Whenever you search for a security software, like a free antivirus, you would come across terms like malware, spyware, adware etc. All these terms sound dangerous, and a software that mentions more such terms seems like a better software. But what do these terms really mean?
Here is a compilation of short definition of these common security related terms. All the info is compiled from Wikipedia.
What is a Malware:
Malware is actually the broadest category in which all such terms fall. As per wikipedia:
Malware, short for malicious software, is software designed to secretly access a computer system without the owner’s informed consent. Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, scareware, crimeware, most rootkits, and other malicious and unwanted software or program.
Notice the use of word “informed consent” in above definition. This means malware is not defined based on its functionality only. For example, if you download and install a keylogger yourself for your own purpose, it might not classify as a malware.
What is Spyware:
As per Wikipedia:
Spyware is a type of malware that can be installed on computers, and which collects small pieces of information about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect.
Here is another interesting info about Spyware on the same Wikipedia page:
While the term spyware suggests software that secretly monitors the user’s computing, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited…
What is Adware:
Adware is quite specific to displaying unwanted ads. Here is what Wikipedia says:
Adware, or advertising-supported software, is any software package which automatically plays, displays, or downloads advertisements to a computer. These advertisements can be in the form of a pop-up.
What is a Rootkit:
Rootkits are one of the most technically advanced malware. They are what people normally perceive as viruses. Here is what Wikipedia says:
A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. Once a rootkit is installed, it allows an attacker to mask the ongoing intrusion and maintain privileged access to the computer by circumventing normal authentication and authorization mechanisms.
And here is the most scary part about Rootkits:
Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternate, trusted operating system; behavioral-based methods; signature scanning; difference scanning; and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only alternative.
Of course, there are some rootkit scanners that help detect rootkits. Check out free rootkit removers, GMER, and Trend Micro RootkitBuster.
What is a Virus:
This is the most popularly used term by security software, but probably also the least understood one. Here is the exact definition from Wikipedia:
A computer virus is a computer program that can copy itself and infect a computer. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.
The most important part of above definition is “can copy itself”. This is what separates a virus from other type of malware listed above. And this is the feature that make it most dangerous: Viruses can easily spread themselves to multiple computers. A single virus infection in a corporate network might play havoc with entire network. Do make sure you always have a good antivirus like AVG 2011, and Avast.
Also check out: How to Remove Virus from PC.
What is a Trojan Horse:
This is a less commonly used term, but the software that it represents is equally dangerous. Definition from Wikipedia:
A Trojan horse, or Trojan, is malware that appears to perform a desirable function for the user prior to run or install but instead facilitates unauthorized access of the user’s computer system. It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems.
What is a Worm:
Definition of Worm looks too similar to that of a Virus, but the definition also points out differences between both:
A computer worm is a self-replicating malware computer program. It uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
I hope these definitions would leave you more knowledgeable about these scary looking terms that we come across a lot nowadays.
Image Credit: Hugepedia.
What I can’t understand is the motivation behind creating such programs. I understand the motivation behind adware, and if one wants to spy on a big firm, the spyware. But what is the motivation for infecting a little guy’s computer? The most serious thing I do is play hearts online. But I suppose online banking would draw interest as well.
@Thomas: In most of the cases attackers try to create an army of such compromised computers, and use that together for a bigger mass attack. Of course, as your mentioned, capturing your online information is also a good motivation.