Virus and spyware protection: detail
No Panic Computing takes the protection of your computer against malicious software seriously. Much of today’s malware is written by organized crime with express purpose of getting into your computer in order to get away with your confidential information.
To be effective the anti-threat software needs to accurately identify both known and especially unknown threats yet have a lightweight design to allow the computer to keep running fast. No Panic Computing’s chose what we consider the best anti-malware engine in the world – ESET Nod32.
ESET is not typically available at your local off-the-shelf retailer – it was designed for enterprise. We believe ESET to be the fastest, most effective and most proactive antivirus and antispyware software solution available to eliminate viruses, spyware, adware, worms, trojans, rootkits and other malware before they attack your system. It offers fast, advanced protection with small resource-utilization impact and it has garnered more Virus Bulletin 100 Awards than any other antivirus product.
No Panic Computing’s anti-malware protection powered by ESET provides:
- Proactive Protection: The award winning ThreatSense® technology combines multiple layers of detection protecting you from Internet threats before it is too late.
- Precise Detection: ESET accurately identifies known and unknown threats. It consistently wins top awards from testing labs and is recognized for having zero false positives.
- Lightweight Design: Requires less memory and CPU power, allowing your computer to run fast, making more room for games, web browsing, and emailing.
No Panic Computing offers protection powered by ESET against threats from multiple vectors using the following modules:
- Antivirus MONitor (AMON) - an on-access (memory-resident) scanner, which automatically scans files before they’re accessed
- NOD32 - an on-demand scanner, which can be run manually on specific files or disk segments and can also be scheduled to run during off-peak times
- Internet MONitor (IMON) - a memory-resident scanner that runs on the Winsock level to prevent infected files from reaching the computer’s disks and scans Internet Web browsing traffic (HTTP) and incoming email via the POP3 protocol
- Email MONitor (EMON) - an auxiliary module for scanning incoming/outgoing emails via the MAPI interface, such as Microsoft Outlook as well as Microsoft Exchange Extension compliant mail clients
- Document MONitor (DMON) - a module that utilizes the proprietary Microsoft API for scanning Microsoft Office documents (including Internet Explorer)
ThreatSense®
At the heart of the ESET technology chosen by No Panic Computing is ThreatSense. ThreatSense reportedly stops 93% of zero-day threats before they’re even released. The optimized engine delivers superior detection and fast scanning with minimal performance impact. Written mostly in assembly language, it has won numerous awards for the fastest performance of any antivirus application. It is up to 34 times faster than rival products, according to the independent Virus Bulletin.
ThreatSense is also designed to conserve resources in memory and on disk, leaving more for business critical applications. The installer is only 11MB, and the application consumes an average 23MB in memory (this fluctuates with changes to the detection technology). ThreatSense updates, which include advanced heuristics logic and signatures, are usually between 20KB and 50KB.
ThreatSense also allows No Panic Computing to monitor and manage your protection so that you don’t have to worry about it.
Instead of trying to play catch-up with the onslaught of brand new threats and threat variants, ThreatSense® keeps No Panic Computng ahead of malware authors. The ThreatSense engine combines sophisticated heuristic detection of unknown malware with effective signature detection of known malware, providing the best possible detection without compromising scanning speed.
Need more details?
ThreatSense detects known malware quickly and efficiently, but can also utilize generic signatures for the speedy detection of known malware families and new variants. Traditional signatures detect malware that has already been analyzed. But the more adaptive approach of creating a generic signature enables ThreatSense to detect variants that have not yet been reported and analyzed.
ThreatSense also uses an advanced heuristics engine to dramatically extend detection capabilities - far beyond those of conventional signatures. It actually decodes and analyzes executable code in a protected virtual environment. Doing so allows it to identify the intended behavior of today's continually evolving threats - not just viruses and worms, but bots, rootkits, and other trojans. This finely tuned engine catches an outstandingly high proportion of new malware missed by vendors relying on signature updates and less advanced proactive detection.
Run-time packing is a technique malware writers employ to evade signature-based detection by disguising known malicious code with a layer of compression and obfuscation (a "wrapper"), so existing signatures cannot recognize it. ThreatSense includes technology to unpack such malware in the same protected environment, thereby "unwrapping" and exposing it.
This blended approach to detection combines the benefits of conventional signatures, generic signatures, and advanced heuristic analysis.
 Understanding Modern Attacks - The New Threat Vector
Signature-Based Versus Heuristic-Based Anti-malware
 The No Panic Computing Professionally Managed Notebook
|
