Tujadili kidogo kuhusu antivirus

[Yona F. Maro]

Ni kweli kwamba kila mtumaji wa computer popote alipo nyumbani , kazini na sehemu zingine mbalimbali anategemea sana antivirus kwa ajili ya ulinzi wa computer yake haswa upande wa programu na aina nyingine ya vitu alivyohifadhi kwenye computer hiyo au hizo hata kama amehifadhi kwenye vitu vingine .

Katika watumiaji hawa sio wote wenye uelewa mpana au kidogo kuhusu antivirus , virus wenyewe na aina nyingine ya programu zinazohusiana na antivirus au internet security tatizo kubwa limekuwa ni lugha pamoja na uelewa wa mtu jinsi ya kutafuta maelezo ya ziada kuhusu bidhaa anayotafuta kwenye mtandao .

Pengine ungependa kujua aina za antivirus zilizokuwa sokoni kwa sasa hivi pamoja na maelezo mafupi kuhusu antivirus hizo , Tafadhali fuatilia maandishi hata mpaka mwisho angalau unaweza kuondoka na chochote cha maana kwa ajili yako na wengine .

Kwenye masoko ya bidhaa za antivirus na Internet Security kuna kampuni 4 kubwa zinazoongoza kwa mauzo na utoaji wa huduma za bure kwa wateja wao pindi wanaponunua bidhaa hizo kwa haraka zaidi hata bei ya bidhaa zao zinawezesha watu wengi zaidi kununua .

Kabla ya kwenda mbali sana programu hizi za antivirus na internet security zinamasoko zaidi kwenye nchi ambapo bidhaa hizo zinatengenezwa zaidi ya sehemu zingine , unaweza kuona baadhi ya antivirus Sehemu Fulani inapendwa zaidi kwingine hazipendwi zaidi

Kaspersky www.kaspersky.com hii ni kampuni ya kirusi haina muda mrefu sana kwenye soko la bidhaa hizi ingawa kwa miaka ya karibuni imekuwa ni moja ya antivirus bora zaidi na kila wakati inazidi kuboreshwa moja ya tatizo lake kubwa ni kwa watu kutengeneza CD zenye Leseni bandia za Programu hizi ambapo ukiingia kwenye mtandao inaweza kukataa kufanya kazi kama ikikubali basi ni kwa muda , programu hii ina masoko zaidi urusi na nchi zingine za ulaya ya mashariki tembelea tovuti yake kwa habari zaidi kuhusu bidhaa zake zingine .

Kuna Symantec www.symantec.com hii ni jina la kampuni kubwa kuliko zote katika utengenezaji na uuzaji wa bidhaa zinazohusiana na antivirus pamoja na hayo ni moja ya kampuni zilizo kwenye soko hili kwa kipindi kirefu pengine kuliko zote bidhaa zake zingine ni antivirus maarufu inayoitwa Norton kwa sasa kuna Norton 2010 pamoja na Internet Security 2010 katika bidhaa zote hizo ziko ambazo unaweza kutumia kwa siku 30 kwa majaribio kabla hujaamua kununua leseni yake rasmi ambayo itadumu kwa muda Fulani kwenye bidhaa nyingi za Symantec wahalifu wamefanikiwa kutengeneza programu ambazo zinareset muda wa kuisha kwa siku 30 za majaribio kwa hiyo haihesabu siku lakini pindi unapofanya updates za programu hiyo ndio inaweza Kukujulisha .

Watu wengi sana wameuziwa Symantec pamoja na Norton antivirus na patch hiyo ya kurudisha muda nyuma haswa wale ambao hawajajiunga na mtandao , Antivirus hii iko maarufu sana nchi za marekani na baadhi ya nchi za ulaya moja ya matatizo yake mingine ni slow na mara nyingi kuiondoa kwenye computer inakuwa ngumu mpaka utumie programu zake maalumu lakini hii inatokea zaidi kama computer hiyo imeathirika na vitu vingine kwenye programu zake .

Mcafee tembelea www.mcafee.com bidhaa hizi zinatengenezwa na kampuni inayoitwa Network Associates ambapo makao yake makuu yako marekani tembelea www.nai.com ukitembelea tovuti yao unaweza kupata ramani ya jinsi virusi vinavyosambaa duniani na sehemu zilizoathirika zaidi bidhaa yao mpya inayotamba kwa sasa ni mcafee total protection 2010 hii ni moja ya antivirus bora poa kwa watumiaji wa kawaida pamoja na Mcafee virus Scan 8.7 hii haja na leseni moja kwa moja , matatizo ya bidhaa nyingi za mcafee ni Utaratibu wake wa kusafisha computer pindi unapotaka kufanya hivyo na mara nyingi DAT file yake huwa ina haribika pamoja na file hiyo kuwa kubwa siku baada ya siku na kumpa mtu tabu sana wakati wa kufanya updates zake za mara kwa mara .

