Соглашение | Публикация статей

Салон штор - салон.бел
Шторы - calon.by

METHODS OF PROTECTION FROM COMPUTER VIRUSES
Категория: English version

Whatever was not a virus, you need to know the basic methods of protection against computer viruses.
To protect against viruses, you can use:
* General protection of information that are useful as well as insurance against physical damage to the disc, not programs or erroneous actions user;
* Preventive measures to reduce the likelihood of infection;
* Specialized programs to protect against viruses.
Common remedies information useful not only for protection against viruses. There are two main types of funds:
* Copy of the information - the creation of duplicate files and system areas of the disc;
* Distinguish access prevents unauthorized use of information, in particular, protection from changes in programs and data by viruses, not programs and erroneous actions of users.
Despite the fact that the general protection of information is essential to protect against viruses, yet they are not enough. There is a need to use specialized programs to protect against viruses. These programs can be divided into several types: detectors, doctors (Faguy), auditors, doctors, auditors, filters and vaccines (immunizatory).
PROGRAM-detector can detect the files are infected with one of the few known viruses. They check whether the files on a user specified disk specific for this virus, a combination of bytes. When it detects any file on your screen displays a message.
Many detectors have treatment regimens or destruction of infected files.
It should be emphasized that the program detectors can detect only those viruses that are "known". Program Scan firm McAfee Associates and Aidstest DN Can detect some Lozinsky 1000 virus, but a total of more than five thousand! Some detectors, such as Norton AntiVirus or AVSP company "Dialogue-MSU, can adjust to new types of viruses, they need only indicate the combination of bytes inherent in the virus. Nevertheless, it is impossible to develop such a program, which could detect any previously unknown virus.
Thus, the fact that the program has not been identified as infested detectors should not be that it healthy - it can sit any new virus or a slightly modified version of an old virus, unknown program-detectors.
Many detectors (including Aidstest) do not know how to detect contamination of invisible viruses, if such a virus is active in memory. The point is that to read the disc they use functions DOS, and they perehvatyvayutsya virus, which says that all is well. True, Aidstest and other detectors are trying to identify the virus through the viewing of RAM, but against some "hitryh" virus that does not work. So reliable diagnosis program detectors provide only when booting DOS with a clean, sheltered from the floppy disk recording, with a copy of the program-detector should also be started from this disk.
Some detectors, for example, ADinf firm Dialog-Nauka, able to catch the "invisible" viruses, even when they are active. To do this, they read the disk without using the challenges of DOS. True, this method does not work at all drives.
Most detectors have a "Doctor", ie they are trying to restore the infected files or disk area in their original state. Those files that have not been restored, as a rule, are dysfunctional or removed.
Most doctors know how to "treat" only on a fixed set of viruses, so they quickly become obsolete. But some programs may be taught not only how to detect, but also new ways to treat viruses.
This includes AVSP company "Dialogue-MSU."
PROGRAM auditors have two stages of work. First, they remember the status of programs and system disk area (the boot sector and the sector with the table partitioning the hard disk). It is expected that at this point programs and system disks are not infected area. After that, using the auditor may at any time to compare state programs and systemic areas of the disc with the original. On the reported deficiencies identified user.
To check the status of programs and drives held every time you boot the operating system should include a command to run the program auditor in a batch file AUTOEXEC.BAT. This allows you to find any computer virus when he had not yet managed to inflict great harm. Moreover, the same program, the auditor will be able to find a virus damaged files.
Many programs, auditors are very "smart" - they can distinguish between changes in files, such as that caused by the transition to a new version of the program of changes to the virus, and do not cry wolf. The fact is that the virus is usually modify files very specific way and make the same change in different software files. It is clear that in normal circumstances, such changes are almost never found, so the program auditor, record of such changes can confidently report that they are caused by a virus that is.
It should be noted that many of the programs, auditors can not detect contamination "invisible" viruses, if such a virus is active in memory. But some programs, auditors, for example ADinf firm Dialog-Nauka, still know how to do it without using calls for DOS disk (though they do not work at all drives). Other programs often use different half - trying to find the virus in memory, call the challenges of the first line of the file AUTOEXEC.BAT, hoping to work on the "pure" computer, etc. Alas against some "hitryh viruses all this is useless.
To verify that the file whether unchanged, some programs, auditors check the length of the file. But this inspection is not sufficient - some viruses do not change the length of infected files. A more reliable verification - to read the entire file and compute the checksum. Edit the file so that the checksum remains virtually impossible.
Recently, there have been very useful hybrid auditors and doctors, that is Doctor-AUDITOR - programs that not only can detect changes in files and system areas discs, but can change automatically in the event returned to its original state. Such programs can be much more universal than-doctorate programs, because they use in the treatment of pre-stored information on the status of files and areas of the disc. This allows them to remedy the files, even from those viruses that have not been established at the time of writing programs.
But they can not treat all viruses, but only from those who use "standard", known at the time of writing programs, infected files.
There are also software filters that are resident in RAM, and intercept those resorting to the operating system, used by viruses to reproduction and harm, and report them to the user. The user can enable or disable execution of the operation.
Some filters are not "catch" suspicious activities, and inspect the implementation of the program caused by viruses. This is slowing down the computer.
However, the advantages of software filters is very important - they make it possible to detect many viruses at a very early stage, when the virus has not yet managed to reproduce and anything to spoil. In doing so, can be reduced losses from the virus to a minimum.
PROGRAM-VACCINE or IMMUNIZATORY, modify programs and disks in a way that does not affect the work programs, but the virus, of which the vaccination, believes these programs or disks are already infected. These programs are very inefficient.
Neither type of antivirus software separately does not provide complete protection against viruses. The best strategy for protection from viruses is a multilevel, "eshelonirovannaya" defense. Describe the structure of the defense.
Intelligence capabilities in the defense of virus-detection program correspond to inspect the newly acquired software for viruses.
At the front line of defense is software filters. These programs may be the first to report on the virus and prevent infection of the programs and CDs.
The second tier defense program, auditors, program doctors and doctor auditors.
The most profound line of defense - this means access control. They do not allow the virus and the wrong programs, even if they have entered into a computer, corrupt important data.
The "strategic reserves" are archived copies. This allows you to restore the information when it is damaged.
This is an informal description of the methodology allows a better understanding of the use of antivirus tools.


Статьи по теме:

Corporate Information System (Crm, Erp, mobile commerce)
Gigabit Ethernet Technology
The destruction of computer data
The counterfeiting of computer information
Spam and how to cope with it
Legal and technical documents
The scheme of the free acceleration of Internet
Black Banner - 25y frame the Internet
The choice of antivirus software for home computer
Spyware battle; Use of firewall protection
Development of Iron Industry Or Who Wanted Now Multi Processors
Hold printing
Routers NetGear
The program 1S Accounting Enterprise 8
Preventive methods that reduce fatigue while working for a computer
Three Training from well-known vendors: Especially for «antiviral Decisions»
Changing the design desktop
New Decision on the market Soa
The development of databases on Msde 2000, working with Free Database Mssql
Protection of information. Passwords At Rar archives
Implementation Crm Systems Quick Sales 2 The Company «Epos»
Inkjet Plotters (SP, INK-JET PLOTTER)
Completed work on setting up a new product Alee Archive 3 for work with DBMS
Reduced-occupied Windows XP disk space
Microsoft Great Plains to customers in Russia: how to find a consultant and the most frequent questions
Care home PC
How to make the right choice? 1C: Enterprise 7.7. or 8.0
Crm system, introduction Crm Systems
Geographic Information Systems (GIS) as a means of collecting and analyzing Geodannyh
Opportunities for Windows XP
Integration Ibm Rational Clearquest and Microsoft Project - The key to successful planning
What your child is doing online?
Erg-exercises to improve posture
Animation on your computer desk
The structure of the PC
Best Antivirus
Download Mozilla
Free Internet Or How to Become a Hacker
Tray Microsoft Windows XP
Mikrokontrolleryne System
NETGEAR Network
Tame your registration with the Windows software cleaning registry
The history of personal computers
The company Janet Systems Llc Presented Soa-Platform The exhibition «E-Kazakhstan»
Loss of information - whether it can be avoided?
MAINTENANCE AND spread of computer viruses
Switches NetGear
ISA bus
«Rolling» to previous versions of Microsoft Windows
More Software invites you to Docflow 2008!
Linear Magnetic Recording Dlt (Dlt-V/Sdlt/Dlt-S4)
Installing Windows Xp on a network without the use of Ris
Architecture Risc Computational kernels
Client accounting, Accounting orders - the most popular Software
Mistakes Windows registry repair