|
|
|
 |
|
|
|||
 |
|
|
|
NEW !!! Now With Spyware Protection ...
The Norman SandBox technology is included - a proactive technology used to find and stop unwanted actions from new and unknown malware. Key features
NOW ON SALE
Norman Quick Scan Tool Finds and Eliminates Many Malwares and Viruses Download Trial Must have KEY to Install Click here to request Trial KEY
Any effective protection equipment needs to react
immediately in order to protect and secure the users.
The
injuries can be severe if the protection is not
efficient enough... Today new viruses are spreading faster and faster as they continue to exploit vulnerabilities found in popular applications. The development has shown how inefficient traditional signature based antivirus tools are in the fight against these upcoming threats- leading to the only viable solution, a proactive solution designed to protect against new and unknown viruses. The average release delay is 6-24 hours from the moment a new virus hits until the users are able to receive the updated detection files. Obviously, this procedure does not provide real-time protection from new and unknown viruses. In order to satisfy the need for real-time protection, Norman delivers proactive antivirus solutions; defense systems that do not rely on definition files, but are alert and accurate enough to stop new and unknown viruses in addition to the familiar ones, the moment they enter the system. The best way of obtaining a proactive antivirus solution is to execute the suspicious file in a safe environment. --- Simply to let the virus execute its game. By doing this, any unknown and suspicious file that is trying to enter the computer, is isolated and prevented from infecting the computer system during analysis. As the virus unfolds, the proactive solution will monitor and assess the behavior of the suspicious file. Based on the analysis, the system will determine whether to quarantine the file or to allow the file to enter the computer itself. In other words: We are talking about a fully simulated computer, isolated within the real computer - as part of the Norman antivirus scanner engine - there is no need for any extra hardware to accomplish this! The simulator uses full ROM BIOS capacities, simulated hardware, simulated hard drives, etc. This simulator emulates the entire bootstrap of a regular system at boot-time, starting by loading the operating system files and the command shell from the simulated drive. This drive will contain directories and files that are necessary parts of the system, conforming to system files on physical hard drives. The suspicious file is placed on the simulated hard disk and will be started in the simulated environment. The suspicious file is unaware of the fact that it is operating in a simulated world... Inside the simulated environment the file may do whatever it wants. It can infect files. It can delete files. It can copy itself over networks. It can connect to an IRC server. It can send e-mails. It can set up listening ports. Every action it takes is being registered by the antivirus program, because it is effectively the emulator that does the actions based on the code in the file. No code is executed on the real CPU except for the antivirus emulator engine; even the hardware in the simulated PC is emulated. The issue is not to monitor and stop potentially harmful actions at runtime, the issue is to figure out what the program would have done if it had been allowed to run wild on an unprotected machine, in an unprotected network.
Norman’s solution: Let the virus execute its game. Then
control the game! |
