Home
Topics
Microsoft Windows desktop operating systems security management
Patches, alerts and critical updates
Pre-emptive measures for preventing virus attacks

Ask the Expert

Pre-emptive measures for preventing virus attacks

Virus attacks are subtle: The symptoms I've noticed are general slowing of operation, with little to know increase in processes shown by the task manager, but a noted increase in memory consumption of the winlogon task. What things do you look for?

First, I always make sure my virus checker is up-to-date and my system is patched against known vulnerabilities -- and I don't open attachements of any kind unless I truly know what they are and have examined them with a virus checker first. A little protection keeps me from a lot of problems.

To look for a possible viral infection I also look for increased traffic, or outbound traffic of unknown origin (yes, I run a firewall and read the logs, and also filter outbound traffic). I examine log files for known viral or worm signatures. If files are missing, I'm particularly suspicious. I look for unusual activity of any kind. I run an IDS that warns me when unregistered programs attempt to run, or when unusual programs attempt to access the network. I consider many popups to be mobile malicious code, so I also run software that detects their presence on my system and allows me to remove them. I consider many apps which 'phone home' to check for updates to also be potentially malicious and turn them off, too. In short, I try to be proactive and if I can't prevent infection, I try to be more aware of how to identify and get rid of potential harmful software.

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary
- application monitoring (app monitoring)
- drive-by download

This was first published in August 2002

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

Virtual Desktop
Windows Server
Windows IT
Exchange

Virtual Desktop
- How inline deduplication is changing the VDI storage landscape
  
  VDI storage has long been a challenge for virtual desktop admins, but inline deduplication is changing all that.
- Taking advantage of VM snapshots in a virtual desktop environment
  
  With VM snapshots, you can make one desktop VM into many. Just watch out for performance when snapshotting in a virtual desktop environment.
- Planning and managing virtual desktop pools
  
  Virtual desktop pools make management easier, but you have to plan for them and remember that the way you create pools depends on your VDI platform.
Windows Server
- Office, 32-bit Windows fixes included in Patch Tuesday update
  
  Microsoft offered five bulletins in June's Patch Tuesday updates, with 19-vulnerability critical Internet Explorer patch and Windows Server 2008 fixes.
- Q&A: Anderson talks BYOD management in Windows Server 2012 R2
  
  Microsoft's Brad Anderson talks about changes to expect in Windows Server 2012 R2 features, including some to security and enterprise mobility.
- Q&A: Microsoft's Brad Anderson talks Windows Server 2012 R2
  
  Microsoft's Brad Anderson discusses new features in Windows Server 2012, including a faster update cycle and cross-platform integration.
Windows IT
- SharePoint 2013 features: what's new, what's changed and what's gone
  
  Some existing SharePoint features were replaced or dropped in SharePoint 2013. Here's how to work through the changes.
- Prevent hacking in your enterprise with these nine easy steps
  
  There are no foolproof ways to completely stop hacking in an enterprise, but follow these proven and common sense methods to reduce your risk.
- How to advance your cloud skills and get ahead of the gap
  
  There may be a growing shortage of IT pros with cloud skills, but you can take action now and become a valuable asset with the right skills.
Exchange
- Spotlight on top new Exchange 2013 features
  
  There are several new Exchange 2013 features that should interest those debating an upgrade. We examine several standouts and how to work with them.
- How to modify OWA 2013 to support Microsoft Lync
  
  Properly modifying OWA 2013 is necessary to allow users Lync functionality such as instant messaging and presence. We offer the necessary steps here.
- Block badly behaving Exchange ActiveSync devices in Exchange 2013
  
  Misbehaving Exchange ActiveSync devices can put a serious strain on your environment. Take control with new auto-block thresholds in Exchange 2013.

All Rights Reserved,Copyright 2008 - 2013, TechTarget