How can you get a computer virus or malware?

How can your computer get a virus, trojan, work or spyware? What are the ways malware can infect your Windows computer? What types of files carry virus and malware? We will touch upon these questions in brief and take a look at some files and see if they can infect your computer or phone.

How can you get a computer virus

How can you get a computer virus

The common ways your Windows computer can get infected with a virus or malware are:

  1. You download pirated software
  2. You download and install software from malicious websites
  3. You download and install already compromised apps from official app stores
  4. You install Bundleware without reading the EULA or unchecking the third-party software offers, so as to avoid installing PUPs
  5. You click on links which take you to malicious or compromised websites, which in turn download a malicious code to your PC automatically
  6. You blindly click on social media links from friends, which you tend to trust, that initiate download of malware to your computer or mobile device
  7. You click on malicious email attachments without checking who the sender is
  8. You open infected Office files which have come from another system
  9. You click on malicious advertisements – Malvertising – which have hidden code embedded
  10. You connect an infected USB to your computer and using it without scanning it for malware.

Most used file type as carrier for malware

Executables or .exe files can be dangerous, and so even your email client won’t download such files from emails. EXE, COM, MSI, etc. are three types that you need to be very careful about – whether present in email or downloading from any website. Always scan all attachments and downloads with antimalware before opening them.

Do PDF carry virus? Can you get virus from PDF?

Not just carry malware, but a PDF can also perform the function of Phishing. Portable Document Format (PDF) files contain active elements that can infect your computer. Dynamic elements and Javascript presence make them dangerous. But it largely depends on your PDF reader that parses the file.

If it takes care of all aspects of opening, reading, editing and closing of the files, the chances of getting infected are less. The PDF reader you use should be able to detect stack overflow and scan links inside the PDF file.

Talking of links, it is common for phishers to include one or more redirect URL in PDF files. Innocent readers believe the link and click on it thereby losing their data. One way to get around this is to copy paste links directly into browser address bar so that the URL scanners built into the browser can see if the link is malicious. Not all browsers may have such functions but the mainstreams one’s like Internet Explorer, Edge, Chrome, Firefox do have them. You may also use URL scanners as add-ons for your browser.

So in conclusion, sure you can get a virus from a PDF, and you can also be misled into sharing your information with malicious sites/people using redirect links or shortened links in the file.

Can you get virus from image files?

What can a simple BMP image file do? Well, it can contain few bits of binary code that may execute when you open it and infect your computer. Seemingly innocent looking image files are a foolproof way to strike and spread the virus. How many of us really run malware scanner after downloading images from the Internet?

Users think it is just an image… and that images cannot harm. So they open downloaded images without taking any precaution or view it in the email client with a previewer. In both cases, a portion of the computers RAM keeps data to be shown on screen. As you are viewing the image, the executable binary code spreads to your computer, thereby infecting it.

You can get a virus from image files as you would from any other file types originating from the Internet (email included). An image file like JPG, BMP, PNG, etc can be infected. It could be a Payload or an Exploit. But the virus will not be executed as long as the image is not opened, executed or processed by another program.

An executable .exe file can also be made to appear like an image file by naming it niceimage.jpg.exe. Since Windows by default hides file extensions, users see only the .jpg part and click on it thinking it’s an image file.

For your information, W32/Perrun was the first reported JPEG virus. It extracted data from JPEG files and then injected picture files with infected digital images.

Can Office Documents carry a virus?

Office documents also serve as a good carrier for malware. You might have seen emails where document files are attached, and the email says more details present in the attachment. Since Office documents like docx, doc, docm and similar formats allow active elements, you may be infected. Most of the malware is downloaded by macros present in the documents. That is why Word will not open an internet originating file in edit mode unless you ask it.

Office documents carry Macro Virus if programmed to do so. Scripts and macros make it easy. In most cases, first, the macro runs to infect your computer while the payload is downloaded later – to avoid detection by antimalware.

Can you get virus by watching YouTube?

Depends on how you use the site. YouTube videos as such are not dangerous. But then, few aspects of YouTube are beyond its control – malvertising and in-video programming. Video programming is available to users who have a good number of subscribers. That reduces the scope of being infected. But it may be dangerous if you click on those videos overlaying on the main videos.

It is the same with advertisements. They are active elements, so your computer is vulnerable unless you make it a point not to click advertisements. So the answer is that YouTube videos are not dangerous as long as you take care while interacting with the active content overlaying the main video. The scope of acquiring a virus from YouTube is low, but still, it is there – and it is the same for any other website for that matter!

Can you get virus from Tumblr, Facebook or other social sites?

It again depends on upon what you are trying to do. If you are simply uploading files and not clicking any links, you are safe. Ads against content could be malicious. Links can be URLs that try phishing. If you download an image and open it without scanning for malware, it gets dangerous. The Windows SmartScreen usually does a good job at protecting users from web-based threats.

In short, there is the possibility of socially engineered malware lurking everywhere on the Internet. You need to be on guard. Gone are the days when a virus was delivered via .exe files; now they can carry any file extension and can even be embedded in image files.

Conclusion

So you see the most important precautions you need to take, is to download only trusted software from their official sources, be very careful during its installation and opt out of 3rd party offers, scan any USB or drive which you connect to your device, be very careful before you click on any web links and take precautions before downloading email attachments.

Now read:

  1. How do you tell if your computer has a virus
  2. Tips to secure Windows PC.

You might want to also read about the evolution of malware and how it all began!

Download this VPN to secure all your Windows devices and browse anonymously
Posted by on , in Category Security with Tags
Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.

13 Comments

  1. Ziggy

    Solid and sensible advice, Anand! I also like using online scanners such as VirusTotal. But I reckon the best protection would be those three black spiders in your diagram ferociously guarding all gateways to one’s laptop!

  2. Mészáros Antal

    Great (y)

  3. ReadandShare

    “How many of us really run malware scanner after downloading images from the Internet?”

    I use Win 10’s built-in antivirus. Doesn’t it automatically scan any file I download from the internet? Or do I actually need to right click downloaded files to manually scan them?

  4. You are correct. An AV will scan downloaded files automatically, as well as a USB when connected to your PC.

  5. Madhavi Kalimisetty

    HOW TO GET RID OF $Recycle.Bin shortcut virus from my external HDD

  6. Madhavi Kalimisetty

    anand ji
    i got this virus in my 2TB ext.HDD .My avast failed to scan it .
    what to do.

  7. Madhavi Kalimisetty

    sir
    i have avast pro protection on
    but the $Recycle.Bin and system volume information shortcut trojan malwares have literally gripped all the c drive files under it,that includes the avast and
    malwarebytes
    the scan result says:
    “some archived files and folders could not be scanned
    .both say that there is not threat in the lappy
    but once i placed my ext.HDD ,on another lappy with QUICKHEAL PAID av
    the same is showing the following result
    :failed to extract file
    C:$Recycle.BinS-1-5-21-1289096486-28968053990-796729609-100$RWC91GQ

    the virus is in encrypted form and it is spreading into every folder day by day

  8. Madhavi Kalimisetty

    avast pro was in place prior to the malware attack
    and malwarebytes trial version was downloaded after the trojan crept in..
    please tell me how to get rid of the virus in ext.HDD
    the moment i connect to usb
    the virus is writing direct on to c drive and all the data and pgms are under its hegemony incl.the avast and ,mwbytes
    what else should i use to get rid of the shortcut virus

  9. Back up your data to an external hard drive right away.
    Force Windows to empty all Recycle Bins: https://www.thewindowsclub.com/empty-recycle-bin-command

    Scan your PC with Dr Web standalone portable antivirus from a USB: https://www.thewindowsclub.com/standalone-on-demand-antivirus-scanners

  10. If it is on an external hard drive, why don’t you format it?

  11. Madhavi Kalimisetty

    sir
    my ext hdd is my data backup for the last 10 years and it has 800GB OF valuable data(my children ,now 16 and 12 fotos,office data,valuable movies,valuable education videos made by me,etc
    i value my data hdd more than my lappy sir

  12. Scan it with Dr Web standalone portable antivirus.

  13. Madhavi Kalimisetty

    thank you so much anandji
    i feel immensely educated….thank you once again

Leave a Reply

Your email address will not be published. Required fields are marked *


3 + 3 =