Thursday, February 25, 2010

WHAT ARE THE SYMPTOMS OF AN INFECTED COMPUTER?

WHAT ARE THE SYMPTOMS OF AN INFECTED COMPUTER?

Computer viruses have become a very big deal as far as computing is concerned and especially when we connect to the internet on daily basis spending hours browsing, checking emails, downloading stuff, transacting e-business, chatting and for playing music and watching movies. The uses of social networking sites have also become a major factor in determining the extent to which people use their computers. Thus the threats of attacks from cyber criminals using malicious programs to exploit the loop holes and vulnerabilities of our computers have become a very serious issue which we must pay attention to.

It’s not always easy to tell if your computer has been compromised or not, even with the most advanced security deployed on your computer. More than ever before, the authors of viruses, worms, Trojans and spyware are going to great lengths to hide their code and conceal what their programs are doing on an infected computer.
That’s why it’s essential to follow the advice given in this article which can also serve as a guide to help you improve upon your computer information security. The prudent thing to do is to install or deploy a very good Internet security software and anti-virus on your computer or server to protect you from cyber attacks. Also make sure that you regularly apply security patches to your operating system and applications and also backup your critical system data and keep them away in a safe place.

You may be using a computer which is already infected by a very notorious and dangerous virus but you are not aware of it and so by the time you realize this, it may be too late to do anything about the situation. It is also very difficult to provide a list of definite characteristic symptoms of a compromised computer because the same symptoms can also be caused by hardware malfunctions and software problems so here are a few events which when they occur might ring a bell to warn you off an attack which is about to occur or an attack which has already occurred.

1. If your computer behaves strangely, i.e. in a way that you haven’t seen before.

2. If you see unexpected messages or images popping up on the screen.

3. If you hear unexpected sounds, played at random.

4. If Programs start unexpectedly, e.g. when your web browser opens by itself and cannot be closed.

5. When your personal firewall tells you that an application has tried to connect to the Internet and it’s not a program that you run frequently.

6. When your friends tell you that they have received e-mail messages from your address even though you never sent them anything.

7. When your computer ‘freezes’ frequently, or programs start running very slowly.

8. When system error messages start appearing too often.

9. When your operating system fails to load when you boot your computer.

10. When you notice that files or folders have been deleted, changed or replicated several times.

11. When you notice frequent system activity even though your computer is supposed to be idling. E.g. when hard disk access is indicated when you’re not running any programs.

12. When you try to shut down your computer and the shut down option is grayed out (the shut down option is disabled).

13. When your computer automatically restarts after you have shut it down. E.g. when you cannot shut down your computer from the operating system.

14. When you notice that your hard disk drive suddenly starts getting full even though you have not stored that much information on it.

15. When you notice that you cannot access the Task Manager. E.g. Task Manager has been grayed out or disabled.

16. When you received loads of unsolicited emails.

17. When you notice that you cannot copy, create or delete files and folders from your hard disk drive.

18. When you notice that your system pass word has been changed so you cannot log into your computer.

19. When you notice that web sites related to antivirus software or the Windows Update service has become inaccessible.

20. When you notice that your antivirus program has been automatically turned off or disabled and you cannot re-start it.

WHAT CAN BE DONE ABOUT IT?

You must act very quickly if you experience any of the above symptoms because it is a clear indication that your computer may be having a hardware or software problem or a virus, worm or Trojan infection so this is what you should do:

1. Disconnect your computer from the Internet immediately.

2. If your operating system will not load, start the computer in Safe Mode by pressing and holding down F8 as soon it begins, then choose 'Safe Mode' from the menu that will appear. If this fails try booting from a rescue CD.

3. Make sure your anti-virus signatures are up-to-date. If possible, don't download new updates using the infected computer, but rather use another computer which you are sure is clean. This is important because if your computer is infected and you connect to the Internet, the malicious program may send important information to a remote hacker, or send itself to people whose e-mail addresses are stored on your computer and this will help spread the virus infection.

4. If you have any problems removing malicious programs, check your antivirus vendor’s web site for information on any dedicated utilities that may be needed to remove a particular malicious program. Kaspersky Lab has very effective removal tools for these malicious codes and viruses. Check them out from the following website:

5. If your computer is connected to a local area network, immediately disconnect it from the network and run a full scan of the infected computer. Also remember to scan all your external storage media as well (pen-drives, flash disks, etc.) because the infection may have already spread onto them.

Good computer information security programs such as those provided by Kaspersky Lab provide you with the option to disinfect objects, quarantine objects that may be infected, and delete worms and Trojans. They also create a report file that lists the names of infected files and the malicious programs found on the computer.

If your antivirus software doesn't find anything, then your computer may probably not be infected after all. You must then check the hardware and software installed on your computer and also remove any unlicensed software and any junk files that may be the cause of the system behaving abnormally and also make sure that you have the latest operating system and application patches and updates installed.

If necessary, contact your Information Security vendor’s technical support department for further advice. You can also ask them how to submit a sample file for analysis by our Kaspersky Lab virus researchers.

Together in our own very small way, let us all help each other through information dissemination such as this one to make cyber space a safe place to be. Remember that if you are not yet protected, I might be the next to be attacked.

No comments:

Post a Comment