Bloggers From Pemalang City, Indonesia
Join 4Shared Now! Get 4Shared Premium!

Senin, 31 Mei 2010

About Malware



Norman Malware Cleaner 2010.05.29

I use the word "malware" to refer to any code, script or software that has effects unintended by or prejudicial to the user; usually where these effects are hidden.

That is indeed broad enough to include certain commercial software (stealth registration, undisclosed adware, spyware, stealth installation of bundled apps) and device drivers (recurrent intrusions into startup axis, e.g. as part of DOS support). From a troubleshooting perspective, the process of cleaning up these commercial/driver issues is similar to cleaning up many worms and trojans, so for both practical and philosophical reasons it's appropriate to include them.

The traditional anti-malware approach is to run an antivirus application as 'underfootware' to recognize known malware via the "mugshot comparison" method. Heuristics (i.e. assessments of behavior) are also used, but as so many hi-level scripting statements are indistinguishable as to intent (every file system write or registry addition is a risk), I don't hold much faith for this.

Instead, I tackle the 4 E's directly. Where possible, I'd rather wall out a hundred or so risks than chase the recognition of thousands of malware, just as I'd rather burglarguard a few windows and doors than allow everyone in and count on recognizing known burglars when I encounter them in the house.

Enter

Primary entrance points are where the malware can enter a system, without requiring any pre-existing presence on that system.

Such entrance points are; human operators, removable disks in the boot process, files incoming via diskettes, LAN shares, downloads or email attachments, removable disks where AutoRun.inf is supported, data files (Office and HTML) where scripts are auto-executed, and finally hacking in through networks such as the LAN or Internet.

Escalate

Entrance may be in a setting where a limited range of behavior is possible, e.g. a script embedded in an HTML email that is running in 'Internet Zone', or a scripting language that places limits on what can be done. Escalation goes about extending the range of possible behaviors from whatever initial beachhead you have established; it is the very essence of hacking, and second nature to malware coders.

Escalation may exploit what I call "secondary entrance points", which are the system startup axis, application startup axes, and extensions of theses axes such as "magic name" and file association intrusion points.

Secondary entrance points are irrelevant within the narrow "Entrance" view, in that they cannot be exploited unless a primary entrance point has already been breached. But it is my opinion that one should never assume the latter will not happen, and look beyond the "can't happen here" view.

Extend

Extension is similar to escalation, except that it involves spreading from one system to another - it is the means by which the malware propagates itself. Not all malware do self-propagate; there are plenty of one-off attacks, which defeat both mugshot recognition and any heuristics that focus on spreading-type behavior.

Web sites and spammer's MILLION EMAIL ADDRESSES FOR ONLY!!! CDs allow non-propagating malware to be shotgunned out in a million "one-off" attacks, so the significance of this should not be underestimated.

The defining characteristic of viruses is that they extend by infecting other files or disks. Worms extend by infecting networks, and trojans by masquerading as desirable files so that the user extends them into their own system or allows them to survive on the assumption they are valid parts of the system.

A malware can do any of the above, which is why I no longer use words like "virus", "worm" and "trojan" if I mean malware in general.

Spread can be localized to the LAN, which is why I advise extreme caution in deciding what to share over networks, even if your own LAN is "closed" (no TCP/IP on LAN to expose systems directly to Internet)

Execute

The payload, the nature of which may terminate all of the other E's with the functional death of the host. One should place little faith that an environment or language will limit the scope of execution, unless you have made a thorough assessment of escalation possibilities from that environment or language.

Suffice to say, if you can write to the file system (even renames or copies is enough), add to the registry or other settings files, or launch other processes or files, your "sandbox" is leaking.

Microsoft

Microsoft have an abysmal record where understanding these simple concepts are concerned. In terms of what they offer their clients (i.e. disregarding how they interact with investors, competitors, staff, "business partners" etc.) this is the single biggest problem I have with MS; they either don't have a clue or don't care.

The worst examples are the autorunning macros in data files and HTML email, but I am also concerned about escalation risks posed by secondary entrance points. The reason why I have railed against "View as Web Page" so obsessively is that this is one risk that I have yet to be able to conclusively wall out of Win98.

Windows Millennium Edition

Windows Millennium Edition (ME) removes some secondary entrance points from the system startup axis, i.e. Config.sys and AutoExec.bat, and adds an "auto-repair" facility that could block malware that attempts to trojanise system code files.

But ME's "auto-repair" may be a mixed blessing, where it restores components that have been deliberately removed so as to manage escalation threats, e.g. WScript.exe, CScript.exe, SHSCrap.dll, Attrib.exe, FDisk.exe, Format.com and Debug.exe - however, there are ways around this.

ME has also missed some opportunities to correct stupid defaults; surprising, given the object lesson posed by LoveLetter and Kak. Outlook Express still defaults to sending and replying in HTML, interpreting HTML scripts within email text in 'Internet Zone', and allowing "safe" controls and Java to run within 'Restricted Zone' as it is defined by the default "high security" template.

Finally, the loss of true real mode boot (though this can be fixed) makes management of malware attacks and damage difficult (getting in before the malware code runs, tackling files that are "always in use"), including steps needed to overcome the "auto-repair" obstacle. It also encourages opening up a primary entrance risk that most savvy builders and users have closed for several OS generations; the infected bootable diskette.

Norman Malware Cleaner 2010.05.29
Server 1 Brothersoft(CDN for Global) Click to Download

Any problem in download link, please click Report Invalid Link.
Please scan with your antivirus software before installing. Read our Safety Policy here or contact us for virus report.
Continue reading...

Minggu, 16 Mei 2010

Avira security solutions

Integration examples

Logo IBM Systems Avira AntiVir certifies for IBM System Series p, Series i and Series z
Porting of the Avira security solutions AntiVir MailGate and AntiVir WebGate to IBM hardware platforms System p5, System i5 and System z9 for the IBM program. IBM Application Advantage for Linux (Chiphopper).


Logo Clearswift Avira AntiVir for Clearswift MIMEsweeper
Avira AntiVir provides professional malware protection for the MIMEsweeper product family from Clearswift, one of the furthest developed and most versatile content security solutions.
Logo AVM Avira AntiVir for AVM KEN!
The Avira AntiVir security solutions for KEN! can be seamlessly integrated in KEN! installations from AVM and offer reliable protection against viruses and spam including WebProtector.
Logo SAP Certified Integration AntiVir Virus Scan Adapter (for SAP Solutions)
The Avira AntiVir Virus Scan Adapter (for SAP Solutions) was developed for the NetWeaver platform and offers SAP customers in this environment the possibility to use the professional Avira AntiVir security technology to detect and combat malware and thus achieve a high degree of security.

Logo GROUP Technologies Avira AntiVir for IQ.Suite
The iQ.Suite from GROUP Business Software AG is the leading program package for the implementation of email lifecycle management. For the IQ.Suite module Watchdog, Avira provides professional protection for all incoming and outgoing emails.

Logo GeNUA AntiVir for GeNUGate
GeNUA (Gesellschaft für Netzwerk- und Unix-Administration) specializes in the security and support of corporate networks. The GeNUGate product family includes the multi-stage complete firewall systems GeNUGate and GeNUGate Pro. Both solutions are equipped with Avira AntiVir malware protection on request.


System Integration

Avira security solutions enable third-party suppliers to easily integrate the AntiVir technology, proven a million times over, in their own software and hardware solutions. Users can use the complete scope of services for virus and malware defense and for system and data recovery. The Avira integration software is available in specially optimized versions for integration in Unix and Windows platforms and in both versions provides comprehensive sets of functions, protocols and documentation.

1.Technology integration

Solutions for efficient defense against viruses and malware create value added for your software or hardware products and reinforce the confidence of your customers. Integrate one of the best virus scanners available with the specially optimized AntiVir Scan Engine. A SDK (software development kit) is available for integration.

2.OEM bundling

You can perfectly integrate Avira security solutions – for example for malware protection of email and Internet communication – in applications and hardware products and thus achieve useful additional security for your customers.

3.Co-branding/re-branding

Avira AntiVir is one of the most reliable and well-known brands on the security market – not least thanks to the more around 100 million satisfied users worldwide. Take advantage of the strength of this brand for cobranding or re-branding – we will support you.

4.Customized solutions

Benefit from the experience and innovation of Avira for individual security solutions that are specially tailored to the needs of your customers.

Internationally operating IT corporations trust in the expertise of Avira to protect their customers. They have already successfully integrated Avira security solutions in their product and service portfolio.
Continue reading...

Most Frightening 10th Computer Virus

VBScript type virus attack is still very high, it is evident from the many reports that complain about these types of script viruses. One virus that shot high into the first sequence is Discusx.vbs. If you still remember with these viruses, the Virus Top-10 March 2008 edition of the past, viruses Discusx.vbs ranked fifth, but this time he sped up to the first sequence. The following list details:

1. Discusx.vbs
VBScript viruses on this one, have a size around 4800 bytes. He will try to infect the multiple drives in your computer, including flash disk drive, which if infected shall make autorun.inf file and System32.sys.vbs on the root drive.
2. Reva.vbs
Again, the virus types that VBScript pretty much complained of by some readers. He will try to spread itself to every drive on your computer including flash disk drives. On the drive there will be infected reva.vbs files, autorun.inf, and shaheedan.jpg. In addition, he will change the default page of Internet Explorer that leads to http://www.arrahmah.com site.

3. XFly
PC Media Antivirus recognizes two variants of this virus, namely XFly.A and XFly.B. Just like most other local viruses, he created using Visual Basic. Has amounted to 143 360 bytes in body size without being compressed. And he may be disguised as a folder, MP3 files with WinAmp or any other way directly change the existing icon resource to its body. This will make more difficult for ordinary users in recognize. On infected computers, when running Internet Explorer, its caption is changed into x-fly "..:: ::..", and when starting Windows will appear the message from the maker of the virus in the default browser. Or every time show at 12:30, 16:00, or 20:00, the virus will display a black screen that also contains messages from the virus creator.

4. Explorea
Viruses that are compiled using Visual Basic comes with a size of about 167 936 bytes, without being compressed. Using the standard Windows folder icon similar to defraud victims. This virus will attack your Windows Registry to change the default open from a few extensions such as. LNK,. PIF,. BAT, and the. COM. On infected computers, certain times when the error message sometimes appears, for example when opening the System Properties.

5. Gen.FFE
Gen.FFE or manufacturer named Fast Firus Engine is one of the program Virus Generator locally made. By simply using this program, did not take long to create a virus / new variant. Viruses of the output of this program icon-like images using standard default Windows folder. He will block access to Task Manager, Command Prompt, and also eliminate some of the menu in the Start Menu. He also will read the caption of the current program, if there are strings associated with the antivirus program will soon be closed to him.

6. Empty
Viruses are also created using Visual Basic and had a folder icon has a size of about 110 592 bytes, without being compressed. There are so many changes that he has made in Windows, such as the Registry, File System, etc., which even can cause Windows can not be used as appropriate. On a computer that is infected by this virus, when starting Windows will display a message from the virus creator.

7. Raider.vbs
This VBScript virus type size of approximately 10 000 bytes, if the virus file is opened with Notepad for example, it is not a lot of strings that can be read by the encrypted condition. In the Registry, he also gave recognition to create a new key in HKLM \ Software with same name as the name of the computer name, the contents of a string value such as a virus, Raider, and the date the first time the infected computer.

8. ForrisWaitme
Viruses are created with Visual Basic uses the standard Windows folder icon similar to disguises. Some ulahnya is exchanged with the left mouse button function right, removes the Folder Options menu, create a file the message "read saya.txt" on the drive is infected, and there are still others.

9. Pray
Local virus was created using Visual Basic. We found two variants of this virus, for Pray.A variant has no icon, while for variant Pray.B using the icon-like Windows Explorer. If the computer is infected by this virus, while at the computer clock shows 05:15 AM, 13:00, 16:00, 18:30, or 19:45 and, this virus will display a message reminding the user to perform the prayer.

10. Rian.vbs
This VBScript virus has a size of 3788 bytes. When infecting, it will create new files autorun.inf and RiaN.dll.vbs on each root drive that is installed on the victim's computer, including the Flash Disk. Computers infected by this virus, caption of Internet Explorer will change to "Rian P2 Cantiq PR
Continue reading...

AIR (Adobe Integrated Runtime), a New Way Internet access as well Desktop

Adobe's latest re-launch the application which is surprising, because it can incorporate a variety of Internet access and multimedia applications into a single container. Containers are labeled by the Adobe AIR which stands for Adobe Integrated Runtime. AIR provides convenience for the user to access various Internet access and multimedia needs daily with enough run an application interface. Even more interesting is the AIR, the application can retrieve files from both local and Internet desktop in a similar way to then proceed to use a special file system. Thus, the user will hardly find a significant difference between accessing files from local desktop or from the Internet, because the user does not need another browser to search for data on the Internet.

AIR runs on Windows platform, although the development is also designed for MacOS. While for the Linux version will be released soon. To use the AIR, users can medownload first at http://labs.adobe.com installer for free, then install it on the computer. After all the installation process is complete, users can directly use it. Even more interesting, AIR does not include entry into the Windows registry, and did not use the library's Windows, so the bit does not affect the stability of Windows, not even no effect at all on Windows at the time of uninstall.

At the time of operation, the Adobe Integrated Runtime is working with three basic components to process data from the desktop and the Internet. The third component consists of the WebKit engine that functions as HTML, Flash Engine that functions almost like a Flash Player and SQL Lite.

As the software that runs with two input data, from the desktop and the Internet, the Adobe Integrated Runtime is taking preventive measures security by not letting any one application is installed without the user's knowledge. AIR confirmation process is always executed to secure existing systems will occur when the installation process.

Basically, the application called the Adobe Integrated Runtime is very interesting, because the user will be able to bridge the needs of a future application, where the user can access data from desktop and online Internet simultaneously. In other words, the Adobe Integrated Runtime is also a reflection of Web 2.0 application development with huge potential. (Dna)
Continue reading...

Local Eradicate Virus Manually

Faced with a variety of computer virus attacks - with OS Microsoft Windows, of course - most people will figure out how to get the latest antivirus and anti-virus for certain local viruses because most antivirus software can not detect it. In contrast to a very general way of thinking, I offer an alternative solution to deal with local virus that is Eradicate manually.

Viruses are programs / applications (= series of commands) that can reproduce themselves. Most programmers make these viruses as a series of commands that infiltrated into the ranks of the commands in other applications. Certain viruses can be programmed even sneak in the master boot record or specific sectors in the disk with special protection without being able to recognize the user as a file. Unfortunately, this clever work does not apply to most local viruses whose existence is very striking and inviting hostility.

Based on this weak point we can locally eradicate the virus manually. There are two common references in combating the virus manually, stop running the virus and eliminate viruses. Based on these two points are you can develop your own strategy depending on the case that you are facing.

Part I: Stop Running Virus

To attack the virus that created by Visual Basic (VB) - fortunately most of the local virus was made in VB - you can stop the virus running through 'remove' msvbvm50.dll and msvbvm60.dll which is in the directory c: windowssystem32 which is a virtual machine from the program -a program created in VB. The word 'remove' can be realized in various ways depending on the circumstances or the taste, which is removed (not recommended), moved to another folder, or replaced with another name. Also how can be done in various ways depending on the level of virus attacks from using Windows Explorer, command prompt on windows emulator (when the virus disable windows explorer), nor have to run windows in a fashion 'save mode with command prompt only' by pressing F8 on initial startup windows to display the startup menu. If the virus is still running, meaning the virus is not made in VB and to carry out the next steps you need to use Linux or another OS that is not installed emulator for windows programs.

Part II: Removing Viruses

To eliminate the viruses that you should do is gather all the files with the entry application via the find *. exe name, to identify applications which is a virus, and delete them. If you find the menu has been disabled by the virus, you can memanggilnuya by pressing F3 (much easier than having to edit the registry editor). Denouncing the program as a virus depends on the experience and your instincts, because its characters can be quite varied, but that should be the touchstone is that you are looking for things 'not as a proper and is in the proper place' or hidden impressed. Applications with the Microsoft Word document icon or folder icon could be adjudged as the virus directly, but any application with the usual icons should you suspect if you are not sure anyone ever move there. To minimize the scope, you also need to pay attention to the file size because many viruses that each have the same file size.

The applications that you have a verdict as the virus must be removed immediately by pressing the SIFT + delete. Previously, make sure all your data has been saved by copying the contents of documents and in-paste elsewhere in the state of virus is not runnig. Congratulations action.
Continue reading...

Selasa, 11 Mei 2010

Download Antivirus Handphone (HP) New.

download antivirus for mobile phones or the new HP I gave you that really want to download antivirus mobile phone which is now found in many many in the mobile phone virus that can make the application or HP you can make a damaged mobile phone you can not use the software because hp your application is broken due to the virus, many events as perna many people because the virus is very natural with the activities of your job.

Now you have a handphone nokia, samsung and Sony Erickson. Normal breathing relieved because of the antivirus software that can create comfort of no longer thinking about the damage that you use your mobile phone.

If you want to download you can download anti-virus software below :

1. NetQin Mobile Antivirus
Download : NetQin Mobile Antivirus
Type: Freeware

2. F-Commwarrior 2.0
Download : F-Commwarrior
Type: Freeware

3. AVG beta
Download : AVG beta
Type: Freeware

4. Airscanner Mobile Antivirus v2.0
Download : airscanner mobile antivirus
Type: Freeware

5. 1-2-3 Spyware Free Mobile
Download : mobile-22139-freeware
Type: Freeware

6. exoVirusStop
Download : exoVirusStop
Type: Shareware

7. Mobile Security Pack 2
Download : Security pack 2
Type: Shareware

8. BullGuard Mobile Antivirus 2.0
Download : bullguard mobile antivirus
Type: Trial

9. Kaspersky Mobile Security
Download : kaspersky mobile security trial
Type: Trial

10. ESET® Mobile Antivirus
Download : eset
Type: Trial 30-days

11. Avira Mobile
Download : antivir for mobile
Type: Trial 30-days


kaspersky anti virus

Latest versions

Continue reading...

Senin, 03 Mei 2010

Top Standalone Antivirus Software for 2010

We looked at eleven antivirus packages from around the world. G-Data Antivirus 2010 wins for its outstanding malware detection; Norton Antivirus 2010 comes in a close second thanks to its polished interface.

G-Data Antivirus 2010

Most security programs use a single antivirus engine, but the German-made G Data ($25 for a one-year, single-PC license, as of 11/20/09) uses two separate engines: BitDefender and Avast. That double coverage may have helped it rack up an impressive 99.95 percent block rate for traditional, signature-based detection of known malware, a rate better than that of any other app we tested. It was likewise strong at blocking annoying adware, running up a 99.8 percent score, and these strengths helped it earn top billing.

G Data's dominance continued on heuristic tests that use two-week-old signature databases and newer malware to simulate how well a program can detect threats that don't yet have a signature. In this test, G Data blocked 71.9 percent of the samples used by AV-Test.org--again, the best mark we saw. And in behavioral detection tests--which checks how well antivirus software recognizes malware based solely on what it attempts to do--G Data again led the pack by blocking 12 out of 15 test samples.

Despite this stellar performance, G Data AntiVirus isn't perfect. It put up a few false alerts in the behavioral tests and prevented three benign apps from adding Registry entries that would allow them to automatically start with your PC. And it didn't fare well at removing active rootkits, a type of stealth malware. It identified and blocked all ten test rootkits before they could install, but in the case of already-active rootkits, G Data removed only seven--fewer than any other program tested.

In on-access scan speed (how quickly the app can automatically check files when you save or copy them, for in­­stance), G Data finished in sixth place with a 10.15MB-per-second throughput.

G Data's user interface is clean and well organized, and makes it easy to get to most things from the opening page. Unlike many of the apps we tested, however, it requires you to select an action in a warning pop-up if it finds something suspicious on your hard drive. You can change that default action--to quarantine, for example--but this takes a little digging around in the settings.

If the program finds what it deems to be threatening code during a manual or scheduled scan, you'll have to double-click every item that it flagged and de­­cide what to do with each discovery. But the scan results window doesn't present this option intuitively.

Less technical users who are willing to forgo the best malware detection in favor of a more set-it-and-forget security solution might prefer our second-place finisher, Norton Antivirus. For anyone willing to put in a little extra effort, however, G Data is a clear choice.

DOWNLOAD G-Data Antivirus 2010

Symantec Norton AntiVirus 2010: A Polished Interface

Symantec's Norton AntiVirus ($40 for a one-year, single-PC license) offers some terrific extra features and a polished user interface. But subpar performance in one detection category prevented it from capturing the top spot in our chart of stand-alone antivirus programs.

