What is a Malicious program?
If your computer is infected?
Back to Resource Center
Malicious programs can be divided into the following groups: worms, viruses, trojans, hacker utilities and other malware. All of these are designed to damage the infected machine or other networked machines.
This category includes programs that propagate via LANs or the Internet with the following objectives:
Worms use different networking systems to propagate: email, instant messaging, file-sharing (P2P), IRC channels, LANs, WANs and so forth.
Most existing worms spread as files in one form or another: e-mail attachments, in ICQ or IRC messages, links to files stored on infected websites or FTP servers, files accessible via P2P networks and so on.
There are a small number of so-called fileless or packet worms; these spread as network packets and directly penetrate the RAM of the victim machine, where the code is then executed.
Worms use a variety of methods for penetrating victim machines and subsequently executing code, including:
Today's malware is often a composite creation: worms now often include Trojan functions or are able to infect exe files on the victim machine. They are no longer pure worms, but blended threats.
A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. A virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.
Viruses spread copies of themselves in order to:
Unlike worms, viruses do not use network resources to penetrate other machines. Copies of viruses can penetrate other machines only if an infected object is accessed and the code is launched by a user on an uninfected machine. This can happen in the following ways:
Viruses are sometimes carried by worms as additional payloads or they can themselves include backdoor or Trojan functionality which destroy data on an infected machine.
This class of malware includes a wide variety of programs that perform actions without the user's knowledge or consent: collecting data and sending it to a cyber criminal, destroying or altering data with malicious intent, causing the computer to malfunction, or using a machine's capabilities for malicious or criminal purposes, such as sending spam.
A subset of Trojans damage remote machines or networks without compromising infected machines; these are Trojans that utilize victim machines to participate in a Denial of Service "DoS" attack on a designated web site.
Hacker Utilities and other malicious programs
This diverse class includes: