Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
HBEDV
GNU bison
Roman abacus
Stresslinux
Security token
Philippines Internet...
Mozilla Thunderbird
recommendation
compare webbrowser
Freenet DSL
Who's Online
11 user(s) are online (10 user(s) are browsing encyclopedia)

Members: 0
Guests: 11

more...
browser tip
Unix Befehle
manual of unix befehle
recommendation!
Sponsored
partner

Malware

Malware (a portmanteau of malicious Software ) is a type of software designed to take over and/ or damage a computer user s operating system, without his or her knowledge or approval. Once installed, it is often very difficult to remove, and depending on the severity of the program installed, its handiwork can range in degree from the slightly annoying (such as unwanted pop up ads while a user is performing regular computing tasks on or offline), to irreparable damage requiring the reformatting of one s hard drive, since much of malware is poorly written. Examples of malware include computer virus and trojan horse (computing)s.

=Classes of malicious software=

Two common types of malware are computer_viruses and computer_worms. These types of computer programs have in common that they are both able to self-replicate; they can spread (possibly modified) copies of themselves. Not every program that copies itself is a virus or worm; for instance, backup software may copy itself to other media as part of a system backup. To be classified as a virus or worm, at least some of these copies have to be able to replicate themselves too, such that the virus or worm can propagate itself. The difference between a virus and a worm is that a worm operates more or less independently of other files, whereas a virus depends on hosts to spread itself.

==Virus==

Viruses have used many sorts of hosts. When Computer_virus first originated, common targets were executable files that are part of application programs and the boot sectors of floppy disks. More recently, most viruses have embedded themselves in e-mail as Email attachments, depending on a curious user opening the viral attachment. In the case of executable files, the infection routine of the virus arranges that when the host code is executed, the viral code gets executed as well. Normally, the host program keeps functioning after it is infected by the virus. Some viruses overwrite other programs with copies of themselves which destroys them altogether. Viruses can spread across computers when the software or document they ve attached themselves to is transferred from one computer to the other.

==Worms==

Computer worms are similar to viruses but are stand-alone software and thus do not require host files (or other types of host code) to spread themselves. They do modify their host operating system, however, at least to the extent that they are started as part of the boot process. To spread, worms either exploit some vulnerability of the target system or use some kind of Social engineering (computer security) to trick users into executing them.

==Wabbit==

A third, uncommon, type of self-replicating malware is the Wabbit. Unlike viruses, wabbits do not infect host programs or documents. Unlike worms, wabbits do not use network functionality in order to spread to other computers. Instead, a wabbit repeatedly replicates itself on a local computer. Wabbits can be programmed to have (malicious) side-effects, in addition to the direct consequences of their quick self-replication. An example of a simple wabbit is a fork bomb.

==Trojan==

A Trojan horse (computing) program is a harmful piece of software that is disguised as legitimate software. Trojan horses cannot replicate themselves, in contrast to viruses or worms. A trojan horse can be deliberately attached to otherwise useful software by a programmer, or it can be spread by tricking users into believing that it is useful. To complicate matters, some trojan horses can spread or activate other malware, such as viruses. These programs are called droppers . A common aftermath is the Trojan attracting a large amount of adware/Spyware, causing lots of popups and web browser instability.

==Backdoor==

A backdoor is a piece of software that allows access to the computer system bypassing the normal authentication procedures. Based on how they work and spread, there are two groups of backdoors. The first group works much like a Trojan, i.e., they are manually inserted into another piece of software, executed via their host software and spread by their host software being installed. The second group works more like a worm in that they get executed as part of the boot process and are usually spread by worms carrying them as their payload. The term Ratware has arisen to describe backdoor malware that turns computers into zombies for sending spam (electronic). The installed software can also be used for anonymizing traffic, brute force cracking of passwords and encryptions, and distributed denial of service attacks (DDOS).

==Spyware==

Spyware is a piece of software that collects and sends information (such as browsing patterns in the more benign cases or credit card numbers in more malicious cases) about users or, more precisely, the results of their computer activity, typically without explicit notification. They usually work and spread like Trojan horses. The category of spyware is sometimes taken to include Adware of the less-forthcoming sort.

==Exploit==

An exploit (computer science) is a piece of software that attacks a particular security vulnerability. Exploits are not necessarily malicious in intent — they are often devised by security researchers as a way of demonstrating that a vulnerability exists. However, they are a common component of malicious programs such as network worms.

==Rootkit==

A rootkit is software inserted onto a computer system after an attacker has gained control of the system. Rootkits often include functions to hide the traces of the attack, as by deleting log entries or cloaking the attacker s processes. Rootkits may also include backdoors, allowing the attacker to easily regain access later; or exploit software to attack other systems. Because they often hook into the operating system at the kernel level to hide their presence rootkits can be very hard to detect. The consensus of computer security experts is that if your system has been compromised by a rootkit you should wipe your hard drives and reinstall the operating system since you can never know if you have successfully removed all traces of the rootkit.

==Key Logger==

A key logger is software that copies a computer user s keystrokes to a file, which it may send to a hacker at a later time. Often the keylogger will only awaken when a computer user connects to a secure website, such as a bank. It then logs the keystrokes, which may include account numbers, PIN s and passwords, before they are encrypted by the secure website.

==Dialers==

A dialer is a program that either replaces the phone number in a modem s dial-up connection with a long-distance number, often out of the country, in order to run up phone charges on pay-per-dial numbers, or dials out at night to send keylogger or other information to a hacker.

==Stealware==

Stealware modifies a web browser s behavior when visiting certain websites. If a site runs an Affiliate scheme which pays commission to whoever refers a visitor, the stealware alters the URL used to access the site, so that it includes the author s referer id. This means that the malware author collects any fees or commission generated by that visitor. This is generally invisible to the user. The author profits from users actions, at the expense of the site owner and any genuine referrer.

The BetterSearch extension, available for Mozilla Firefox, is one example. Its affiliate feature is NOT clearly indicated, and average users have no knowledge about it. Money is earned when users click on the specially formatted links produced by BetterSearch.

=Overuse of the term virus =

Because viruses were historically the first to appear, the term virus is often applied, especially in the popular media, to all sorts of malware. Modern anti-viral software strengthen this broader sense of the term as their operation is never limited to viruses.

Malware should not be confused with defective software, that is, software which is intended for a legitimate purpose but has errors or Computer bugs.

=External links=

  • [http://arstechnica.com/articles/paedia/malware.ars Malware: what it is and how to prevent it]
  • [http://guides.radified.com/magoo/guides/spyware/remove_spyware_01.htm Magoo s Guide to Eliminating Spyware] — Infomation on how to get rid of spyware and keep it from coming back
  • [http://www.antisource.com Antisource.com - Malware Analysis]
  • [http://castlecops.com/ CastleCops] Free support in computer malware removal.
  • [http://www.spywarewarrior.com Spyware Warrior] - Free resources and help for removing all types of Malware
  • [http://www.malwarehelp.org/ten-steps-to-malware-prevention-part-1.html Ten steps to Malware prevention ] - Systematic tutorials on Spyware removal and prevention.
  • [http://www.nerdhelp.com/ Computer Tech Support] — Free online knowledge base for everything from hardware problems to virus fixes.
    		•