Information on Malware


The group of programs that encompasses viruses, trojans, spyware, and so forth is collectively known as Malware. This is short for MALicious softWARE. Though all malware causes negative effects on your computer, there are slight differences in the types of malware and how they operate. Regardless, any malware on a computer should be removed immediatley. Virus is the common term that people use to describe malware, and though it has become an accepted term, it describes only one subclass of malware. The sublcasses are explained below:

Viruses - A computer virus attaches itself to a program or file. Almost all viruses attach themselves to executable files. They sit on the computer doing nothing until the file they are attached to is executed, at which point they activate. When they activate, they can spread by attaching themselves to other executable files, or they can activate their payload, which is the damaging part of the program. This damage can range from simply annoying to severe. They spread when an executable file from an infected computer is run on a non-infected machine.

Worms - A worm is, by design, similar to a virus and is considered to be a subclass of viruses. Unlike a virus, however, the worm is built to infect a computer and spread with no human interaction at all. A worm takes advantage of file information transport features on computers, which gives it the ability to spread without having to run an infected application. One of the biggest dangers of worms is their ability for self-replication. Instead of your computer sending out only one copy of the worm, it instead sends out hundreds, or even thousands of copies of itself.

Trojans - So named after the strategy the Greeks employed in the battle of Troy. Trojans are innocent looking programs that act as a shell or vessel for the malicious software. Once the program is run, the malicious software runs in the background, unknown to the user, doing nefarious things. Most commonly, trojans open a backdoor into the computer, allowing someone to take control of the computer remotely.

Rootkits - A rootkit is a software tool, or collection of tools that allow an operator to do several things on a computer system. Rootkits don't infect a computer like a virus or worm, but instead must be activated by a user. Typically, after a trojan opens a backdoor to the computer system, a malicious operator will then use that backdoor to log into the computer, and then install a rootkit. Typically rootkits hide the presence of itself and the remote operator from the system and the computer users/administrators. They also insert themselves into the computer startup sequence so that the rootkit runs whenever the computer boots up.

Adware - Adware is a legitimate method software creators use to sponsor products that they allow people to use without purchase. As the software product is run, a section of the program or a pop-up window appears with advertisements (typically targetted) displaying products to users. Though not necessarily a bad thing, there are a couple of problems with adware that users should be made aware of. 1.) Many times, the installation of this software is hidden from the user, making it difficult to opt out of. 2.) Depending on the method the software creator uses to get advertisements, the user may be put at risk if the advertisements are gathered from whats called an ad-server. Many times in the past, an advdertisement would be created that would install spyware, worms, or trojans on the visiting computer.

Trackers - Typically trackers are harmless, with the only negative impact being on users privacy. Trackers most commonly are types of software tokens called cookies which web sites give to your web browser so they can keep track of certain information. The privacy problem with these cookies occurs when web-sites, or their affiliates, place cookies on the computer and then use those cookies to determine what web-sites you visit, or what products you look at. Though not as bad as other types of malware, the privacy aspect of these types of "trackers" warrants their inclusion into the malware category.

Spyware - Spyware is similar to adware and trackers, except it has a more negative impact upon the user. Like its name says, it is a small piece of software that actively spies upon the user, gathering information (typically with the user unaware) and transmits that information out to a person or persons on the internet. What information is gathered depends upon how the spyware was created. It could be as simple as monitoring what web-sites the user visits, as complex as gathering financial or identity information from the users computer, and anything in-between.