virus - Can Malware damage to the files existing on the host?

07
2014-07
  • abbasi

    I'm somewhat aware of Malware and their actions. And also know how to get rid of them and clean the machine.

    And about the Malware, we all know that Malware can spread in the form of a Worm or a Virus. Viruses are Malware that require some form of user interaction to infect the user's device. On the other hand, Worms are Malware that can enter a device without any explicit user interaction.

    OK, my question:

    Can Malware damage to our files? For example consider I have various kinds of files, from a simple .MP3 file until .iso, .xlsx, .exe or programming files and etc. Can those Malware damage those files so that they aren't usable or repairable?

    • Answers
  • Dave Rook

    Can Malware damage to our files?

    Yes it can, according to the Wikipedia definition.

    Malware, short for malicious software, is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software.

    Malware includes computer viruses (including worms, trojan horses), ransomware, spyware, adware, scareware, and other malicious programs. The majority of active malware threats are usually worms or trojans rather than viruses. In law, malware is sometimes known as a computer contaminant, as in the legal codes of several U.S. states. Malware is different from defective software, which is a legitimate software but contains harmful bugs that were not corrected before release. However, some malware is disguised as genuine software, and may come from an official company website in the form of a useful or attractive program which has the harmful malware embedded in it along with additional tracking software that gathers marketing statistics.

    Source

    So, since malware is malicious software, you can program it however you like...

    The problem is, the terms are used very freely meaning one person's definition of Malware may not match another (regardless of who is correct).


    • Related Question

    virus - How can I be in danger from viruses and malware?
  • flyer88

    I have been reading here (in superuser) some questions about the necessity of antivirus software in Windows and some doubts arise.

    As far as i know (and imagine) virus software can only be harmful if I download any type of infected executable file and then I RUN IT. I mean that if i have the infected executable in my desktop but i leave it there for years without clicking it, I won't be in danger...

    My question is: How can i be in danger browsing the so called "malware pages or sites"??.

    If i am just browsing an "infected site" how could I be affected by a virus. In any moment the browser is asking me for the permission to download "something", so how could it be?? Although i don't give permission to the browser to download 'something' is data being downloaded to my computer?? Its some kind of cookie?

    I will ask in another way... What is the level of riskiness if i get infected in a malware site compared with the level of an executable virus??


    • Related Answers
  • William Hilsum

    There are not that many sites that you can get a virus simply by viewing, however there are a few that try to exploit holes in a computer - for example, a while ago there was a nasty one where just viewing a special picture could allow someone to install items on your hard drive (In Windows).

    The main reason for the software / services that block visitors to pages is simply to stop the nasty pages that serve no legitimate purpose. For example, there are quite a few "fake antivirus" type websites that the only reason for them to exist is to pretend to be a dialog box and get people to download from them. So, why bother letting people go there at all!

    In the above, you are correct that you can only get affected if you actually download and run the software, but why risk it or let it go that far when you can prevent people from visiting all together... For example, I remember some sites that tell people to ignore the warnings, click accept and/or give instructions on how to load addons through the bar in Internet Explorer - it just makes sense to stop people before they are even at the page.

    Typically just like email, there is low risk just from viewing, there are a few things that this is not true such as holes in Adobe, Flash and a few other programs, but just don't run .exe or similar files from people or places you do not trust (and even if you trust, take caution!)

  • geek

    Browsers are computer programs as well, somethimes they have vulnerabilities. Sometimes these vulnerabilities allow bad guys to get their exploits executed without your explicit confirmation (for example, you get that code as JavaScript when visiting a malware site and don't have something like NoScript).

    I've always thought that a well-designed operating system can survive without an antivirus. The purpose of an antivirus is to close up some holes in the OS security (holes which a good OS ideally must not have).

    Also bear in mind that security is a process. So just running an antivirus (or even more than one, yes, some people do that and feel "safer") and blindly relying on it won't help too much.

    I'd say that following some simple rules are more important than running an antivirus:

    • do not work permanently using an Administrator/root account. Use the superuser only when you can't achieve a certain goal as regular user
    • have a sane firewalling policy. This assumes you know the basics of TCP/IP and you know them reasonably well
    • monitor what's happening inside your system, what's changing
  • Chris Tarazi

    Well when u browse through malicious websites some of them have something called "drive by downloads" which finds an exploit through ur browser and/or OS. The drive by downloads dont ask for permission, they just simply download.

    To answer ur second question, it all depends on the malware being downloaded and running. The level of riskness of visiting malicious websites is a 10 unless u have a decent antivirus.

    Hope I answered ur questions correctly.

  • Don Salva

    You can't as long as you use Firefox with AdBlock and NoScript. With the correct settings of course. Of course with some common sense.

    NoScript is the key though. As most malware (sites) use some sort of script to install themselves on your computer, NoScript, by default, blocks every script possible.

    And since NoScript is open-source it is continuously being tweaked and tuned so it can outsmart the newest threats.

    It takes some time to fine tune it (allowing specific scripts, so some sites may function properly).

    You can take it to the next level and get Comodo Firewall and Avira Antivir coupled with SpyBot (especially its immunize function).

    Although no software can beat the common sense, if you are stupid, then you are stupid and no software will protect you.

    With the software above I haven't had any malware nor virus, worm, trojan or keylogger infest my computer in a very, very, very long time.

    Though I often fell for links containing keyloggers, when I was playing WoW and the WoW forums were running mad with kids posting keylogger-links. Nothing happened to me, ever.