<

What is Malware?  What can I do to prevent infection?

Published on
10,466 Points
3,566 Views
4 Endorsements
Last Modified:
Approved
Thomas Zucker-Scharff
Veteran in computer systems, malware removal and ransomware topics.  I have been working in the field since 1985.
I am often asked to remove malware from computers that have none.  It is useful to know what is and is not malware.  Malware is malicious software of any kind, this includes:
Spyware - Is generally software downloaded to a user's computer and attempts to collect information about the user without their knowledge.  One type of spyware is a keylogger (see below).  Wkipedia's definition
Computer viruses - this term is sometimes confusedly used to refer to any computer infection.  A computer virus must be able to reproduce itself and it is usually software which alters a file or files in order to cause harm to your computer.  Sometimes a virus will do nothing at all and sometimes it can completely destroy a hard drive - this is known as the payload.
Computer Worm - A worm is a self replicating piece of software.  Worms spread through a network with the need for little or no user interaction.  A computer worm can spread because the target system(s) is in someway vulnerable.  For instance, if a software or operating system patch has not been applied this leaves the system open for attack.  On our own network we experienced a worm spreading to computers which did not have a password on the default login.
Keyloggers - software planted on your computer to record keystrokes as you type and then send them off to a remote server (used for identity theft)
Adware - Any software used to display ads on your computer.  Some software uses adware in order to maintain a free version.  Adware may not be particularly malicious, but it is intrusive.
Rootkits - Software that disguises itself as operating system files or writes itself into operating system files in order to avoid detection.  Rootkits are very difficult to get rid of because by definition they are hard to identify.  Many rootkit infections are only seen because the rogue code infects other files.  See this article for more on rootkits.
Bots/Zombie computers - A fairly underrated attack is that of the software which turns a computer into a zombie or remotely controlled resource.  Attackers use this type of method in order to gain control of many computers which are then unknowingly used to do whatever the botnet (network of bots) controller wants them to do.  This unfortunately tends to be malicious.  A well known botnet is SETI@Home.  The Search for ExtraTerrestrial Intelligence project asks you to install a simple program on your computer which will allow them to use your unused computing power and combine it with everyone else's to download and analyze radio telescope data.  If you are worried about this type of "infection" you can use something like Trend Micro's free RUBotted.
Trojan Horse/Trojan - is non-self-replicating malware that appears to perform a desirable function for the user but instead facilitates unauthorized access to the user's computer system (as in the Trojan horse from Greek mythology) - definition from wikipedia

Just because your computer has slowed down do not jump to the conclusion that you have malware.  Although this may indeed be a symptom of some malware infections, generally malware tries to ensure that you will NOT notice it is there.  Operating systems like windows XP will slow down over time.  There are a couple of things you can do to speed it up - try these links:

http://farjadarshad.blogspot.com/2009/06/how-to-make-winxp-faster.html
http://askbobrankin.com/make_windows_xp_run_faster.html
http://www.computerhope.com/issues/ch000179.htm
http://home.comcast.net/~SupportCD/OptimizeXP.html
http://www.tunexp.com/

I also highly recommend using a file cleaner like CCleaner on a consistent basis.  Once you have optimized your system, it's a good idea to make a backup, so you can easily go back.

So now I know what to look for, What's next?
There are some basics that will protect you.
Run an anti-malware app like Malwarebytes or ESET NOD32 and keep the definitions up to date
Enable Microsoft Update on a daily basis
Disable autorun to prevent getting infected from a USB device (run attached file)
Replace the windows hosts file with one that blocks many known malware sites - try this one
Use a link scanner/site rater like Web Of Trust (WOT) or LinkExtend
Never click anywhere on a popup that appears unexpectedly on your computer - use alt-F4 to kill the process.  Even clicking the "X" can cause grave damage to your computer if the dialog box is programmed in a malicious way.
(see my article on preventing malware infections in the workplace)
autorun.reg
4
Comment
0 Comments

Featured Post

Become a Microsoft Certified Solutions Expert

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

Join & Write a Comment

Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
If you, like me, have a dislike for using Online Subscription anti-spam services, then this video series is for you. I have an inherent dislike of leaving decisions such as what is and what isn't spamming to other people or services for me and insis…
Next Article:

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month