Home-Programs-What are antivirus programs? What is an antivirus? General concepts

What are antivirus programs? What is an antivirus? General concepts

Choosing antivirus software

Currently, the term “computer virus” is commonly understood as any malicious program on a computer/server (and even mobile phone), capable of self-propagation (infecting other files or devices). This is not entirely true; malware can differ greatly in the principles of its operation, but since such terminology has already been historically established, we will not deviate from it. Rapid spread malware thanks to various types of computer networks (local and global), it increasingly leads to global virus epidemics: disruptions in the work of companies and multimillion-dollar losses due to downtime computer technology, loss/theft or corruption of data.

Classification of malware

    Viruses

    • File viruses

      Before the spread of the Internet this type viruses was the most common. File viruses infect executable files of various operating systems. In the most common OS today Microsoft Windows these are executable files (extensions .exe, .com), dynamic libraries(.dll), batch files(.bat), device drivers (.sys) and script files (scripts). A file virus writes its code into the “body” of the affected file and, when the operating system accesses it, seizes control, after which it can perform various malicious actions: copy its code to other files (multiply), erase other files, distort data, etc. After completing its set of actions, the virus transfers control to other programs and the user may not even suspect that some destructive activity is happening on his PC.

    • Boot viruses

      Viruses of this type infect boot sectors (boot areas or Master Boot Record) boot devices(hard drives, floppy disks, flash drives). A virus (boot virus) replaces the boot code, which is executed when the computer is turned on and thus gains control before the operating system directly starts. Once controlled, the virus can produce various actions- for example, load your code into RAM. The virus multiplies by writing to boot area other computer drives.

    • Macro viruses

      A macro is, in principle, also an executable file, which, however, only works in its software environment - for example, in applications Microsoft Office. Macroviruses that infect Microsoft documents Office, and are the most common. They are written in Visual Basic, which is used in the Office family of applications. The virus writes itself to a DOT file, which contains all global macros, some of which it replaces with itself. After this, all files saved in the application (for example, Excel) will already contain a macro virus. When an infected macro is launched, various malicious actions are performed with data (distortion, deletion).
      Of course, this is far from full list types of computer viruses. They can be classified according to other principles, for example, by the method of infection or by the algorithm of action. However, it seems to us that for the basic concept of computer viruses The information provided is sufficient.

  • Network worms

    The main feature of this type of malware is that it spreads through computer networks, ability to use network protocols data transfer. The most common type of network worms are mail worms(e-mail worms). You can become infected by opening an application to email with a worm or when following the html link provided in this letter. Users are often encouraged to thoughtlessly open email attachments or Internet links in emails.

    When the worm code is activated, it multiplies - the worm begins sending out to other email addresses from the infected computer. To determine the list of recipients, the worm can use the program's address book - mail client or even scan files on your hard drive looking for e-mail addresses future victims. Currently, network worms have appeared that can spread through services instant messages(Internet pagers), for example, such as ICQ.

  • Trojans

    One of the most dangerous types of malware today. Trojans are malicious programs that are usually disguised as some harmless software application: image viewers, screensavers, disk utilities, operating system update and so on. Having tricked their way onto the victim’s computer, Trojans, depending on their purpose, can perform various actions: provide the attacker with the ability to remotely administer the victim’s PC, steal user passwords from various services (including commercial ones), unauthorized download any files, etc. . etc. Sometimes the presence of a Trojan program can be indicated by unusual behavior of the PC: windows opening spontaneously, freezing, a noticeable slowdown in the speed of the computer.

  • Hacking programs(hacker programs)

    There is also a whole class of programs that do not directly threaten the computer on which they are executed, but are used to attack others. network resources or burglary. They are described in detail in the Kaspersky virus encyclopedia.

Types of antivirus software. The importance of regular updating

It is obvious that with such rampant malware, computers and servers simply need to be protected with modern, legal anti-virus software. However, just the presence of an antivirus is not a sufficient guarantee of security - in order to effectively counter new viruses, the program's antivirus databases must be regularly updated. For example, updates for Kaspersky antivirus are released several times a day (!), and the built-in program automatic update downloads them independently via the Internet.

Based on the nature of protection against threats, two types of anti-malware programs have recently emerged:

  • classic antiviruses (for example, ESET NOD32)
  • comprehensive products for protection against various types threats (for example, Kaspersky Internet Security)

Programs of the first type contain an antivirus and sometimes an anti-spyware module, but the second type already provides comprehensive protection PC from all types of threats when working on the Internet. The complex software additionally includes firewall(firewall), which replaces the standard Windows firewall, anti-virus protection module junk mail(antispam tools), improved anti-phishing tools, etc.

Protection methods

Today, new viruses appear constantly and, thanks to the Internet, they spread at a very high speed, so detecting malware is only by searching for fragments of them unique code(signatures stored in antivirus program databases) turns out to be ineffective. The most modern antivirus programs use intelligent threat detection methods, such as proactive protection (heuristics). Proactive protection is a method of searching for malware based on the nature of the actions the program performs (analysis of calls to the system registry, libraries, monitoring read/write operations, etc.). Thus, a proactive antivirus operates not with the concepts of “legitimate file - malicious file”, but with the concepts of “allowed action - prohibited action”. Of course, proactive defense methods do not exclude the use of classical code analysis based on signatures, but only complement it. Here another problem arises when using antivirus software: since the number of known viruses is constantly growing, it is increasing like a snowball and its size antivirus databases with information about existing viruses. On-the-fly threat monitoring (which is a necessity) often leads to a significant slowdown in the operation of computers and servers. Test results show that the slowdown in file operations can reach 100% or more! To prevent losses in the speed of computer technology from being so dramatic, some developers periodically “prune” virus databases, removing from the databases virus signatures that they consider “outdated.” However, antivirus testing conducted by independent organizations (AV-Comparatives.org) shows that such optimization methods are harmful and can leave the computer defenseless against a “retro virus”.

A conversation about security would not be complete if we did not point out the need to use firewalls.

Firewall(firewall) blocks requests from the Internet, allowing allowed outgoing user requests to pass through, allowing you to control everything network ports(prohibit or allow work network services), and also hides the local network and gateway (Proxy) from external network in such a way that it is impossible to obtain information about the local network from the outside. operating system Windows Vista already includes a software firewall, which in the past had many vulnerabilities, which, however, were corrected by Microsoft. However, many network security experts still believe that only third-party firewalls provide adequate network security.

So, we have identified a certain range of consumer qualities of antivirus software that must be taken into account when choosing an antivirus package:

  1. Comprehensive threat protection
  2. Operational efficiency (quality of protection)
  3. Operation speed

While determining the type of product is quite obvious: a complex product like Internet Security is a more universal solution, then the quality of protection is more complicated. Most optimal choice can be done by referring to the current results independent testing antiviruses. Only in this case can you be sure of choosing a reliable product. There are several organizations that conduct such research, but we will list only the most authoritative:

Of course, the leaders in comprehensive testing sometimes change, but generally only a few products are consistently in the top five. And it is these products that we offer to purchase at TIM Computers along with our computers and servers.

These products have demonstrated a high level of heuristic detection of new malware with very little false positives.

Antivirus products for home and office use differ in their usage scenarios, installation methods and licensing, which is reflected in our price list for antivirus software.

Both products receive very good scores in antivirus laboratories and our own PCMag tests and include several additional security components. Avast, in particular, includes a built-in password manager and vulnerability scanner home network. If you have a budget set aside for computer security, the best commercial solutions will provide more effective and comprehensive protection. Otherwise, feel free to choose from the free solutions presented here.

VendorsAntiviruses PCMag Rating
AvastAvast Free Antivirus
AvastAVG AntiVirus Free
Bitdefender
Check PointZoneAlarm Free Antivirus+
Kaspersky LabAntivirus Kaspersky Free
SophosSophos Home
AviraAvira Free Antivirus
AdawareAdaware Antivirus Free
ComodoComodo Antivirus
Panda SecurityPanda Free Antivirus

Free protection against various types of threats

These days, new computers and laptops come with antivirus protection. As a rule, trial versions of commercial antiviruses from well-known brands are pre-installed on devices. If your trial ends and you ignore the subscription purchase reminders, Windows Defender will keep your PC safe. However, you can get more reliable and better protection with third party solutions. Don't worry if your budget doesn't allow for a paid antivirus. You can really get good protection without paying a penny. PCMag tested 17 free antivirus programs to help you choose the right solution to protect your computer.

Your antivirus should definitely do a great job of cleaning up existing infections, but its main job is to protect your PC from ransomware, botnets, Trojan horses, and other types of malware. All antiviruses in this collection offer real-time protection. Some solutions additionally offer web protection to prevent you from visiting fraudulent sites and web resources with malware.

Free or commercial antivirus?

If free antiviruses are truly effective, why would anyone pay? First of all, many of the antiviruses proposed in the rating are free only for non-commercial use - if you want to protect computers in an organization, you will have to purchase a paid version. In this case, it is recommended to buy a comprehensive antivirus product because business security is at stake.

Even for personal use, many commercial tools offer much more functionality than the corresponding free versions. For example, Kaspersky Free will not include the powerful “Activity Monitoring” component, which is present in the paid version. This security module monitors suspicious activity and allows you to roll back malicious changes. Paid version Adaware Antivirus comes with a similar behavioral detection tool, as well as a malicious site protection component that you won't find in the vendor's free antivirus. Panda also reserves some advanced security features only for commercial solution customers—among them firewall, software monitoring, and detection of insecure wireless networks.

In addition, many companies do not offer full technical support to free version customers. If you need qualified assistance When cleaning up stubborn infestations, you may regret not having this option.

Independent laboratory tests

Researchers from independent laboratories spend a lot of time and effort testing antiviruses. Some organizations regularly publish reports with test results. PCMag tracks results from 4 major labs: AV-Comparatives, AV-Test Institute, SE Labs and MRG-Effitas. Certification from ICSA Labs and West Coast Labs is also appreciated.

Typically, antivirus developers pay for the opportunity to participate in testing. In turn, the laboratories provide vendors with detailed reports that help improve products. Thus, the number of laboratories that test a particular product is an indicator of the significance of this decision. In any case, to test an antivirus, two conditions must be met: the laboratory must consider the product important enough, and the development company must be satisfied with the cost of participation. Laboratories are not required to test free products, but many vendors include full protection into free solutions, adding only advanced features to paid products.

PCMag tests

In addition to in-depth analysis of lab test results, PCMag conducts its own amateur testing of antivirus software to block malware. Every antivirus encounters a set of malware different types, after which the product's reaction to the threat is recorded. Typically, an antivirus removes most samples at once and detects several more instances of malware when it tries to launch. Based on the test results, the product can receive between 0 and 10 points for blocking, depending on how thoroughly it protects the system from the test samples.

The test collection has been in use for months, so the malware blocking test does not provide any indication of an antivirus's ability to detect the latest threats. A separate test attempts to download malware from 100 online sources less than a day old, provided by the MRG-Effitas laboratory. During the testing process, it is noted whether the product has blocked access to network location, cleared the malware payload during download, or ignored the threat. Norton received the highest score in this test, followed by Trend Micro Antivirus+ Security and Avira Free Antivirus.

Useful features

Each antivirus product in the collection scans files on access to prevent potential malware from running, and also scans the system on demand or on a set schedule. Blocking access to malicious links is another effective way avoid trouble. Many products extend protection to prevent you from visiting fraudulent or phishing sites that try to steal your credentials. Some solutions assign ratings to results search results, flagging suspicious and dangerous links.

Behavioral detection is featured in some products in the collection. On the one side, this component can detect malware which are unknown threats. On the other hand, behavioral analysis can lead to false positives for reliable programs.

Any antivirus should detect spyware, but some products include individual components protection against spying activity. Features such as personal data encryption and webcam protection help keep your confidential information from third parties, but they usually come with paid solutions. However, some free antiviruses have security features in their arsenal on-screen keyboard to protect against keyloggers.

One in a simple way for maximum computer protection is to install security updates for Windows OS, browsers and other popular programs. In Windows 10, updates are mandatory and fully automated, but it remains large number gaps in older Windows systems, popular applications and plugins. Vulnerability scanning in the form of missed updates is a feature often found in commercial antivirus products. However, some free antiviruses have similar functionality.

Who is not represented in the ranking

This rating contains information only about free antivirus solutions that have received at least a “Good” rating according to PCMag reviews - from 3 points or higher. According to the latest review, Security Center Windows Defender got just 3 stars and worked better than last time. However, he is rather Windows components than individual products. The best free antiviruses offer more layers of protection.

Some free tools security are designed solely to protect against ransomware. Cybereason RansomFree, Malwarebytes Anti-Ransomware Beta and Trend Micro RansomBuster perform one main task - preventing any ransomware attacks that may not be visible to the main antivirus protection. Bitdefender Anti-Ransomware tries to trick ransomware Trojans into thinking that the system is already infected. They were not included in the rating because they are not full-fledged antivirus products.

There are numerous free antivirus utilities, which exist solely to clean up malicious infections. You turn to these utilities only if you suspect active infection. After solving the problem, they are not used because they do not offer permanent protection. The title of “Editor's Choice” in this category belongs to Malwarebytes Free- this product should be used if malware infection. Since such solutions are usually free, you can use several scanning programs at once. Once the threat has been removed, you will need a full-fledged antivirus for ongoing protection.

List of all tested free solutions

  • Avast Free Antivirus. Free antivirus Avast combines highly effective antivirus protection with a comprehensive collection of additional tools.
  • AVG AntiVirus Free. The free AVG antivirus has received an updated interface and new security technologies. Tests from independent labs and PCMag's own tests show that protection is stronger than ever.
  • Acronis Ransomware Protection. If your antivirus misses the latest ransomware and your data is at serious risk, Acronis Ransomware Protection will add an extra layer of protection for your files and provide 5 gigabytes of cloud storage for backups.
  • Bitdefender Antivirus Free Edition. Free Bitdefender antivirus includes the same antivirus protection as the paid Bitdefender antivirus, but lacks the additional functionality of the commercial version.
  • ZoneAlarm Free Antivirus+. Free antivirus ZoneAlarm combines a high-quality and powerful firewall with a licensed antivirus protection engine from Kaspersky Lab. This great choice for users who do not need advanced security features.
  • Cybereason RansomFree. Consequences malicious attack involving ransomware can be catastrophic. Therefore, the possibility of strengthening protection against this type of threat should be considered. Cybereason RansomFree is a free solution for organizing an additional level of protection against ransomware.
  • Kaspersky Free. Kaspersky's free antivirus offers full-featured basic antivirus protection that scores excellent in lab tests.
  • Malwarebytes Anti-Ransomware Beta. Malwarebytes Analyzes program activity in search of suspicious activities, typical for ransomware. This lightweight utility will help you identify ransomware Trojans that can bypass basic anti-virus protection.
  • Sophos Home. Sophos free antivirus allows you to provide the capabilities of a powerful corporate antivirus to ordinary home users absolutely free. Users have access to a cloud console that allows them to control up to three product installations.
  • Avira Free Antivirus. Free Avira antivirus gets excellent scores from independent labs, but in PCMag's amateur tests it was very slow to scan the test system. Additionally, web protection only works in Chrome and Firefox.
  • CyberSight RansomStopper. RansomStopper offers free advanced ransomware protection, but PCMag's own tests found that the product failed to respond to one rare strain of ransomware.
  • Adaware Antivirus Free. The free Adaware antivirus has a new name and a new look. However, its testing results are not the best, and competing free antiviruses offer more features.
  • Bitdefender Anti-Ransomware. Bitdefender Anti-Ransomware protects your PC from infections from four ransomware families. Tests have shown that the product successfully copes with this task. However, you will need additional solutions to protect against other types of ransomware Trojans.
  • Comodo Antivirus. Free antivirus Comodo has received a new look and showed an ideal detection rate in the malware blocking test. However, the product performed worse in other PCMag tests and in independent lab tests.
  • Panda Free Antivirus. Free Panda antivirus It has an attractive user interface and an unusual USB vaccination function. However, the product didn't perform the best in independent lab tests and PCMag's own tests.
  • Qihoo 360 Total Security. Qihoo 360 comes with a powerful set of additional tools, but its basic antivirus protection can't compete with the best free antiviruses.
  • Trend Micro RansomBuster. Built-in folder protection successfully blocks unauthorized changes to protected documents. However, the behavioral detection system needs improvement.
  • Baidu Antivirus 2015. The antivirus has not been developed for a long time and cannot be recommended as the main antivirus protection.
  • Comodo Internet Security Premium. Complete solution Comodo combines a standalone antivirus and a standalone vendor firewall in one product. How to free product, this antivirus includes a large number of functions, but not all of them are effective.
  • Windows Defender Security Center. Microsoft Antivirus provides security Windows computers 10, on which others are not installed antivirus solutions. IN newest round In PCMag's testing, the product showed better results than previously.

Antivirus software target platforms

At the moment, antivirus software is developed mainly for the OS Windows family from Microsoft, which is caused by a large number of malicious programs specifically for this platform (and this, in turn, is caused by the great popularity of this OS, as well as a large number of development tools, including free ones and even “instructions for writing viruses”). Products for other platforms are currently entering the market. desktop computers, such as Linux and Mac OS X. This is caused by the beginning of the spread of malware on these platforms, although UNIX-like systems have always been famous for their reliability. For example, the famous video "Mac or PC" shows a comic Mac advantage OS over Windows and greater antivirus immunity of Mac OS compared to Windows.

In addition to OS for desktop computers and laptops, there are also platforms for mobile devices, such as Windows Mobile, Symbian, iOS Mobile, BlackBerry, Android, Windows Phone 7, etc. Users of devices running these OSs are also at risk of becoming infected with malware software, so some antivirus software developers release products for such devices.

