What is a computer virus? 

Most computer viruses are relatively harmless. Some viruses can be present without being detected for years. Although, it must be said that SOME viruses may cause random damage to and over the long run can be disastrous if not checked. Also, some viruses may destroy files and disk. Even harmless viruses can take up valuable disk space and/or main memory by using the central processing unit (CPU) processing time. 

These are various forms of computer viruses: 

•  Computer Virus - term was first used by Fred Cohen in 1984. A computer virus is a small program (block of code) that attaches itself, overwrites or otherwise replaces another program in order to make copies of itself without the knowledge of the user. 
• Worm - A worm is a program (usually stand-alone) that worms its way through either the computer's memory or a disk and alters data that it accesses. I t spread commonly over a computer network. It is different from a computer virus since it does not require a host. 
• Trojan horse - A program that attaches itself to a seemingly innocent program. Trojan horses do not necessarily replicate. But do not be fooled by it though it usually can maliciously destroy your data or hard drive. Hence the term Trojan Horse, innocent outside but a whole lot of trouble in the inside. 
• Logic or time bomb - A program that is activated or triggered after or during a certain event. This may be after several executions or on a certain day like Friday the 13th or 4th of July.

 Why are they a security threat? 

I'm going to present an easy to understand but detailed explanation of viruses and other types of malicious software. For now, it's enough to understand that viruses are  potentially destructive software that spreads from program to program or from disk to disk. Computer viruses, like biological viruses, need a host to infect; in the case of computer viruses this host is an innocent program. If such a program is transferred to your PC, other programs on your PC will become infected. (I'll shortly explain in more detail how this happens.) Even though some viruses do not intentionally damage your data, I consider all viruses to be malicious software since they modify your programs without your permission with occasional disastrous results. The bottom line is that if you have a virus, you are no longer in control of your PC. Every time you boot your PC or execute a program the virus may also be executing and spreading its infection. While most viruses haven't been written to be destructive, almost all viruses can cause damage to your files--mostly because the viruses themselves are very poorly written programs. If viruses destroy nothing else, they destroy your trust in your PC--something that is quite valuable. 

What can I do to protect my computer? 

There is no one way to protect your self short of being paranoid but fear not, strong precautions do exist for you to have a safe computer day: 

• Make sure you have a clean boot-up disk-test it with whatever (UP-TO-DATE) anti-virus software. Make sure it is write-protected. Boot from it and make sure you make copies of the boot disk.
• Use a reputable, up-to-date anti-virus software package that's properly working. Don't be cheap and not pay for the software on-line or not register. Paying for the services will not only encourage anti-virus program writers but also give you the opportunity to ask legitimate questions when needed.
•  Do some reading, because sooner or later whether you're a home or business user you will be infected. So, having a little background knowledge is always good. Business users should make it a policy that their people read the literature to familiarize your people with what is out there.
• Also, make it a point to run an automatic virus check as often as possible (i.e. once week for high traffic usage; home users, biweekly). 

What do I do when I get a virus? 

First of all do not panic! Staying calm is the first action you take. Over reacting can make the problem seem worse. Most viruses that are out there can be eradicated with a good anti-virus package. Better yet, use multiple anti-virus packages to better your chances to eradicate viruses.  Also understand that most suspected viruses infection isn't actually the case.  Following the guidelines below might help you out in having a virus-protected computer: 
 If there is a professional that deals with computer viruses, ASK them first. They know more about viruses than you do.

• Turn off your infected computer and DO NOT let anyone else use it. Close down the system down properly (if you can) so that the system can properly flush the cache/buffer.
• Check the other office machines (if possible) for possible infection and take appropriate steps if an infection has happened.
• If unable to check, assume that all the computers are infected and take precautions to avoid infecting more computers.
• If there are uninfected computers in the vicinity, make sure that you do not use floppy disks from an infected computer.
• Users of infected floppy disks under NO CIRCUMSTANCES should trade disks with others until the disks and the systems are cleaned.
• NO FILES should be traded between the machines via network until it is safe to do so.
• Make sure everyone in the office is aware of a virus infection.
• Get ALL floppy disks together for checking and check ALL of them one by one. This includes write-protected floppies, backups and program master disks.

 What are the symptoms of an effected computer? 

Many people associate destruction--file corruption, 
reformatted disks and the like--with viruses. Machines infected with viruses that do this kind of damage often display such damages too. This is unfortunate, as usually viruses can be detected or prevented from infecting long before they can inflict any (serious) damage, though many viruses have no "payload" at all. Note that viruses that simply reformat the hard disk shortly after infecting a machine tend to wipe themselves out faster than they spread, so don't get far. 

Thus, the more successful viruses typically try to spread as much as possible before delivering their payload, if any. As these tend to be the viruses you are most likely to encounter, you should be aware that there are usually symptoms of virus infection before any (or much!) damage is done. 

 There are various kinds of symptoms that some virus authors have written into their programs, such as messages, music and graphical displays. The main indications, however, are changes in file sizes and contents, changing of interrupt vectors, or the reassignment of other system resources. The unaccounted uses of RAM or reductions in the amount reported to be in the machine are important indicators. Examination of program code is valuable to the trained eye, but even a novice can often spot the gross differences between a valid boot sector and some viral ones. These symptoms, along with longer disk activity and strange behavior from the hardware, may instead be caused by genuine software, by harmless "joke" programs, or by hardware faults. 

The only foolproof way to determine that a virus is present is for an expert to analyze the assembly code contained in all programs and system areas, but this is usually impracticable. Virus scanners go some way towards performing this analysis by looking in that code for known viruses; some even use heuristic means to spot "virus-like" code, but this is not always reliable. It is wise to arm yourself with the latest anti-virus software and to pay close attention to your system. In particular, look for any unexpected change in the memory map or configuration as soon as you start the computer. 
 
What Types of viruses are out there? 

 Boot sector infector - hides in the boot sector of a disk or the partition table of a hard disk and takes over control of the computer system when it is booted. It then copies itself into the computer's memory. When other disks are used, the virus transfers to their boot sectors. The most common boot sector viruses are the Pakistani Brain virus and the Stoned/Marijuana virus. 
 
 Application program infector - The most infectious type of computer viruses is the application program infector or file virus. They may attach to any executable file usually .COM and .EXE files. An application program infector takes control after the initial use of the infected program. Once the virus is in place in the RAM of the computer system, it will potentially infect every program run on the computer until the computer is shut off. The most widespread virus today is the Jerusalem virus. 

Stealth viruses - viruses which attempt to hide their presence. Some of the simple techniques include hiding the change in date and time and hiding the increase in file size. Some even prevents anti-virus software from reading the part of the file where the virus is located. Some also encrypt the virus code using variable encryption techniques. 

Dark Avenger Mutation Engine - a polymorphic encryption program used by virus developers to encrypt the virus in order to avoid detection. The engine uses a special algorithm to generate a completely variable decryption routine each time. No three bytes remain constant from one sample to the next. 

Multipartite virus - virus that infects both the boot sector of a disk as well as application programs. 

Macro viruses - virus that attaches to a word-processing or spreadsheet file (typically an MS Word or Excel file) as a macro. Once the file is accessed, it replaces one of the Word or Excel standard macros with an infected version, which can than infect all subsequent documents.