Software Testing Methodology: Anti-spyware and AntiVirus
|
|
- Meryl Glenn
- 8 years ago
- Views:
Transcription
1 Software Testing Methodology: Anti-spyware and AntiVirus Anti-spyware Testing Methodology A Clear and concise method for comparative testing of anti-spyware Software Introduction When comparing the effectiveness of anti-spyware products, the analysis must include the following: The ability to accurately detect and remove existing spyware (i.e. True Positives) The failure to detect and remove existing spyware The mis-identification of non-spyware elements as spyware (i.e.: False Positives) Any analysis of anti-spyware products must include all three of the above items. The measurement of the third item, and its comparison to the other two items, can reveal the true effectiveness and safety of any anti-spyware product. For example, a very dangerous behavior for any anti-spyware product would be to identify and remove a component of Microsoft Word as a piece of spyware. Even more dangerous would be for an anti-spyware product to flag a key component of the operating system as a piece of spyware. Anti-spyware product analysis employs a concise scientific methodology. This methodology starts with a test system in a known consistent state, installs sample spyware, and then runs the subject anti-spyware product. The system state is captured at various points within the testing process. Analysis consists of comparing the system states at the end of the test Comparing the system states will reveal the accuracy of the subject anti-spyware product to identify and remove spyware, as well as to avoid identifying nonspyware elements as spyware. Furthermore, when comparing two anti-spyware products side by side, the test system must be restored to the known starting state before testing each product. Page 1 of 15 11/29/2006
2 Testing Methodology This testing methodology starts with a clean install of Microsoft Windows XP SP2. No other software products are installed on the system. The methodology employs a disk imaging system such as Acronis 1 to enable restoration of the test system to its known state. It is important that Operating System Virtualization software (e.g. VMware) not be used, as it may corrupt the normal operation of spyware and anti-spyware products. Other tools employed include an Installation Analysis tool such as InstallWatch 2 to capture the state of the test system as the analysis progresses. Figure 1. Overall Flow of the Testing Process Prepare the Clean State Testing System 1. Install Microsoft Windows XP and SP2 (Service Pack 2). 2. Install a System Imaging Product (such as Acronis). 3. Install InstallWatch, but do not perform a scan. 4. Create complete image of the test system. This image is the Starting Testing System Image. 1 Acronis True Image. See 2 InstallWatch is a freeware tool that captures the state of a system. See Page 2 of 15 11/29/2006
3 Capture the Starting State Image 1. Install the anti-spyware product under test and run a complete initial scan of the system. Ensure that the scan does not detect any spyware (since the system is in a known clean state, detection of spyware at this point would be considered False Positive spyware detection). 2. Run InstallWatch to capture the state of the system. This capture is the Starting State Capture and will be used as a baseline to compare against the Infected State Capture and the Ending State Capture. Infect the Test System 1. Install one or more spyware examples. When performing side by side antispyware comparisons, this set of example spyware must remain consistent for all products within the comparison. 2. Run InstallWatch to capture the current state of the system and compare it to the Starting State Image. This capture is the Infected State Capture. System changes shown in this capture are the direct result of installing the example spyware. Capture the Ending State Image 1. Perform a complete system scan using the subject anti-spyware product. Follow though and remove all detected and flagged spyware elements (this includes known False Positives). 2. Some spyware programs can be completely removed by rebooting the machine and running a scan in safe mode. Some anti-spyware products ship with a safe mode client that is optimized for a 640x480 resolution setting. 3. Run InstallWatch to capture the state of the system after running the subject anti-spyware product and compare the state to the Starting State Capture. This is the Ending State Capture and will list all changes to the system as the result to running the subject anti-spyware product. Test Results Analysis Analysis of the results is a simple matter of comparing the captured states of the system. Differences between the Starting State Capture and the Infected State Capture indicate changes to the system as the direct result of installing the example spyware. Differences between the Starting State Capture and the Ending State Capture indicate some type of failure in the subject anti-spayware product. These failures may be in the detection of spyware, or False Positives. Page 3 of 15 11/29/2006
4 Figure 2. Overall Test Result Analysis Comparing Starting and Infected State Captures As stated above, the differences (or delta) between the Starting State Capture and the Infected State Capture are the direct result of installing the sample spyware. No difference between these to captures indicates a testing error. The difference in these two captures is very important for calling out the actual changes in the system. Page 4 of 15 11/29/2006
5 Figure 3. Comparison of Starting State to Infected State Captures Comparing Starting and Ending State Images The differences between the Starting State Capture and the Ending State Capture show the true effectiveness of any anti-spyware product. Figure 4. Comparing Starting State to Ending State Captures When comparing the captures, there are three main possible outcomes: 1. No differences This is the result of a very effective anti-spyware product. The product accurately detected and removed all spyware elements. Page 5 of 15 11/29/2006
6 Figure 5. Starting State and Ending State Captures are the Same 2. Ending State contains more elements than the Starting State - This is the result of an anti-spyware product that was not able to detect and remove all elements of the sample spyware. Figure 6. Ending State Capture Containing More Elements than Starting State Capture Page 6 of 15 11/29/2006
