Download a good and reliable antivirus. Cloud service Panda Cloud


Choosing antivirus software

Currently, the term “computer virus” is commonly understood as any malicious program on a computer/server (and even mobile phone), capable of self-propagation (infecting other files or devices). This is not entirely true; malware can differ greatly in the principles of its operation, but since such terminology has already been historically established, we will not deviate from it. The rapid spread of malware thanks to various types of computer networks (local and global) is increasingly leading to global virus epidemics: disruptions in the work of companies and multimillion-dollar losses due to downtime of computer equipment, loss/theft or corruption of data.

Classification of malware

    Viruses

    • File viruses

      Before the spread of the Internet this type viruses was the most common. File viruses infect executable files of various operating systems. In the most common OS today Microsoft Windows These are executable files (.exe, .com extensions), dynamic link libraries (.dll), batch files (.bat), device drivers (.sys) and script files (scripts). A file virus writes its code into the “body” of the affected file and, when the operating system accesses it, seizes control, after which it can perform various malicious actions: copy its code to other files (multiply), erase other files, distort data, etc. After completing its set of actions, the virus transfers control to other programs and the user may not even suspect that some destructive activity is happening on his PC.

    • Boot viruses

      Viruses of this type infect boot sectors (boot areas or Master Boot Record) boot devices (hard drives, floppy disks, flash drives). A virus (boot virus) replaces the boot code, which is executed when the computer is turned on and thus gains control before the operating system directly starts. Having gained control, the virus can perform various actions - for example, load its code into RAM. The virus propagates by writing to the boot area of ​​other computer drives.

    • Macro viruses

      Macro is, in principle, the same executable file, which, however, only works in its software environment - for example, in Microsoft Office applications. Macroviruses that infect Microsoft documents Office, and are the most common. They are written in the language Visual Basic, which is used in the Office family of applications. The virus writes itself to a DOT file, which contains all global macros, some of which it replaces with itself. After this, all files saved in the application (for example, Excel) will already contain a macro virus. When an infected macro is launched, various malicious actions are performed with data (distortion, deletion).
      Of course, this is not a complete list of types of computer viruses. They can be classified according to other principles, for example, by the method of infection or by the algorithm of action. However, it seems to us that for basic concept O computer viruses The information provided is sufficient.

  • Network worms

    The main feature of this type of malware is that it spreads through computer networks, ability to use network protocols data transmission. The most common type of network worms are e-mail worms. You can become infected with them by opening an attachment to an email containing a worm or by clicking on the html link given in this letter. Users are often encouraged to thoughtlessly open email attachments or Internet links in emails.

    When the worm code is activated, it multiplies and the worm begins sending out to other addresses. Email from an infected computer. To determine the list of recipients, the worm can use the address book of a mail client program or even scan files on the hard drive in search of e-mail addresses future victims. At the moment, network worms have appeared that can also spread through instant messaging services (Internet messengers), for example, such as ICQ.

  • Trojans

    One of the most dangerous types of malware today. Trojans are malicious programs that are usually disguised as some harmless software application: image viewers, screensavers, disk utilities, operating system updates, and so on. Having tricked their way onto the victim’s computer, Trojans, depending on their purpose, can perform various actions: provide the attacker with the ability to remotely administer the victim’s PC, steal user passwords from various services (including commercial ones), unauthorized download any files, etc. . and so on. Sometimes the presence of a Trojan program can be indicated by unusual behavior of the PC: windows opening spontaneously, freezing, a noticeable slowdown in the speed of the computer.

  • Hacking programs(hacker programs)

    There is also a whole class of programs that do not directly threaten the computer on which they are executed, but are used to attack others. network resources or burglary. They are described in detail in the Kaspersky virus encyclopedia.

Types of antivirus software. The importance of regular updating

It is obvious that with such rampant malware, computers and servers simply need to be protected with modern, legal anti-virus software. However, just the presence of an antivirus is not a sufficient guarantee of security - in order to effectively counter new viruses, the program's antivirus databases must be regularly updated. For example, updates for Kaspersky antivirus are released several times a day (!), and the built-in program automatic update downloads them independently via the Internet.

By the nature of protection against threats, in Lately There are two types of anti-malware programs:

  • classic antiviruses (for example, ESET NOD32)
  • comprehensive products for protection against various types threats (for example, Kaspersky Internet Security)

Programs of the first type contain an antivirus and sometimes an anti-spyware module, but the latter provide comprehensive PC protection against all types of threats when working on the Internet. The complex software additionally includes a firewall, which replaces the standard Windows firewall, a firewall protection module, junk mail(antispam tools), improved anti-phishing tools, etc.

Protection methods

Today, new viruses appear constantly and, thanks to the Internet, they spread at a very high speed, so detecting malware only by searching for fragments of their unique code (signatures stored in antivirus program databases) is ineffective. The most modern antivirus programs use intelligent threat detection methods, such as proactive protection (heuristics). Proactive protection is a method of searching for malware based on the nature of the actions that the program performs (analysis of calls to system registry, libraries, monitoring read/write operations, etc.). Thus, a proactive antivirus does not operate in terms of “legitimate file - malicious file", but with the concepts of "allowed action - prohibited action". Of course, proactive protection methods do not exclude the use of classical code analysis by signatures, but only complement it. Here another problem arises when using anti-virus software: since the number of known viruses is constantly growing, it is increasing like a snowball and the size of anti-virus databases with information about existing viruses. On-the-fly threat monitoring (which is a necessity) often leads to a significant slowdown in the operation of computers and servers. As test results show, the slowdown file operations can reach 100% or more! To prevent losses in the speed of computer technology from being so dramatic, some developers periodically “prune” virus databases, removing from the databases virus signatures that they consider “outdated.” However, antivirus testing conducted by independent organizations (AV-Comparatives.org) shows that such optimization methods are harmful and can leave the computer defenseless against a “retro virus”.

A conversation about security would not be complete if we did not point out the need to use firewalls.

Firewall(firewall) blocks requests from the Internet, allowing allowed outgoing user requests to pass through, allowing you to control everything network ports(deny or allow the operation of network services), and also hides the local network and gateway (Proxy) from external network in such a way as to obtain information about local network impossible from outside. operating system Windows Vista already includes a software firewall, which in the past had many vulnerabilities, which, however, were corrected by Microsoft. However, many network security experts still believe that only third-party firewalls provide adequate network security.

So, we have identified a certain range of consumer qualities of antivirus software that must be taken into account when choosing an antivirus package:

  1. Comprehensive threat protection
  2. Operational efficiency (quality of protection)
  3. Operation speed

While determining the type of product everything is quite obvious: a complex product like Internet Security is more universal solution, then with the quality of protection everything is more complicated. Most optimal choice can be done by referring to the current results of independent antivirus testing. Only in this case can you be sure of choosing a reliable product. There are several organizations that conduct such research, but we will list only the most authoritative:

Of course, the leaders in comprehensive testing sometimes change, but generally only a few products are consistently in the top five. And it is these products that we offer to purchase at TIM Computers along with our computers and servers.

These products have demonstrated a high level of heuristic detection of new malware with very little false positives.

Antivirus products for home and office use differ in their usage scenarios, installation methods and licensing, which is reflected in our price list for antivirus software.

Greetings to all readers of this site, in previous posts we discussed in detail on the computer. Now, we are faced with another task, this is to ensure the protection of the computer from viruses and malware. Therefore, in today’s article we will talk about which antivirus is better.

I suggest considering both free and paid versions. Each program has its own advantages and disadvantages, so you must decide for yourself which antivirus to choose. Many of you probably know very well that nowadays, your computer must have a virus protector that can protect your personal data from theft, as well as protect information stored on hard drives from action malicious code. After all, it’s no secret that some viruses can not only damage the user’s files, but also disable the computer. As a rule, to protect your home computer from threats, it will be enough for us to install one of the antiviruses.

Which antivirus is better - choose the right protection.

As I already told you, there are free and paid antivirus programs, but you should not neglect free utilities, since they can be no worse than their paid counterparts. We will try to determine which antivirus is best for Windows.

In order to protect your computer from viruses, you need to choose only one antivirus, since if you install two or more programs at the same time, a conflict will begin between them. At the same time, it often happens that antiviruses come into battle with each other over what, and about any protection in in this case there can be no talk anymore, since they block each other’s work. I also want to recommend that it does not conflict with a third-party antivirus.

It is quite difficult to unequivocally recommend which antivirus is better, since each developer praises their own products. We can only choose favorites based on the results of using certain programs. As for me, most popular antiviruses are very similar to each other. Their only difference is that some programs specialize more in protecting computer files, while others provide maximum protection when working on the Internet.

The best free antiviruses.

