Alamo PC Organization: HOME > PC Alamode Magazine > Product Reviews


IBM AntiVirus Desktop Edition, V 2.5 
Software Review by Donald J. Knapp

IBM Anti-Virus Box PhotoIBM has fielded a very nice package, indeed. This release is applicable to four popular platforms: Windows 95, OS/2 Warp, Windows, and DOS. 

It also purports to offer Internet protections. The program comes only in 3.5” Disk. The price at a list of $ 42 (about $ 38 street) compares well with similar products. Big Blue claims it uses this pro-gram to protect its own company computers, so there is a large audience over which support costs may be spread. 

 The License Agreement is printed in sixteen international languages, indicating expected wide usage of this product. Seven diskettes are furnished: two for OS/2; two for DOS & Windows; two for Windows 95; and the final one entitled as “Emergency Diskette”. The latter is a bootable diskette for use with workstations that cannot boot and run due to a severe virus. It contains a minimal DOS 7.0 system plus part of the IBM AntiVirus System Shield and the IBM AntiVirus Standalone program. The emergency disk cannot scan compressed partitions. 

 Hardware requirements are fairly trivial: IBM compatible computer; 640 KB of RAM; 4 MB of disk space; and the usual minimum versions of DOS, WIN, OS/2 or Windows 95 softwares. 

 The User’s Guide is well written and straight-forward. It gets right to the business of installing the program. The Windows 95, Windows and DOS installation tasks get little text attention; just insert the first disk and follow the bouncing ball. However, the OS/2 verbiage is extensive, thus suggesting that this installation might be a bit tedious. Installations can be highly customized if desired, but default settings are shown through-out and are recommended. An uninstall program is simple to use; just click on an icon. When updates are received from any source, the updating procedure is easy to accomplish. 

 The User Guide has a fine discussion of what to do when a virus is detected. There are various levels of response, depending on the type and severity of the virus infection. The user is kept in the picture in terms of what should or shall be done, and the system presents options on approaches to take. A Virus Infection Report presents choices on how to remove a virus that has been found. Some programs do unusual things that mimic virus activity, so should be evaluated before definitive antivirus activity is undertaken. Viruses that can be positively identified can usually de disinfected, restoring the infected files or boot records to their original, uninfected condition. If a file is so badly infected that corrective action would damage it beyond usefulness, the report dialog will indicate this and suspend action on it. 

 IBM reportedly collects and securely files away tens of thousands of viruses, much as the NIH does for dread diseases of the world. The Ver. 2.5 product addresses hundreds, if not thousands of viruses that are prevalent at this moment. Some of those include macro viruses like Laroux, LBYNJ, MDMA, Concept, Boom and the Wazzu family. Individual viruses include the Hare and the Moloch types, and Tentacle (which infects Windows executables), Majo-1644 and Were- wolf-1500B, and many, many more. IBM’s technology to detect unknown and polymorphic boot viruses has been greatly expanded, enabling it to detect many more viruses. Problems were resolved in scanning large Microsoft Word documents, and in scanning files with the same name as device drivers, conflicts with Windows 95 Scandisk, and conflicts with Windows 95 Novell Netware. 

 The System Shield has been enhanced to find viruses before they enter the system whether from the Web, via FTP, downloads from bulletin boards, or copied from diskettes or file servers through a “Check Files When Opened” function. CD-ROM drives now appear as removable media, and be scanned for viruses, too. 

 About five new viruses are written daily to amend the program. IBM is keen to keep the program updated, and provides several ways to accomplish this as continued protection against newer viruses. By default, an upgrade reminder appears seven months after system release. In this case this will occur on May 18, 1997. However, the system will continue to operate even not regularly updated. The most common way to update is through the Internet and appears to be free. The address is a bit obscure, and is listed here: http: // Another way of upgrading involves purchasing quarterly diskettes obtained by mail. An enrollment charge of $ 75 per year $ 139 for two years) will get four updates a year via diskette. Technical support information is available on CompuServe or the Internet; via telephone, fax; and via mail-in. 

 Don Knapp consults around the world on industrial productivity and equipment management projects. An engineering graduate from Georgia Tech and Univ. of Southern California, he formerly ran a large computing center, and recently headed an engineering services firm in California.