1- What is a computer virus:
A computer virus is a software program which is able to replicate itself and spread from one infected computer to another. The infected objects can be system, program or document files. After infecting your computer, it might slow it down, damage the contents of the infected files, mislay the data or defect your computer systems normal operation.
The virus can also use your computer to propagate illegal adverts and send spam emails that exploit security (adWare), steal your personal information such as bank account number, credit card number etc. (SpyWare). Some types of viruses might use your computer to create a bot net (virtual computer network) to attack other server systems and websites etc.
2- Type of viruses on Windows based computers:
There are a number of computer viruses that can impede the functioning of your computer. Here are some of the different types of viruses:
Trojan Horse: It is an email virus that is created by a file attached to the email. If opened, it may scour your hard drive for any personal and financial information such as your social security, account and PIN numbers. Once it has collected your info, it is sent via the internet to a hacker or thief.
Macro Virus: It is a computer virus that infects the Visual Basic language documents for applications such as Microsoft Word, Microsoft Excel etc. This type of virus can cause damage (such as removing data on the hard disk for example).
Worms: It is a program that has the ability to self-replicate itself. It can move from one computer to another and replicate itself in your computer system then spread hundreds of its copies to other computers that might cause wide spread damage.
Rootkit Virus: It is a program that is possible to cover the processes, files and data in the computer Registry (a database which is used to save Windows's system and program settings). Rootkit is usually used to hide the activities of viruses and processes which harm your computer. It is to help a hacker to control the system.
Bootsector Virus: A virus which attaches itself to the first part of the hard disk that is read by the computer upon bootup. These are normally spread by floppy disks.
Logic Bombs: It is a program that is used to send many data to the same email address and overwhelm the system or block the server connection. It is also used to threaten others (for example mail bomb etc.).
Memory Resident Virus: This type of virus dwells in the RAM. From there it can overcome and interrupt the operations executed by the system. It can corrupt files and programs that are opened, closed, copied, renamed etc.
Multipartite Virus: These viruses spread in multiple ways. It might vary in its action depending upon where it's installed and the presence of certain files.
3- How do you get a virus and Prevention:
These are 3 common ways that your computer may get infected by viruses:
Email: You get an email from a person that contains one or more viruses. If the attachment is opened, the viruses may infect files in the computer. The viruses might also send emails to people from your email address book or email folders automatically. So, you should not open unknown attachments in emails or do a virus scanning after opening them.
Internet: If you download an exe file or a data file from the Internet or other shared networks, viruses might be transferred to your computer. Sometimes the free software programs on the Internet have viruses especially if downloading from sources such as Torrent or Usenet news groups. Therefore, if necessary, you should download files from trusted resources.
Peripheral devices: The devices such as MP3 player, USB thumb drive, Memory card or CD Rom are also means for spreading viruses. So, remember to do a virus scan for them after they are connected to your computer.
4- Symptoms of virus infection:
These are some of symptoms which may indicate virus activity:
• Your computer has unusual activity (e.g. programs crashing a lot or running slowly).
• Messages or images (unrelated to your current task) come up unexpectedly.
• A program may start up unexpectedly.
• Your firewall informs that a certain application is trying to connect to the Internet (unrelated to what you are working on).
• Your friends say that they get emails from you but you did not send any to them.
• You receive many system error announcements. (Note: This may also come from another activity such as a hardware problem or genuine system error)
• Windows does not run when you start up your computer. (Note: This may also come from a hard disk problem)
• You realise that folders and files are removed or changed.
• You find that there's an access to your hard disk (one of the small light is blinking) even though there are no programs running.
• Your web browser has abnormal indications, for example it opens an unknown web page or you cannot close the browser tabs.
• Advertising pages pop up, desktop wallpaper changes.
• Exe files occur and have the same names as the folders.
• On the right corner of your computer, there is a small symbol written "Your computer is infected" or "Virus Alert" etc.
• When you open an USB thumb drive, unknown files such as Autorun.inf, New Folder.exe etc. appear.
• Cannot press Control + Alt + Delete (Task Manager) and you are warned that Administrator banned it.
• Folder Options disappears.
• Your computer keeps restarting when you try to shut it down.
• You cannot log in your Windows account with the right logon details.
5- What to do when infected:
• Make sure that your Antivirus software is the latest update. If necessary, download the update from another computer and update it manually.
• Disconnect from the Internet or Local Area Network (LAN).
• If Windows is not running, start it in Safe Mode (when turning on your computer, keep pressing F8 as soon as the computer starts running, then choose 'Safe Mode' from the Menu).
• Run a full Anti-Virus scan.
• If your computer is quite infected but you have important files or documents on it, do a full scan with your updated Antivirus software. If it finds viruses, delete all of them then open each ancillary disk (USB, Thumb drive etc.) and look for Autorun.inf files and remove them. Afterward, restart your computer.
• If you have any difficulties with finding a way to remove bad programs, refer to your Internet Security Software Supplier to look for an essential dedicated tool to remove them.
• If you find a bad program, follow the instructions of your Internet Security Software Supplier. Good Security software will provide with options such as disabling infected files, isolating possibly infected files, Worms and Trojans removal.
• If you do not have any important files on your computer disks, format the disk and then re-install your Windows and applications. This is quite an extreme and lengthy process and it's recommended to back up your computer settings prior to commencing. When finished, do not open on any ancillary disks (USB, Thumb drives etc.) yet, install the Antivirus software, do a full scan, find Autorun.inf files and remove them. Restart your computer after that.
• If the Anti-Virus software does not find anything, your computer is possibly not infected. Check your hardware and software that is installed on your computer meets the hardware specifications of the Operating System. Delete unnecessary or unwanted programs to save resources and ensure you have updated your Windows OS via Windows Update.
Lily Tran
http://www.computhai.com/