I suggest starting to consider the list of which antivirus is better with free products. As a rule, free antiviruses have all the basic functions that will be enough to protect home computer. Such programs can be classified as “set it and forget it”, since they work independently and do not require paid license renewals or other actions from the user. If you are interested in such antiviruses, then let’s start our list.

Avast! Free Antivirus is a fairly popular antivirus program among users. The utility is completely free, but at the same time it can perfectly protect computers in different areas applications. Once installed, Avast! Free Antivirus, you won't have to delve into its settings, since after installation it will be configured by default to perform its basic duties. But if you want to use some Extra options, then the program can offer you big choice options. Avast can quarantine infected and suspicious files, perform full check computer for viruses, supports Game Mode and many other functions. After installation, the program requires a one-time registration. Therefore, if you don’t want to worry too much about choosing a defender for your computer, then Avast is perfect for you.

Avira Free Antivirus is another popular free antivirus program that is ideal for home use. Avira differs from other programs in that it uses little computer resources, thereby not slowing down its operation. The program can constantly monitor the state of the PC, or check it for viruses on a schedule. Avira can update automatically and also monitors the installation of unwanted software. Thus, the utility, without interfering with the user, protects the computer from viruses and malware.

Microsoft Security Essentials is the latest contender for the title of best free antivirus. This is a small anti-virus program from Microsoft, which has a minimum set of all necessary functions, but at the same time protects your computer well from viruses. The program is constantly updated, so it is able to repel the interference of any modern viruses. You can scan your computer on a schedule. Microsoft Security Essentials is suitable for those who do not want to install third-party software, but at the same time care about protecting their PC from viruses. It is advisable to use this antivirus software in conjunction with the Windows Firewall.

I would also like to mention to you such free antiviruses as 360 Total Security, Comodo, Panda; they are less popular among users and have more modest functionality, but just like the products described above, they can provide basic PC protection. All of the above programs can be downloaded from the official websites of the developers. Also in the following articles I will tell you how to install them.

The best paid antiviruses.

Let's now look at several paid virus protectors, and also talk to you about which antivirus is better to install. Paid products are quite interesting. They have very broad functionality, support work on devices with different platforms, and are constantly being improved and updated. At the same time, some programs were developed quite a long time ago and were loved by users so much that they became undisputed leaders. At the same time, they can provide device protection at a professional level.

Kaspersky Antivirus- probably one of the best paid antiviruses. Of course, you can use its free version, but it will have reduced functionality. In order to have “protection to the teeth”, you need to buy an annual license. Kaspersky can provide a full-fledged firewall, has a rich set of functions, and also allows the user to customize protection to suit any needs. I would also like to say that the cost of the license is not particularly high, so I recommend installing this antivirus and using its capabilities to the maximum.

Dr. Web is another fairly old antivirus program that almost all users of computers, laptops and smartphones know. Doctor Web, like Kaspersky Anti-Virus, has different versions, and after installation provides the user with a one-month trial period. Thus, you can later make a choice, leave this product on your computer or look for another option. But as a rule, due to its comprehensive functionality and impeccable protection, users prefer Doctor Web. The price for a licensed product is less than for Kaspersky, the subscription is also issued for a year.

ESET NOD32 completes our list. This contender is one of the three best paid antiviruses. It can effectively protect your computer from viruses, provide constant control and system monitoring. Unlike the antiviruses described above, this product does not slow down the computer and copes with its task with five points. The program is constantly updated and improved, so if you choose ESET NOD32, you can rest assured about the security of your computer.

Today, more than ever, anti-virus software is not only the most in demand in the security system of any operating system, but also one of its main components. And if previously the user had a very limited, modest choice, now you can find a lot of such programs. But if you look at the list of “Top 10 antiviruses”, you will notice that not all of them are equivalent in terms of functionality. Let's look at the most popular packages. At the same time, the analysis will include both paid and shareware (antivirus for 30 days), and freely distributed applications. But first things first.

Top 10 antiviruses for Windows: testing criteria

Before you start compiling a rating, you should probably familiarize yourself with the basic criteria that are used in most cases when testing such software.

Naturally, it is simply impossible to consider all known packages. However, among all those designed to ensure the protection of a computer system in the broadest sense, the most popular can be identified. At the same time, we will take into account both the official ratings of independent laboratories and reviews of users who use this or that software product in practice. Besides, mobile programs will not be affected, we will focus on stationary systems.

As for conducting basic tests, as a rule, they include several main aspects:

  • availability of paid and free versions and limitations related to functionality;
  • standard scanning speed;
  • quick identification of potential threats and the ability to remove or quarantine them using built-in algorithms;
  • frequency of updating anti-virus databases;
  • self-defense and reliability;
  • availability of additional features.

As can be seen from the above list, checking the operation of antivirus software allows you to determine the strengths and weak sides one or another product. Next we will consider the most popular software packages, included in the Top 10 antiviruses, and also their main characteristics are given, of course, taking into account the opinions of people who use them in their daily work.

Kaspersky Lab software products

First, let's look at the software modules developed by Kaspersky Lab, which are extremely popular in the post-Soviet space.

It’s impossible to single out just one program here, because among them you can find the standard Kaspersky Antivirus scanner, modules like Internet Security, and portable utilities like Virus Removal Tool, and even boot disks for damaged Rescue systems Disc.

It is immediately worth noting two main disadvantages: firstly, judging by the reviews, almost all programs, with rare exceptions, are paid or shareware, and secondly, the system requirements are unreasonably high, which makes it impossible to use them in relatively weak configurations . Naturally, this scares off many ordinary users, although activation Kaspersky keys Antivirus or Internet Security can easily be found on the World Wide Web.

On the other hand, the activation situation can be corrected in another way. For example, Kaspersky keys can be generated using special applications like Key Manager. True, this approach is, to put it mildly, illegal, however, as a way out, it is used by many users.

The speed of operation on modern machines is average (for some reason, more and more heavyweight versions are being created for new configurations), but constantly updated databases, the unique technology for identifying and removing known viruses and potentially dangerous programs are at their best. It is not surprising that Kapersky Laboratory is today a leader among security software developers.

And two more words about the recovery disk. It is unique in its own way because it boots the scanner from graphical interface even before Windows itself starts, allowing you to remove threats even from random access memory.

The same applies to the portable utility Virus Removal Tool that can track any threat on an infected terminal. It can only be compared with a similar utility from Dr. Web.

Protection from Dr. Web

Before us is another of the strongest representatives in the field of security - the famous “Doctor Web”, who stood at the origins of the creation of all anti-virus software since time immemorial.

Among the huge number of programs you can also find standard scanners, security tools for Internet surfing, portable utilities, and recovery disks. You can't list everything.

The main factor in favor of this developer’s software can be called high speed work, instant threat identification with the ability to either complete removal, or isolation, as well as a moderate load on the system as a whole. In general, from the point of view of most users, this is a kind of lightweight version of Kaspersky. There is still something interesting here. In particular, this is Dr. Web Katana. It is believed that this is a new generation software product. It is focused on the use of “sand” technologies, i.e. placing a threat in the “cloud” or “sandbox” (whatever you want to call it) for analysis before it penetrates the system. However, if you look at it, there are no special innovations here, because this technique was used in free Panda antivirus. In addition, according to many users, Dr. Web Katana is something like Security Space with the same technologies. However, generally speaking, any software from this developer is quite stable and powerful. It is not surprising that many users prefer such packages.

ESET programs

Speaking about the Top 10 antiviruses, we cannot fail to mention one more the brightest representative in this area - the ESET company, which became famous for such a famous product as NOD32. A little later, the ESET Smart Security module was born.

If we consider these programs, we can note an interesting point. To activate the full functionality of any package, you can do two things. On the one hand, this is the acquisition of an official license. On the other hand, you can install trial antivirus free, but activate it every 30 days. The situation with activation is also interesting.

As absolutely all users note, for ESET Smart Security (or for standard antivirus) on the official website you could find freely distributed keys in the form of a login and password. Until recently, only this data could be used. Now the process has become somewhat more complicated: first you need to login and password on a special website, convert it into a license number, and only then enter it into the registration field in the program itself. However, if you do not pay attention to such trifles, you can note that this antivirus is one of the best. Pros noted by users:

  • virus signature databases are updated several times a day,
  • identification of threats at the highest level,
  • there are no conflicts with system components (firewall),
  • the package has the strongest self-defense,
  • there are no false alarms, etc.

Separately, it is worth noting that the load on the system is minimal, and the use of the Anti-Theft module even allows you to protect data from theft or misuse for personal gain.

AVG Antivirus

AVG Antivirus is a paid software designed to provide integrated security computer systems (there is also a free truncated version). And although today this package is no longer among the top five, it nevertheless demonstrates fairly high speed and stability.

In principle, it is ideal for home use, because, in addition to speed, it has a convenient Russified interface and more or less stable behavior. True, as some users note, sometimes it is able to miss threats. And this does not apply to viruses as such, but rather to spyware or advertising "junk" called Malware and Adware. The program’s own module, although widely advertised, still, according to users, looks somewhat unfinished. And an additional firewall can often cause conflicts with the “native” Windows firewall if both modules are active.

Avira package

Avira is another member of the antivirus family. It is not fundamentally different from most similar packages. However, if you read user reviews about it, you can find quite interesting posts.

Many people do not recommend using the free version under any circumstances, since some modules are simply missing in it. To provide reliable protection, you will have to purchase a paid product. But such an antivirus is suitable for versions 8 and 10, in which the system itself uses a lot of resources, and the package uses them at the lowest level. In principle, Avira is best suited for, say, budget laptops and weak computers. A network installation, however, is out of the question.

Cloud service Panda Cloud

Free at one time became almost a revolution in the field of antivirus technologies. The use of a so-called “sandbox” to submit suspicious content for analysis before it penetrates the system has made this application especially popular among users of all levels.

And it is precisely with the “sandbox” that this antivirus is associated today. Yes, indeed, this technology, unlike other programs, allows you to prevent threats from entering the system. For example, any virus first saves its body on the hard drive or in RAM, and only then begins its activity. Here the matter does not come to conservation. At first suspicious file is sent to a cloud service, where it is checked, and only then can it be saved in the system. True, according to eyewitnesses, unfortunately, this can take quite a lot of time and unnecessarily loads the system. On the other hand, it’s worth asking yourself what is more important: security or increased verification time? However, for modern computer configurations with Internet connection speeds of 100 Mbit/s and higher, it can be used without problems. By the way, its own protection is provided precisely through the “cloud”, which sometimes causes criticism.

Avast Pro Antivirus Scanner

Now a few words about another prominent representative. He is quite popular among many users, however, despite the presence of the same “sandbox”, anti-spyware, network scanner, firewall and virtual office, unfortunately, Avast Pro Antivirus In terms of key performance indicators, functionality and reliability, it clearly loses to such giants as Kaspersky Lab software products or applications using Bitdefender technologies, although it demonstrates high scanning speed and low resource consumption.

Users are attracted to this product mainly by the fact that the free version of the package is as functional as possible and does not differ much from paid software. In addition, this antivirus works on all versions of Windows, including Windows 10, and works great even on outdated machines.

360 Security Packages

Before us is probably one of the fastest antiviruses of our time - 360 Security, developed by Chinese specialists. In general, all products labeled “360” are distinguished by enviable speed of operation (the same Internet browser 360 Safety Browser).

Despite its main purpose, the program has additional modules to eliminate operating system vulnerabilities and optimize it. But neither the speed of operation nor the free distribution can be compared with false alarms. In the list of programs that have the highest indicators for this criterion, this software occupies one of the first places. According to many experts, conflicts arise in system level due to additional optimizers, the action of which intersects with the tasks of the OS itself.

Software products based on Bitdefender technologies

Another “old man” among the most famous defenders of operating systems is Bitdefender. Unfortunately, in 2015 it lost the palm to Kaspersky Lab products, nevertheless, in antivirus fashion, so to speak, it is one of the trendsetters.

If you look a little more closely, you will notice that many modern programs(the same 360 ​​Security package) in different variations are made precisely on the basis of these technologies. Despite the rich functional base, it also has its shortcomings. Firstly, you will not find the Russian antivirus (Russified) Bitdefender, since it does not exist in nature at all. Secondly, despite the use of the latest technological developments in terms of system protection, unfortunately, it shows too high a number of false positives (by the way, according to experts, this is typical for the entire group of programs created on the basis of Bitdefender). The presence of additional optimizer components and their own firewalls generally does not affect the behavior of such antiviruses for the better. But you can’t deny the speed of this application. In addition, P2P is used for verification, but there is no real-time email verification, which many people do not like.

Antivirus from Microsoft

Another application that is notable for its enviable performance with or without reason is Microsoft's own product called Security Essentials.

This package is included in the Top 10 antiviruses, apparently, only because it is designed exclusively for Windows systems, which means it does not cause absolutely any conflicts at the system level. Besides, who else, if not specialists from Microsoft, knows all the security holes and vulnerabilities of their own operating systems. By the way, it is interesting that the initial Windows builds 7 and Windows 8 had MSE as standard, but then for some reason they abandoned this kit. However, for Windows it can become the simplest solution in terms of security, although you can’t count on any special functionality.

