Macintosh And IBM PC
Antivirus Software
Suspicious Behavior
Emerging Technique
Mobile Devices And Innovative Solutions
Biological Viruses
Antiviral Drug
Experimental Antivirals
Virus Life Cycle
Symantec first became wellknown as the publisher of Q & A, a dualmode product that was both a word processor and a database. During the 1990s, Symantec switched focus away from development of its own products and towards acquisition of other companies. An early purchase gave Symantec ownership of Norton Utilities, created in the mid1980s by software engineer Peter Norton. At one time Symantec was also known for its development tools, particularly the THINK Pascal, THINK C, Symantec C++, and Visual Cafe packages that were popular on the Macintosh and IBM PC compatible platforms they exited this business in the late1990s as competitors such as Metrowerks, Microsoft, and Borland gained significant market share.In recent years, Symantec has been primarily known for its Nortonbranded antivirus and utility software. Products released under the Symantec name include Norton AntiVirus, Norton Commander, Norton Internet Security, Norton 360, Norton Personal Firewall, Norton SystemWorks which now contains Norton Utilities, Norton AntiSpam, Norton GoBack formerly Roxio GoBack, Norton Confidential, and Norton Ghost originally published by Binary Research.Due to the 2003 acquisition of PowerQuest, Symantec continues to sell, but not develop, the last version of PartitionMagic, now called Norton PartitionMagic. This is true as well of the NetWare partition manager, ServerMagic. PowerQuest's Drive Image software replaced the original Norton Ghost software, yet retains Norton Ghost as it's name.On December 16, 2004, Veritas and Symantec announced their plans for a merger. With Veritas valued at $13.5 billion, it was the largest software industry merger to date. Symantec's shareholders voted to approve the merger on June 24, 2005 the deal closed successfully on July 2, 2005. July 5, 2005 was the first day of business for U.S. offices of the new, combined software company. After the merger, Symantec now includes storage related products in its portfolio. Veritas File System VXFS, Veritas Volume Manager VXVM and Veritas Volume Replicator are but three.
In the virus dictionary approach, when the antivirus software looks at a file, it refers to a dictionary of known viruses that the authors of the antivirus software have identified. If a piece of code in the file matches any virus identified in the dictionary, then the antivirus software can take one of the following actions.Attempt to repair the file by removing the virus itself from the file.Quarantine the file such that the file remains inaccessible to other programs and its virus can no longer spread.HTo achieve consistent success in the medium and long term, the virus dictionary approach requires periodic generally online downloads of updated virus dictionary entries. As civically minded and technically inclined users identify new viruses in the wild, they can send their infected files to the authors of antivirus software, who then include information about the new viruses in their dictionaries.Dictionarybased antivirus software typically examines files when the computer's operating system creates, opens, closes or emails them. In this way it can detect a known virus immediately upon receipt. Note too that a System Administrator can typically schedule the antivirus software to examine scan all files on the computer's hard disk on a regular basis.Although the dictionary approach can effectively contain virus outbreaks in the right circumstances, virus authors have tried to stay a step ahead of such software by writing oligomorphic, polymorphic and more recently metamorphic viruses, which encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match the virus's signature in the dictionary.
The suspicious behavior approach, by contrast, doesn't attempt to identify known viruses, but instead monitors the behavior of all programs. If one program tries to write data to an executable program, for example, the antivirus software can flag this suspicious behavior, alert a user and ask what to do.Unlike the dictionary approach, the suspicious behavior approach therefore provides protection against brandnew viruses that do not yet exist in any virus dictionaries. However, it can also sound a large number of false positives, and users probably become desensitized to all the warnings. If the user clicks Accept on every such warning, then the antivirus software obviously gives no benefit to that user. This problem has worsened since 1997, since many more nonmalicious program designs came to modify other .exe files without regard to this false positive issue. Thus, most modern antivirus software uses this technique less and less.Some antivirus software use other types of heuristic analysis. For example, it could try to emulate the beginning of the code of each new executable that the system invokes before transferring control to that executable. If the program seems to use selfmodifying code or otherwise appears as a virus if it immediately tries to find other executables, for example, one could assume that a virus has infected the executable. However, this method could result in a lot of false positives.Yet another detection method involves using a sandbox. A sandbox emulates the operating system and runs the executable in this simulation. After the program has terminated, software analyzes the sandbox for any changes which might indicate a virus. Because of performance issues, this type of detection normally only takes place during ondemand scans. Also this method may fail as viruses can be nondeterministic and result in different actions or no actions at all done when run so it will be impossible to detect it from one run. Some virus scanners can also warn a user if a file is likely to contain a virus based on the file type.