7 3. Starting State contains more elements that the Ending State This is the result of an anti-spyware product that has detected and removed too many elements. Some or all of the missing elements are non-spyware components. These are False Positive failures. This is a very dangerous situation as the anti-spyware product may remove user data or key components of operating system rendering it unusable. Figure 7. Starting Statue Capture Containing More than Ending State Capture Page 7 of 15 11/29/2006
8 Anti-Virus Software Testing Methodology A Clear and concise method for comparative testing of Anti-Virus Software Introduction As with testing anti-spyware products, anti-virus product evaluation also encompasses the steps outlined in the sections above. However, depending on the nature of the malicious code, these steps may vary to some degree. To truly evaluate the efficiency of anti-virus applications the analysis must assess the following: The ability to detect and remove viruses on demand (i.e. True Positives) The ability to detect and prevent replication of viruses on access The mis-identification of non-virus elements as viruses (i.e. False Positives) The ability to clean infected files, when possible, while preserving original data and functional integrity The ability to handle file-access conflicts The ability to detect items within multi-level compressed archives The restoration of user-selected quarantined items to their pristine state In essence, a good anti-virus software analysis should evaluate the detection ability and intelligent post-detection behavior of the product under study. Due to the stubborn nature of most virus infections, an anti-virus product should not only be able to detect threats, but also be capable of taking intelligent decisions to counter the malicious activity and completely remove all traces of the virus. For example, a virus locked by another process or one with threads running in memory would be difficult to remove completely despite detection. A good antivirus product should be able to eliminate all traces of the virus by marking the same for quarantine or delete action upon reboot. Testing Methodology This testing methodology starts with a clean install of Microsoft Windows XP SP2. No other software products are installed on the system. The methodology employs a disk imaging system such as Acronis 3 to enable restoration of the test system to its known state. It is important that Operating System Virtualization software (e.g. VMware) not be used, as it may corrupt the normal operation of virus and anti-virus products. Other tools employed include an Installation 3 Acronis True Image. See Page 8 of 15 11/29/2006
9 Analysis tool such as InstallWatch 4 to capture the state of the test system as the analysis progresses. Figure 8. Overall Flow of the Testing Process Prepare the Clean State Testing System 1. Install Microsoft Windows XP and SP2 (Service Pack 2). 2. Install a System Imaging Product (such as Acronis). 3. Install InstallWatch, but do not perform a scan. 4. Create complete image of the test system. This image is the Starting Testing System Image. Note: Ensure test system is isolated from all other network resources to avoid spread of contamination Capture the Starting State Image 1. Install the anti-virus product under test and run a complete initial scan of the system. Ensure that the scan does not detect any threats (since the system is in a known clean state, detection of virus at this point would be considered False Positive virus detection). 2. Run InstallWatch to capture the state of the system. This capture is the Starting State Capture and will be used as a baseline to compare against the Infected State Capture and the Ending State Capture. 4 InstallWatch is a freeware tool that captures the state of a system. See Page 9 of 15 11/29/2006
10 Infect the Test System 1. Install a large variety of virus samples. To fully test the effectiveness of an installed anti-virus product, it would be desirable to have the following present on the test system: a) A virus process running in memory space b) An unauthorized virus registry trace c) A virus record within an XP system restore folder d) Virus samples within multi-level compressed archives e) External boot sector virus f) Cleanable virus infected file g) Virus infected file locked by an existing process (example: open the file using a text editing utility such as textpad 5 ) The above list is not a mandatory one. To simply test virus detection a simple file such as the EICAR 6 test file should suffice. When performing side by side anti-virus comparisons, this set of example viruses must remain consistent for all products within the comparison. 2. Run InstallWatch to capture the current state of the system and compare it to the Starting State Image. This capture is the Infected State Capture. System changes shown in this capture are the direct result of installing the example virus. Capture the Ending State Image 1. Perform a complete system scan using the subject anti-virus product. Follow through and remove all detected and flagged virus elements (this includes known False Positives). 2. Some virus threats can be completely removed by rebooting the machine and running a scan in safe mode. Some anti-virus products ship with a safe mode client that is optimized for a 640x480 resolution setting. 3. Run InstallWatch to capture the state of the system after running the subject anti-virus product and compare the state to the Starting State Capture. This is the Ending State Capture and will list all changes to the system as the result to running the subject anti-virus product. 5 Textpad is a powerful, general purpose editor for plain text files. See 6 European Institute for Computer Antivirus Research. See Page 10 of 15 11/29/2006
11 Miscellaneous Tests 1. Not only should the anti-virus application be able to detect threats on scan, but also prohibit the introduction and replication of the same with its on-access protection turned on. Verify that the anti-virus tool does not allow copying and execution of malicious code from external sources such as floppy and CD/DVD-ROM drives, USB devices and other network resources. 2. Certain viruses are capable of piggy-backing onto other files. Test the ability of the anti-virus product to detect and clean such infected files. In general the file cleaning operation should adhere to the following rules: No traces of the virus remain within the host file post-cleanup The file content is exactly the same as before infection The file performs all functions as before and its associations are maintained The cleaning activity does not negatively impact other files on the system in any way If the cleaning fails, the system is not rendered unusable 3. Test the anti-virus product s ability to take intelligent decisions when handling access conflicts by locking an infected file during scan. A good anti-virus product should be capable of detecting in-use infected files and marking them for cleaning, quarantine or deletion upon system reboot. Ensure appropriate action is taken upon system reboot. 4. Once flagged, restore a detected threat from the quarantine list. The antivirus product under test should place the marked file in its original location, without changing its content, functionality or properties. 5. Lastly, test the application for its ability to accurately log and report all threats encountered and subsequent actions taken upon the same. Test Results Analysis Analysis of the results is a simple matter of comparing the captured states of the system. Differences between the Starting State Capture and the Infected State Capture indicate changes to the system as the direct result of installing the example virus. Differences between the Starting State Capture and the Ending State Capture indicate some type of failure in the subject anti-virus product. These failures may be in the detection of viruses, or False Positives. Page 11 of 15 11/29/2006
12 Figure 9. Overall Test Result Analysis Comparing Starting and Infected State Captures As stated above, the differences (or delta) between the Starting State Capture and the Infected State Capture are the direct result of installing the sample virus. No difference between these to captures indicates a testing error. The difference in these two captures is very important for calling out the actual changes in the system. Page 12 of 15 11/29/2006
13 Figure 10. Comparison of Starting State to Infected State Captures Comparing Starting and Ending State Images The differences between the Starting State Capture and the Ending State Capture show the true effectiveness of any anti-virus product. Figure 11. Comparing Starting State to Ending State Captures When comparing the captures, there are three main possible outcomes: 1. No differences This is the result of a very effective anti-virus product. The product accurately detected and removed all virus elements. An effective anti-virus product should be able to identify legitimate virus samples and restore the system post-scan to its exact state prior to infection Page 13 of 15 11/29/2006
14 Figure 12. Starting State and Ending State Captures are the Same 2. Ending State contains more elements than the Starting State - This is the result of an anti-virus product that was not able to detect and remove all elements of the sample virus. Figure 13. Ending State Capture Containing More Elements than Starting State Capture Page 14 of 15 11/29/2006
15 3. Starting State contains more elements that the Ending State This is the result of an anti-virus product that has detected and removed too many elements. Some or all of the missing elements are non-virus components. These are False Positive failures. This is a very dangerous situation as the anti-virus product may remove user data or key components of operating system rendering it unusable. Figure 14. Starting Statue Capture Containing More than Ending State Capture Summary Testing the effectiveness of anti-spyware and Anti-Virus products requires clean, concise methods. The starting state and configuration of a test system should be well known and always the same. When running a test of a specific antispyware/anti-virus product, only that product and the example spyware or virus should be installed on the test system. State captures of the test system should be taken at each phase of the test. When comparing multiple products, the test system should be restored to its starting state configuration (using the Starting State System Image). This method of testing ensures non-ambiguous results and fair comparisons. Page 15 of 15 11/29/2006
Microsoft Security Essentials Installation and Configuration Guide
Microsoft Security Essentials Installation and Configuration Guide This installation guide is for users who are intending to download the software from Microsoft s web site. If you are not intending on
More informationHow to easily clean an infected computer (Malware Removal Guide)
How to easily clean an infected computer (Malware Removal Guide) Malware, short for malicious (or malevolent) software, is software used or programmed by attackers to disrupt computer operation, gather
More informationBasic Virus Removal Steps
Basic Virus Removal Steps The following are basic instructions on how to remove most virus and spyware that infect Windows XP/Vista computers. By providing these, we hope that users will be able to remove
More informationSecurity Consultant Scenario INFO 517-900 Term Project. Brad S. Brady. Drexel University
Security Consultant Scenario INFO 517-900 Term Project Drexel University Author Note This paper was prepared for INFO-517-900 taught by Dr. Scott White. Table of Contents ABSTRACT.1 THE INTERVIEW...2 THE
More informationMaintaining, Updating, and Protecting Windows 7
Lesson 7 Maintaining, Updating, and Protecting Windows 7 Learning Objectives Students will learn to: Understand Disk Defragmenter Understand Disk Cleanup Understand Task Scheduler Understand Action Center
More informationAVG File Server. User Manual. Document revision 2015.08 (23.3.2015)
AVG File Server User Manual Document revision 2015.08 (23.3.2015) C opyright AVG Technologies C Z, s.r.o. All rights reserved. All other trademarks are the property of their respective owners. Contents
More informationAgilent Technologies Electronic Measurements Group Computer Virus Control Program
Agilent Technologies Electronic Measurements Group Computer Virus Control Program Agilent Technologies Electronic Measurements Group (EMG) recognizes the potential risk of computer virus infection that
More informationCisco ICM/IPCC Enterprise and Hosted Anti-Virus Software Guidelines
Introduction Cisco ICM/IPCC Enterprise and Hosted Anti-Virus Software Guidelines This document provides guidelines for implementing anti-virus software in a Cisco ICM/IPCC Enterprise (or Hosted) solution.