McAfee app

As for this application, it looks quite interesting. However, it has gained the greatest popularity in the field of application on mobile devices with all kinds of locks, however, on desktop computers This antivirus behaves no worse.

The program has low-level support for P2P networks when sharing Instant Messenger files, and also offers 2-level protection in which the main role dedicated to the WormStopper and ScriptStopper modules. But in general, according to consumers, the functionality is at an average level, and the program itself is focused more on identifying spyware, computer worms and Trojans and preventing executable scripts or malicious codes from entering the system.

Combined antiviruses and optimizers

Naturally, only those included in the Top 10 antiviruses were considered here. If we talk about other software of this kind, we can note some packages containing anti-virus modules in their sets.

What to prefer?

Naturally, all antiviruses have certain similarities and differences. What to install? Here you need to proceed from the needs and the level of protection provided. As a rule, corporate clients should purchase something more powerful with the possibility of network installation (Kaspersky, Dr. Web, ESET). As for home use, here the user chooses what he needs (if desired, you can even find an antivirus for a year - without registration or purchase). But, if you look at user reviews, it is better to install Panda Cloud, even despite some additional load on the system and the time it takes to check in the sandbox. But right here there is full guarantee that the threat will not penetrate the system in any way. However, everyone is free to choose for themselves what exactly they need. If activation is not difficult, please: ESET products work fine on home systems. But using optimizers with anti-virus modules as the main means of protection is extremely undesirable. Well, it’s also impossible to say which program takes first place: there are so many users, so many opinions.

Antivirus program(antivirus) - originally a computer program that is designed to neutralize viruses and various types of malware in order to protect data and optimal performance your personal computer.

Antivirus software didn’t have to wait long; it appeared immediately after the first malware appeared. At the moment, entire corporations, led by thousands of people, are working on the development of anti-virus programs, who are constantly “patching holes” so that our information world is cleaner and safer.

Antivirus programs (antiviruses) use two specific principles of working (eliminating) malware:

· Scanning your computer and comparing an existing virus with a database on a server from a specific manufacturer.

· Scan and detect programs that behave suspiciously and may by definition be malware.

You can also define some classification of antivirus modules that are included in various antivirus programs (antiviruses):

1. Scanners - an anti-virus module that works based on matching. In other words, the antivirus searches for the presence of a virus using a signature database. The quality of scanning depends on the database update date and heuristic analysis.

2. Audit module - remembers the state file system, which subsequently makes it possible to compare the differences and compare the results. If there is a difference, the virus is caught.

3. Monitors are special programs assistants, which, if potentially dangerous malware is detected (most often found EXE files) offer the user a choice of several operations, which necessarily include the “delete” function.

4. Vaccines - the principle of operation of this module may remind us of a regular “vaccination”. In other words, when a virus wants to penetrate and infect a program, the role of the vaccine is to show the virus that the program is already infected. Unfortunately, at the moment, when the number of viruses in global network measured in millions, this method is already outdated.

Protecting your home and work PC from viruses

1. Home PC - as a rule, home PCs are not so susceptible to virus attacks. Typically, antivirus software developers focus on the following components:

· Antivirus

· Firewall

· Anti-rootkit

· Antispam

2. As for workstations, the situation is a little more complicated, since most structures work with servers. Accordingly, the level of security here should be higher. As a rule, administrators use good server antiviruses and applications for them (client ones).

There is a world great amount various corporations that are developing more and more new antiviruses and accumulating databases for them. On our website you can find only the largest and most successful companies, whose antiviruses have won various tests and competitions (Virus Bulletin), etc. more than once.

And remember, by purchasing a licensed product, you not only get access to the new and latest signature updates, but also receive specialized support in case of problems encountered while working with anti-virus software.

Antivirus programs protect your computer from viruses and other malware, such as worms and Trojan horses. Antivirus programs need to be updated regularly on the Internet. To receive updates, you must subscribe to the antivirus database update service of the antivirus program manufacturer. Before connecting to the Internet, you must run an antivirus program!

The main tasks of antiviruses:

· Scan files and programs in real time.

· Scan your computer on demand.

· Scanning Internet traffic.

· Email scanning.

· Protection against attacks from hostile websites.

