Malware

• The computer virus is probably the most widely recognized form of malicious software, or malware. Like a biological virus, it requires a host for its survival. Once embedded into a larger program, the virus will alter the performance of the application, potentially replicating itself wildly. But viruses are not the major threat to computers in the Internet age. More prevalent today are worms, which are discrete programs that don't need a host program to reproduce themselves, and cause all sorts of trouble. Whereas viruses can usually be quarantined to a specific computer or program, a worm notoriously uses the network connections of one computer to generate copies of itself in as many other computers as possible. Other forms of malware include Trojans, which are superficially benign programs that secretly perform some malicious function; and rootkits, which can secretly hijack the operating system of a computer without the user's knowledge.
  
  

Scanning Methods

• New viruses and other pieces of malware are constantly being created (accidentally and intentionally) by hackers and programmers. Protecting against these threats is usually a matter of identifying new attacks and updating scanning software. Once a specific piece of malware is identified, an anti-virus scanner will be programmed to find an identifying feature of the software. Like all software, malware is simply strands of computer-programming language. Embedded in this language will be certain strings of characters, patterns or other unique characteristics. When a virus scanner examines programs on a computer, it is searching for these pre-identified patterns, quarantining and notifying the user if any suspected malware is found.
  
  

Challenges and Removal

• Of course, a scanner can only identify malware it has been programmed to recognize. Thus, commercial scanning software must constantly be updated with new codes. As virus scanners improve, hackers and malware programmers get cleverer with their attacks, usually encrypting their programs or attaching to files that are not regularly scanned. Scanning all of the files on a computer can take hours, so most basic scans only check a relatively small list of programs. Sometimes, uninfected files are flagged by virus scanners because they may resemble a certain type of malware. This is why most virus scanners give users options before taking any action to remove a virus. If instructed to remove the file, the scanner will attempt to delete it. Some more sophisticated viruses, however, cannot simply be undone by deleting a single file. For these, removal software targeted to the specific virus is usually available to clean up a virus once it's been identified.