Virus/Spyware/SPAM Information

Click here to learn why businesses should be concerned about spyware.

Click here for links to recommended anti-virus, anti-spyware and anti-SPAM programs.

Below is a general Virus Primer from Trend Micro's web site.

What is Malware?

Malware refers to a program that performs unexpected or unauthorized, but always malicious, actions. It is a general term used to refer to viruses, Trojans, and worms. Malware, depending on their type, may or may not include replicating and non-replicating malicious code. Due to the many facets of malicious code or a malicious program, referring to it as malware helps to avoid confusion. For example, a virus that also has Trojan-like capabilities may be called malware.

What is a virus?

A computer virus is a program – a piece of executable code – that has the unique ability to replicate. Like biological viruses, computer viruses can spread quickly and are often difficult to eradicate. They can attach themselves to just about any type of executable file and are spread as files that are copied and sent from individual to individual.

In addition to replication, some computer viruses share another commonality: a damage routine that delivers the virus payload. While payloads may only display messages or images, they can also destroy files, reformat your hard drive, or cause other damage. If the virus does not contain a damage routine, it can cause trouble by consuming storage space and memory, and degrading the overall performance of your computer.

What is a Trojan?

A Trojan is a malware that performs a malicious action, but has no replication abilities. Coined from Greek mythology's Trojan horse, a Trojan may arrive as a seemingly harmless file or application, but actually has some hidden malicious intent within its code.

Trojan malware usually have a payload. When a Trojan is executed, you may experience unwanted system problems in operation, and sometimes loss of valuable data.

What is a worm?

A computer worm is a self-contained program (or set of programs) that is able to spread functional copies of itself or its segments to other computer systems. The propagation usually takes place via network connections or email attachments.

More recent worms have also discovered ways to propagate using Instant Messengers, via file sharing applications, and by collaborating with other malware such as Trojans or other worm variants. WORM_BAGLE.BE, for example, forms a vicious worm-Trojan cycle with TROJ_BAGLE.BE, in which the worm mass-mails copies of the Trojan, and the Trojan downloads copies of the worm. Additionally, the FATSO family is a family of worms that propagate via an instant messaging application and a popular peer-to-peer file sharing application.

Some worms may have an additional payload, such as preventing a user from accessing antivirus Web sites, or stealing the licenses of installed games and applications.

Life Cycle of a Malware

The life cycle of a malware begins when it is created and ends when it is completely eradicated. The following outline describes each stage:

Creation Until recently, creating a malware required knowledge of a computer programming language. Today anyone with basic programming knowledge, and Internet access, can create a malware. Whole Web sites exist whose only intent is to spread malicious code, and to encourage individuals to develop their own harmful version of already existing, and tried-and-tested malicious programs.

Replication and Propagation Malware propagate in a number of ways. Worms may spread via email, instant messengers, or network shares. Viruses replicate within a system, while some viruses also have automatic propagation techniques similar to worms. Trojans. while not having any automatic form of replication and propagation, are nevertheless available all over the Internet, and the links to download them from may be included in email messages, or other Web sites.

For more information on the propagation techniques of today's malware types, read more here.

Activation Most malware perform their malicious activities upon execution. Some have certain payloads that are activated only at a certain trigger date, or with the onset of a specific trigger condition.

Discovery This phase does not always follow activation, but typically does. When a malware is detected and isolated, it is sent to the ICSA in Washington, D.C., to be documented and distributed to antivirus software developers. However, with the rapid development of technology, and the ease by which malware authors create their programs, most malware are released to unsuspecting users even before they are discovered by the "authorities". This is all the more reason to protect your system from the threats that surround the computing world today.

Assimilation At this point, antivirus software developers modify their software so that it can detect the new malware. This can take anywhere from one day to six months, depending on the developer and the malware type.

Eradication If enough users install up-to-date virus protection software, any malware can be wiped out. So far no malware have disappeared completely, but some have long ceased to be a major threat.

What can you do to Protect against Malware?

There are many things you can do to protect against malware. At the top of the list is using a powerful antivirus product, and keeping it up-to-date with the latest pattern files.

To read more about what you can do to prevent your system from becoming infected, read more here.