Glossary What is a virus, trojan, spyware, malware or other badware
The technical terminology used in virus alerts and descriptions can be confusing. The glossary below contains definitions for some of the most common terms with the top ones linked just below.
A legitimate, non-replicating program designed to display ads to the end-user, often based on monitoring of browsing habits. Often adware contains spyware in order for the program to know which advertisements to display based on the current user’s preference. Adware displays ads often in exchange for the right to use a program free of charge (a variation on the shareware concept).
A program that opens secret access to systems, and is often used to bypass system security. A Backdoor program does not infect other host files, but nearly all Backdoor programs make low-level operating system modifications (i.e. it makes changes to the registry). Backdoors usually hitch a ride in on trojans. Once they are in place and they have executed, they hide themselves while opening a port on your computer to allow others in. Some backdoors are placed by hackers once they gain access allowing themselves easier entrance later, or if their original entryway is blocked.
A virus which uses multiple infection techniques. This may include the exploitation of various program vulnerabilities, incorporation of trojan behavior, file infection routines, Internet propagation routines, network share propagation routines, and spreading without any human intervention.
A trojan that, upon execution, logs every keystroke or activity in a system. Although they are similar to third-party parenting/monitoring software, some keyloggers actually employ the same techniques as parenting/monitoring software to gather valuable data such as usernames, passwords, and personal information from unsuspecting users.
A “macro” is a saved set of instructions that users may create or edit to automate tasks within certain applications or systems. A Macro Virus is a malicious macro that a user may execute inadvertently and that may cause damage or replicate itself. Some macros replicate, while others infect documents. Unlike other virus types, macro viruses aren’t specific to an operating system and spread with ease via email attachments, floppy disks, Web downloads, file transfers, and cooperative applications. Macro viruses are typically written in Visual Basic and are relatively easy to create. They can infect at different points during a file’s use (for example, when a file is opened, saved, closed, or deleted).
Malware (Malicious Software)
Programs that are intentionally designed to perform some unauthorized (and often harmful or undesirable) act such as viruses, worms, and trojans.
A virus that contains a special routine that changes parts of the virus code with each replication to evade detection by antivirus software.
A software program that monitors a user’s computing habits and personal information and sends this information to third parties without the user’s authorization or knowledge.
Trojan (Trojan Horse)
A program or a part of program code that performs unexpected or unauthorized, often malicious, actions. The main difference between a trojan and a virus is the Trojan’s inability to replicate. Trojans cause damage, unexpected system behavior, and compromise the security of systems, but do not replicate. If a malicious program replicates, then it should be classified as a virus. A Trojan, coined from Greek mythology’s Trojan Horse, typically comes in good packaging but has some hidden malicious intent within its code. When a Trojan is executed users will likely experience unwanted system errors, problems in operation, and sometimes loss of valuable data.
A program or a part of program code that replicates – that is, “infects” another program, boot sector, partition sector, or document that supports macros, by inserting itself or attaching itself to that medium. Most viruses only replicate, though, many do a large amount of damage as well.
A self-contained program (or set of programs) that is able to spread functional copies of itself or its segments to other computer systems. The propagation usually takes place via network connections or email attachments. The worm may do damage and compromise the security of the computer. It may arrive in the form of a joke program or software of some sort.