Malware comes in many forms, including viruses, worms, spyware, Trojan horses, and more. Viruses can replicate and spread, worms self-replicate to use system resources, and spyware collects user data without permission. Rootkits conceal running processes and files to maintain unauthorized access. It is important to use antivirus software, keep systems updated, avoid suspicious emails/links, and be wary of unauthorized programs.
2. Any software that the user did not authorize to be
loaded.
or
Software that collects data about a user without
their permission.
Various types of malicious software:
1.Spyware 2.Virus 3.Worm
4.Logic Bomb 5.Trapdoor 6. Trojan
7.RATs 8. Malware 9.Mobile malicious code
10. Malicious Font 11. Rootkits
3. Technology that aids in gathering information
about a person or organization without their
knowledge.
On the Internet (where it is sometimes called
a Spybot or tracking software), Spyware is
programming that is put in someone's
computer to secretly gather information
about the user and relay it to advertisers or
other interested parties.
Spyware can get in a computer as a software
virus or as the result of installing a new
program.
4. A program or programming code that
replicates by being copied or initiating its
copying to another program, computer boot
sector or document.
Viruses can be transmitted as attachments to
an e-mail note or in a downloaded file, or be
present on a diskette or CD
5. Method 1: Scanning
Scan your PC with Safe Mode reboot.
Use different Virus removal software for it.
Safe Mode booting disables most of the viruses.
Method 2: Rescue Disks
This method applies even before windows starts up.
Use offline virus scanner or pre boot scanner.
Download an iso image file from an anti virus company
Burn it on a disk
Boot your machine to this disk.
Run that anti virus software on that disk.
Method 3: Clean install
This process involves deleting everything on computer.
Before performing this, copy your data to another disk.
It is one the best method to get rid of Spywares, Viruses etc.
6. It is a self-replicating virus that does not alter
files but duplicates itself.
It is common for worms to be noticed only
when their uncontrolled replication consumes
system resources, slowing or halting other
tasks.
7. Keep your system up to date with security patches.
Avoid unknown e-mails.
Refrain from opening attachments from unknown
sources.
Removal:
◦ Check that all antivirus signatures are up-to-date.
◦ Scan the computer with antivirus software.
◦ If the scan detects a computer worm or other malware, use the
software to remove malware and clean or delete infected files. A
scan that detects no malware is usually indicative that
symptoms are being caused by hardware or software problems.
◦ Check that the computer’s operating system is up-to-date and
all software and applications have current patches installed.
◦ If a worm is difficult to remove, check online for specific
computer worm removal utilities
8. Logic bomb is programming code, inserted
surreptitiously or intentionally, that is designed
to execute (or "explode") under circumstances
such as the lapse of a certain amount of time or
the failure of a program user to respond to a
program command.
It is in effect a delayed-action computer virus or
Trojan horse.
A logic bomb, when "exploded," may be
designed to display or print a spurious message,
delete or corrupt data, or have other undesirable
effects.
9. Do not download pirated software
Be careful with installing shareware/freeware applications -
- Ensure you acquire these applications from a reputable
source.
Be cautious when opening email attachments -- Email
attachments may contain malware such as logic bombs. Use
extreme caution when handling emails and attachments.
Do not click on suspicious web links
Always update your -- Most antivirus
applications can detect malware such as Trojan
horses (which may contain logic bombs).
Install the latest operating system patches -- Not keeping
up with operating system updates will make your PC
vulnerable to the latest malware threats.
Apply patches to other software installed on your
computer -- Ensure that you have the latest patches
installed on all of your software applications, such
as Microsoft Office software, Adobe products, and Java.
10. It is a method of gaining access to some part of a
system other than by the normal procedure (e.g.
gaining access without having to supply a
password).
Hackers who successfully penetrate a system
may insert trapdoors to allow them entry at a
later date, even if the vulnerability that they
originally exploited is closed.
There have also been instances of system
developers leaving debug trapdoors in software,
which are then discovered and exploited by
hackers.
11. Trojan horse is a program in which malicious
or harmful code is contained inside
apparently harmless programming or data in
such a way that it can get control and do its
chosen form of damage, such as ruining the
certain area on your hard disk.
A Trojan horse may be widely redistributed
as part of a computer virus.
12. Disable System Restore.
Install an anti-malware program, if you
haven’t already.
Reboot into Safe Mode.
Uninstall any unfamiliar programs.
Start a scan with your anti-malware program
13. A special form of Trojan Horse that allows
remote control over a machine.
These programs are used to steal passwords
and other sensitive information.
Although they are "invisible", symptoms such
as a slow moving system, CD ports opening
and closing and unexplained restarting of
your computer may manifest.
14. Remedy for RATs is same as that for Trojan
Horses.
15. Malware (for "malicious software") is any
program or file that is harmful to a computer
user.
Malware includes computer viruses, worms,
Trojan horses, and also Spyware,
programming that gathers information about
a computer user without permission.
16. Web documents often have server-supplied
code associated with them which executes
inside the web browser.
This active content allows information servers
to customize the presentation of their
information, but also provides a mechanism
to attack systems running a client browser.
Mobile malicious code may arrive at a site
through active content such as JavaScript,
Java Applets and ActiveX controls or through
Plug-ins.
17. Webpage text that exploits the default method
used to de-compress Embedded Open Type
Fonts in Windows based programs including
Internet Explorer and Outlook.
These malicious fonts are designed to trigger a
buffer overflow which will disable the security on
Windows-based PCs.
This allows an intruder to take complete control
of the affected computer and remotely execute
destructive activities including installing
unauthorized programs and manipulating data.
18. Rootkits are a set of software tools used by an
intruder to gain and maintain access to a
computer system without the user's knowledge.
These tools conceal covert running processes,
files and system data making them difficult to
detect.
There are rootkits to penetrate a wide variety of
operating systems including Linux, Solaris and
versions of Microsoft Windows. A computer with
rootkits on it is called a rooted computer.
20. Hide a backdoor on a computer system by
using modified code to add or replace a
portion of the system's existing kernel code.
Usually the new code is added to the kernel
via a device driver or loadable module.
Kernel rootkits can be especially dangerous
because they can be difficult to detect
without appropriate software.
21. Library rootkits commonly patch, hook or replace
system calls with versions that hide information
about the attacker.
These instances may modify how a legitimate
program behaves by making it perform
additional functions that it is not authorized to
do, such as opening up a new connection and
transmitting confidential data using the access
permissions of the legitimate program.
22. Application level rootkits replace binary files
from legitimate applications with malicious
files.
They can also hijack legitimate programs and
perform malicious acts on their behalf.
This type of rootkit patches a legitimate
program so that it can perform additional,
mostly illegitimate operations.
23. Rootkits must be proactively combated,
before they can actually infiltrate the system,
otherwise removing them is much harder.
Common precautionary measures to prevent
rootkit infection include the use of fully
updated anti-virus and anti-spyware
software, the application of the latest
'patches', and a properly configured software
firewall.