There seems to be a lot of misconception about computer viruses. While many think that it’s anything that damages one’s computer, it is not entirely so. The fallacy likely originates from the misuse of the term in mass media (similar to how the hacker culture, as in MIT, Stanford, Waterloo, has been getting bad rep over kids running ready-to-cause-damage scripts and getting caught).
A computer virus, on its own, is just a mechanism for a program to replicate itself. Much like in biology, it usually embeds itself into a host program. In the realm of academic study, that is all a program does. Though “in the wild” viruses typically carry some payload code, and that is what we should be most concerned with.
If a virus is able to spread some malicious code, then another virus should be able to spread the fix against it just as well. The is exactly what the, now historic, Creeper / Reaper pair of viruses has done (the latter removing the former).
More recently, a Welchia worm has spread itself to patch the vulnerable systems and attempted to remove the Blaster worm and then itself.
It should be noted that a vast amount of traffic was still generated as a side-effect of the program’s activity, but from an individual computer’s perspective it was better off to have been patched (that is, other than an unexpected reboot during the patch process).
Most of the early viruses had the sole purpose of spreading a message. One of the very first viruses — Elk Cloner, simply printed a short poem about itself on startup, and was intended as a joke. Viruses could also be used to spread political messages or bring attention to other issues.
Adware is software that displays advertisement. And while there are, arguably, legitimate adware programs (mostly IM chat clients such as Yahoo! or MSN messanger), this is one of the driving forces behind viruses — an installed adware program == a tiny revenue stream.
Unlike adware, spyware does not display ads to you directly, but tracks your activities for “marketing” research. It could then be coupled with adware to, oddly enough, send you more relevant spam.
A different approach to spyware is to simply attempt to steal your identity and/or creditcard numbers. Just a few successful hits are required to make this operation worthwhile.
A trojan, much like it’s greek mythology counterpart, is a backdoor access program delivered by a virus (or other means, such as social engineering — when a user is tricked into downloading a trojan, thinking it is something else).
Capable of doing anything, it is commonly used for a remote access to injected computers to buildup botnets — networks used to send out spam or deliver DDoS attacks.
Cryptovirology is a “fun” one, in a matter of originality. The idea here is to encrypt the user’s hard-drive and demand a ransom to be paid for the data. Though this is more likely to be executed by a trojan than a virus.
Malware is where the serious damage comes from. This is the payload designed to break things — delete files, corrupt systems, etc. So while I could stretch my ethical boundaries and imagine the reasoning behind any other sort of an exploit (that being profit), malware does nothing but provide the knowledge of indiscriminatory raw damage done to the systems.
This is unacceptable.
This is also the type of outbreaks that mass media gets all worked up about, but it takes a computer worm to spread so much so fast, not a computer virus (the difference being that a computer worm will propagate itself, instead of having to piggyback on a host program, like viruses do).
So lets get the terminology straight. Malware — very bad. Computer worms — also bad. Computer virus — mostly harmless by definition, it’s the payload that determines just how annoying the result is.