Discussion question Essay

The lab consist of using the AVG s post in the virtual form to discover the dissimilar threats that were found which were moved to the virus vault. The window defender was used to verify the different infections and spyw are that were found in the virtual machine. Malware and spyware are emergence trends in the world of technology. It is good to know the steps to take just in case your system is infected with these nasty vicious malware and spyware.This is a screen cam stroke of the offspring of threats that were identified by the scan. concealment shot of the detailed view of the 1st infection CHelixIRRAMwin32ddwin32dd.sys trojan horse cavalry Hider.JIMoved to virus omitScreen shot of the detailed view of the 2nd infection CHelixIRirsoftLSASecretsView.exeMay be infected by un cognise virus Win32/DHHhMXFE8VGwMoved to virus VaultScreen shot of the detailed view of the 3rd infectionCHelixIRinpwdump2.exeMay be infected by unkn stimulate virus Win32/DHHhRPFRsMoved to Virus Vaul tScreen shot of the detailed view of the 4th infection CHelixIRinPsh.exeTrojan horse Dropper.Generic4.BVMAMoved toVirus VaultScreen shot of the 1st detailed spyware CHelixIRirsoftastlog.exepotentially harmful programme Logger.IACMoved to Virus VaultScreen shot of the 2nd detailed spyware CHelixIRFoundstoneFPipe.exePotentially harmful program Tool.ITMoved to Virus VaultScreen shot of the 3rd detailed spyware CHelixIRincryptcat.exePotentially harmful program RemoteAdmin.IHMoved to Virus VaultThis is a screenshot of the Virus Vault.This is a screenshot of the AVGs Threat Detected alert window.This is a screenshot of the productreview.pdf file displayed in the vault.Remediation StepsThere are many steps that can be followed to remove malware and spyware.There are several steps to remove infections such as a Trojan horse or a Trojan dropper from your data processor system. 1. Reboot the system2. Make the system set up is turned off so that the system does restore the infected file. 3. Launch anti-virus software system product that is installed on the system. 4. Go to disk view and highlight your computer and whence select scan/ repair to that the anti-virus can detect the Trojan and put it in the recycle bin. 5. Restart the system and make certain(predicate) the recycle bin is emptied. 6. Make sure the Trojan was scrubd successfully by phlebotomizening another scan.The steps to remove spyware are different than the steps to remove an infection. The steps are as follows 1. First, delete the temporary files.2. Make sure the system restore is turned off.3. Then install anti-virus/ anti-spyware program, an examples would be bit defender, or malwarebyte ant-malware. 4. Run a full scan and whatever is found, then delete it5. Restart computer to make sure the spyware is deleted.This is a screenshot of the File Transfer file.Lab Assessment Questions and Answers1. Workstation and desktop devices are prone to viruses, malware, and malicious software, especially if th e user surfs the Internet and World Wide Web. Given that users connect to the Internet and World Wide Web, what security countermeasures can organizations implement to help mitigate the risk from viruses, malware, and malicious software? Organizations can restrict certain sites, severalisewords like blogs, and mirror sites.Organizations can block ingress of files that contain potentially dangerous content and also administer blocking all compressed executables from entry (Centre for the Protection of National Infrastructure, 2004). They can also make sure specific ports are shut down this can prevent back doors when accessing a site. There are a lot of websites out there that do not need accessibility, especially for work environment.2. Your employees email file attachments to each other and externally through the organizations firewall and Internet connection. What security countermeasures can you implement to help mitigate the risk of knave e-mail attachments and URL Web link s? Many business owners must examine what is at risk when they communicate sensitive data over email. The stolon thing is to make sure that a good virus protection software is install and updated on everyone computer place. Second it is good that all key departments at heart the organization, such as legal IT and H, understand the policies require them to sign off on the email filtering, retention, retrieval and summary policies (Small Business Computing Staff, 2011).3. wherefore is it recommended to do an antivirus signature file update beforeperforming an antivirus scan on your computer? Signature files contain the latest list and behavior of known viruses that why its important to update the antivirus signature file before performing a scan on your computer. Anti-virus programs release signature files updates regularly sometimes daily sometimes more often because new viruses are being identified on a daily basis (Loza, 1999). 4. Once a malicious file is found on your computer , what are the default settings for USB/removable device scanning?What should organizations do regarding use of USB hard drives and slots on existing computers and devices? Many of the USB devices nonplus serial numbers associated with them. Most of the scanning and tracking details would be use with most of the USB mass storage devices. Organizations should immediately disable the auto run on the system. The devices that are connected to the infected computer should be scan for malicious malware and spyware. 5. If you find a suspect executable and wish to perform alive(p) analysis, what does that mean? Dynamic analysis is the testing and evaluation of a program by executing data in real-time (Rouse, 2006). The objective of the dynamic analysis is to find errors in a program while it is running rather than repeatedly examine the code offline. The codes are easily notice while the program is in use to help detect the error codes.6. What is a malware and malicious code sandbox?A san dbox is a virtual environment with its own its own guest operating system where intercepted incoming can be observed (Jackson, 2013). By observing the behavior in the sandbox, it should notice and blocked malware disregarding of whether the code or the vulnerability it exploits is already known.7. What are typical indicators that your computer system is compromised?There are several indicators that your system may be compromised. The computer is extremely slowApplications wont startCant connect to the InternetThe antivirus is turn offThere are entirely different browsers, and item are opening up and there are a lot of pop ups. 8. Where does AVG Business Edition 2012 place viruses, Trojans, worms, and other malicious software when it finds them? When going through the steps in the AVG Business Edition 2012 in the lab the viruses, Trojans, worms, and other malicious software were put in a vault. It was then deleted out of the virus vault. The viruses are quarantined and then isolated and deleted by the user. 9. What other viruses, Trojans, worms, or malicious software were identified and quarantined by AVG within the Virus Vault upon completion of the Whole Computer Scan? There were 4 infections that were found during the whole computer scans. The 4 infections are as follows Trojan horse Hider.JIWin32/DHHhMXFE8VGwWin32/DHHhRPFRsTrojan horse Dropper.Generic4.BVMAIn the scan was also 3 spyware that were found as wellLogger.IACTool.ITRemoteAdmin.IH10. What elements are needed in a workstation soil policy regarding use of antivirus and malicious software prevention tools? It is important that the needed elements are included in the workstation policy to make sure that the antivirus and malicious software are used properly. Tech support must make sure that everyone is following the guidelines of keeping the system safe from malware and spyware. A policy should be in place to let the employees know the importance of using the antivirus and malicious tools properly.C onclusionBy going through the steps in the lab, there were many infections and spyware that were detected and later moved to the virus vault. The different viruses were moved to the vault so that they would not infect the rest of the system. In assessment were steps that must be taken to make sure that the infections and spyware are completely deleted from the system. Therewere many techniques that were learned about infections and spyware and where they should be moved when they are detected by the AVG scan. citationCentre for the Protection of National Infrastructure (2004). Mitigating the risk of Malicious Software. Retrieved from http//www.cpni.gov.uk/documents/publications/2004/2004002 advice_malicious_software.pdf Jackson, W (2013). Hackers new trick for slithering through sandboxes Retrieved from http//gcn.com/blogs/cybereye/2013/02/hackers-new-trick-outwitting-sandboxes.aspxLoza, C, (1999). Why Is It Important to Constantly modify Antivirus Software? Retrieved from http//ww w.ehow.com/facts_6850079_important-constantly-update-antivirus-software_.htmlRouse, M (2006). Dynamic Analysis Retrieved from http//searchsoftwarequality.techtarget.com/definition/dynamic-analysis Small Business for Computing Staff (2011). 5 Email Security Tips to Protect Your Small Business. Retrieved from http//www.smallbusinesscomputing.com/webmaster/article.php/3928231/5-Email-Security-Tips-to-Protect-Your-Small-Business.htm