In traditional detection tests using known Trojan horses, spyware, worms, and other baddies, Norton successfully detected 99.5 percent of samples from AV-Test.org. That's a good showing, but other apps did even better, leaving Symantec's entry in a middle-tier sixth place in this category.

Norton dropped toward the bottom in heuristic tests de­­signed to simulate a security program's ability to ward off new and unknown malware. It blocked only 42 percent of two-week-old signature files and newer malware, the second-worst showing in the bunch. But it did much better in behavioral analysis (which identifies malware based solely on how it acts), identifying and blocking 9 out of 15 samples, for third place. And it correctly removed the same number of files based on its behavioral analysis--better than any other app.

Norton's throughput of 9.26MB per second for automatic scans of files as they're opened or saved put it squarely in the middle of the pack. But it did a superb job of dealing with rootkits, blocking and removing all ten samples of this type of stealth malware.

While Norton's protection ability is decent (albeit not the best), it is head and shoulders above the rest in features and user interface. For example, the Insight feature lets you see Symantec's assigned reputation for a running program, or for a downloaded or saved file. These reputations are based on such factors as whether the file is digitally signed and how many other Norton users have it. The program uses that information to decide how thoroughly to scan any given download; you can use it to help you decide how much you want to trust a program.

Also impressive is a tool that offers a wealth of information about your PC's performance and history of changes, including when you installed programs, saved new downloads, or ran scans. One easy-to-read graph lists all the events that happened on a given day, while another shows how much of your CPU and memory was in use over time.

These and other features are easy to find in a smooth and polished user interface that includes plenty of quickly available descriptions. Settings are easy to reach, but techies might bemoan the lack of any option to have Norton ask you what to do when it finds a threat. The default action of removing or quarantining a discovered baddie is appropriate, but power users who want maximum control will be out of luck.

More technical users who are willing to deal with a less polished program in exchange for the best protection should take a look at G Data, the number one antivirus app in our roundup. For those more concerned with a smooth program that is less likely to require your attention, the number-two Norton is a good choice.

DOWNLOAD Symantec Norton AntiVirus 2010

Kaspersky Lab Anti-Virus 2010

Kaspersky's third-place ranking in our roundup of stand-alone antivirus programs reflects its ability both to impress and to disappoint. It pairs competent proactive protection with below-average signature detection, and a strong feature set with an at-times annoying user experience.

In traditional detection tests performed by AV-Test.org, this Russian-made program ($60 for a one-year, three-PC license) detected 97.27 percent of known malware samples--lackluster when compared with the performance of some competing apps we tested, which caught 99 percent or more of the threats. It fared better in heuristics tests that gauge how well a program protects against new malware with no known signature. At a time when the bad guys crank out astounding numbers of malware variants to evade traditional signature scanners, such proactive protection is more important than ever. Here Kaspersky came in third with a 66.83 percent block rate.

Like Norton, Kaspersky did very well in rootkit detection: It managed to detect, block, and remove all ten stealth malware samples that we threw at it. It also de­­tected and disabled all ten test infections, and proved more successful than most apps at getting rid of less harmful elements, such as Registry changes. Only Norton Antivirus and F-Secure Anti-virus were able to clear out more of the less-important junk.

In speed tests for automatic scans that typically occur when you open or copy a file, Kaspersky achieved a 12.15MBps throughput. Only the application from Avira--which didn't make our chart--was more nimble in that regard.

In features, Kaspersky has much to offer, with extras such as recommendations for system hardening, a virtual keyboard, and a scanner for out-of-date software. However, Kaspersky lacks descriptions for some of its recommendations, so you might be left wondering why you should take a recommended action such as disabling Autorun. And while updating old software is one of the best things you can do to keep your computer safe, you have to jump through many hoops to act on what Kaspersky finds.

The app's malware warning messages tend to be more confusing than informative. In our tests it displayed multiple different warning pop-ups for successive tests involving the same sample. And for either manual or scheduled scans, you'll know what it finds only if you happen to sit around and catch the pop-ups that appear during the scan. There's no scan summary window listing discovered files.