· Recovery damaged files(treatment).

The spread of viruses via email could be prevented with inexpensive and effective means without installing anti-virus programs, if defects in email programs were eliminated, which boil down to the execution of executable code contained in letters without the knowledge and permission of the user.

· User training can be an effective addition to antivirus software. Easy user training safe use computer (for example, do not download and run unknown programs from the Internet) would reduce the likelihood of viruses spreading and eliminate the need to use many anti-virus programs.

· Computer users should not work with administrator rights all the time. If they used the access mode of a standard user, then some types of viruses would not be able to spread (or, according to at least, the damage from viruses would be less). This is one reason why viruses are relatively rare on Unix-like systems.

· Various methods encryption and malware packaging make even known viruses undetectable by antivirus software. Detecting these "disguised" viruses requires a powerful decompression engine that can decrypt files before scanning them. Unfortunately, many antivirus programs do not have this feature and, as a result, it is often impossible to detect encrypted viruses.

· The constant emergence of new viruses gives antivirus software developers a good financial outlook.

· Some antivirus programs can significantly reduce performance. Users can disable antivirus protection to prevent performance loss, in turn increasing the risk of virus infection. For maximum security, antivirus software should always be connected, despite the loss of performance. Some antivirus programs do not greatly affect performance.

· Sometimes you have to disable anti-virus protection when installing program updates, such as Windows Service Packs. An antivirus program running during the installation of updates may cause modifications to install incorrectly or completely cancel the installation of modifications. Before Windows update 98, Windows 98 Second Edition or Windows ME on Windows XP (Home or Professional), it is better to disable virus protection, otherwise the update process may fail.

· Some antivirus programs are actually spyware masquerading as them. It's best to double-check that the antivirus program you're downloading is actually one. It’s even better to use software from well-known manufacturers and download distributions only from the developer’s website.

· Some of the products use multiple cores to search for and remove viruses and spyware. For example, in the development of NuWave Software, 4 cores are used (two for virus scans and two for spyware scans)

Antivirus programs are usually divided into clean antiviruses And dual purpose antiviruses. Pure antiviruses are distinguished by the presence of an antivirus core, which performs the function of scanning samples. The principle in this case is that treatment is possible if the virus is known. Pure antiviruses, in turn, are divided into two categories based on the type of access to files: those that exercise control by access (on access) or by user demand (on demand). Usually on access products are called monitors, and on demand products - scanners. In addition, antivirus programs, like viruses, can be divided depending on the platform within which the antivirus operates. In this sense, along with Windows or Linux, platforms can include Microsoft Exchange Server, Microsoft Office, Lotus Notes.

Dual-use programs are programs used both in antiviruses and in software that is not an antivirus. A variety of dual-use programs are behavioral blockers, which analyze the behavior of other programs and block them when suspicious actions are detected.

When choosing an antivirus program, it is necessary to take into account not only the percentage of virus detection, but also the ability to detect new viruses, the number of viruses in antivirus database, its update frequency, the presence of additional functions.

Antivirus programs, their classification and principles of operation

The most popular and effective antivirus programs are antivirus scanners(other names: doctors, phages, polyphages). They are followed in terms of effectiveness and popularity by CRC scanners(also: auditor, checksumer, integrity checker). Often both of these methods are combined into one universal antivirus program, which significantly increases its power. Also applicable various types monitors(filters, blockers) and immunizers(detectors).

Scanners. Principle of operation antivirus scanners is based on checking files, sectors and system memory and searching for known and new (unknown to the scanner) viruses. Scanners can also be divided into two categories - “universal” and “specialized”. Universal scanners are designed to search for and neutralize all types of viruses, regardless of the operating system in which the scanner is designed to work. Specialized scanners are designed to neutralize a limited number of viruses or only one class of viruses, for example macro viruses. Specialized scanners designed only for macro viruses often turn out to be the most convenient and reliable solution for protecting document management systems in MS Word and MS Excel. Scanners are also divided into “resident”, which scan on the fly, and “non-resident”, which scans the system only upon request.

Antivirus software target platforms

At the moment, antivirus software is developed mainly for the OS Windows family from Microsoft, which is caused by a large number of malicious programs specifically for this platform (and this, in turn, is caused by the great popularity of this OS, as well as a large number of development tools, including free ones and even “instructions for writing viruses”). Products for other platforms are currently entering the market. desktop computers, such as Linux and Mac OS X. This is caused by the beginning of the spread of malware for these platforms, although UNIX-like systems have always been famous for their reliability. For example, the famous video "Mac or PC" shows the comic advantage of Mac OS over Windows and the greater anti-virus immunity of Mac OS compared to Windows.

In addition to OSes for desktop computers and laptops, there are also platforms for mobile devices, such as Windows Mobile, Symbian, iOS Mobile, BlackBerry, Android, Windows Phone 7, etc. Users of devices running these OSs are also at risk of becoming infected with malware, which is why some antivirus software developers release products for such devices.

Classification of antivirus products

Antivirus products can be classified according to several criteria, such as: the technologies used antivirus protection, product functionality, target platforms.

According to the anti-virus protection technologies used:

  • Classic antivirus products (products that use only the signature detection method)
  • Proactive antivirus protection products (products that use only proactive antivirus protection technologies);
  • Combined products (products using both classic, signature-based protection methods and proactive ones)

By product functionality:

  • Antivirus products (products that provide only antivirus protection)
  • Combination products (products that provide not only anti-malware protection, but also spam filtering, data encryption and backup, and other functions)

By target platforms:

  • Antivirus products for Windows operating systems
  • Anti-virus products for *NIX operating systems (this family includes BSD, Linux, Mac OS X, etc.)
  • Anti-virus products for mobile platforms (Windows Mobile, Symbian, iOS, BlackBerry, Android, Windows Phone 7, etc.)

Antivirus products for corporate users can also be classified by protection objects:

  • Antivirus products to protect workstations
  • Antivirus products to protect file and terminal servers
  • Antivirus products to protect email and Internet gateways
  • Antivirus products to protect virtualization servers
  • and etc.

False antiviruses

In 2009, the active spread of the so-called. false antiviruses - software that is not antivirus (that is, does not have real functionality to counteract malware), but pretends to be one. In fact, false antiviruses can be either programs to deceive users and make a profit in the form of payments for “curing the system of viruses,” or ordinary malicious software. This distribution is currently suspended.

Antivirus operation

Speaking about Microsoft systems, an antivirus usually operates according to the following scheme:

  • search the antivirus software database for virus signatures
  • if an infected code is found in memory (RAM and/or permanent), the quarantine process is launched and the process is blocked
  • a registered program usually removes the virus, an unregistered one asks for registration, and leaves the system vulnerable.

Antivirus databases

To use antiviruses you need constant updates so-called antivirus databases. They provide information about viruses - how to find and neutralize them. Since viruses are written frequently, constant monitoring of virus activity on the network is necessary. For this purpose, there are special networks that collect relevant information. After collecting this information, the harmfulness of the virus is analyzed, its code and behavior are analyzed, and then ways to combat it are established. Most often, viruses are launched along with the operating system. In this case, you can simply delete the virus startup lines from the registry, and that’s it. simple case the process may end. More complex viruses use the ability to infect files. For example, there are cases where even some anti-virus programs, being infected, themselves became the cause of infection of other clean programs and files. Therefore, more modern antiviruses have the ability to protect their files from changes and check their integrity using a special algorithm. Thus, viruses have become more complex, as have the ways to combat them. Now you can see viruses that no longer occupy tens of kilobytes, but hundreds, and sometimes can be a couple of megabytes in size. Typically, such viruses are written in programming languages ​​more than high level, so they are easier to stop. But there is still a threat from viruses written in low-level machine code like assembly language. Complex viruses infect the operating system, after which it becomes vulnerable and non-functional. Unfortunately, according to forecasts, in the near future the work of antivirus companies will become much more difficult due to the fact that copy-protected viruses will spread more rapidly.

Notes

Malicious software
Infectious malware Computer virus (list) · Network worm (list) · Trojan horse · Boot virus · Chronology
Hiding methods Backdoor · Zombie computer · Rootkit
Malware
for profit		 Adware · Privacy-invasive software · Ransomware (Trojan.Winlock) · Spyware · Bot · Botnet · Web threats · Keylogger · Form grabber · Scareware · Porn dealer
By operating system Linux Malware · Palm OS Viruses · Macro Virus · Mobile Virus
Protection Defensive computing Antivirus program· Firewall · Intrusion detection system · Information leakage prevention · Antivirus chronology
Countermeasures Anti-Spyware Coalition · Computer surveillance · Honeypot · Operation: Bot Roast

Wikimedia Foundation. 2010.


2024 gtavrl.ru.