The creators of most of these programs, however, don’t always want to destroy your computer; rather, they want to either leverage the information on your computer or network to benefit themselves or possibly take control of your systems altogether. The relationship between your computer and malware tends to be more parasitic than outright destructive, although any malware that resides on your computer and steals your information or takes control of your system is obviously a severe risk.

Bottom line: You don’t want malware of any kind on your computer. Even the most benign malware will eat up RAM and slow down your computer. Therefore, it’s valuable to know the categories of malware, what each of them does, and how it gets onto your computer in the first place.

Virus

A virus is a piece of self-replicating software that infects a computer without the owner’s knowledge or consent. Viruses attach themselves to a host, which can be a file, email, or media such as a flash drive, and then infect any other computer or storage media with which it comes in contact.

Designed to destroy data or prevent systems from functioning, viruses can be found in a wide range of severity and type. The nastiest of the breed can wipe out entire hard drives, while strains that are more pedestrian may just produce a pop-up message. Resident viruses hang around in your computer’s RAM as long as possible, looking for files to infect, while nonresident viruses will hang around only long enough to perform the intended operation and then leave. In addition to being able to replicate themselves, metamorphic viruses can alter themselves and their copies.

Different categories of viruses use different methods to infect a host. Viruses disguised as executable files (usually found as email attachments or bogus software downloads) are file viruses and become active when an unwitting user attempts to open or run the file. Boot sector viruses go deeper, living in the part of your hard drive that tells the computer how and what to boot, going into action every time the infected computer starts. Viruses that infect documents once they’re opened (and therefore all subsequent documents with the same operating commands) are called macro viruses.

Trojan Horse

Like the legendary wooden horse that the Greeks used to sack Troy, a Trojan horse in computer lingo is a program that appears harmless (such as an email attachment) but delivers destructive code, known as the payload, once a user downloads it. A Trojan horse is not a virus by virtue of the fact that it can’t self-replicate. It can, however, deliver a virus—or spyware, a worm, a bot, or backdoor—as a payload.

Worm

Worms and viruses aren’t the same thing, but they are closely related. Both self-replicate and travel by attaching themselves to something. In contrast to viruses that move from files and devices on a single machine, however, worms hitch rides on network traffic such as emails and dig their way throughout a network.

By worming their way (pun intended) through a network, worms can spread much faster and more widely than the typical virus. While a nasty worm can spell disaster for, say, a business’ corporate network, a worm that uses the Internet can infect many victims in a short amount of time. Worm payloads include file deletion or encryption, as well as backdoor installation so the worm’s creator can gain control of a system.

Spyware & Adware

Any program that tracks your computing activity without your knowledge or consent is considered spyware. Spyware is generally not designed to cause damage to your computer; rather, it gathers personal information about you, monitors your Internet activity, and foists unwanted ads or pop-ups upon you.

Spyware can get onto your system by a variety of means. It might be bundled with another program and gets onto your system when that program is installed. A Trojan horse may deposit spyware onto your system, or you may accidentally download spyware that masquerades as something else, such as security software.

Generally, adware comes bundled with other applications, and it often installs cookies and Registry keys that track your Web surfing habits and then displays targeted ads on your computer. This tracking helps advertisers tailor the ads to things that are likely to interest you. It’s worth noting that even when you remove the program that the adware came with, the cookies and keys sometimes stay put.

Some people erroneously believe spyware and adware are the same thing. This misperception is likely because the effects of both frequently result in unwanted ads or pop-ups. The primary difference is that you have to grant access to adware, while spyware gets on your computer surreptitiously. For example, if you download freeware, part of the deal may be that you’ll have to see ads when you use the program. Therefore, you are “agreeing” to the ads when you download the program, whereas you’d never allow spyware on your system on purpose.

However, adware can become spyware when it crosses a certain line, if, for example, it’s used either without your permission or to steal your personal information.

Keystroke Logger

A keystroke logger, or keylogger, is technically not malware, but the technology can certainly be appropriated for malicious purposes. Simply put, a keystroke logger is a program that records a user’s keystrokes, Web sites visited, and chat room conversations.

When someone creates a keystroke logger that gets onto someone else’s system and steals that person’s information, it becomes malware. Often deposited by a Trojan horse, a keystroke logger can record all manner of private information from your computer and transmit it to a third party.

Backdoor

Backdoors are entrances through which a third party can access your system, even if it’s password-protected. They exist either from an unintentional code error or from an intentional loophole written by a programmer. Anybody or any software that discovers a backdoor can gain access to your system.

Worms and Trojan horses can also create backdoors, at which point your computer can be used by a third party to send spam emails. You would probably never notice a backdoor unless it lets in a virus or destructive worm, as they’re designed to work without being noticed. For example, if a spammer is using your computer to send emails, the only noticeable effect might be a drop in system performance. Some backdoors are actually helpful, left by programmers so technicians can enter a system to perform maintenance at a later date.

Rootkit

A rootkit is software or a collection of software that takes control of a system without the owner’s knowledge. In effect, a rootkit allows a hacker to become the affected computer’s administrator. Therefore, a hacker has the capability to change your settings or use your computer just as the administrator can.

Rootkits are especially tricky because they hide the hacker’s tracks. A common use for hijacked computers is to use them as zombies, which means that someone can run the computer remotely, sending out spam emails or finding passwords to other systems. If someone were to trace the zombie computer’s activities back to the source, it would end with the zombie, and the hacker’s computer would be undetectable.

Bot

Bots (short for robots) are simple programs that run automatically and autonomously, usually over the Internet. They can be useful for nonmalicious applications, such as reporting weather or sports scores, instant messaging, or IRC (Internet Relay Chat). Search engines frequently use bots to gather information about Web sites.

Bots go bad when they’re used to compile email addresses for spammers, steal Web content and reuse it without permission, or create botnets. Botnets are a collection of software bots that run on groups of zombie computers and carry out malicious tasks.

Spam

Like a plague of locusts, spam email descends upon our inboxes every day. Those bulk emails—the equivalent of junk mail—are bountiful and hard to avoid. Usually, spam is sent to great swaths of email addresses at one time, ostensibly to entice the receivers to buy products. Fortunately, email servers have learned to identify most spam and quarantine it in a place other than your inbox. Once safely quarantined, you can browse through the junk to see if there is anything worth your time.

Although many spam emails are harmless, some can be quite malicious. Spammers may, for example, send you an email hawking a hair replacement product. If you click a link in the email or open an attachment, you may find yourself infected with a virus or other malware.

The damage from malicious spam can be devastating, but you can avoid any such problems by never opening attachments without knowing exactly who sent it and what it is, never clicking a link from an unsolicited email, and always logging in to sensitive accounts from that institution’s Web site instead of following a link from an email. As for avoiding spam altogether, it unfortunately looks as though the barrage won’t end anytime soon.

It’s A Jungle Out There

With so many types of malware assaulting computer users from seemingly every direction, the situation can seem dire. Yet the number and quality of all manner of anti-malware programs available, the security updates Microsoft has made to its operating systems, and safe computing practices on the part of computer users can go a long way toward keeping malware off your computer and out of your life.

Be sure to check out the following articles in our “PC Security” feature package section for more information on how to prevent and get rid of the various types of malware.

by Seth Colaner