An emerging technique to deal with malware in general is whitelisting. Rather than looking for only known bad software, this technique prevents execution of all computer code except that which has been previously identified as trustworthy by the system administrator. By following this default deny approach, the limitations inherent in keeping virus signatures up to date are avoided. Additionally, computer applications that are unwanted by the system administrator are prevented from executing since they are not on the whitelist. Since modern enterprise organizations have large quantities of trusted applications, the limitations of adopting this technique rest with the system administrators' ability to properly inventory and maintain the whitelist of trusted applications. As such, viable implementations of this technique include tools for automating the inventory and whitelist maintenance processes.
The ongoing writing and spreading of viruses and of panic about them gives the vendors of commercial antivirus software a financial interest in the ongoing existence of viruses. Some theorize that antivirus companies have financial ties to virus writers, to generate their own market, though there is no evidence for this. Some antivirus software can considerably reduce performance. Users may disable the antivirus protection to overcome the performance loss, thus increasing the risk of infection. For maximum protection the antivirus software needs to be enabled all the time often at the cost of slower performance see also software bloat.It is important to note that one should not have more than one antivirus software installed on a single computer at any given time. This can seriously cripple the computer and cause further damage.It is sometimes necessary to temporarily disable virus protection when installing major updates such as Windows Service Packs or updating graphics card drivers.
It would be no surprise when viruses that plague the desktop and laptop world quickly migrate to mobile devices. More and more vendors in this space are offering solutions to combat secure mobile handsets with antivirus solutions. Mobile devices present significant challenges for antivirus software, such as Processor constraints,Memory constraints, Definitions and new signature updates to these mobile handsets,SIM, flash based and USB based antivirus products.Mobile handsets are now offered with a variety of interfaces and data connection capabilities. Consumers should carefully evaluate security products before deploying on small form factor devices.Solutions that are hardwarebased, perhaps USB devices or SIMbased antivirus solutions, might work better in meeting the needs of mobile handset consumers. Technical evaluation and review on how deploying an antivirus solution on cellular mobile handsets should be considered as scanning process might impact other legitimate applications on the handheld.SIMbased solutions with antivirus integrated on the small memory footprint might provide a basic solution to combat malware/viruses in protecting PIM and mobile user data. USB and Flash memorybased solutions give the user an advantage to swap and use these products with a range of hardware devices.Having antivirus protection running at the same time as installing a major update may prevent the update installing properly or at all.When purchasing antivirus software, the agreement may include a clause that your subscription will be automatically renewed, and your credit card automatically billed at the renewal time without your approval. For example, McAfee requires one to unsubscribe at least 60 days before the expiration of the present subscription. In that case, the subscriber may contest the charges with the credit card issuer, but this recourse is likely to fail if in fact the subscriber had authorised such a continuous payment authority.Some antivirus programmes are actually spyware masquerading as antivirus software. It is best to doublecheck that the antivirus software which is being downloaded is actually a real antivirus program.Some commercial antivirus software programs contain adware. For example, the home/small business version of CA AntiVirus 2008 displays an advert for CA products whenever the desktop is unlocked after a period of inactivity.
There are competing claims for the innovator of the first antivirus product. Perhaps the first publicly known neutralization of a wild PC virus was performed by European Bernt Fix also Bernd in early 1987. Fix neutralized an infection of the Vienna virus. First edition of Polish antivirus software mksvir started in 1987. Program was only available in Polish language version. Autumn 1988 also saw antivirus software Dr. Solomon's AntiVirus Toolkit released by Briton Alan Solomon. By December 1990 the market had matured to the point of nineteen separate antivirus products being on sale including Norton AntiVirus and ViruScan from McAfee.Peter Tippett made a number of contributions to the budding field of virus detection.He was an emergency room doctor who also ran a computer software company. He had read an article about the Lehigh virus and questioned whether they would have similar characteristics to biological viruses that attack organisms. From an epidemiological viewpoint, he was able to determine how these viruses were affecting systems within the computer the bootsector was affected by the Brain virus, the .com files were affected by the Lehigh virus, and both .com and .exe files were affected by the Jerusalem virus. Tippett�s company Certus International Corp. then began to create antivirus software programs. The company was sold in 1992 to Symantec Corp, and Tippett went to work for them, incorporating the software he had developed into Symantec�s product, Norton AntiVirus.A very uncommon use of the term antivirus is to apply it to benign viruses that spread and combated malicious viruses. This was common on the Amiga computer platform.
