Types of Virus & Malware

Virus: these are programs, or parts of programs, that can infect other programs, archives, system areas (MBR, Boot Sector) or executable objects, including a copy of itself inside.

Malware: generic term for a computer parasite, such as Virus, Adware, Backdoor, BHO, Dialer, HTML, LSP, Spyware, Trojan and Worm.

Adware: these are malware whose main feature is to display advertisements, generally through Pop-Up windows.

Backdoor: these are remote administration programs that allow you to control the infected computer from the network. These programs are not able to replicate themselves, but have the characteristic of keeping ports open on the computers where they have been run. These ports, entry points, can be used by users connected to the network to access data and programs on the computer where the Backdoor has been performed. Backdoors can have various functions such as: sending and receiving files, deleting archives, executing payloads or carrying viruses within the system.

BHO: these are software modules (dynamic libraries .DLL) that are loaded automatically by Internet Explorer. They can check the sites visited, install toolbars and change the home page of their browser.

Dialer: these are programs that modify the Internet connection by changing the telephone number of the connection. They are especially dangerous for those who connect to the Internet using analog and / or ISDN modems. For those who connect on the ADSL line they can cause the disconnection of the connection.

Fraudtool: consist of so-called 'rogue-antivirus' programs, which pretend to be AntiVirus solutions. After they are installed on the computer, they pretend to «find» one or more viruses, even on absolutely clean systems, and propose to buy their paid version to immunize / disinfect their computer. In addition to direct user fraud, these programs also have adware functionality within them.

Hijacker: sono programmi che genericamente vengono richiamati da controlli Active-X. Una volta aggredito il computer, si amalgamano al browser di navigazione web cambiando i parametri di protezione e le impostazioni di default.

HTML: these are Scripts that are contained within .HTML pages. The effects can be manifold.

Keylogger: are programs that aim to capture everything that is typed on our keyboard. Words pass from the keyboard to the computer; in the latter the Keylogger filters the words, stores them and sends them back, as a signal, to a given address.

LSP: (Layer Service Provider) are libraries that hook to WinSock TCP/IP. They have the potential to analyze the Internet traffic of infected computers.

Rootkit: are programs created to have complete control over the system without the need for user or administrator authorization. Rootkits are typically used to hide backdoors.

Spyware: these are programs capable of 'spying' the contents of computers.

Trojan: These are programs that intentionally hide their malicious actions from the user, making them believe they are performing other functions. Trojans are generally unable to spread autonomously as they do not possess the ability to infect. Generally the purpose of a Trojan is to execute its payload.

Worm: these are independent programs that try to infect other computer systems through the network or by sending e-mails with copies of themselves attached.

PUP: the acronym stands for Potentially Unwanted Program, i.e. potentially unwanted programs. It refers to applications that would be considered unwanted, despite often being downloaded by the user, usually after not reading the download agreements carefully.

Ransomware: This is a type of malware that restricts access to the computer system it infects, demanding a ransom to be paid to the creator of the malware, so that the restriction can be removed. Some variants of this infection encrypt files on the system's hard drive (Cryptomalware), while some may simply lock the system and display messages intended to convince the user to pay.

Vir.IT eXplorer PRO is certified by the biggest international organisation: