Malware, "malicious software", is software developed
for the purpose of doing harm.
Malware can be classified based on how they get executed, how they
spread, and/or what they do. The classification is not perfect, however,
in the sense that the groups often overlap and the difference is
often not obvious.
Classes of malicious software
The first type of malware to evolve was the computer virus. Viruses
work and spread (within the infected system) by attaching themselves
to other pieces of software (or in the case of macro viruses, to
documents), such that during the execution of the program the viral
code is executed. Viruses spread across computers when the software
or document they attached themselves to is transferred from one
computer to the other.
Computer worms are similar to viruses but are stand-alone software
and thus do not require other pieces of software to attach themselves
to. They do modify their host operating system, however, at least
to the extent that they are started as part of the boot process.
Worms spread, either by exploiting some vulnerability of the target
system, or by using some kind of social engineering to trick users
into executing them.
Trojan horses are similar to viruses in that they get executed by
being part of an otherwise useful piece of software. However, Trojan
horses are attached to the host software manually, they cannot infect
other pieces of software the way viruses can, nor can they replicate
themselves. To spread, Trojan horses rely on the useful features
of the host software, which trick users to install them. One of the
most insidious types of Trojan horse is a program that claims to
rid your computer of viruses but instead introduces viruses onto
A Backdoor is a piece of software that allows access to the computer
system, bypassing the normal authentication procedures. Based on
how they work and spread there are two groups of backdoors. The first
group works much like a Trojan, i.e., they are manually inserted
into another piece of software, executed via their host software
and spread by their host software being installed. The second group
works more like a worm in that they get executed as part of the boot
process and are usually spread by worms carrying them as their payload.
Spyware is a piece of software that collects and sends information
(such as browsing patterns in the more benign case or credit card
numbers in more serious ones) on users. They usually work and spread
like Trojan horses. The category of spyware is sometimes taken to
include adware of the less-forthcoming sort.
An Exploit is a piece of software that attacks a particular security
vulnerability. Exploits are not necessarily malicious in intent — they
are often devised by security researchers as a way of demonstrating
that a vulnerability exists. However, they are a common component
of malicious programs such as network worms.
A Rootkit is software inserted onto a computer system after an attacker
has gained control of the system. Rootkits often include functions
to hide the traces of the attack, as by deleting log entries or cloaking
the attacker's processes. Rootkits may also include backdoors, allowing
the attacker to easily regain access later; or exploit software to
attack other systems.
Phoney or Hoax Viruses
There are many instances where hoax virus warning messages have been
sent which suggest that the recipient may have a particular virus,
together with helpful instructions about how to confirm and eliminate
the virus. These messages almost invariably tell you to look for
a particular file and if it is present, delete it. In most cases
the file which they mention is a Windows system file which if deleted,
will cause serious running problems. If in doubt, run an internet
search on Google for the filename, and you will almost cetainly
find information about it, and any recent scam.
Prevention --> Spam Blockers
How to stop Malware
As with all unwanted internet files and applications, there are three
essential actions to be considered:
1. Malware Scanning to detect whether any file has secreted itself
on your drives or in your registry
2. Malware Removal. This involves software that can identify and
remove the malware
3. Malware Prevention. It is essential that you block any further
invasion once you have removed any existing malware files