Installation manual
114
5. Glossary
5.1 Types of infiltration
An Infiltration is a piece of malicious software trying to enter and/or damage a user’s computer.
5.1.1 Viruses
A computer virus is an infiltration that corrupts existing files on your computer. Viruses are named after biological
viruses, because they use similar techniques to spread from one computer to another.
Computer viruses mainly attack executable files and documents. To replicate, a virus attaches its “body“ to the end
of a target file. In short, this is how a computer virus works: after execution of the infected file, the virus activates
itself (before the original application) and performs its predefined task. Only after that is the original application
allowed to run. A virus cannot infect a computer unless a user, either accidentally or deliberately, runs or opens the
malicious program by him/herself.
Computer viruses can range in purpose and severity. Some of them are extremely dangerous because of their ability
to purposely delete files from a hard drive. On the other hand, some viruses do not cause any damage – they only
serve to annoy the user and demonstrate the technical skills of their authors.
It is important to note that viruses (when compared to trojans or spyware) are increasingly rare because they are
not commercially enticing for malicious software authors. Additionally, the term “virus” is often used incorrectly to
cover all types of infiltrations. This usage is gradually being overcome and replaced by the new, more accurate term
“malware” (malicious software).
If your computer is infected with a virus, it is necessary to restore infected files to their original state – i.e., to clean
them by using an antivirus program.
Examples of viruses are: OneHalf, Tenga, and Yankee Doodle.
5.1.2 Worms
A computer worm is a program containing malicious code that attacks host computers and spreads via a network.
The basic difference between a virus and a worm is that worms have the ability to replicate and travel by
themselves – they are not dependent on host files (or boot sectors). Worms spread through email addresses in your
contact list or exploit security vulnerabilities in network applications.
Worms are therefore much more viable than computer viruses. Due to the wide availability of the Internet, they
can spread across the globe within hours or even minutes of their release. This ability to replicate independently
and rapidly makes them more dangerous than other types of malware.
A worm activated in a system can cause a number of inconveniences: It can delete files, degrade system
performance, or even deactivate programs. The nature of a computer worm qualifies it as a “means of transport“ for
other types of infiltrations.
If your computer is infected with a worm, we recommend you delete the infected files because they likely contain
malicious code.
Examples of well-known worms are: Lovsan/Blaster, Stration/Warezov, Bagle, and Netsky.
5.1.3 Trojan horses
Historically, computer trojan horses have been defined as a class of infiltrations which attempt to present
themselves as useful programs, thus tricking users into letting them run. But it is important to note that this was
true for trojan horses in the past– oday, there is no longer a need for them to disguise themselves. Their sole
purpose is to infiltrate as easily as possible and accomplish their malicious goals. “Trojan horse” has become a very
general term describing any infiltration not falling under any specific class of infiltration.
Since this is a very broad category, it is often divided into many subcategories:
Downloader – A malicious program with the ability to download other infiltrations from the Internet
Dropper – A type of trojan horse designed to drop other types of malware onto compromised computers