Along with viruses, one of the biggest threats to computer users on the Internet
today is malware (malicious software). Malware can hijack your browser, redirect
your search attempts, serve pop-up ads, track what web sites you visit, and
generally mess things up. Malware programs are usually poorly-programmed and
can cause your computer to become unbearably slow and unstable in addition to
all the other havoc they wreak.
Many of them will reinstall themselves even after you think you have removed
them, or hide themselves deep within Windows, making them very difficult to
clean. We will outline the different varieties of malware along with basic preventive
measures. Although also considered to be malware, programs such as viruses,
worms, trojans, and everything else generally detected by anti-virus software
will not be discussed here, and the use of the word malware
will only refer to software that fits in the categories listed below.
There are several ways in which your computer can be infected by malware. Malware
is often bundled with other programs (Kazaa, iMesh, and other file sharing programs
seem to be the biggest bundlers). These malware programs usually pop-up ads,
sending revenue from the ads to the program's authors. Other malware is installed
from websites, pretending to be software needed to view the website. Still other
forms of malware, most notably some of the CoolWebSearch variants, install themselves
through holes in Internet Explorer like a virus would, requiring you to do nothing
but visit the wrong web page to get infected.
The vast majority of malware, however, must be installed by the user (most
people do this unintentionally, as the malware is often bundled with a software
they want to install). Unfortunately, getting infected with malware is usually
much easier than getting rid of it, and once you get malware on your computer
it tends to multiply.
Will anti-virus programs protect against malware?
Anti-virus companies are only beginning to pay attention to malware. Aside
from some of the latest versions (many include the malware scanner in the Internet
security portion of their suites), most anti-virus programs have little or no
protection. Those anti-virus programs that do protect are generally not as thorough
as a dedicated malware remover. However, some especially virulent malware that
scanners may miss will be removed by anti-virus programs, so it is generally
a good idea to run a virus scan as well. Some of the anti-virus vendors' delay
may be caused by worries they will be sued if they start labeling programs as
spyware, adware, etc., which has already happened in several cases.
Types of malware
Although there is no official breakdown, we can divide malware into several
broad categories of malware. These are - adware, spyware, hijackers, toolbars,
and dialers. Many, if not most malware programs will fit into more than one
Adware is the class of programs that place advertisements on your screen. These
may be in the form of pop-ups, pop-unders, advertisements embedded in programs,
advertisements placed on top of ads in web sites, or any other way the authors
can think of showing you an ad. The pop-ups generally will not be stopped by
pop-up blockers, and often are not dependent on your having Internet Explorer
open. They may show up when you are playing a game, writing a document, listening
to music, or anything else. If you are using the internet, the advertisements
will often be related to the web page you are viewing.
Programs classified as spyware send information about you and your computer
to somebody else. Some spyware simply relays the addresses of sites you visit
or terms you search for to a 3rd party server. Others may send back information
you type into forms in Internet Explorer or the names of files you download.
Still others search your hard drive and report back which programs you have
installed, the contents of your e-mail client's address book (usually to be
sold to spammers), or any other information about you ar your computer. Information
that you have stored on your computer such as your name, browser history, login
names and passwords, credit card numbers, phone number and address may be collected
by spyware programs.
Spyware often works in conjunction with toolbars. It may also use a
program that is always running in the background to collect data, or it may
integrate itself into Internet Explorer, allowing it to run undetected
whenever Internet Explorer is open.
Hijackers take control of various parts of your web browser, including your
home page, search pages, and search bar. They may also redirect you to certain
sites should you mistype an address or prevent you from going to a website they
would rather you not, such as sites that combat malware. Some will even redirect
you to their own search engine when you attempt a search. Note: hijackers almost
exclusively target Internet Explorer, so the easiest way to avoid this is to
use a different web browser. There are many top quality web browsers available
today, like Firefox, Mozilla, Netscape and Opera.
Toolbars plug into Internet Explorer and provide additional
functionality such as search forms or pop-up blockers. The Google and
Yahoo! toolbars are probably the most common legitimate examples, and
malware toolbars often attempt to emulate their functionality and look.
Malware toolbars almost always include characteristics of the other
malware categories, which is usually what gets it classified as
malware. Any toolbar that is installed through underhanded means falls
into the category of malware.
Dialers are programs that set up your modem
connection to connect to a 1-900 number. This provides the number's
owner with revenue while leaving you with a large phone bill. There are
some legitimate uses for dialers, such as for people who do not have
access to credit cards. Most dialers, however, are installed quietly
and attempt to do their dirty work without being detected.