Kaspersky's antivirus app would likely get the job done when it comes to protecting a PC, but it's not the best bet for either detection or ease of use.

DOWNLOAD Kaspersky Lab Anti-Virus 2010/506
DOWNLOAD Kaspersky Lab Anti-Virus 2010/736


BitDefender Antivirus 2010



BitDefender Antivirus ($30 for a one-year, three-PC license) holds its own at dealing with malware, but its interface isn't especially user-friendly. Overall the program earned fourth place in our roundup of stand-alone antivirus programs.

This Romanian-made software did well in traditional detection tests that put it up against a collection of known malware kept by AV-Test.org. BitDefender detected 99.66 percent of all samples in a huge cache of spyware, Trojan horses, worms, and the like. But several other apps did even better, so that showing was good enough only for fifth place.

BitDefender did much the same in heuristic tests that simulate detection of newer malware by using two-week old databases.Its 65.34 percent block rate in these tests was respectable, but again yielded a fifth-place finish. The app did better in other proactive protection tests that measure a program's ability to block a baddie based solely on how it acts on a PC, blocking two-thirds of the brand-new test samples, earning it a tie for second place.

Presented with the task of disinfecting files, BitDefender disabled nine out of ten malware infections. By comparison, all but three programs in this roundup managed to remove every malware component we threw at them. And it languished in last place (along with G Data) when it cleaned up only seven out of ten active rootkits. It did clean up a greater percentage of the less-important files and system changes than most of the other security apps.

Despite some good features, BitDefender's interface isn't executed particularly well. For example, any se­­curity guru will tell you that keeping Windows up-to-date is essential for good security, and BitDefender can scan for missing updates. Unfortunately, it will display a critical warning if you happen to lack an optional package on its list--such as the Microsoft Base Smart Card Cryptographic Service Provider Package--even though it isn't really necessary to protect your PC.

DOWNLOAD BitdEfEndER Antivirus 2010

Panda Antivirus Pro 2010

Panda Antivirus Pro 2010 ($50 for a one-year, three-PC license) ranks fifth in our current roundup of 11 stand-alone antivirus apps. It was buoyed by positives such as strong traditional malware detection, but dragged down by negatives like poor behavioral scans.

In scans performed by AV-Test.org, Panda did well in traditional signature-based detection of known malware. Its 99.8 percent block rate placed it third in that category, behind only the G-Data and McAfee apps. However, it didn't fare as well in tests that gauge how well a program can identify and block new malware that doesn't yet have a signature. In heuristic tests that use 2-week-old signature files, Panda identified 53.7 percent of newer malware samples, which earning it eighth place in that category.

The program's ability to immediately check unknown files against Panda's online servers can help mitigate that relatively unimpressive showing, since this cloud computing approach can use the latest signatures as soon as they're available. But the app also fared poorly in behavioral analysis tests that measure how well a security program can identify malware based on how it acts. In those tests it successfully blocked only two out of 15 brand-new samples, which put it in last place among those programs that include the feature (not all do).

This app did well at getting rid of existing infections, and successfully disabled all 10 test infections. It also did a good job with a third-place tie when it came to cleaning up less-important files and system changes made by malware, which are often left behind by antivirus apps. However, it left one active rootkit in place; many of the programs we tested were able to remove all these samples of stealth malware.

Panda does sport a solid array of features. The company doesn't offer any program without a firewall, so you'll get one with Antivirus Pro (although we didn't test it as part of this standalone AV roundup). It also scans Web, e-mail and IM traffic for threats, and can check for missing Windows patches (malware authors often target existing security holes that users may have left unpatched). And its program interface is easy to get around, with different tabs for status, scans, reports, and the like.

However, checking or changing the program's settings can be a pain. A preferences link at the top of its window only shows a subset of the available options, with others split between separate settings links on the status and scan tabs. And while some of the settings and other program areas offer links to the relevant help sections, not all do. Without such links you're stuck manually searching for what you need.

Panda's middle-of-the-road rank befits its middling status. It does a fair job, but it's outperformed by other apps.

DOWNLOAD PANDA Antivirus Pro 2010
Continue reading...
 

Patron Computers And Mobile Phones From Viruses Copyright © 2009 Not Magazine 4 Column is Designed by Ipietoon Sponsored by Dezigntuts