Classification of antivirus products

Classify antivirus products can be based on several criteria at once, such as: anti-virus protection technologies used, product functionality, target platforms.

According to the anti-virus protection technologies used:

  • Classic antivirus products (products that use only signature-based detection methods)
  • Proactive antivirus protection products (products that use only proactive antivirus protection technologies);
  • Combined products (products using both classic, signature-based protection methods and proactive ones)

By product functionality:

  • Antivirus products (products that provide only antivirus protection)
  • Combination products (products that provide not only anti-malware protection, but also spam filtering, encryption and backup data and other functions)

By target platforms:

  • Antivirus products for Windows operating systems
  • Anti-virus products for *NIX operating systems (this family includes BSD, Linux, Mac OS X, etc.)
  • Anti-virus products for mobile platforms (Windows Mobile, Symbian, iOS, BlackBerry, Android, Windows Phone 7, etc.)

Antivirus products for corporate users can also be classified by protection objects:

  • Antivirus products to protect workstations
  • Antivirus products to protect file and terminal servers
  • Antivirus products to protect email and Internet gateways
  • Antivirus products to protect virtualization servers
  • etc.

False antiviruses

In 2009, the active spread of the so-called. false antiviruses - software that is not antivirus (that is, does not have real functionality to counteract malware), but pretends to be one. In fact, false antiviruses can be either programs to deceive users and make a profit in the form of payments for “curing the system of viruses,” or ordinary malicious software. This distribution is currently suspended.

Antivirus operation

Speaking about Microsoft systems, an antivirus usually operates according to the following scheme:

  • search the antivirus software database for virus signatures
  • if an infected code is found in memory (RAM and/or permanent), the quarantine process is launched and the process is blocked
  • a registered program usually removes the virus, an unregistered one asks for registration, and leaves the system vulnerable.

Antivirus databases

To use antiviruses you need constant updates so-called antivirus databases. They provide information about viruses - how to find and neutralize them. Since viruses are written frequently, constant monitoring of virus activity on the network is necessary. For this there are special networks who collect relevant information. After collecting this information, the harmfulness of the virus is analyzed, its code and behavior are analyzed, and then ways to combat it are established. Most often, viruses are launched along with the operating system. In this case, you can simply delete the virus startup lines from the registry, and that’s it. simple case the process may end. More complex viruses use the ability to infect files. For example, there are cases where even some anti-virus programs, being infected, themselves became the cause of infection of other clean programs and files. Therefore, more modern antiviruses have the ability to protect their files from changes and check their integrity using a special algorithm. Thus, viruses have become more complex, as have the ways to combat them. Now you can see viruses that no longer occupy tens of kilobytes, but hundreds, and sometimes can be a couple of megabytes in size. Typically, such viruses are written in programming languages ​​more than high level, so they are easier to stop. But there is still a threat from viruses written in low-level machine code like assembly language. Complex viruses infect the operating system, after which it becomes vulnerable and inoperable. Unfortunately, according to forecasts, in the near future the work of antivirus companies will become much more difficult due to the fact that copy-protected viruses will spread more rapidly.

Notes

Malicious software
Infectious malware Computer virus (list) · Network worm (list) · Trojan horse · Boot virus · Timeline
Hiding methods Backdoor · Zombie computer · Rootkit
Malware
for profit		 Adware · Privacy-invasive software · Ransomware (Trojan.Winlock) · Spyware · Bot · Botnet · Web threats · Keylogger · Form grabber · Scareware · Porn dealer
By operating system Linux Malware · Palm OS Viruses · Macro Virus · Mobile Virus
Protection Defensive computing Antivirus program· Firewall · Intrusion detection system · Information leakage prevention · Antivirus chronology
Countermeasures Anti-Spyware Coalition · Computer surveillance · Honeypot · Operation: Bot Roast

Wikimedia Foundation. 2010.

Malicious code.

Antivirus software target platforms

In addition to OS for desktop computers and laptops, there are also platforms for mobile devices, such as Windows Mobile, Symbian, Apple iOS, BlackBerry, Android, Windows Phone 7, etc. Users of devices running these OSs are also at risk of infection with malware, so some antivirus software developers release products for such devices.

Classification of antivirus products

According to the anti-virus protection technologies used:

  • Classic anti-virus products (products that use only signature-based detection methods, products that use only proactive anti-virus protection technologies);
  • Combined products (products that use both signature-based and proactive protection methods)

By product functionality:

  • Antivirus products (products that provide only antivirus protection)
  • Combination products (products that provide not only anti-malware protection, but also spam filtering, data encryption and backup, and other functions)

By target platforms:

  • Antivirus products for Windows operating systems
  • Anti-virus products for *NIX operating systems (this family includes BSD, Linux, etc.)
  • Antivirus products for the MacOS family of operating systems
  • Anti-virus products for mobile platforms (Windows Mobile, Symbian, iOS, BlackBerry, Android, Windows Phone 7, etc.)

Antivirus products for corporate users can also be classified by protection objects:

  • Antivirus products to protect workstations
  • Antivirus products to protect file and terminal servers
  • Antivirus products to protect email and Internet gateways
  • Antivirus products to protect virtualization servers
  • etc.

Antiviruses for websites

They can be divided into several types:

  • Server - installed on a web server. The search for viruses, in this case, occurs in the files of the entire server.
  • Script or CMS component that performs searches malicious code, directly in the site files.
  • SaaS service is a centralized management system that allows you to manage files, databases, settings and components of web resources on VDS and DS remotely.

Special antiviruses

In November 2014, the international human rights organization Amnesty International released Detect, an anti-virus program designed to detect malware distributed by government agencies to spy on civil activists and political opponents. Antivirus performs a deeper scan hard drive than conventional antiviruses.

False antiviruses

In 2009, the active spread of false antiviruses began - software that is not antivirus (that is, does not have real functionality to counter malware), but pretends to be one. In fact, false antiviruses can be either programs to deceive users and make a profit in the form of payments for “curing the system of viruses,” or ordinary malicious software. This distribution is currently suspended.

Antivirus operation

Speaking about Microsoft systems, you should know that an antivirus usually operates according to the following scheme:

  • Search the antivirus software database for virus signatures.
  • if an infected code is found in memory (RAM and/or permanent), the “quarantine” process is launched and the process is blocked.
  • a registered program usually removes the virus; an unregistered program asks for registration and leaves the system vulnerable.

Antivirus databases

To use antiviruses, constant updates of the so-called antivirus databases are required. They provide information about viruses - how to find and neutralize them. Since viruses are written frequently, constant monitoring of virus activity on the network is necessary. For this purpose, there are special networks that collect relevant information. After collecting this information, the harmfulness of the virus is analyzed, its code and behavior are analyzed, and then ways to combat it are established. Most often, viruses are launched along with the operating system. In this case, you can simply delete the virus startup lines from the registry, and in this simple case the process may end. More complex viruses use the ability to infect files. For example, there are cases where even some anti-virus programs, being infected, themselves became the cause of infection of other clean programs and files. Therefore, more modern antiviruses have the ability to protect their files from changes and check their integrity using a special algorithm. Thus, viruses have become more complex, as have the ways to combat them. Now you can see viruses that no longer occupy tens of kilobytes, but hundreds, and sometimes can be a couple of megabytes in size. Typically, such viruses are written in higher-level programming languages, so they are easier to stop. But there is still a threat from viruses written in low-level machine code like assembly language. Complex viruses infect the operating system, after which it becomes vulnerable and inoperable.

Write a review about the article "Antivirus program"

Notes

Antivirus programs
Companies

Insignificant
Products
Infectious malware
Hiding methods
Malware
for profit
By operating system
Protection
Countermeasures

An excerpt characterizing the Antivirus program

- Je vous aime! [I love you!] - he said, remembering what had to be said in these cases; but these words sounded so poor that he felt ashamed of himself.
A month and a half later, he was married and settled, as they said, the happy owner of a beautiful wife and millions, in the large St. Petersburg newly decorated house of the Bezukhyh counts.

