Let's go back a while. In the early days, the majority of computer viruses were DOS-based and ran on PCs. And the majority of PCs were standalone - and even those which were connected were (mostly) connected only to a few others in an office. This is, perhaps, why boot sector viruses were the most common viruses, because diskettes were the most common way of sending and receiving information and programs.

In the very early days, most people didn't even believe in viruses. One notable figure said most virus incidents were an urban myth like alligators in New York's sewers! In those days, you expected to have a discrete program to resolve a particular problem. So to detect a virus, you executed another program which searched for it and - if you were lucky - found it.

But soon that was not enough.

Soon people wanted a proper interface - with menus and options. Something that was in keeping and in character with what was happening in the rest of the computer industry. While there was little advancement for some time in the science of virus detection, the development of interfaces progressed vigorously.

Then you have the interruption of Windows - which allowed even more attractive and interactive interfaces. Drop down menus and press buttons became the norm while progress bars filled comfortingly - and not always with any close relationship to what was actually happening on the virus scan.

This was a big step forward and it gave much better virus protection except for the fact that memory was limited and therefore the protection offered was limited. Developers were forced to compromise but fortunately for most developers, most magazine reviewers were incapable of testing memory resident virus programs.

With virtual device drivers (VxD), developers at last had access to as much memory - once again in theory - as they needed. This meant that their memory resident programs had approximately the same protection as their main scanner (although in one or two cases this did not mean a great deal).

The spread of viruses on networks was potentially a great problem. Actually it was only a great problem because lots of networks had been set up without using the security that was built into the operating system. Accordingly viruses which shouldn't have spread through organizations did. Anti-virus developers responded by producing special versions of their product to run on fileservers.

But the main problem that networks solved was the problem of updating the anti-virus product.

Networks gave people the remedy. You could update your anti-virus software by running a login script or calling a small program and downloading the update of the fileserver. Of course it did nothing for the standalone PCs which is why - although Christmas came early for the networks - it was not what you could call a complete solution.

When people began to get comfortable with the fact that there were viruses out there some bright spark realised that if the Net was good enough for virus authors, it was good enough for anti-virus developers. Soon update buttons started to appear on the interfaces (yes, we still have those) which let people automatically update their software via the Internet.

So far so good - we're almost up to date.

The next step is just starting to happen. Anti-virus developers are experimenting with putting their solutions on the Net so that instead of downloading your solution you simply run the virus scanner straight ff the Web. You don't have to worry about updating it - the anti-virus developer is doing that with far greater (in theory) frequency - perhaps daily instead of what you have at best been getting till now: routine updates monthly.

If you work in the MIS department of a corporation, the idea of individuals accessing the Net may be as popular as a waiter with a runny nose. In addition, you really don't want your users thinking about viruses - they only panic and start calling everyone including their maiden aunt in Michigan to tell them about it.

What you really want - in theory - is for viruses to be detected without the user being aware of it (has to be memory resident); the virus problem should be solved (if possible, automatically again, without the user being aware) and the MIS department should receive a report - from the anti-virus solution, not the user (has to be on a network).

Now we're close to having all of this right now. So what's the problem?

The problem is what about new viruses! While all of the above was happening, some really thoughtful person invented macro viruses. Macro viruses spread like wildfire because while relatively few people send computer programs and diskettes about these days, everybody and his dog send each other email and documents attached to them - and the Internet is positively dripping with documents for download. Hence macro virus infected documents are sloshing around with far greater frequency than conventional viruses.

Put macro viruses, networks and the Internet together and you have the ingredients for a glut of viruses which could threaten the ability of conventional systems to discover and build in protection to existing products without a big delay. Increasingly, customers will look for a real time solution.

What I am looking to do is to recognize that, as with many other aspects of computing, we are moving from the simple box product to a service.

There are many questions that have yet to be argued through - for example what do you do if you encounter a new virus on your machine? Well actually the question is how do you know?

These questions are for another time. Right now, I want to leave you with an ideal - it's not one which can be delivered tomorrow but it has many benefits for both developers and users. The ideal is that users don't have to worry about viruses, they simply get on with using their PCs for what they were intended for - meanwhile in the background someone else is taking care of the problem.

There will be many people who would disagree with this point of view. The people at "antivirus online" encourage you to write in and let us know what you think.