Hapo nyuma ilifanikiwa sana kwenye bidhaa zake kama stinger hii ni antivirus ambayo kazi yake ni kuscan tu na kuondoa virus bila kuinstall kwenye computer kwa siku za karibuni imekuwa sio bora sana imeshindwa kuondoa baadhi ya virus wengi , pia kuna virus scan hii nayo ni nzito sana kwenye kustart computer , kuna mcafee usb ambayo kazi yake ni kuondoa matatizo kwenye flashdisk na nyingine nyingi sana kutegemeana na mtu anataka nini , pamoja na haya nafikiri mwaka kesho wanaweza kuboresha sana huduma zao .
Trend Micro Bidhaa hii imesambaa sana kwenye soko la Japani ingawa kampuni hii ni ya asili ya Taiwan kwa sasa makao makuu yake yako nchini marekani , ni moja ya antivirus bora pia ingawa haina wateja sana kwenye nchi nyingi za kiafrika , kama unataka antivirus bora na internet security yenye uwezo wa kuondoa spyware jaribu Trend Micro tembelea tovuti yao uweze kujua zaidi kuhusu kampuni na bidhaa zake www.trendmicro.com unaweza kudownload bidhaa za majaribio kuona kama inafaa kabla hujafanya uamuzi sahihi .

Kuna Eset Nod 32 www.eset.com hii ni moja ya antivirus nzuri pia na inatumia memory ndogo sana pindi inapofanya kazi tofauti na antivirus nyingi kwahiyo ukiwa na computer nyenye memory ndogo na uwezo mdogo jaribu hii , lakini nayo kama kaspersky na Norton wahalifu wameshaivamia na kuanzia kutengeneza leseni ambazo ni bandia kwa ajili ya matumizi ya watu wengine pamoja na kuuzwa kwa bei rahisi zaidi ya nyingine moja ya kitu ambacho sipendi kuhusu bidhaa za kampuni hii ni kuondoa files moja kwa moja bila kuuliza kama limeathirika na virus unaweza kutembelea tovuti yao kwa ajili ya kupata nakala ya majaribio .

Pamoja na yote hayo antivirus zingine ambazo unaweza kuangalia na kujaribu ni pamoja na sophos hii inasoko kubwa nchini uingereza www.sophos.com na ina bidhaa za majaribio kama unataka kujaribu kabla hujanunua bidhaa hiyo , panda software hii makao yake ni spain tembelea www.panda.com , computer Associates www.ca.com , F-Secure hii ni ya nchini Finland , Norman ya nchini Norway , AhnLab hii ni ya Korea ya kusini Alwil - Awast ( Czech ) Arcabit - MKS (Poland) Doctor Web - DrWeb (Russia) ESET - NOD32 (Slovakia) Frisk Software - F-Prot (Iceland) GriSoft - AVG ( Czech ) H+BEDV - AntiVir (Germany) Hauri - VI Robot (Korea Kusini ) SoftWin - BitDefender (Romania) VirusBuster - VirusBuster (Hungary) UNA na Stop! ( zote Ukraine), Rising na KingSoft (uChina) , AVG , Microsoft Security Essentials ,Jotti , VirusTotal , Comodo ,ClamWin

Moja ya matatizo ya Programu hizi ambazo ni changamoto kwa kampuni zinazotengeneza bidhaa hizi ni kuongezeka kwa mashambulio dhidi ya computer ambayo kila mara yanaongezeka hii inasambabisha baadhi ya kampuni siweze kufaulu kwenye baadhi ya mashambulio matokeo yake ni kupoteza masoko na wateja kwa sababu wanaweza kuhama kwenda kwenye bidhaa zinazoweza kutibu matatizo matatizo yao kwa wakati huo .
Pili ni kusambaa haraka kwa baadhi ya mashambulizi ya virus kwa watu na jinsi baadhi ya kampuni zinavyochelewa kutoa suluhisho la kupambana na virus hizi kwa wakati , unakuta antivirus nyingi hutoa updates mpya kila baada ya muda Fulani hii ina maanisha baadhi ya watu wanaweza kuathirika pamoja kabla ya kupate updates mpya .

Tatizo la tatu ni programu nyingi kushindwa kufuta Code zilizoandikwa kwenye computer zilizoathirika na virus mara nyingi virus na Trojans zinajiandika au kujificha ambapo antivirus nyingi zinashindwa kupambana na aina hii ya mashambulio ingawa kwa sasa kuna antivirus zenye uwezo wa kuscan files zilizojificha na zile ambazo zimekuwa compressed ingawa inategemea na aina ya programu iliyotumika kucompress file hilo mpaka antivirus ishindwe kuondoa mdudu .

Nne ni utaratibu wa baadhi ya Antivirus katika kuscan files zilizo ndani ya computer husika ni programu chache sana zinazoenda haraka katika kuscan computer na files ndani yake moja wapo ni AVAST na AVG hizi kwa sababu hazina vitu vingi kama aina nyingi ya antivirus kama Norton 2010 au Kaspersky 2010 .