More informationAddressing Registry Issues Using RegCure
Addressing Registry Issues Using RegCure White Paper March 2010 ParetoLogic The Company ParetoLogic is an international software development company headquartered in Victoria, British Columbia, Canada.
More informationAirtel PC Secure Trouble Shooting Guide
Airtel PC Secure Trouble Shooting Guide Table of Contents Questions before installing the software Q: What is required from my PC to be able to use the Airtel PC Secure? Q: Which operating systems does
More informationComputer Viruses: How to Avoid Infection
Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you
More informationSystem Compatibility. Enhancements. Operating Systems. Hardware Requirements. Email Security
Email Security SonicWALL Email Security 7.0 for Microsoft Small Business Server System Compatibility SonicWALL Email Security 7.0 Software is supported on systems with the following: Operating Systems
More informationAVG File Server 2013. User Manual. Document revision 2013.03 (11/13/2012)
AVG File Server 2013 User Manual Document revision 2013.03 (11/13/2012) Copyright AVG Technologies CZ, s.r.o. All rights reserved. All other trademarks are the property of their respective owners. This
More informationTrend Micro OfficeScan 11.0. Best Practice Guide for Malware
Trend Micro OfficeScan 11.0 Best Practice Guide for Malware Information in this document is subject to change without notice. The names of companies, products, people, characters, and/or data mentioned
More informationSophos for Microsoft SharePoint Help
Sophos for Microsoft SharePoint Help Product version: 2.0 Document date: March 2011 Contents 1 About Sophos for Microsoft SharePoint...3 2 Dashboard...4 3 Configuration...5 4 Reports...27 5 Search...28
More informationGFI Product Manual. Administration and Configuration Manual
GFI Product Manual Administration and Configuration Manual http://www.gfi.com info@gfi.com The information and content in this document is provided for informational purposes only and is provided "as is"
More informationA+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 3 Installing Windows
: Managing, Maintaining, and Troubleshooting, 5e Chapter 3 Installing Windows Objectives How to plan a Windows installation How to install Windows Vista How to install Windows XP How to install Windows
More informationSophos Endpoint Security and Control Help
Sophos Endpoint Security and Control Help Product version: 10.3 Document date: June 2014 Contents 1 About Sophos Endpoint Security and Control...3 2 About the Home page...4 3 Sophos groups...5 4 Sophos
More informationAVG File Server 2012. User Manual. Document revision 2012.03 (8/19/2011)
AVG File Server 2012 User Manual Document revision 2012.03 (8/19/2011) Copyright AVG Technologies CZ, s.r.o. All rights reserved. All other trademarks are the property of their respective owners. This
More informationSuper Anti-spyware Free Edition User Guide
Super Anti-spyware Free Edition User Guide Compiled and written by Le Roy Acres Web Services 2010 Foreward This is one of numerous tutorials concerning some of the more basic maintenance routines that
More informationANTIVIRUS AND SECURITY SOFTWARE
Toshiba Security Support ANTIVIRUS AND SECURITY SOFTWARE d ANTIVIRUS AND SECURITY SOFTWARE The purpose of this document is to help users make the most of the security software that comes preloaded on Toshiba
More informationNOD32 Antivirus 3.0. User Guide. Integrated components: ESET NOD32 Antivirus ESET NOD32 Antispyware. we protect your digital worlds
NOD32 Antivirus 3.0 Integrated components: ESET NOD32 Antivirus ESET NOD32 Antispyware User Guide we protect your digital worlds contents 1. ESET NOD32 Antivirus 3.0...4 1.1 What s new... 4 1.2 System
More informationYou can protect your computer against attacks from the Internet with Windows Vista integrated Firewall.
1. Step: Firewall Activation You can protect your computer against attacks from the Internet with Windows Vista integrated Firewall. Click on Start > Control Panel > System and Security> Windows Firewall
More informationBest Practice Configurations for OfficeScan (OSCE) 10.6
Best Practice Configurations for OfficeScan (OSCE) 10.6 Applying Latest Patch(es) for OSCE 10.6 To find out the latest patches for OfficeScan, click here. Enable Smart Clients 1. Ensure that Officescan
More informationUpgrade to Webtrends Analytics 8.7: Best Practices
Technical Best Practices 8.7 Software Upgrade Upgrade to Webtrends Analytics 8.7: Best Practices Version 3 Webtrends Analytics is a powerful application that must be installed on a dedicated computer.
More informationSophos for Microsoft SharePoint Help. Product version: 2.0
Sophos for Microsoft SharePoint Help Product version: 2.0 Document date: September 2015 Contents 1 About Sophos for Microsoft SharePoint...3 2 Dashboard...4 3 Configuration...5 3.1 On-access scan...5 3.2
More informationCore Protection for Virtual Machines 1
Core Protection for Virtual Machines 1 Comprehensive Threat Protection for Virtual Environments. Installation Guide e Endpoint Security Trend Micro Incorporated reserves the right to make changes to this
More informationCourse: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems
Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding
More informationUnderstand Backup and Recovery Methods
Understand Backup and Recovery Methods Lesson Overview Understand backup and recovery methods. In this lesson, you will explore: Backup management Backup options Recovery methods Backup Management Windows
More informationITSC Training Courses Student IT Competence Programme SIIS1 Information Security
ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know
More informationCreated By: 2009 Windows Server Security Best Practices Committee. Revised By: 2014 Windows Server Security Best Practices Committee
Windows Server Security Best Practices Initial Document Created By: 2009 Windows Server Security Best Practices Committee Document Creation Date: August 21, 2009 Revision Revised By: 2014 Windows Server
More informationSoftware. Webroot. Spy Sweeper. User Guide. for. Webroot Software, Inc. PO Box 19816 Boulder, CO 80308 www.webroot.com. Version 6.
Webroot Software User Guide for Spy Sweeper Webroot Software, Inc. PO Box 19816 Boulder, CO 80308 www.webroot.com Version 6.1 Webroot Software User Guide Version 6.1 2003 2009 Webroot Software, Inc. All
More informationESET Mobile Security Business Edition for Windows Mobile
ESET Mobile Security Business Edition for Windows Mobile Installation Manual and User Guide Click here to download the most recent version of this document Contents 1. Installation...3 of ESET Mobile Security
More informationWindows 8 Malware Protection Test Report
Windows 8 Malware Protection Test Report A test commissioned by Kaspersky Lab and performed by AV-Test GmbH Date of the report: January 11 th, 2013, last update: January 11 th, 2013 Executive Summary In
More informationUser Manual. HitmanPro.Kickstart User Manual Page 1
User Manual HitmanPro.Kickstart User Manual Page 1 Table of Contents 1 Introduction to HitmanPro.Kickstart... 3 2 What is ransomware?... 4 3 Why do I need HitmanPro.Kickstart?... 6 4 Creating a HitmanPro.Kickstart
More informationSophos Endpoint Security and Control Help. Product version: 11
Sophos Endpoint Security and Control Help Product version: 11 Document date: October 2015 Contents 1 About Sophos Endpoint Security and Control...5 2 About the Home page...6 3 Sophos groups...7 3.1 About
More informationSelected Windows XP Troubleshooting Guide
1 Selected Windows XP Troubleshooting Guide To locate lost files: Compiled by: Jason M. Cohen Check these locations to locate lost files: The My Documents folder Click Start, and then click My Documents.
More informationThe Care and Feeding of Your Computer Troubleshooting and Maintenance
Keeping It Clean The Care and Feeding of Your Computer Troubleshooting and Maintenance The computer itself: Regularly dust the exterior. You can use a cloth dampened slightly with water, but do not use
More informationFor Businesses with more than 25 seats. www.eset.com
For Businesses with more than 25 seats www.eset.com ESET Endpoint Protection Standard Whether your business is just starting or Simple and Straightforward established, there are a few things you expect
More informationNETWORK AND INTERNET SECURITY POLICY STATEMENT
TADCASTER GRAMMAR SCHOOL Toulston, Tadcaster, North Yorkshire. LS24 9NB NETWORK AND INTERNET SECURITY POLICY STATEMENT Written by Steve South November 2003 Discussed with ICT Strategy Group January 2004
More informationVirus Definition and Adware
DANEnet Round Table: Viruses and Spyware Definition of a computer virus: -A computer program that is designed to replicate itself by copying itself into the other programs stored in a computer. It may
More informationHome Use Installation Guide For Symantec Endpoint Protection (SEP) 11 For Mac
Home Use Installation Guide For Symantec Endpoint Protection (SEP) 11 For Mac May 2010 Table of Content 1 INTRODUCTION... 2 2 AntiVirus Software Home Use License Policy... 2 2.1 Authorized Users:...2 2.2
More informationLASTLINE WHITEPAPER. In-Depth Analysis of Malware
LASTLINE WHITEPAPER In-Depth Analysis of Malware Abstract Malware analysis is the process of determining the purpose and functionality of a given malware sample (such as a virus, worm, or Trojan horse).
