ZyXEL Communications USG FLEX H Series User Manual page 289

Viruses, Worms, and Spyware
A computer virus is a type of malicious software designed to corrupt and/or alter the operation of other
legitimate programs. A worm is a self-replicating virus. Spyware infiltrates your device to secretly gather
information, such as your network activity, passwords, bank details, and so on.
The following describes a simple life cycle of malware.
A computer gets a copy of malware from a source such as the Internet, email, file sharing or any
1
removable storage media. The malware is harmless until the execution of an infected program.
The malware spreads to other files and programs on the computer.
2
The infected files are unintentionally sent to another computer thus starting the spread of the malware.
3
Once the malware is spread through the network, the number of infected networked computers can
4
grow exponentially.
Types of Malware
The following table describes some of the common malware.
Table 146 Common Malware Types
TYPE
File Infector
Boot Sector Virus
Macro Virus
Email Virus
Polymorphic Virus
Hash Value
A hash function is an algorithm that maps data of arbitrary size to data of fixed size. The value returned
by a hash function is a hash value. Hash values can be used to identify if the contents of a file have
changed. At the time of writing, the MD5 (Message Digest 5) hash algorithm is supported.
Anti-Malware Scan Process
Before going through the Anti-Malware scan, the Zyxel Device first identifies the packets sent by the
following four major protocols with corresponding standard ports:
• FTP (File Transfer Protocol)
• HTTP (Hyper Text Transfer Protocol)
Chapter 18 Anti-Malware
DESCRIPTION
This is a small program that embeds itself in a legitimate program. A file infector is able to
copy and attach itself to other programs that are executed on an infected computer.
This type of virus infects the area of a hard drive that a computer reads and executes
during startup. The virus causes computer crashes and to some extend renders the infected
computer inoperable.
Macro viruses or Macros are small programs that are created to perform repetitive actions.
Macros run automatically when a file to which they are attached is opened. Macros
spread more rapidly than other types of viruses as data files are often shared on a network.
Email viruses are malicious programs that spread through email.
A polymorphic virus (also known as a mutation virus) tries to evade detection by changing
a portion of its code structure after each execution or self replication. This makes it harder
for an anti-malware scanner to detect or intercept it.
A polymorphic virus can also belong to any of the virus types discussed above.
USG FLEX H Series User's Guide
289