1- What is a computer virus:
A computer virus is a software program which is able to replicate
itself and spread from one infected computer to another. The infected objects
can be system, program or document files. After infecting your computer, it
might slow it down, damage the contents of the infected files, mislay the data
or defect your computer systems normal operation.
The virus can also use your computer to propagate illegal adverts
and send spam emails that exploit security (adWare), steal your personal
information such as bank account number, credit card number etc. (SpyWare).
Some types of viruses might use your computer to create a bot net (virtual
computer network) to attack other server systems and websites etc.
2- Type of viruses on Windows based computers:
There are a number of computer viruses that can impede the
functioning of your computer. Here are some of the different types of viruses:
Trojan Horse: It is an email virus that is created by a file
attached to the email. If opened, it may scour your hard drive for any personal
and financial information such as your social security, account and PIN
numbers. Once it has collected your info, it is sent via the internet to a
hacker or thief.
Macro Virus: It is a computer virus that infects the Visual Basic
language documents for applications such as Microsoft Word, Microsoft Excel
etc. This type of virus can cause damage (such as removing data on the hard
disk for example).
Worms: It is a program that has the ability to self-replicate
itself. It can move from one computer to another and replicate itself in your
computer system then spread hundreds of its copies to other computers that
might cause wide spread damage.
Rootkit Virus: It is a program that is possible to cover the
processes, files and data in the computer Registry (a database which is used to
save Windows's system and program settings). Rootkit is usually used to hide
the activities of viruses and processes which harm your computer. It is to help
a hacker to control the system.
Bootsector Virus: A virus which attaches itself to the first part
of the hard disk that is read by the computer upon bootup. These are normally
spread by floppy disks.
Logic Bombs: It is a program that is used to send many data to the
same email address and overwhelm the system or block the server connection. It
is also used to threaten others (for example mail bomb etc.).
Memory Resident Virus: This type of virus dwells in the RAM. From
there it can overcome and interrupt the operations executed by the system. It
can corrupt files and programs that are opened, closed, copied, renamed etc.
Multipartite Virus: These viruses spread in multiple ways. It
might vary in its action depending upon where it's installed and the presence
of certain files.
3- How do you get a virus and Prevention:
These are 3 common ways that your computer may get infected by
viruses:
Email: You get an email from a person that contains one or more
viruses. If the attachment is opened, the viruses may infect files in the
computer. The viruses might also send emails to people from your email address
book or email folders automatically. So, you should not open unknown
attachments in emails or do a virus scanning after opening them.
Internet: If you download an exe file or a data file from the
Internet or other shared networks, viruses might be transferred to your
computer. Sometimes the free software programs on the Internet have viruses
especially if downloading from sources such as Torrent or Usenet news groups.
Therefore, if necessary, you should download files from trusted resources.
Peripheral devices: The devices such as MP3 player, USB thumb drive,
Memory card or CD Rom are also means for spreading viruses. So, remember to do
a virus scan for them after they are connected to your computer.
4- Symptoms of virus infection:
These are some of symptoms which may indicate virus activity:
• Your computer has unusual activity (e.g. programs crashing a lot
or running slowly).
• Messages or images (unrelated to your current task) come up
unexpectedly.
• A program may start up unexpectedly.
• Your firewall informs that a certain application is trying to
connect to the Internet (unrelated to what you are working on).
• Your friends say that they get emails from you but you did not
send any to them.
• You receive many system error announcements. (Note: This may
also come from another activity such as a hardware problem or genuine system
error)
• Windows does not run when you start up your computer. (Note:
This may also come from a hard disk problem)
• You realise that folders and files are removed or changed.
• You find that there's an access to your hard disk (one of the
small light is blinking) even though there are no programs running.
• Your web browser has abnormal indications, for example it opens
an unknown web page or you cannot close the browser tabs.
• Advertising pages pop up, desktop wallpaper changes.
• Exe files occur and have the same names as the folders.
• On the right corner of your computer, there is a small symbol
written "Your computer is infected" or "Virus Alert" etc.
• When you open an USB thumb drive, unknown files such as
Autorun.inf, New Folder.exe etc. appear.
• Cannot press Control + Alt + Delete (Task Manager) and you are
warned that Administrator banned it.
• Folder Options disappears.
• Your computer keeps restarting when you try to shut it down.
• You cannot log in your Windows account with the right logon
details.
5- What to do when infected:
• Make sure that your Antivirus software is the latest update. If
necessary, download the update from another computer and update it manually.
• Disconnect from the Internet or Local Area Network (LAN).