
Total virus and spyware protection
Free technical support
Intelligent scanning
Real time threat detection
Hourly updates, Vista compatible
Decides best security actions to take
Stealth web browsing
Excellent extended parental controls
Uses minimal system resources
Review:
Buy from the Publisher
You can set your computer to update viruses weekly and run a complete virus scan. The system can be restored after malicious activity. It controls the status of the system registry and notifies users of any suspicious objects.
Monitors the activity of programs and processes that have been launched in the computer’s memory.
Controls over changes in the file system. Proactive protection.
Removes spyware parasites to protect your privacy and prevent system crashes and slow-downs.
Protection from rootkits and worms.
Blocks access to inappropriate websites and e-mail.
Reduces the system load and postpones updates, allowing for secure gaming at top speed.
Scans all Web, e-mail and instant messaging traffic in real-time.
Advanced system maintenance tools.
Best of all, no additional or hidden charges for the technical support services assistance while most of antivirus companies charge an additional amount to correct virus or spyware damage either per minute or per incident.
Related to Site Reviews
Top Firewall Software - Learn about the latest technologies. Besides, we rank the best personal firewall
Mobile Security Software - Mobile phones are the next target for hackers and virus writers.
Monitoring Software Product - Stay informed with the latest in Internet monitoring software and parental
Free Spyware Remover - Looking for anti-spyware that really works? Here's you'll find reviews of the best
Data Backup Software - What is the best data backup option and which one can you count on?
Netbus Trojan Review - The biggest threat regarding malware is that most of them may be used to attack
Mobile Security Software - Mobile phones are the next target for hackers and virus writers.
Monitoring Software Product - Stay informed with the latest in Internet monitoring software and parental
Free Spyware Remover - Looking for anti-spyware that really works? Here's you'll find reviews of the best
Data Backup Software - What is the best data backup option and which one can you count on?
Netbus Trojan Review - The biggest threat regarding malware is that most of them may be used to attack
Why Should I Use Antivirus Software?
A computer virus is a program that is loads itself onto you computer without your knowledge. Without antivirus software, viruses will infect your computer.
How to stay virus free?
Remember to update your antivirus software regularly. Another option is to use software provided by your Internet service provider. You can also use free scans generally offered by most antivirus software suppliers.
Read reviews and compare our top 10 antivirus software of 2009. Here, you'll find detailed descriptions on programs and free virus removal tools so you can decide which software will best fit your needs
How to stay virus free?
Remember to update your antivirus software regularly. Another option is to use software provided by your Internet service provider. You can also use free scans generally offered by most antivirus software suppliers.
Read reviews and compare our top 10 antivirus software of 2009. Here, you'll find detailed descriptions on programs and free virus removal tools so you can decide which software will best fit your needs
Subscribe to:
Comments (Atom)
Posts