Antiviral drugs are a class of medication used specifically for treating viral infections. Like antibiotics, specific antivirals are used for specific viruses. Antiviral drugs are one class of antimicrobials, a larger group which also includes antibiotic, antifungal and antiparasitic drugs. They are relatively harmless to the host, and therefore can be used to treat infections. They should be distinguished from viricides, which actively deactivate virus particles outside the body.Most of the antivirals now available are designed to help deal with HIV herpes viruses, best known for causing cold sores and genital herpes, but actually causing a wide range of diseases the hepatitis B and C viruses, which can cause liver cancer and influenza A and B viruses. Researchers are now working to extend the range of antivirals to other families of pathogens.The emergence of antivirals is the product of a greatly expanded knowledge of the genetic and molecular function of organisms, allowing biomedical researchers to understand the structure and function of viruses, major advances in the techniques for finding new drugs, and the intense pressure placed on the medical profession to deal with the human immunodeficiency virus HIV, the cause of the deadly acquired immunodeficiency syndrome AIDS pandemic.Almost all antimicrobials, including antivirals, are subject to drug resistance as the pathogens evolve to survive exposure to the treatment. As of 2007, only smallpox has been successfully eradicated, and Poliomyelitis eradication is still underway. Both of these efforts are using vaccines.
Modern medical science and practice has an array of effective tools, ranging from antiseptics to vaccines and antibiotics. One field in which medicine has historically been weak, however, is in finding drugs to deal with viral infections. Highly effective vaccines have been recently developed to prevent such diseases, but formerly, when someone contracted a virus, there was little that could be done but to recommend rest and plenty of fluids until the disease ran its course.The first experimental antivirals were developed in the 1960s, mostly to deal with herpesviruses, and were found using traditional trialanderror drug discovery methods. Researchers grew cultures of cells and infected them with the target virus. They then introduced chemicals into the cultures they thought were likely to inhibit viral activity, and observed whether the level of virus in the cultures rose or fell. Chemicals that seemed to have an effect were selected for closer study.This was a very timeconsuming, hitormiss procedure, and in the absence of a good knowledge of how the target virus worked, it was not efficient in discovering antivirals that were effective and had few side effects. It was not until the 1980s, when the full genetic sequences of viruses began to be unraveled, that researchers began to learn how viruses worked in detail, and exactly what chemicals were needed to thwart their reproductive cycle. Dozens of antiviral treatments are now available, and medical research is rapidly exploiting new knowledge and technology to develop more.
Viruses consist of a genome and sometimes a few enzymes stored in a capsule made of protein, and sometimes covered with a lipid layer. Viruses cannot reproduce on their own, so they propagate by subjugating a host cell to produce copies of themselves, thus producing the next generation.Researchers working on such rational drug design strategies for developing antivirals have tried to attack viruses at every stage of their life cycles. Viral life cycles vary in their precise details depending on the species of virus, but they all share a general pattern attachment to a host cell.Release of viral genes and possibly enzymes into the host cell.Replication of viral components using hostcell machinery.Assembly of viral components into complete viral particles.Release of viral particles to infect new host cells.Vaccines attack viruses when they are in the complete particle stage, outside of the organism's cells. They traditionally consist of a weakened or killed version of a pathogen, though more recently subunit vaccines have been devised that consist strictly of protein targets from the pathogen. They stimulate the immune system without doing serious harm to the host, and so when the real pathogen attacks the subject, the immune system responds to it quickly and blocks it.Vaccines are very effective on stable viruses, but are of limited use in treating a patient who has already been infected. They are also difficult to successfully deploy against rapidly mutating viruses, such as influenza the vaccine for which is updated every year and HIV. These two gaps are where antiviral drugs become useful.One entryblocker is pleconaril. Pleconaril works against rhinoviruses, which cause the common cold, by blocking a pocket on the surface of the virus that controls the uncoating process. This pocket is similar in most strains of rhinoviruses and enteroviruses, which can cause diarrhea, meningitis, conjunctivitis, and encephalitis.
