470 Chapter 10 · Antimalware Evaluation and Testing However, the anti-malware products available are able to deal with such threats, out of necessity, as they form the majority of the malicious programs currently seen. Non-replicating malware has its own unique set of problems in verification and testing, and I am going to discuss those in the next section. Non-Replicating Malware Non-replicating malware is, as you may already have guessed, malware that does not repli- cate, and is therefore neither a virus nor a worm (nor any of the more esoteric categories of replicating malware). Traditionally, this third major malware category (or second, if your categorization of worms is lumped in with viruses) has been referred to by the catch-all term "Trojan Horse." I will continue this tradition, as the term can be wide enough to encompass all of the modern non-replicating malware that we need to discuss here, including bots, spyware, rootkits and so on. For brevity, I will simply use the term "Trojan". First I will need to lay out some definitions (and definitional problems), because this is a somewhat complex area, and one that directly impacts on the effectiveness of testing prod- ucts against non-replicative malware. I'll briefly discuss some of the problems, and propose a way to deal with some objects that might be hard to classify. Unfortunately, while "Trojan" is very useful as a catch all term, the fact is that it is a very wide reaching term, which encapsulates just about every other form of malware other than replicative worms or viruses.