Kuna wakati unaweza kupata Antivirus Fulani ikashindwa kuondoa Virus wengine ukalazimika kuweka antivirus nyingine ili iweze kuondoa kwahiyo zikawa mbili , antivirus nyingi haziwezi kuingia kwenye computer yenye antivirus nyingine matokeo yake unalazimika kuchagua moja ingawa kwa sasa antivirus nyingi zinaingiliana unaweza kuweka zaidi ya antivirus moja kwenye computer moja kwa shuguli hiyo hiyo .

 

[Jayfour_King]

Thank you big man for a little awareness concerning Computer viruses.

 

[Herbalist Dr MziziMkavu]

How does anti-virus software work?
An anti-virus software program is a computer program that can be used to scan files to identify and eliminate computer viruses and other malicious software (malware).

Anti-virus software typically uses two different techniques to accomplish this:

Examining files to look for known viruses by means of a virus dictionary
Identifying suspicious behavior from any computer program which might indicate infection
Most commercial anti-virus software uses both of these approaches, with an emphasis on the virus dictionary approach.

Virus dictionary approach
In the virus dictionary approach, when the anti-virus software examines a file, it refers to a dictionary of known viruses that have been identified by the author of the anti-virus software. If a piece of code in the file matches any virus identified in the dictionary, then the anti-virus software can then either delete the file, quarantine it so that the file is inaccessible to other programs and its virus is unable to spread, or attempt to repair the file by removing the virus itself from the file.

To be successful in the medium and long term, the virus dictionary approach requires periodic online downloads of updated virus dictionary entries. As new viruses are identified "in the wild", civically minded and technically inclined users can send their infected files to the authors of anti-virus software, who then include information about the new viruses in their dictionaries.

Dictionary-based anti-virus software typically examines files when the computer's operating system creates, opens, and closes them; and when the files are e-mailed. In this way, a known virus can be detected immediately upon receipt. The software can also typically be scheduled to examine all files on the user's hard disk on a regular basis.

Although the dictionary approach is considered effective, virus authors have tried to stay a step ahead of such software by writing "polymorphic viruses", which encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match the virus's signature in the dictionary.

Suspicious behavior approach
The suspicious behavior approach, by contrast, doesn't attempt to identify known viruses, but instead monitors the behavior of all programs. If one program tries to write data to an executable program, for example, this is flagged as suspicious behavior and the user is alerted to this, and asked what to do.

Unlike the dictionary approach, the suspicious behavior approach therefore provides protection against brand-new viruses that do not yet exist in any virus dictionaries. However, it also sounds a large number of false positives, and users probably become desensitized to all the warnings. If the user clicks "Accept" on every such warning, then the anti-virus software is obviously useless to that user. This problem has especially been made worse over the past 7 years, since many more nonmalicious program designs chose to modify other .exes without regards to this false positive issue. Thus, most modern anti virus software uses this technique less and less.

Other ways to detect viruses
Some antivirus-software will try to emulate the beginning of the code of each new executable that is being executed before transferring control to the executable. If the program seems to be using self-modifying code or otherwise appears as a virus (it immeadeatly tries to find other executables), one could assume that the executable has been infected with a virus. However, this method results in a lot of false positives.

Yet another detection method is using a sandbox. A sandbox emulates the operating system and runs the executable in this simulation. After the program has terminated, the sandbox is analysed for changes which might indicate a virus. Because of performance issues this type of detection is normally only performed during on-demand scans.

Issues of concern

Macro viruses, arguably the most destructive and widespread computer viruses, could be prevented far more inexpensively and effectively, and without the need of all users to buy anti-virus software, if Microsoft would fix security flaws in Microsoft Outlook and Microsoft Office related to the execution of downloaded code and to the ability of document macros to spread and wreak havoc.

User education is as important as anti-virus software; simply training users in safe computing practices, such as not downloading and executing unknown programs from the Internet, would slow the spread of viruses, without the need of anti-virus software.

Computer users should not always run with administrator access to their own machine. If they would simply run in user mode then some types of viruses would not be able to spread.

The dictionary approach to detecting viruses is often insufficient due to the continual creation of new viruses, yet the suspicious behavior approach is ineffective due to the false positive problem; hence, the current understanding of anti-virus software will never conquer computer viruses.

There are various methods of encrypting and packing malicious software which will make even well-known viruses undetectable to anti-virus software. Detecting these "camouflaged" viruses requires a powerful unpacking engine, which can decrypt the files before examining them. Unfortunately, many popular anti-virus programs do not have this and thus are often unable to detect encrypted viruses.

Companies that sell anti-virus software seem to have a financial incentive for viruses to be written and to spread, and for the public to panic over the threat.

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "Anti-virus software".

 

[drphone]

thanx for knwolege mkuu