The old Prince Nikolai Andreich Bolkonsky in December 1805 received a letter from Prince Vasily, informing him of his arrival with his son. (“I’m going on an inspection, and, of course, it’s not a 100-mile detour for me to visit you, dear benefactor,” he wrote, “and my Anatole is seeing me off and going to the army; and I hope that you will allow him to personally express to you the deep respect that he, imitating his father, has for you.")
“There’s no need to take Marie out: the suitors are coming to us themselves,” the little princess said carelessly when she heard about this.
Prince Nikolai Andreich winced and said nothing.
Two weeks after receiving the letter, in the evening, Prince Vasily’s people arrived ahead, and the next day he and his son arrived.
Old Bolkonsky always had a low opinion of the character of Prince Vasily, and even more so recently, when Prince Vasily, during the new reigns under Paul and Alexander, went far in rank and honor. Now, from the hints of the letter and the little princess, he understood what was the matter, and the low opinion of Prince Vasily turned in the soul of Prince Nikolai Andreich into a feeling of malevolent contempt. He snorted constantly when talking about him. On the day Prince Vasily arrived, Prince Nikolai Andreich was especially dissatisfied and out of sorts. Was it because he was out of sorts that Prince Vasily was coming, or because he was especially dissatisfied with the arrival of Prince Vasily because he was out of sorts; but he was not in a good mood, and Tikhon in the morning advised against the architect coming in with a report to the prince.
“Can you hear how he walks,” said Tikhon, drawing the architect’s attention to the sounds of the prince’s steps. - He steps on his entire heel - we already know...
However, as usual, at 9 o'clock the prince went out for a walk in his velvet fur coat with a sable collar and the same hat. It snowed the day before. The path along which Prince Nikolai Andreich walked to the greenhouse was cleared, traces of a broom were visible in the scattered snow, and a shovel was stuck into the loose mound of snow that ran on both sides of the path. The prince walked through the greenhouses, through the courtyards and buildings, frowning and silent.
- Is it possible to ride in a sleigh? - he asked the venerable man who accompanied him to the house, similar in face and manners to the owner and manager.
- The snow is deep, your Excellency. I already ordered it to be scattered according to the plan.
The prince bowed his head and walked up to the porch. “Thank you, Lord,” thought the manager, “a cloud has passed!”
“It was difficult to get through, your Excellency,” added the manager. - How did you hear, your Excellency, that the minister will come to your Excellency?
The prince turned to the manager and stared at him with frowning eyes.
- What? Minister? Which minister? Who ordered? – he spoke in his shrill, harsh voice. “They didn’t clear it for the princess, my daughter, but for the minister!” I have no ministers!
- Your Excellency, I thought...
- You thought! - the prince shouted, pronouncing the words more and more hastily and incoherently. – You thought... Robbers! scoundrels! “I will teach you to believe,” and, raising a stick, he swung it at Alpatych and would have hit him if the manager had not involuntarily deviated from the blow. - I thought so! Scoundrels! – he shouted hastily. But, despite the fact that Alpatych, himself frightened by his audacity to dodge the blow, approached the prince, obediently lowering his bald head in front of him, or maybe that’s why the prince continued to shout: “scoundrels! throw up the road! He didn’t pick up his stick another time and ran into the rooms.
Before dinner, the princess and M lle Bourienne, who knew that the prince was out of sorts, stood waiting for him: M lle Bourienne with a beaming face that said: “I don’t know anything, I’m the same as always,” and Princess Marya - pale, frightened, with downcast eyes. The hardest thing for Princess Marya was that she knew that in these cases she had to act like m lle Bourime, but she could not do it. It seemed to her: “If I act as if I don’t notice, he will think that I have no sympathy for him; I’ll make it look like I’m boring and out of sorts, he’ll say (as it happened) that I’m hanging my nose,” etc.
The prince looked at his daughter's frightened face and snorted.
“Dr... or stupid!...” he said.
“And that one is gone! They were already gossiping about her too,” he thought about the little princess, who was not in the dining room.
-Where is the princess? – he asked. - Hiding?...
“She’s not entirely healthy,” said Mlle Bourienne, smiling cheerfully, “she won’t come out.” This is so understandable in her situation.
- Hm! hmm! ugh! ugh! - said the prince and sat down at the table.
The plate did not seem clean to him; he pointed to the spot and threw it. Tikhon picked it up and handed it to the barman. The little princess was not unwell; but she was so insurmountably afraid of the prince that, having heard how out of sorts he was, she decided not to go out.
“I’m afraid for the child,” she said to m lle Bourienne, “God knows what can happen from fright.”
In general, the little princess lived in Bald Mountains constantly under a feeling of fear and antipathy towards the old prince, which she was not aware of, because fear was so dominant that she could not feel it. There was also antipathy on the part of the prince, but it was drowned out by contempt. The princess, having settled down in the Bald Mountains, especially fell in love with m lle Bourienne, spent her days with her, asked her to spend the night with her, and often talked to her about her father-in-law and judged him.
“Il nous arrive du monde, mon prince, [Guests are coming to us, prince.],” said M lle Bourienne, unfolding a white napkin with her pink hands. “Son excellence le prince Kouraguine avec son fils, a ce que j"ai entendu dire? [His Excellency Prince Kuragin with his son, how much have I heard?],” she said questioningly.
“Hm... this boy of excellence... I assigned him to the college,” the prince said offended. “Why son, I can’t understand.” Princess Lizaveta Karlovna and Princess Marya may know; I don’t know why he’s bringing this son here. I don't need it. – And he looked at his blushing daughter.
- Unwell, or what? Out of fear of the minister, as that idiot Alpatych said today.
- No, mon pere. [father.]
No matter how unsuccessfully M lle Bourienne found herself on the subject of conversation, she did not stop and chatted about greenhouses, about the beauty of a new blossoming flower, and the prince softened after the soup.

The main evaluation criteria, which included 200 indicators, were:

  • virus protection;
  • ease of use;
  • influence on the speed of the computer.

Protection against malware is the most important criterion ratings: indicators within this group of parameters accounted for 65% of the overall antivirus rating. Ease of use and impact on computer speed accounted for 25% and 10% of the overall score, respectively.

Antivirus programs were selected for research based on popularity among consumers and affordability. For this reason, the list of antivirus programs studied included:

  • Free programs - both built-in and offered separately.
  • Paid programs from leading antivirus brands. Based on selection principles, the study did not include the most expensive versions software products from these brands.
  • From one brand for one operating system, only one could be represented in the rating paid product. The second product could only be included in the rating if it was free.

This time, the international study included products developed by Russian companies in the category. As a rule, the list of products for international testing includes products with a sufficient market share and high recognition among consumers, so the inclusion of Russian developments in the study indicates their wide representation and demand abroad.

Top Ten for Windows

All antiviruses in the top ten cope with protection against spyware and protect against phishing - attempts to gain access to confidential data. But there are differences between antiviruses in the level of protection, as well as in the presence or absence of this or that function in the tested versions of the antivirus.

The summary table shows the top ten programs according to the overall rating. It also takes into account the features of the packages in terms of their set of functions.

How good is standard Windows 10 protection?

As of February 2018, the percentage of PC users running Windows operating system with desktop computers installed operating systems Windows 10, amounted to 43%. On such computers, antivirus is installed by default - it protects the system Windows program Defender, which is included with the operating system.

The standard antivirus, which, judging by statistics, is used by most people, was only 17th in the ranking. In terms of overall performance, Windows Defender scored 3.5 out of a possible 5.5.

Built-in protection for the latest versions Windows year It's only getting better over the years, but it still doesn't match the level of many specialized anti-virus programs, including those that are distributed free of charge. Windows Defender showed satisfactory results in terms of online protection, but completely failed the phishing and anti-ransomware tests. By the way, protection against phishing is claimed by antivirus manufacturers. It also turned out that it does a poor job of protecting your computer offline.

Windows Defender is quite simple in terms of design. It clearly reports the presence of a particular threat, clearly demonstrates the degree of protection and has the function “ parental controls”, which restricts children from visiting undesirable resources.

Windows 10's standard protection is only decent. Based on overall rating, 16 protection programs personal computer on Windows OS turned out to be better than it. Including four free ones.

In theory, you can rely only on Windows Defender if the user has regular updates turned on, their computer is connected to the Internet most of the time, and they are advanced enough to consciously avoid visiting suspicious sites. However, Roskachestvo recommends installing a specialized anti-virus package for greater confidence in the security of your PC.

How we tested

Testing was carried out in the world's most qualified laboratory specializing in antivirus programs over a period of six months. A total of four groups of malware protection tests were conducted: general online protection test, offline test, false positive rate test, and automatic and on-demand scanning test. To a lesser extent, the final rating was influenced by checking the ease of use of the antivirus and its effect on the speed of the computer.

  • General protection

Each antivirus package was tested online against a set of viruses, totaling more than 40,000. It was also checked how well the antivirus copes with phishing attacks - when someone tries to gain access to the user's confidential data. A test was carried out for protection against ransomware, which restricts access to a computer and data on it for the purpose of ransom. In addition, an online test of a USB drive containing malware is carried out. It is needed to find out how well the antivirus copes with finding and eliminating viruses when the presence of malicious files, nor their origin.

  • USB offline test

Detection of malware located on a USB drive connected to a computer. Before the scan, the computer was disconnected from the Internet for several weeks so that the anti-virus packages were not 100% up-to-date.

  • False positive

We tested how effectively the antivirus identifies real threats and skips files that are actually safe, but which the product classifies as dangerous.

  • Automatic and on-demand scanning test

We tested how effectively the scanning function works when automatically scanning the computer for malware and when running it manually. The study also tested whether scans could be scheduled for certain time when the computer is not in use.



Related publications: