
Malware (a portmanteau of "malicious software") is any software program developed for the purpose of causing harm to a computer system, similar to a virus or trojan horse. Malware can be classified based on how it is executed, how it spreads, and/or what it does. The classification is not perfect, however, in the sense that the groups often overlap and the difference is not always obvious, giving rise to frequent flame wars. ==Classes of malicious software== Two common types of malware are computer_viruses and computer_worms. These types of programs have in common that they are both able to self-replicate; they can spread (possibly modified) copies of themselves. Not every program that copies itself is a virus or worm; for instance, backup software may copy itself to other media as part of a system backup. To be classified as a virus or worm, at least some of these copies have to be able to replicate themselves too, such that the virus or worm can propagate itself. The difference between a virus and a worm is that a worm operates more or less independently of other files, whereas a virus depends on hosts to spread itself. ===Virus=== Viruses have used many sorts of hosts. When computer viruses first originated, common targets were executable files that are part of application programs and the boot sectors of floppy disks, and later documents that can contain macro scripts; more recently, most viruses have embedded themselves in e-mail as Email_Attachment, depending on a curious user opening the viral attachment. In the case of executable files, the infection routine of the virus arranges that when the host code is executed, the viral code gets executed as well. Normally, the host program keeps functioning after it is infected by the virus. Some viruses overwrite other programs with copies of themselves, however, which destroys these files. Viruses spread across computers when the software or document they attached themselves to is transferred from one computer to the other. ===Worms=== Computer worms are similar to viruses but are stand-alone software and thus do not require host files (or other types of host code) to spread themselves. They do modify their host operating system, however, at least to the extent that they are started as part of the boot process. To spread, worms either exploit some vulnerability of the target system or use some kind of social engineering to trick users into executing them. ===Wabbit=== A third, uncommon, type of self-replicating malware is the wabbit. Unlike viruses, wabbits do not infect host programs or documents. Unlike worms, wabbits do not use network functionality in order to spread to other computers. An example of a simple wabbit is a fork bomb. ===Trojan=== A Trojan horse (computing) program is a harmful piece of software that is disguised as legitimate software. Trojan horses cannot replicate themselves, in contrast to viruses or worms. A trojan horse can be deliberately attached to otherwise useful software by a programmer, or it can be spread by tricking users into believing that it is useful. To complicate matters, some trojan horses can spread or activate other malware, such as viruses. These programs are called 'droppers'. A common aftermath is the Trojan attracting a large amount of adware/spyware, causing lots of popups and web browser instability. ===Backdoor=== A backdoor is a piece of software that allows access to the computer system bypassing the normal authentication procedures. Based on how they work and spread, there are two groups of backdoors. The first group works much like a Trojan, i.e., they are manually inserted into another piece of software, executed via their host software and spread by their host software being installed. The second group works more like a worm in that they get executed as part of the boot process and are usually spread by worms carrying them as their payload. The term Ratware has arisen to describe backdoor malware that turns computers into zombies for sending spam. ===Spyware=== Spyware is a piece of software that collects and sends information (such as browsing patterns in the more benign cases or credit card numbers in more malicious cases) about users or, more precisely, the results of their computer activity, typically without explicit notification. They usually work and spread like Trojan horses. The category of spyware is sometimes taken to include adware of the less-forthcoming sort. ===Exploit=== An exploit (computer science) is a piece of software that attacks a particular security vulnerability. Exploits are not necessarily malicious in intent — they are often devised by security researchers as a way of demonstrating that a vulnerability exists. However, they are a common component of malicious programs such as network worms. ===Rootkit=== A rootkit is software inserted onto a computer system after an attacker has gained control of the system. Rootkits often include functions to hide the traces of the attack, as by deleting log entries or cloaking the attacker's processes. Rootkits may also include backdoors, allowing the attacker to easily regain access later; or