Virus attack is one very common threat to our data security and there are many ways of beging attacked or infected and there are also many ways to avoid it and clear it. Virus: Malicious software that attaches itself to other software. For example, a patched software application in which the patch’s algorithm is designed to implement the same patch on other applications, thereby replicating.

Typical Behaviors: Replicates within computer system, potentially attaching itself to every software application. Behavior categories:

* Innocuous
* Humorous
* Data
* Altering
* Catastrophic

Vulnerabilities: All computers. Common categories:

* Boot sector
* Terminate and Stay Resident (TSR)
* Application software
* Stealth (or Chameleon)
* Mutation engine
* Network
* Mainframe

Data loss Prevention for virus:

* Limit connectivity.
* Limit downloads
* Use only authorized media for loading data and software
* Enforce mandatory access controls. Viruses generally cannot run unless host application is running

How to Detect the virus

* Changes in file sizes or date/time stamps
* Computer is slow starting or slow running
* Unexpected or frequent system failures
* Change of system date/time
* Low computer memory or increased bad blocks on disks


* Contain, identify and recover
* Antivirus scanners – look for known viruses
* Antivirus monitors – look for virus related application behaviors
* Attempt to determine source of infection and issue alert

Data recovery from drives due to virus attack is often easy, you just need to clear the virus with anti-virus software or use some data recovery software to scan the lost files. But for some severe virus attack, you need to choose some good data recovery tools which are able to protect the soure drives for further damage.

