I’m surprised to see that Microsoft delivers pre-released beta version of Forefront Endpoint Protection 2010 to its corporate customers. What can force a company use unfinished product to protect daily business? Though it is true that some well-established and evolved projects like Gmail had been running for years in beta phase, I don’t really remember examples when corporate users are heavily involved in that. Corporate customers are usually the ones who drag the old versions (like Windows XP) for long long time before any upgrade, because stability and low cost service are the keys.
Forefront Endpoint Protection 2.0.375.0
Antimalware Client 3.0.6509.0
Here’s some more screenshots below.
I’m going to perform a test of Antivirus programs in the drive-by mode. That means I will consider I think the most frequent way of getting malware for a home user — via casual browsing in the internet. In my lab I will use a freshly installed system (not decided yet which one, most probably Windows XP or Windows 7 Windows Vista) without updates and some buggy software from Adobe (Acrobat Reader, Flash) and Java without latest patches of course. I will use Internet Explorer 7 (standard for Windows Vista) also popular browsers, but not too new again — FireFox 3x, etc. Where do I get old versions of software? Old Applications for Windows is a good site. To stay safe in any case, I will use VM VirtualBox v.3.2.8 from Oracle. VirtualBox is a general-purpose full virtualizer for x86 hardware. Targeted at server, desktop and embedded use, it is now the only professional-quality virtualization solution that is also Open Source Software, i.e. also free to use.
Where am I going to get infected web-sites? Good question. I will use Malware Domain List (www.malwaredomainlist.com) for that purpose. [WARNING: All domains on this website should be considered dangerous. If you do not know what you are doing here, it is recommended you leave right away. This website is a resource for security professionals and enthusiasts.] No one wants to pay 1500$ (!) for the Eleonore Exploits pack. But I see now that the current listing is full of zeus v2 trojan variants!
Whatever I may say about NIS interface, Symantec can afford to develop super effective security package spending millions of $$ to trump all their competitors. And it is good to have it almost free for a long time. 90 days (3 months) to me is a huge period to try and make a decision. Consider this, even if you buy it, you basically have a trial of 360 days for a good sum of money.
Symantec has updated its “Windows 7 spoken here” security software page with offers for Microsoft customers. (I guess running MS Windows makes me automatically relevant to this category). Here’s the link: http://buy-static.norton.com/prod/html/partner/msft_EN.html
There you have Norton 360 Version 4.0 (old link) and new Norton AntiVirus 2011 version 220.127.116.11.
Direct download link: http://buy-download.norton.com/downloads/OEM/18.1/NAV_18.104.22.168_MS_LOEM_MRF1325A_5452.exe?LNG=EN&VENDORID=MICROSOFT (there is a missing file extension, so when you finish downloading, just rename the file to add exe extension)
The feature of this offer is 90-days trial period — long enough to try and make a decision.
Let’s have a look what Microsoft has prepared to protect their consumer operating system — Windows 7. Here is link to Windows 7 consumer security software providers arranged by Microsoft. Let’s take a look what is considered adequate. First (order is random) goes Norton from Symantec with download links to Norton™ 360 Version 4.0 and Norton™ AntiVirus 2010. This is a good stuff, because you can run the full featured software for three months for free! Next two guys are strange: Korean company AhnLab (who’s chairman has MBA for Entrepreneurial Management and M.D. in Physiology — must be relevant to viruses) and Indian K7 Computing. K7 goes with hieroglyph symbols on their logo, not Hindi anyway. Surprisingly K7 identify the same price for Microsoft customers as for regular customers. Next one is ZoneAlarm with nice almost 70% discount. I thought they went broke — last time I used their suite, I had to reinstall the system. Norman is from Norway, nothing spectacular. This one is good: McAfee VirusScan Plus with 5$ discount — Special offer for Microsoft customers!, yet there is a 90 days trial available for download (of course, if Norton does that, McAfee should do that even better). Trend Micro (“PC-cillin”) Internet Security with 30% discount. BullGuard Internet Security 9.0 for Windows 7 and Rising Antivirus International Pty Ltd — God knows who they are. Then Czech ESET, of course, with their ESET Smart Security 4 and ESET NOD32 Antivirus 4. No discounts here, good stuff does not come for free. Next is (also Czech company) AVG with 20% on AVG Internet Security 9.0. Webroot® Antivirus with Spy Sweeper goes next. Being an American company, I guess they feel strong, so no discounts here. There is a good offer from CA with Internet Security Suite Plus 2010 and Anti-Virus Plus 2010 and also 90-days trials. Then KIS 2011 & KAV 2011 from Kaspersky — the only Russian company in the list — with no particular offer. Then VIPRE Antivirus from Sunbelt software (anyone knows?) with discounts. Next are German G Data , BitDefender from Romania (guys really don’t like to talk about their origin as I can see from the website),BullGuard with prices in British pounds, telling on the front page that they are better than Norton and McAfee. There goes Spyware Doctor with AntiVirus® 2011 from PCTools (no interesting offers), Spanish PANDA with 2011 lineup, Indian Quick Heal, and Finnish F-Secure.
The last two guys require special attention. Czech Avast! whose free anti-virus is almost as good as the professional version — I like it very much. And the last one is the antivirus you would expect to work seamlessly with Windows 7: Microsoft Security Essentials. Look at the reports from AV-Comparatives.org where MSE is clearly performing with flying colors, and it is free.
/ First published in 2008 /
Concept of Malware
You can get completely mad trying to understand which antivirus product to choose if you read countless reviews and tests. Results often contradict one another even coming from independent sources. Let’s try to understand why it is happening and what measures of common sense we could apply to protect ourselves from viruses and from lousy security products.
Concept of Malware in 2009
The public misconception of viruses makes people think that if nothing suspicious happens, they are fine (the opposite of that can be very exhausting, to the extreme when after any noticeable slowdown people blame a virus and reinstall the system from scratch!). A modern virus is far different from a virus 10-15 years ago. It used to be done for fun—deleting files, making computer unusable, irritating user with offensive messaged, and so on. Infection in most cases was obvious and virus creators were like warriors of the underground world, looking for fame and glory. Not anymore. Malware writing is a big business now. That big business wants to be in the shadow, because it is mostly criminal. Infected computers connected to the internet are organized in botnets. Number of bots (remotely controlled workstations) connected can be up to few hundred thousands (!), commanded by only one masterbot. That power can be used to generate spam, DOS attacks (“denial of service” when massive number of requests can completely disrupt a web-server (website) operation), brute-force cracking, illegal/secret information exchange and storage, fake ad hits generation and so on. Botnets are available for rent in the underground. Continue reading