exploit software to attack other systems. Because they often hook into the operating system at the kernel level to hide their presence rootkits can be very hard to detect. The consensus of computer security experts is that if your system has been compromised by a rootkit you should wipe your hard drives and reinstall the operating system since you can never know if you have successfully removed all traces of the rootkit. ===Key Logger=== A key logger is software that copies a computer user's keystrokes to a file, which it may send to a hacker at a later time. Often the keylogger will only "awaken" when a computer user connects to a secure website, such as a bank. It then logs the keystrokes, which may include account numbers, PIN numbers and passwords, ''before'' they are encrypted by the secure website. ===Dialers=== A dialer is a program that either replaces the phone number in a modem's dial-up connection with a long-distance number, often out of the country, in order to run up phone charges on pay-per-dial numbers, or dials out at night to send keylogger or other information to a hacker. ===URL injection=== This software modifies the browser's behavior with respect to some- or all domains. It modifies the url submitted to the server to profit from a given Affiliate scheme by the content provider of the given domain. This is often transparent to the user. The author profits at the expense of the user -- often surreptitiously. ==Overuse of the term "virus"== Because viruses were historically the first to appear, the term "virus" is often applied, especially in the popular media, to all sorts of malware. Modern anti-viral software strengthen this broader sense of the term as their operation is never limited to viruses. Malware should not be confused with defective software, that is, software which is intended for a legitimate purpose but has errors or Computer bugs. ==See also== * Comparison of operating systems (security) ==External links== * [http://arstechnica.com/articles/paedia/malware.ars "Malware: what it is and how to prevent it"] * [http://www.antisource.com Antisource.com - Malware Analysis] * [http://www.spywarewarrior.com Free resources and help for removing all types of Malware] * [http://www.2-spyware.com/parasites.php Malware parasites] — List of all types of malware with removal istructions. Portmanteaus Malware vi:Phần mềm ác tính
Malware (a contraction of "malicious software") refers to software developed for the purpose of doing harm. Computer security Software
:"Viruses work and spread (within the infected system) by attaching themselves to other pieces of software (...)" This sentence is used in the article to give a definition of ''computer virus''. Although I think it's pretty reasonable, I don't think that this definition is completely correct. The problem, in my opinion, is the word ''attaching''. Some viruses do not attach their code to a host program, but simply overwrite executable files (e.g. the Trivial family on the DOS platform, some bootsector-viruses). Other viruses do not write to program files of software at all, but 'infect' executable files by manipulating non-executable structures (e.g. FAT-Infectors such as Dir-II, Companion viruses in MS-DOS). So, I think it would be more accurate to say that "A computer virus spreads by means of hosts, which typically are executable files that are a part of legitimate software. Some viruses use other types of hosts: for example, macro viruses attach themselves to documents and bootsector viruses use boot sectors of computer media. Normally, a virus attaches itself to other software in a way that ensures the virus is executed first. "User:Sietse Snel 21:46, 15 Sep 2004 (UTC) :I have rewritten the paragraph about viruses in the light of your comments. I take a "virus" to mean any code that infects other executable code — a boot sector is executable code. —User:Fubar Obfusco 22:43, 15 Sep 2004 (UTC) ::Thanks, that looks better to me. I have also added some other criteria to the definitions . User:Sietse Snel 11:07, 16 Sep 2004 (UTC) ==Portmanteau== Malware (a portmanteau of "malicious software")... this is not. According to [1] (in dictionary.com [2]), ''Mal'' in english is a prefix meaning ''Bad''. Malicious is not the source. I suggest changing it. # The American Heritage® Dictionary of the English Language, Fourth Edition # http://dictionary.reference.com/search?q=mal :I'm not so sure. The fact that a string of letters can be a prefix does not mean that it is ''always'' being used as a prefix when it occurs at the start of a word. For instance, ''ant-'' is a prefix meaning "opposed", as in ''antonym'' or ''antithesis''. However, it is not a prefix in ''antenna'' or ''anthrax''. An antenna is not opposed to an enna. ☺ :My searches suggest that the word "malware" is generally understood to be a contraction (or "portmanteau word" — Lewis Carroll's expression for a playful contraction of words) of "''mal''icious soft''ware''". See, e.g., [http://www.google.com/search?q=define:malware&ie=UTF-8&oe=UTF-8 Google define:malware] or [http://www.google.com/search?hl=en&lr=&safe=off&c2coff=1&q=malware+malicious&btnG=Search Google:malware malicious]. :Moreover, as a prefix, ''mal-'' does not mean "malicious"; as you note, it simply means "bad". However, the term "malware" is not used to mean "bad software" — that is, software of poor quality, or things that are not good at being software. It is used, rather, to mean software that is written or released with the intent to cause harm. This, too, suggests that the etymology is from "malicious software" and is a portmanteau. :The portmanteau formation in ''-ware'' to refer to categories of software is very common. Consider ''shareware'' (shareable software), ''adware'' (advertisement software), or ''shovelware'' (shoveled software — a '90s term for the obligatory heap of poor-quality shareware bundled with some computers and products). —User:Fubar Obfusco 00:07, 27 Oct 2004 (UTC) ---- == Overuse of the term "virus" == Referring to the section "overuse of the term 'virus'", it's worse than you think. I've even seen people use "virus" to refer to accidental ill effects, such as the Y2K bug, which was called the "Y2K virus" in Finnish media. :Worse - I've heard the term "trojan horse virus" being used recently, most notably in an ISP TV ad. That bugs me (no pun intended) since by definition, something can't be a trojan horse and a virus at the same time. A trojan can be a ''dropper'' for viruses though. :I also saw an article on the malware that spreads via emails with a Michael Jackson subject, that used the words ''spam'', ''trojan horse'', ''virus'', and ''malware'', and only ''malware'' was used correctly. oh well. :User:AcidHelmNun 04:33, Jun 14, 2005 (UTC) ==Phising== Does Phising fall under this?--User:Jondel 08:52, 31 Mar 2005 (UTC) :Phishing is a form of fraud. It does not involve getting any software installed upon the victim's computer, so it is not malware. --User:Fubar Obfusco 15:27, 31 Mar 2005 (UTC) ::What about changing "URL injection" into "URL injectors", if it is meant to denote a piece of software and _not a method_? Or, "Injected URLs"?
Is there to be so subcategory Malware:Known_Programs ? Currenly in Malware category there are link to backdoor (wich is a class of programs) and such programs like NetBus or Sub7 or BackOrifice - that are examples of that class of programs. Imho that mixing is not nice.
See other meanings of words starting from letter:
Words begining with Malware:
Malware
Malware
Malware
Malware
Malware_scanner
Malware
Malware (a portmanteau of "malicious software") is any software program developed for the purpose of causing harm to a computer system, similar to a virus or trojan horse. Malware can be classified based on how it is executed, how it spreads, and/or what it does. The classification is not perfect, however, in the sense that the groups often overlap and the difference is not always obvious, giving rise to frequent flame wars. ==Classes of malicious software== Two common types of malware are computer_viruses and computer_worms. These types of programs have in common that they are both able to self-replicate; they can spread (possibly modified) copies of themselves. Not every program that copies itself is a virus or worm; for instance, backup software may copy itself to other media as part of a system backup. To be classified as a virus or worm, at least some of these copies have to be able to replicate themselves too, such that the virus or worm can propagate itself. The difference between a virus and a worm is that a worm operates more or less independently of other files, whereas a virus depends on hosts to spread itself. ===Virus=== Viruses have used many sorts of hosts. When computer viruses first originated, common targets were executable files that are part of application programs and the boot sectors of floppy disks, and later documents that can contain macro scripts; more recently, most viruses have embedded themselves in e-mail as Email_Attachment, depending on a curious user opening the viral attachment. In the case of executable files, the infection routine of the virus arranges that when the host code is executed, the viral code gets executed as well. Normally, the host program keeps functioning after it is infected by the virus. Some viruses overwrite other programs with copies of themselves, however, which destroys these files. Viruses spread across computers when the software or document they attached themselves to is transferred from one computer to the other. ===Worms=== Computer worms are similar to viruses but are stand-alone software and thus do not require host files (or other types of host code) to spread themselves. They do modify their host operating system, however, at least to the extent that they are started as part of the boot process. To spread, worms either exploit some vulnerability of the target system or use some kind of social engineering to trick users into executing them. ===Wabbit=== A third, uncommon, type of self-replicating malware is the wabbit. Unlike viruses, wabbits do not infect host programs or documents. Unlike worms, wabbits do not use network functionality in order to spread to other computers. An example of a simple wabbit is a fork bomb. ===Trojan=== A Trojan horse (computing) program is a harmful piece of software that is disguised as legitimate software. Trojan horses cannot replicate themselves, in contrast to viruses or worms. A trojan horse can be deliberately attached to otherwise useful software by a programmer, or it can be spread by tricking users into believing that it is useful. To complicate matters, some trojan horses can spread or activate other malware, such as viruses. These programs are called 'droppers'. A common aftermath is the Trojan attracting a large amount of adware/spyware, causing lots of popups and web browser instability. ===Backdoor=== A backdoor is a piece of software that allows access to the computer system bypassing the normal authentication procedures. Based on how they work and spread, there are two groups of backdoors. The first group works much like a Trojan, i.e., they are manually inserted into another piece of software, executed via their host software and spread by their host software being installed. The second group works more like a worm in that they get executed as part of the boot process and are usually spread by worms carrying them as their payload. The term Ratware has arisen to describe backdoor malware that turns computers into zombies for sending spam. ===Spyware=== Spyware is a piece of software that collects and sends information (such as browsing patterns in the more benign cases or credit card numbers in more malicious cases) about users or, more precisely, the results of their computer activity, typically without explicit notification. They usually work and spread like Trojan horses. The category of spyware is sometimes taken to include adware of the less-forthcoming sort. ===Exploit=== An exploit (computer science) is a piece of software that attacks a particular security vulnerability. Exploits are not necessarily malicious in intent — they are often devised by security researchers as a way of demonstrating that a vulnerability exists. However, they are a common component of malicious programs such as network worms. ===Rootkit=== A rootkit is software inserted onto a computer system after an attacker has gained control of the system. Rootkits often include functions to hide the traces of the attack, as by deleting log entries or cloaking the attacker's processes. Rootkits may also include backdoors, allowing the attacker to easily regain access later; or exploit software to attack other systems. Because they often hook into the operating system at the kernel level to hide their presence rootkits can be very hard to detect. The consensus of computer security experts is that if your system has been compromised by a rootkit you should wipe your hard drives and reinstall the operating system since you can never know if you have successfully removed all traces of the rootkit. ===Key Logger=== A key logger is software that copies a computer user's keystrokes to a file, which it may send to a hacker at a later time. Often the keylogger will only "awaken" when a computer user connects to a secure website, such as a bank. It then logs the keystrokes, which may include account numbers, PIN numbers and passwords, ''before'' they are encrypted by the secure website. ===Dialers=== A dialer is a program that either replaces the phone number in a modem's dial-up connection with a long-distance number, often out of the country, in order to run up phone charges on pay-per-dial numbers, or dials out at night to send keylogger or other information to a hacker. ===URL injection=== This software modifies the browser's behavior with respect to some- or all domains. It modifies the url submitted to the server to profit from a given Affiliate scheme by the content provider of the given domain. This is often transparent to the user. The author profits at the expense of the user -- often surreptitiously. ==Overuse of the term "virus"== Because viruses were historically the first to appear, the term "virus" is often applied, especially in the popular media, to all sorts of malware. Modern anti-viral software strengthen this broader sense of the term as their operation is never limited to viruses. Malware should not be confused with defective software, that is, software which is intended for a legitimate purpose but has errors or Computer bugs. ==See also== * Comparison of operating systems (security) ==External links== * [http://arstechnica.com/articles/paedia/malware.ars "Malware: what it is and how to prevent it"] * [http://www.antisource.com Antisource.com - Malware Analysis] * [http://www.spywarewarrior.com Free resources and help for removing all types of Malware] * [http://www.2-spyware.com/parasites.php Malware parasites] — List of all types of malware with removal istructions. Portmanteaus Malware vi:Phần mềm ác tính
Malware
Malware (a contraction of "malicious software") refers to software developed for the purpose of doing harm. Computer security Software
Malware
:"Viruses work and spread (within the infected system) by attaching themselves to other pieces of software (...)" This sentence is used in the article to give a definition of ''computer virus''. Although I think it's pretty reasonable, I don't think that this definition is completely correct. The problem, in my opinion, is the word ''attaching''. Some viruses do not attach their code to a host program, but simply overwrite executable files (e.g. the Trivial family on the DOS platform, some bootsector-viruses). Other viruses do not write to program files of software at all, but 'infect' executable files by manipulating non-executable structures (e.g. FAT-Infectors such as Dir-II, Companion viruses in MS-DOS). So, I think it would be more accurate to say that "A computer virus spreads by means of hosts, which typically are executable files that are a part of legitimate software. Some viruses use other types of hosts: for example, macro viruses attach themselves to documents and bootsector viruses use boot sectors of computer media. Normally, a virus attaches itself to other software in a way that ensures the virus is executed first. "User:Sietse Snel 21:46, 15 Sep 2004 (UTC) :I have rewritten the paragraph about viruses in the light of your comments. I take a "virus" to mean any code that infects other executable code — a boot sector is executable code. —User:Fubar Obfusco 22:43, 15 Sep 2004 (UTC) ::Thanks, that looks better to me. I have also added some other criteria to the definitions . User:Sietse Snel 11:07, 16 Sep 2004 (UTC) ==Portmanteau== Malware (a portmanteau of "malicious software")... this is not. According to [1] (in dictionary.com [2]), ''Mal'' in english is a prefix meaning ''Bad''. Malicious is not the source. I suggest changing it. # The American Heritage® Dictionary of the English Language, Fourth Edition # http://dictionary.reference.com/search?q=mal :I'm not so sure. The fact that a string of letters can be a prefix does not mean that it is ''always'' being used as a prefix when it occurs at the start of a word. For instance, ''ant-'' is a prefix meaning "opposed", as in ''antonym'' or ''antithesis''. However, it is not a prefix in ''antenna'' or ''anthrax''. An antenna is not opposed to an enna. ☺ :My searches suggest that the word "malware" is generally understood to be a contraction (or "portmanteau word" — Lewis Carroll's expression for a playful contraction of words) of "''mal''icious soft''ware''". See, e.g., [http://www.google.com/search?q=define:malware&ie=UTF-8&oe=UTF-8 Google define:malware] or [http://www.google.com/search?hl=en&lr=&safe=off&c2coff=1&q=malware+malicious&btnG=Search Google:malware malicious]. :Moreover, as a prefix, ''mal-'' does not mean "malicious"; as you note, it simply means "bad". However, the term "malware" is not used to mean "bad software" — that is, software of poor quality, or things that are not good at being software. It is used, rather, to mean software that is written or released with the intent to cause harm. This, too, suggests that the etymology is from "malicious software" and is a portmanteau. :The portmanteau formation in ''-ware'' to refer to categories of software is very common. Consider ''shareware'' (shareable software), ''adware'' (advertisement software), or ''shovelware'' (shoveled software — a '90s term for the obligatory heap of poor-quality shareware bundled with some computers and products). —User:Fubar Obfusco 00:07, 27 Oct 2004 (UTC) ---- == Overuse of the term "virus" == Referring to the section "overuse of the term 'virus'", it's worse than you think. I've even seen people use "virus" to refer to accidental ill effects, such as the Y2K bug, which was called the "Y2K virus" in Finnish media. :Worse - I've heard the term "trojan horse virus" being used recently, most notably in an ISP TV ad. That bugs me (no pun intended) since by definition, something can't be a trojan horse and a virus at the same time. A trojan can be a ''dropper'' for viruses though. :I also saw an article on the malware that spreads via emails with a Michael Jackson subject, that used the words ''spam'', ''trojan horse'', ''virus'', and ''malware'', and only ''malware'' was used correctly. oh well. :User:AcidHelmNun 04:33, Jun 14, 2005 (UTC) ==Phising== Does Phising fall under this?--User:Jondel 08:52, 31 Mar 2005 (UTC) :Phishing is a form of fraud. It does not involve getting any software installed upon the victim's computer, so it is not malware. --User:Fubar Obfusco 15:27, 31 Mar 2005 (UTC) ::What about changing "URL injection" into "URL injectors", if it is meant to denote a piece of software and _not a method_? Or, "Injected URLs"?
Malware
Is there to be so subcategory Malware:Known_Programs ? Currenly in Malware category there are link to backdoor (wich is a class of programs) and such programs like NetBus or Sub7 or BackOrifice - that are examples of that class of programs. Imho that mixing is not nice.
See other meanings of words starting from letter:
M
MA | MB | MC | MD | ME | MF | MG | MH | MI | MJ | MK | ML | MN | MO | MP | MR | MS | MT | MU | MW | MX | MY | MZ |Words begining with Malware:
Malware
Malware
Malware
Malware
Malware_scanner
These materials are based on Wikipedia and licensed under the GNU FDL
YouTube.com videos better site than Turbo Tax 2007