More informationWindows Operating Systems. Basic Security
Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System
More informationTrend Micro OfficeScan 11.0 SP1. Best Practice Guide for Malware
Trend Micro OfficeScan 11.0 SP1 Best Practice Guide for Malware Information in this document is subject to change without notice. The names of companies, products, people, characters, and/or data mentioned
More informationMCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features
MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features Objectives Describe Windows 7 Security Improvements Use the local security policy to secure Windows 7 Enable auditing to record security
More informationComputer Security Maintenance Information and Self-Check Activities
Computer Security Maintenance Information and Self-Check Activities Overview Unlike what many people think, computers are not designed to be maintenance free. Just like cars they need routine maintenance.
More informationSystem Administrator Guide
System Administrator Guide Webroot Software, Inc. PO Box 19816 Boulder, CO 80308 www.webroot.com Version 3.5 Webroot AntiSpyware Corporate Edition System Administrator Guide Version 3.5 2007 Webroot Software,
More information(Self-Study) Identify How to Protect Your Network Against Viruses
SECTION 24 (Self-Study) Identify How to Protect Your Network Against Viruses The following objective will be tested: Describe What You Can Do to Prevent a Virus Attack In this section you learn about viruses
More informationHow to Configure Sophos Anti-Virus for Home Systems
How to Configure Sophos Anti-Virus for Home Systems When you download and install Sophos on your home computer, on-access scanning is enabled. However, the settings for scheduled scans and scanning for
More informationSentinel Platform/Managed IT Services Agreement Page 1 of 6. 1. Term of Agreement
Page 1 of 6 1. Term of Agreement This Agreement between, herein referred to as Client, and Word of Mouth Computers and Electronics, LLC hereinafter referred to as Service Provider, is effective on the
More informationAvaya Modular Messaging 5.x
Avaya Modular Messaging 5.x Security Updates, Operating System Service Packs, Virus Protection, Avaya Modular Messaging Service Packs, and Third Party Software for Modular Messaging 5.x Issue 1.1 February
More informationWhen you listen to the news, you hear about many different forms of computer infection(s). The most common are:
Access to information and entertainment, credit and financial services, products from every corner of the world even to your work is greater than ever. Thanks to the Internet, you can conduct your banking,
More informationAnti-Virus Comparative
Anti-Virus Comparative Performance Test Impact of Anti-Virus Software on System Performance Microsoft Forefront Endpoint Protection (Release Candidate) Language: English November 2010 Last Revision: 13
More informationIntroduction to Computer Security Table of Contents
Introduction to Computer Security Table of Contents Introduction... 2 1 - Viruses... 3 Virus Scanners... 3 2 - Spyware... 7 Spyware Scanners... 8 3 - Firewalls... 10 Windows Firewall... 10 4 - References...
More informationDesktop Release Notes. Desktop Release Notes 5.2.1
Desktop Release Notes Desktop Release Notes 5.2.1 COPYRIGHT Copyright 2011 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval
More informationAcronis Backup & Recovery 11.5 Quick Start Guide
Acronis Backup & Recovery 11.5 Quick Start Guide Applies to the following editions: Advanced Server for Windows Virtual Edition Advanced Server SBS Edition Advanced Workstation Server for Linux Server
More informationcontents 1. ESET Smart Security...4 2. Installation...5 3. Beginner s guide...9 4. Work with ESET Smart Security...12
Integrated components: ESET NOD32 Antivirus ESET NOD32 Antispyware ESET Personal Firewall ESET Antispam New generation of NOD32 technology User Guide we protect your digital worlds contents 1. ESET Smart
More informationBasic Computer Maintenance
Basic Computer Maintenance Presented by East Central Regional Library The Institute of, a Federal Agency that fosters innovation, leadership and a lifetime of learning, in conjunction with State Library
More informationKASPERSKY LAB. Kaspersky Anti-Virus for Windows Servers 6.0 USER GUIDE
KASPERSKY LAB Kaspersky Anti-Virus for Windows Servers 6.0 USER GUIDE KASPERSKY ANTI-VIRUS FOR WINDOWS SERVERS 6.0 User Guide Kaspersky Lab http://www.kaspersky.com Revision date: September 2008 Table
More informationHow to troubleshoot MS DTC firewall issues
Page 1 of 5 Article ID: 306843 - Last Review: October 29, 2007 - Revision: 5.3 How to troubleshoot MS DTC firewall issues Retired KB Content Disclaimer This article was previously published under Q306843
More informationWhat is a Virus? What is a Worm? What is a Trojan Horse? How do worms and other viruses spread? Viruses on the Network. Reducing your virus Risk.
C/W MARS INC. What is a Virus? What is a Worm? What is a Trojan Horse? How do worms and other viruses spread? Viruses on the Network. Reducing your virus Risk. Prevent Future Infections. Non-Booting System!
More informationContact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:
Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for
More informationError Codes for F-Secure Anti-Virus for Firewalls, Windows 6.20
Error Codes for F-Secure Anti-Virus for Firewalls, Windows 6.20 The two tables described here list the error codes sent by F-Secure Content Scanner Server and F-Secure Anti-Virus for Firewalls. Error codes
More informationTracking Anti-Malware Protection 2015
Tracking Anti-Malware Protection 2015 A TIME-TO-PROTECT ANTI-MALWARE COMPARISON TEST Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to measure
More informationSophos Anti-Virus for Mac OS X Help
Sophos Anti-Virus for Mac OS X Help For networked and standalone Macs running Mac OS X version 10.4 or later Product version: 8 Document date: April 2012 Contents 1 About Sophos Anti-Virus...3 2 Scanning
More informationSTANDARD ON CONTROLS AGAINST MALICIOUS CODE
EUROPEAN COMMISSION DIRECTORATE-GENERAL HUMAN RESOURCES AND SECURITY Directorate HR.DS - Security Informatics Security Brussels, 21/06/2011 HR.DS5/GV/ac ARES (2011) 663475 SEC20.10.05/04 - Standards European
More informationViRobot Desktop 5.5. User s Guide
ViRobot Desktop 5.5 User s Guide ViRobot Desktop 5.5 User s Guide Copyright Notice Copyright 2007 by HAURI Inc. All rights reserved worldwide. No part of this publication or software may be reproduced,
More informationSymantec AntiVirus Corporate Edition Patch Update
Symantec AntiVirus Corporate Edition Patch Update Symantec AntiVirus Corporate Edition Update Documentation version 10.0.1.1007 Copyright 2005 Symantec Corporation. All rights reserved. Symantec, the Symantec
More informationSophos Anti-Virus for Windows, version 7 user manual. For Windows 2000 and later
Sophos Anti-Virus for Windows, version 7 user manual For Windows 2000 and later Document date: August 2008 Contents 1 About Sophos Anti-Virus...3 2 Introduction to Sophos Anti-Virus...5 3 Checking the
More informationIntroduction to Free Computer Tools
Introduction to Free Computer Tools About me Serge Aubin Technology Advisor / OLS-N Programmer / DBA - 9yrs Web design / Web applications Intranet/Extranet Today s session Terminology Anti-Spyware software
More information2. Installation and System requirements
RELEASE NOTES F-Secure Anti-Virus for Windows Servers Version 9.00 build 333 Copyright 1993-2010 F-Secure Corporation. All Rights Reserved. Portions Copyright 2004 BackWeb Technologies Inc. This product
More informationCountermeasures against Computer Viruses
Countermeasures against Computer Viruses How to protect your computer from computer viruses!! Information-technology Promotion Agency IT Security Center http://www.ipa.go.jp/security/ Note: A poster showing
More informationF-Secure E-mail and Server Security. Administrator's Guide
F-Secure E-mail and Server Security Administrator's Guide TOC F-Secure E-mail and Server Security Contents Preface: Disclaimer...vi Chapter 1: About This Guide...7 1.1 Introduction...8 1.1.1 Product contents...8
More informationWhat's the difference between spyware and a virus? What is Scareware?
What's the difference between spyware and a virus? What is Scareware? Spyware and viruses are both forms of unwanted or malicious software, sometimes called "malware." You can use Microsoft Security Essentials
More informationES Exchange Server - How to Remove XMON
w e p r o t e c t d i g i t a l w o r l d s NOD32 Server Edition for MS Exchange Server Installation Copyright Eset, spol. s r. o. All rights reserved. No part of this document may be reproduced or transmitted
More informationProactive Rootkit Protection Comparison Test
Proactive Rootkit Protection Comparison Test A test commissioned by McAfee and performed by AV-TEST GmbH Date of the report: February 2 th, 213 Executive Summary In January 213, AV-TEST performed a comparative
More informationimagepress CR Server A7000 Powered by Creo Color Server Technology For the Canon imagepress C7000VP/C6000VP/ C6000
English imagepress CR Server A7000 Powered by Creo Color Server Technology For the Canon imagepress C7000VP/C6000VP/ C6000 Version 1.0.1 731-01873A-EN Contents Overview... 1 Network... 2 Network Environments...2
More informationHost-based Intrusion Prevention System (HIPS)
Host-based Intrusion Prevention System (HIPS) White Paper Document Version ( esnhips 14.0.0.1) Creation Date: 6 th Feb, 2013 Host-based Intrusion Prevention System (HIPS) Few years back, it was relatively
More informationPractice test 220-802 Domain-2 Security (Brought to you by RMRoberts.com)
Practice test 220-802 Domain-2 Security (Brought to you by RMRoberts.com) 1. Which command is used to access the local group policy editor for Windows 7? A. poledit.exe B. gpedit.msc C. local.msc D. grplocal.exe
