What is a virus?

A Computer Virus is a program that spreads by first infecting files or the system areas of a computer or network router’s hard drive and then making copies of itself. Some viruses are harmless, others may damage data files, and some may destroy files. A virus is simply a computer program. Some viruses are designed to deliberately damage files, and others may just spread to other computers.

A Worm is a type of virus that can spread without human interaction. Worms often spread from computer to computer and take up valuable memory and network bandwidth, which can cause a computer to stop responding. Worms can also allow attackers to gain access to your computer remotely. Unlike worms, viruses often require some sort of user action (e.g., opening an email attachment or visiting a malicious web page) to spread.

A Trojan horse is a computer program that is hiding a virus or other potentially damaging program. A Trojan horse can be a program that purports to do one action when, in fact, it is performing a malicious action on your computer. Trojan horses can be included in software that you download for free or as attachments in email messages.

Viruses used to be spread when people shared floppy disks and other portable media, now viruses are primarily spread through email messages. Most viruses, Trojan horses, and worms are activated when you open an attachment or click a link contained in an email message. If your email client allows scripting, then it is possible to get a virus by simply opening a message. It’s best to limit what HTML is available in your email messages. The safest way to view email messages is in plain text.
Most users get viruses from opening and running unknown email attachments. Never open anything that is attached to an email message unless you know the contents of the file. If you receive an attachment from a familiar email address, but were not expecting anything, you should contact the sender before opening the attachment. If you receive a message with an attachment and you do not recognize the sender, you should delete the message. Selecting the option to view your email messages in plain text, not HTML, will also help you to avoid a virus.

What are some tips to avoid viruses and lessen their impact?

  • Install anti-virus software from a reputable vendor. Update it and use it regularly.
  • In addition to scanning for viruses on a regular basis, install an “on access” scanner (included in most anti-virus software packages) and configure it to start each time you start up your computer. This will protect your system by checking for viruses each time you run an executable file.
  • Use a virus scan before you open any new programs or files that may contain executable code. This includes packaged software that you buy from the store as well as any program you might download from the Internet.
  • If you are a member of an online community or chat room, be very careful about accepting files or clicking links that you find or that people send you within the community.
  • Make sure you back up your data (documents, bookmark files, important email messages, etc.) on disc so that in the event of a virus infection, you do not lose valuable work.

What does anti-virus software do?

Although details may vary between packages, anti-virus software scans files or your computer’s memory for certain patterns that may indicate the presence of malicious software (i.e., malware). Anti-virus software (sometimes more broadly referred to as anti-malware software) looks for patterns based on the signatures or definitions of known malware. Anti-virus vendors find new and updated malware daily, so it is important that you have the latest updates installed on your computer.

Once you have installed an anti-virus package, you should scan your entire computer periodically.

  • Automatic scans– Most anti-virus software can be configured to automatically scan specific files or directories in real time and prompt you at set intervals to perform complete scans.
  • Manual scans– If your anti-virus software does not automatically scan new files, you should manually scan files and media you receive from an outside source before opening them. This process includes:
    • Saving and scanning email attachments or web downloads rather than opening them directly from the source.
    • Scanning media, including CDs and DVDs, for malware before opening files.

Sometimes when the software finds malware, it will produce a dialog box alerting you that it has found malware and ask whether you want it to “clean” the file (to remove the malware). In other cases, the software may attempt to remove the malware without asking you first. When you select an anti-virus package, familiarize yourself with its features so you know what to expect.

Which software should you use? There are many vendors who produce anti-virus software, and deciding which one to choose can be confusing. Anti-virus software typically performs the same types of functions, so your decision may be driven by recommendations, particular features, availability, or price. Regardless of which package you choose, installing any anti-virus software will increase your level of protection.

How do you get the current malware information?

This process may differ depending on what product you choose, so find out what your anti-virus software requires. Many anti-virus packages include an option to automatically receive updated malware definitions. Because new information is added frequently, it is a good idea to take advantage of this option. Resist believing alarmist emails claiming that the “worst virus in history” or the “most dangerous malware ever” has been detected and will destroy your computer’s hard drive. These emails are usually hoaxes. You can confirm malware information through your anti-virus vendor or through resources offered by other anti-virus vendors.

While installing anti-virus software is one of the easiest and most effective ways to protect your computer, it has its limitations. Because it relies on signatures, anti-virus software can only detect malware that has known characteristics. It is important to keep these signatures up-to-date. You will still be susceptible to malware that circulates before the anti-virus vendors add their signatures, so continue to take other safety precautions as well.



Author: US-CERT Publications
Photo: https://www.google.it/search?rlz=1C1CHBF_enIT767IT767&biw=1422&bih=683&tbm=isch&sa=1&ei=5HMAWq-kCoe5aszIuJAG&q=virus+hacker&oq=virus+hacker&gs_l=psy-ab.3..0j0i8i30k1l2.10164.11946.0.12169.….0…1.1.64.psy-ab..0.7.519…0i67k1j0i30k1j0i10i30k1.0.e52h2ITBB_E#imgrc=D9ozD3eK0yGZfM: