Malware: Definition, Prevention & Removal

DEFINITION

Malware is a term coined from the combination of "malicious" and "software". It is a generic term that covers all known types of computer software threats including viruses, worms, trojan horses and rootkits. The malicious nature of malware is what sets it apart from things that are merely annoying. Malware is specifically designed to affect the target machine in a hostile, intrusive, harming or illegal manner. It is designated as malware based upon the purpose of its creation, rather than the features it boasts. As an example, a handful of software developers created worms and attached them to their software in order to prevent piracy. This is a case where the intent was legitimate, honest, and legal, and therefore the worm would not be considered malware

Industry experts stated in 2008 that the creation of malware was exceeding that of legitimate software. It was also suggested that in 2007 there was more malware created than in the previous 20 years combined. Whether or not the experts are correct, the fact remains that malware continues to spread, creating security issues worldwide.

While the earliest forms of software threats were mainly practical jokes or experiments, the proliferation of the World Wide Web has caused the explosion of malware. Additionally, the vast amounts of money that can be made through criminal enterprise is one of the strongest motivations for developing and distributing malware. Despite the efforts of security experts to thwart these threats, authors continue to find a way around security measures to accomplish their deeds. Now more than ever, diligence is required of every computer user.

PREVENTION

Although malware can spread through USB flash drives, removable disks, cameras, music players, etc., the biggest source by far is the internet and email. Prevention of malware attacks is a multi-layered process that can be virtually foolproof if done consistently and properly. The first layer of protection is also the most basic: anti-virus software. A good package will enable system monitoring and scanning, email scanning (both incoming and outgoing), heuristic analysis capability, and good support including daily updates.

Next, consider deploying either a firewall. A firewall enables your computer to monitor all incoming traffic, rejecting any that the user doesn't deem acceptable. It's important when configuring a firewall to understand network traffic and what should or shouldn't be allowed. Along with a firewall, be sure that your operating system stays current with patches and security updates.

Finally, users should be proactive in their computer usage habits. Always turn off your computer when not in use; do not use chat programs or IRC to download or distribute files; don't use file sharing sites unless they are legitimate, verifiable businesses. With email, be careful of attachments and links; do not open attachments with asking the sender first, and be sure the attachment is something you both agreed to send. If you receive emails purportedly from legitimate web sites asking you to log in and verify information, do not click on these links even to take an "innocent" look. If you think the email request might be legitimate, visit the site by typing the address into your web browser manually.

REMOVAL

Malware removal can vary greatly depending on the specific attack, but usually the place to start is by learning to recognize the signs of infection. Malware that has infected or utilized a system's email will often result is the user receiving email messages that show curious names under the sender heading. For instance a name might be a combination of two names found in your address book; it might be addressed to you but also sent by you; in some cases there is both a name and a return address and they don't match, such as "John Doe (L.J._Horner@xmail.com)".

Pay attention to unusual modem activity while using the computer for non-network tasks. Pay attention to boot-up and operating speeds; if you notice your machine progressively getting slower, it may be a sign of infection. If you suspect malware attack, immediately disconnect your modem and run a full system scan using your anti-virus software. If a malware attack is revealed, quarantine it if possible, then visit the website of you anti-virus vendor for removal instructions. If you are unsure of how to proceed, spend a few dollars and seek the help of a professional.