1. What is malware?
“Malicious software”; a generic term covering a range of software programs and types of programs designed to attack, degrade or prevent the intended use of an individual computer terminal or network. Types of malware can include viruses, worms, Trojans, malicious active content and denial of service attacks. In the case of invasion of privacy for the purposes of fraud or the theft of identity, software that passively observes the use of a computer is also malware (“spyware”). (source)
2. Why do people create malware?
Why do badware providers make the effort? Because it is big business, amounting to a $2 billion-a-year industry. It’s the Wild West of aggressive marketing and an industry supported by shadowy online marketers, small application vendors, and website operators. (source)
3. What are the consequences of malware?
At a minimum it’s a nuisance, displaying unwanted advertising, or using your computer to send spam. At its worse, it has potential to steal personal and financial information. This can range from your browsing habits, and email address list, to online banking passwords and even identity theft.
4. How can I protect my personal information?
If you suspect you’re infected with malware, stay away from sites like online banking, PayPal, or any site where you’re required to enter personal information. Once the infection is removed from your system, change any passwords used to access online sites.
5. With your help, I’ve removed infection(s) from my system. Is it clean?
That’s not an easy answer. Unfortunately, we can never say with a 100% certainty that a system is clean. This is especially true when dealing with systems that have been infected with rootkits, and backdoor trojans. Every Geeks to Go staff member has extensive training before they’re allowed to reply to malware topics, and we do our best to remove every infection. However, we’re usually careful to say, «your log looks clean», or «no more infections found», and not «your system is clean». The potential exists for some very well hidden malware, or brand new infection to be present. Almost every expert agrees there’s only way to know for certain that an infected system is clean, and that’s to low-level format the hard drive (overwrite with all zeros). Then reinstall the operating system and all applications. However, this means that all data is lost. Most home users and small businesses do not have adequate backups. It’s also very time consuming to reinstall and restore everything. For this reason, most people try to remove infections.
6. How did I get infected?
See Microsoft Security MVP Tony Klein’s: How did I get infected in the first place?
7. Malware Glossary: (source)
- Adware: A type of Advertising Display Software that delivers advertising content potentially in a manner or context that may be unexpected and unwanted by users.
- Backdoor Trojan: A software program that gives an attacker unauthorized access to a machine and the means for remotely controlling the machine without the user’s knowledge. A Backdoor compromises system integrity by making changes to the system that allow it to by used by the attacker for malicious purposes unknown to the user.
- Botnet: A type of Remote Control Software, specifically a collection of software robots, or “bots”, which run autonomously. A botnet’s originator can control the group remotely. The botnet is usually a collection of zombie machines running programs (worms, trojans, etc.) under a common command and control infrastructure on public or private networks.
- Browser Helper Object (BHOs)/Browser Plug-in: A software component that interacts with a Web browser to provide capabilities or perform functions not otherwise included in the browser. Typical examples are plug-ins to display specific graphic formats, to play multimedia files or to add toolbars which include search or anti-phishing services. Plug-ins can also perform potentially unwanted behaviors such as redirecting search results or monitoring user browsing behavior, connections history, or installing other unwanted software like nuisance or harmful adware.
- Dialer/Dialing Software: Any program that utilizes a computer’s modem to make calls or access services. Users may want to remove dialers that dial without the user’s active involvement, resulting in unexpected telephone charges and/or cause access to unintended and unwanted content.
- Hacker Tool: Security Analysis Software that can be used to investigate, analyze or compromise the security of systems.
- Hijacker: System Modification Software deployed without adequate notice, consent, or control to the user. Hijackers often unexpectedly alter browser settings, redirect Web searches and/or network requests to unintended sites, or replace Web content.
- Keylogger (or Keystroke Logger): Tracking Software that records keyboard and/or mouse activity. Keyloggers typically either store the recorded keystrokes for later retrieval or they transmit them to the remote process or person employing the keylogger.
- Rootkit: A program that fraudulently gains or maintains administrator level access that may also execute in a manner that prevents detection. Once a program has gained access, it can be used to monitor traffic and keystrokes; create a backdoor into the system for the hacker’s use; alter log files; attack other machines on the network; and alter existing system tools to circumvent detection. Rootkit commands replace original system command to run malicious commands chosen by the attacker and to hide the presence of the Rootkit on the system by modifying the results returned by suppressing all evidence of the presence of the Rootkit.
- Screen Scrapers/Screen Capturers: Tracking Software that records images of activity on the computer screen. Screen Scrapers typically either store the recorded images and/or video for later retrieval or they transmit them to the remote process or person employing the Screen Scraper.
- Tracking Cookies: A Tracking Cookie is any cookie used for tracking users’ surfing habits. Tracking Cookies are a form of Tracking Technology. They are typically used by advertisers wishing to analyze and manage advertising data, but they may be used to profile and track user activity more closely. However, tracking cookies are simply a text file, and far more limited in capability than executable software installed on users’ computers.
- Trojan: A program that appears to do one thing but actually does another (a.k.a. Trojan Horse).
- Virus: Code that recursively replicates a possibly evolved copy of itself. Viruses infect a host file or system area, or they simply modify a reference to such objects to take control and then multiply again to form new generations.
- Worm: Worms are network viruses, primarily replicating on networks. Usually, a worm will execute itself automatically on a remote machine without any extra help from a user.