More informationUsing Spy Sweeper for Windows Author: Jocelyn Kasamoto
WIN1048 February 2009 Using Spy Sweeper for Windows Author: Jocelyn Kasamoto Introduction 1 System Requirements 2 Installation Instructions 2 Post Installation Tasks 3 Running Spy Sweeper 3 Subscription
More informationHow not to lose your computer or your research. M.R. Muralidharan SERC IISc
How not to lose your computer or your research M.R. Muralidharan SERC IISc The Battle has changed 08 Threat Landscape Shift 2004 Landscape Virus Threats are noisy & visible to everyone Threats are indiscriminate,
More informationPC Security and Maintenance
PC Security and Maintenance by IMRAN GHANI PC Maintenance and Security-Forecast. Major sources of danger. Important steps to protect your PC. PC Security Tools. PC Maintenance Tools. Tips. PC Security-
More informationNexio Backup and Recovery
Nexio Backup and Recovery 11/2/2015 175-100271-00 RevE Publication Information 2015 Imagine Communications Corp. Proprietary and Confidential. Imagine Communications considers this document and its contents
More informationOfficeScan 10 Enterprise Client Firewall Updated: March 9, 2010
OfficeScan 10 Enterprise Client Firewall Updated: March 9, 2010 What is Trend Micro OfficeScan? Trend Micro OfficeScan Corporate Edition protects campus networks from viruses, Trojans, worms, Web-based
More informationA+ Guide to Managing and Maintaining Your PC, 7e. Chapter 16 Fixing Windows Problems
A+ Guide to Managing and Maintaining Your PC, 7e Chapter 16 Fixing Windows Problems Objectives Learn what to do when a hardware device, application, or Windows component gives a problem Learn what to do
More informationSymantec Protection for SharePoint Servers 6.0.4 Implementation Guide
Symantec Protection for SharePoint Servers 6.0.4 Implementation Guide for Microsoft SharePoint 2003/2007 Symantec Protection for SharePoint Servers Implementation Guide The software described in this book
More informationVersion: 2.0. Effective From: 28/11/2014
Policy No: OP58 Version: 2.0 Name of Policy: Anti Virus Policy Effective From: 28/11/2014 Date Ratified 17/09/2014 Ratified Health Informatics Assurance Committee Review Date 01/09/2016 Sponsor Director
More informationMFR IT Technical Guides
MFR IT Technical Guides Windows 7 Backup and Recovery Page 1 of 33 Table of Contents 1 Glossary... 3 2 Backup Strategy... 4 3 Windows Backup Options... 5 3.1 Windows Backup... 5 3.2 Windows System Image
More informationBrightStor ARCserve Backup Disaster Recovery From Physical Machines to Virtual Machines
BrightStor ARCserve Backup Disaster Recovery From Physical Machines to Virtual Machines Best Practices Guide BrightStor ARCserve Backup r11.5 Version 1.0 Author: @ca.com Contents Chapter
More informationUsing Acronis True Image
Using Acronis True Image Here are the steps for using Acronis: 1. Download the trial version and install the software 2. Create a Bootable CD see instructions below 3. Create an image see instructions
More informationCountermeasures against Spyware
(2) Countermeasures against Spyware Are you sure your computer is not infected with Spyware? Information-technology Promotion Agency IT Security Center http://www.ipa.go.jp/security/ 1. What is a Spyware?
More informationANTIVIRUS BEST PRACTICES
ANTIVIRUS BEST PRACTICES Antivirus Best Practices 1. Introduction This guideline covers the basics on Antivirus Software and its best practices. It will help to have an overall understanding of the subject
More informationSystem Planning, Deployment, and Best Practices Guide
www.novell.com/documentation System Planning, Deployment, and Best Practices Guide ZENworks Application Virtualization 9.0 February 22, 2012 Legal Notices Novell, Inc., makes no representations or warranties
More informationESET NOD32 Antivirus 4
ESET NOD32 Antivirus 4 for Mac Installation Manual and User Guide - Public Beta ESET NOD32 Antivirus Copyright 2010 by ESET, spol. s.r.o. ESET NOD32 Antivirus 4 was developed by ESET, spol. s r.o. For
More informationSpyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc.
Spyware Michael Glenn Technology Management Michael.Glenn@Qwest.com Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References
More informationESET Mobile Security Windows Mobile. Installation Manual and User Guide
ESET Mobile Security Windows Mobile Installation Manual and User Guide Contents 1. Installation...3 of ESET Mobile Security 1.1 Minimum...3 system requirements 1.2 Installation...3 1.2.1 Installation...3
More informationBitDefender for Microsoft ISA Servers Standard Edition
BitDefender for Microsoft ISA Servers Standard Edition Copyright 2006 SOFTWIN Edition 1. How Does It Work? As content entering or leaving your company must meet security policies, it is crucial to choose
More information