Sunday, December 2, 2012

Virus Scans

Virus Scans and Malware Removal

Antivirus or anti-virus software is a program used to prevent, detect and remove malware such as: computer viruses, adware, backdoors, malicious BHOs, dialers, fraudtools, hijackers, keyloggers, malicious LSPs, rootkits, spyware, trojan horses and worms. Computer security, including protection from social engineering techniques, is commonly offered in products and services of antivirus software companies

Software used for the prevention and removal of malware threats, rather than computer security implemented by software methods. There are several methods which antivirus software can use to identify malware.
  • Signature Based Detection: To identify viruses and other malware, antivirus software compares the contents of a file to a dictionary of virus signatures. Because viruses can embed themselves in existing files, the entire file is searched, not just as a whole, but also in pieces.
  • Heuristic-Based Detection:  Like malicious activity detection, can be used to identify unknown viruses.
  • File Emulation: File emulation involves executing a program in a virtual environment and logging what actions the program performs. Depending on the actions logged, the antivirus software can determine if the program is malicious or not and then carry out the appropriate disinfection actions.
  • Rootkit Detection:  Anti-virus software can attempt to scan for rootkits; a rootkit is a type of malware that is designed to gain administrative-level control over a computer system without being detected. Rootkits can change how the operating system functions and in some cases can tamper with the anti-virus program and render it ineffective. Rootkits are also difficult to remove, in some cases requiring a complete re-installation of the operating system. 
  • Real-Time Protection:  Real-time protection, on-access scanning, background guard, resident shield, auto-protect, and other synonyms refer to the automatic protection provided by most anti-virus, anti-spyware, and other anti-malware programs. This monitors computer systems for suspicious activity such as computer viruses, spyware, adware, and other malicious objects in 'real-time', in other words while data loaded into the computer's active memory: when inserting a CD, opening an email, or browsing the web, or when a file already on the computer is opened or executed.
Installed anti-virus software running on an individual computer is only one method of guarding against viruses. Other methods are also used, including cloud-based antivirus, firewalls and on-line scanners.
  • Cloud Antivirus:  Cloud antivirus is a technology that uses lightweight agent software on the protected computer, while offloading the majority of data analysis to the provider's infrastructure. One approach to implementing cloud antivirus involves scanning suspicious files using multiple antivirus engines.
  • Network Firewall: Network firewalls prevent unknown programs and processes from accessing the system. However, they are not antivirus systems and make no attempt to identify or remove anything. They may protect against infection from outside the protected computer or network, and limit the activity of any malicious software which is present by blocking incoming or outgoing requests on certain TCP/IP ports.
  • Online Scanning:  One of the first things that malicious software does in an attack is disable any existing antivirus software and sometimes the only way to know of an attack is by turning to an online resource that is not installed on the infected computer. You should use an online service that is capable of scanning the entire computer, critical areas only, local disks, folders or files. 
  • Specialist Tools:  Virus removal tools are available to help remove stubborn infections or certain types of infection. Another method is by using a rescue disk that is bootable, such as a CD or USB storage device, to run antivirus software outside of the installed operating system, in order to remove infections while they are dormant. A bootable antivirus disk can be useful when, for example, the installed operating system is no longer bootable or has malware that is resisting all attempts to be removed by the installed antivirus software. 

Benefits of Unix or Linux

    Linux Malware: Includes viruses, trojans, worms and other types of malware that affect the Linux operating system. Linux, Unix (Apple/Mac) and other Unix-like computer operating systems are generally regarded as very well-protected, but not immune, from computer viruses.
      There has not yet been a widespread Linux malware threat of the type that Microsoft Windows software faces; this is commonly attributed to the small number of users running Linux as a desktop operating system, the malware's lack of root access and fast updates to most Linux vulnerabilities.
          Web Scripts: The most common way that a Linux or Unix based computer/server is attacked is through improper security measures in web scripting.  Linux servers may also be used by malware without any attack against the system itself, where e.g. web content and scripts are insufficiently restricted or checked and used by malware to attack visitors. Typically a CGI script (meant for leaving comments) by mistake allows inclusion of code exploiting vulnerabilities in the web browser.

          SQL, or the Structured Query Language, is the command-and-control language for relational databases such as Microsoft SQL Server, Oracle, and MySQL. In modern web development, these databases are often used on the back end of web applications and content management systems – meaning that both the content and behavior of many web sites is built on data in a database server.

          A successful attack on the database that drives a website or web application can potentially give a hacker a broad range of powers, from modifying web site content ("defacing") to capturing sensitive information such as account credentials or internal business data. Simple measures in php scripting to prevent SQL or MySQL Injection attacks should be used when protecting your database or web applications from malicious attacks. Nexwrx can setup these protective measures to secure your websites or content management systems.

          2 comments:

          Have used AVG protection for many years now, I'd recommend this product to all you.

          BlueHost is definitely the best website hosting company for any hosting services you require.

          Post a Comment

          Twitter Delicious Facebook Digg Stumbleupon Favorites More