Cyber Security Institute

Thursday, February 05, 2009

Sunbelt Pioneers New Anti-Virus Technology

US company Sunbelt Software is set to become one of the first anti-virus vendors to embrace a promising but as yet little-used new technique for malware detection known as ‘file emulation’.  Released this week to UK users after a US launch some time ago, the company’s Vipre Enterprise anti-malware client is on the face of it just another program jostling for attention with the admin-friendly claim that it can protect PCs from malware without slaughtering performance.  Known in company jargon as ‘MX-Virtualization’ (MX-V), Vipre effectively creates an emulated Windows PC in a sandbagged area of memory, mimicking API functions such as the Windows registry, file system, and communications interfaces to see what a file is trying to do.

In a separate interview with Techworld, Eckelberry said that as far as he was aware the only other anti-malware products to have tried file emulation in anger were Microsoft and BitDefender.

Vipre Enterprise also boasts of its anti-rootkit protection - the program runs a special module called ‘firstscan in advance of Windows loading - and advanced kernel monitoring.

http://www.pcworld.com/businesscenter/article/158996/sunbelt_pioneers_new_antivirus_technology.html