Malware

Computer virus and other malware in simple words

A computer virus is a computer program, malicious software, that can replicate itself and spread from one computer to another. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by other computers. Malware also includes  computer worms, Trojan horses, rootkits, spyware and adware.

Infection Strategies – Viruses types

Nonresident viruses – this type of virus search for other files to infect. When a nonresident virus finds a new healthy executable file it replicates itself into healthy executable file.

Resident viruses –  this type of virus loads a replication mechanism into memory and ensures that this mechanism is executed each time the operating system is called to perform a certain operation. The replication mechanism-module can be called each time the operating system executes a file, etc. In this case the virus infects every suitable program that is executed on the computer.

Code injection – can be used to infect operating system files, make antivirus programs unable to detect the virus etc. File hashes stored in Windows, to identify altered Windows files, can also be overwritten so that the System File Checker will report that system files are originals.

Worms

A worm is a standalone malware computer program that replicates itself in order to spread to other computers. A worm can exploit security vulnerabilities to spread itself automatically to other computers through networks. It does not need to attach itself to an existing program like virus does.

Trojan Horses

A Trojan horse is a program that appears harmless but hides malicious functions. When the user executes a Trojan horse, the program performs the expected task for ex. a calculator or an mp3 music converter etc, however, the program is also performing actions unknown to the user. The term is derived from the Trojan Horse story in Greek mythology because Trojan horses employ a form of “social engineering,” presenting themselves as harmless, freeware software tools, in order to persuade victims to install them on their computers.

Spyware

Spyware is a type of malicious software installed on computers that collects information about users without their knowledge. The presence of spyware is hidden from the user and can be difficult to detect. Keyllogers are a type of spyware.

Adware

Adware (advertising-supported software) is a computer software which shows advertisements. These advertisements can be in the form of a pop-up, embedded in the user interface of the main software or on a screen presented to the user during the installation process. Adware is harmless but some adware may come with integrated spyware software such as keyloggers.