How to Detect, Remove and Prevent Viruses

Virus detection

A virus detection program checks the integrity of the binary files. The program maintains the checksum on each file. A mismatch in it indicates virus. Some program resides in the memory and continuously monitors certain memory and I/O operations for guarding against any suspicious behavior.

Virus removal

A generalized virus removal program is very difficult to imagine due to the multiplicity of viruses and the creativity with which they are constructed. However, for some viruses, bit pattern in code can be predicted. In this case virus removal program scans the disk for the patterns of known viruses. On detection it removes them. But, if the virus has already damaged data, then recovery of data is almost impossible.

Virus prevention

User cannot cure the data after viral infection. Hence, the best way is to prevent viruses. The user is always advised to install legal copies of software’s from reliable stores or sources. User should be extremely careful about picking up free, unreliable or illegal software. Frequent back-ups and running of monitoring programs also help in detection and thus subsequent prevention of different viruses.

Points to be remembered while dealing with computer worms and virus

A computer worm is a complete program that can act independently. It does not cause direct harm to the computer system. It just goes spreading in a network and consumes network and system resources to a large extent.  A computer virus is not a complete program but a part of it. It does not act independently. It requires execution and is written with an intention of infecting computer systems. It can cause direct harm to the computer system and can corrupt a code or data.

Counter action against VIRUS and worms

Many work places, schools, and colleges restrict the websites and online services that are made available in their buildings. This is done either with a specialized proxy, called a content filter or by using a cache extension protocol such as ICAP, which allows plug-in extensions to an open caching architecture. Requests made to the open internet must pass through an outbound proxy filter. The web filter company provides a database of URL patterns with associated content attributes. This database is updated weekly by site-wide subscription. The administrator instructs filters the broad class contents (such as pornography, online shopping & gambling). Request that match the filtered URL pattern are rejected immediately. If the requested URL is acceptable, the content is then fetched by the proxy. At this time a dynamic filter may be applied at the return path. For egg. JPEG files can be blocked based on flesh tone matches or language that a filter could dynamically detect as unwanted language.  If the content is rejected then an HTTP fetch error is returned and nothing is cached. Proxies are usually used for content filtering and in business to prevent avoidance of acceptable use of policy, ease administrative burden, since no client browser configuration is required.  Proxies are also used by some ISP’s to save upstream bandwidth and improve customer response times by caching.

If you would like to learn more about dealing with viruses, Paul Brown Training run 1 day courses in London and at selected venues across the UK.