Questions tagged [antimalware]

Software which includes anti-spyware, anti-rootkit, anti-phishing, and other technologies that attempt to identify and/or block malicious programs.

322 questions
181
votes
11 answers

Help! My home PC has been infected by a virus! What do I do now?

This is an attempt to ask a canonical question as discussed in this old meta post. The goal is to create something helpful that can be used as a duplicate when non experts ask about virus infections. Let's say that I have determined beyond doubt…
Anders
  • 64,406
  • 24
  • 178
  • 215
161
votes
14 answers

What is the safest way to deal with loads of incoming PDF files, some of which could potentially be malicious?

As an investigative journalist I receive each day dozens of messages, many of which contain PDF documents. But I'm worried about some of the potentially malicious consequences of blindly opening them and getting my computer compromised. In the past,…
Tom the journalist
  • 1,289
  • 2
  • 8
  • 9
64
votes
5 answers

Can Beehive detect a Snowden-like actor?

In a seminar, one of the Authors of Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterprise Networks said that this system can prevent actions like Snowden did. From their articles' conclusions; Beehive improves on…
kelalaka
  • 5,409
  • 4
  • 24
  • 47
47
votes
2 answers

How do antiviruses scan for thousands of malware signatures in a short time?

Most antiviruses have hundreds of thousands or even millions of malware signatures and yet they scan many files in a reasonable short time with high detection rates. Even real-time scanners doesn't slow computer noticeably but provide strong…
Koorosh Pasokhi
  • 1,107
  • 1
  • 9
  • 10
46
votes
8 answers

Can we trust antivirus software?

There are a lot of free antivirus software and free versions of commercial anti-malwares. Can we really trust these free antivirus programs? The same question about commercial antivirus software. Maybe they install backdoors on our computers?
user52927
45
votes
5 answers

How to scan a PDF for malware?

Can anyone suggest an automated tool to scan a PDF file to determine whether it might contain malware or other "bad stuff"? Or, alternatively, assigns a risk level to the PDF? I would prefer a free tool. It must be suitable for programmatic use,…
D.W.
  • 98,420
  • 30
  • 267
  • 572
44
votes
8 answers

Are two anti-virus better than one in protecting your computer?

A century old adage: The more the merrier. In general, does this adage hold true in regards to the number of anti-virus software you should have on your PC? Are there any limits before it actually has the opposite effect?
Computernerd
  • 2,391
  • 9
  • 23
  • 30
39
votes
7 answers

How is it possible to embed executable code in an image

I was reading up on FireEye and came across this NYTimes article detailing a Skype chat where an image was sent laden with malware: Quote: To gain access to information on the devices..., hackers posed as women on Skype, identified the types of …
Jeremy Thompson
  • 443
  • 1
  • 4
  • 11
38
votes
1 answer

CSS based attacks

I'm currently working on a plugin for a CMS which should allow content editors to write inline style tags. I'm looking for advice / links on how inline styles could be abused. Part of the reason for the plugin is to allow for a strict content…
symcbean
  • 18,278
  • 39
  • 73
26
votes
3 answers

Could malware move during a scan to avoid detection?

I think every AV-Scanner is using some predictable recursive scan to search files for malware. Couldn't malware easily detect a scan and just move to an already checked location, determined by knowing which algorithms certain AV-Scanner uses ? Is…
HopefullyHelpful
  • 1,254
  • 1
  • 12
  • 17
24
votes
2 answers

How would one know if they have a rootkit?

Are they impossible to detect? Seeing as the attacker has admin rights and could modify anti virus software that might otherwise be used to detect or circumvent a root kit. Are there certain red flags that point to a root kit? Can they see…
DBroncos1558
  • 341
  • 1
  • 2
  • 7
22
votes
2 answers

Can a Trojan hide itself, so its activity doesn't appear in task manager process?

Can malicious software hide itself, so its activity doesn't appear in the list of processes from Task Manager? Can it hide itself so when someone is controlling your computer, even if you open Task manager, you won't see any suspicious activity? If…
Steve
  • 259
  • 3
  • 7
21
votes
8 answers

Are signature based antivirus or antimalware effective?

Are signature based antivirus or antimalware solutions effective? Has the battle been lost against the ever increasing amount of malware, particularly rootkits, that are in the wild?
Sim
  • 1,227
  • 1
  • 13
  • 21
21
votes
4 answers

Reverse engineering malware/viruses

Assuming a machine has malware, regardless of how it got there, one thing I would like to learn to do is to take the binary file and reverse engineer it to see what the malware is doing/has already done. It would be good to know what has been…
Purge
  • 1,996
  • 2
  • 14
  • 26
18
votes
4 answers

Malware - are removal tools acceptable or is bare metal re-install the only safe option?

I see a number of companies offering "malware removal" services. I see some software that claims to be able to remove malware from an infected machine. Is using a removal software tool to 'clean' an infected machine acceptable practice, or is the…
DanBeale
  • 2,064
  • 3
  • 18
  • 27
1
2 3
21 22