Q

Pre-emptive measures for preventing virus attacks

Virus attacks are subtle: The symptoms I've noticed are general slowing of operation, with little to know increase in processes shown by the task manager, but a noted increase in memory consumption of the winlogon task. What things do you look for?
First, I always make sure my virus checker is up-to-date and my system is patched against known vulnerabilities -- and I don't open attachements of any kind unless I truly know what they are and have examined them with a virus checker first. A little protection keeps me from a lot of problems.

To look for a possible viral infection I also look for increased traffic, or outbound traffic of unknown origin...

(yes, I run a firewall and read the logs, and also filter outbound traffic). I examine log files for known viral or worm signatures. If files are missing, I'm particularly suspicious. I look for unusual activity of any kind. I run an IDS that warns me when unregistered programs attempt to run, or when unusual programs attempt to access the network. I consider many popups to be mobile malicious code, so I also run software that detects their presence on my system and allows me to remove them. I consider many apps which 'phone home' to check for updates to also be potentially malicious and turn them off, too. In short, I try to be proactive and if I can't prevent infection, I try to be more aware of how to identify and get rid of potential harmful software.

This was first published in August 2002

Dig Deeper

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close