There are some new arrows in the security quiver against malicious software and viruses, but one problem remains: Some of the legitimate programs that should be allowed to run are being blocked by the new security software.

But even with the possible downside of blocking programs that are genuine members of the industry are saying that the new technology and software in the fight against viruses and malicious software is worth the cost of a small amount of real software being unable to run.

The new approach to fighting viruses uses a process called "Heuristics" that takes general rules of thumb regarding how software functions, and them makes educated guesses in making decisions on what to allow and what to prevent. This new method blocks viruses based on what may be seen as suspicious behavior, instead of waiting the usual length of time to be given a ID and positive virus identification.

The single problem with Heuristics usage is that it makes mistakes. A program written by Shavlik Technologies last year, called NetChk Protect was halted, stopped in its tracks by the Norton Symantec Anti virus software using the Heuristics model.

The NetChk program is not a virus, but the way in which it operates rang all the typical virus behavior buttons on the Norton program, so it was blocked. This is what is called a false positive, and is a small but increasing problem in the fight against viruses and malicious software.

While some are alarmed, overall the state of virus detection is better than it has ever been. Even so, sometimes companies have to adjust to allow for the new anti virus software. "We had to make our code appear less evil, so it would get past the anti virus software," said Eric Schultze.

Mr. Schultze is chief technology officer for Shavlik Technology, and project director for the NetChk Program.

A recently Washington Post story warned consumers that the new anti-virus technique may make PC's less safe than before.

"Many observers say that despite all its new bells and whistles, the antivirus industry as a whole continues to fall behind in identifying the very latest malicious software," the Post reported in mid-March.