Many PC users consider malware, viruses, spyware, adware, worms, Trojans, etc. as the same thing. While all these infections harm our computers, they are not the same. They are all types of malicious software that each behave differently.
The word malware is a combination of two words “malicious” and “software”. It is a generic term used to describe all of the hostile and intrusive program codes including viruses, spyware, worms, Trojans, or anything that is designed to perform malicious operations on a computer.
The meanings of many of these words have changed over time. Some refer to how the malware infects your system while other words are used to describe what the malware does once it’s active in your machine.
When we’re trying to build better software to remove malware from your machine, the main things that we are interested in is how it got into your computer and how it is continuing to work. The malware will generally fit into one of the following categories.
- Virus – this is a term that used to be generic. Any bad software used to be a virus; however, we use the term “malware” now. We use the word “virus” to describe a program that self-replicates after hooking itself onto something running in Windows®.
- Worm – a worm is another kind of self-replicating program but generally doesn’t hook itself onto a Windows process. Worms generally are little programs that run in the background of your system.
- Trojan – software that you thought was going to be one thing, but turns out to be something bad. Named for the fabled “Trojan Horse” that appeared to be a gift but in fact carried a dangerous payload.
- Drive-by download – this is probably the most popular way to get something nasty into your computer. Most of the time, it comes from visiting a bad web page. That web page exploits a weakness in your browser and causes your system to become infected.
Once malware is in your computer, it can do many things. Sometimes it’s only trying to replicate itself with no harm to anyone, other times it’s capable of doing very nasty things.
- Adware – not truly malware and almost never delivered using one of the methods above. Adware is software that uses some form of advertising delivery system. Sometimes the way that advertisements are delivered can be deceptive in that they track or reveal more information about you than you would like. Most of the time, you agree to the adware tracking you when you install the software that it comes with. Generally, it can be removed by uninstalling the software it was attached to.
- Spyware – software that monitors your computer and reveals collected information to an interested party. This can be benign when it tracks what webpages you visit; or it can be incredibly invasive when it monitors everything you do with your mouse and keyboard.
- Ransomware – lately a very popular way for Internet criminals to make money. This malware alters your system in such a way that you’re unable to get into it normally. It will then display some kind of screen that demands some form of payment to have the computer unlocked. Access to your computer is literally ransomed by the cyber-criminal.
- Scareware – software that appears to be something legit (usually masquerading as some tool to help fix your computer) but when it runs it tells you that your system is either infected or broken in some way. This message is generally delivered in a manner that is meant to frighten you into doing something. The software claims to be able to fix your problems if you pay them. Scareware is also referred to as “rogue” software – like rogue antivirus.
Some malware get into your computer and appear to do nothing at all. Such malware may have no obvious symptoms, but it has infected your computer along with a group of other computers, forming what is called a “botnet”. This botnet can be directed by an Internet criminal to do any number of things including spam delivery and attacking Internet sites. Internet criminals don’t want to do anything direct that may be tracked back to them, so they employ botnets to do their dirty work for them.
Sometimes you’ll hear the term “rootkit” or “bootkit” used to describe a certain type of malware. Generally, this refers to methods that the malware uses to hide itself deep inside the inner workings of Windows so as to avoid detection.
You can mix and match these terms to describe just about any modern malware. Something like Tidserv/Alureon uses drive-by download to get into your system. Once it’s in, it creates a bootkit so it starts before Windows even starts, and it creates a worm-like application that uses rootkit techniques to hide itself. Once it all starts up, it can act like spyware or it can hijack many Windows functions to do just about everything from putting advertising popups on your system to allowing someone to take remote control of your system.
For maximum protection, make sure your PC is protected with security software that can protect you against malware.
If you have any questions related to malware, feel free to share it with us on our Facebook® Page.