A Brief Guide to Malware and What to Do About It

To keep your personal data as private as possible, malicious software (malware) must be avoided. The bad news is that you can’t always see malware attacks coming. The good news is that there are steps you can take to recover from malware infections—or even steer clear of attacks altogether. This resource is here to guide you through malware identification and recovery.

Table of Contents

  • Malware: More Than a Virus
  • What is a Computer Virus?
  • What do Worms Do in a Computer?
  • How Can I Spot a Bot?
  • How Does a Trojan Work?
  • What Does Ransomware Do?
  • What Does Adware Look Like?
  • What is Spyware?
  • Other Useful Malware Terms
  • What Can I Do to Remove Malware from My Device?
  • How Can I Prevent Malware Infections in the Future?

Summary

If your computer has been acting up or is unusually slow lately, there is a chance that your device has been compromised by a piece of malware. Your device may have been infected with a virus, invaded by a trojan or ensnared by ransomware. In any case, something must be done to stop malware from controlling your device and your data. This blog post can help you identify different types of malware and what to do if your device is affected by one.

Malware: More Than a Virus

Doing anything online comes with its own set of risks, of course, but it’s hard to be fearful of the vague threat of being told to avoid viruses. As it turns out, there are more things to be wary of besides viruses, which are only one type of malicious software, or “malware.” Malware is any piece of software that can be utilized by one user to do harm to another user, device, server or network. Victims of malware attacks might experience new nuisance behaviors on their device, privacy invasion, financial theft, data manipulation and more. Furthermore, some of these versions of malware even team up to maximize their damaging effect on a victim’s system.

In a world beyond simple viruses, what are these additional risks? What do they do? How can you tell if your computer has been infected with malware? What can you do about it? Our chart on this page provides you with a brief glimpse into seven common varieties of malware and what happens if they find their way onto your device. Each malware category is explained in greater detail below the chart, as well as what to do if you discover malware. You can also find tips on how to prevent the introduction of malware into your system in the first place.

Malware Categories at a Glance
Malware Category:What it Does:How it Starts:What it Looks Like:
Virus Uses malicious code to change the way a device operates by inserting a copy of itself into another program to be initiated by device userCan be initiated when a user downloads an infected file, either intentionally or by accidentUnusually slow computer behavior; Unfamiliar files or programs on device; Unfamiliar emails/messages sent from your accounts
WormSelf-replicates itself to take advantage of loopholes in a device’s system, infecting it without any initiating action from device userCan be transmitted through software vulnerabilities or spammy attachments and instant messagesMissing or new files; Suddenly full hard drive space; Unusual speed and performance problems
BotPerforms automated tasks on the command of a remote user (executes behavior as directed by a non-present third party)Can enter a device’s system through an infected site, downloaded content or other types of malware entering your systemExtremely slow internet speeds; Unusual system crashes; Pop-ups that appear without being prompted by a browser; Sudden settings changes that are irreversible; Unfamiliar or missing files and programs
TrojanInfects devices using malicious code disguised as legitimate programs Can enter a system when a user initiates a program over the internet that looks fine but actually includes malwareUnusual amount of lagging in speed; Unfamiliar software installed; Out-of-the-ordinary pop-ups that request personal info
RansomwareHolds personal data hostage until victim pays for it to be unlocked or returnedCan often be delivered through a trojan code which may be the result of phishing messages, links or attachments Partially or fully blocked access to your device; A request for ransom payment to prevent data publication and/or deletion
AdwareForces undesired advertisements onto your screen, often (but not always) within a browserCan appear on a device if it is downloaded without understanding its intent or if a legitimate-but-infected program brings it in by accidentAds appearing in places where they shouldn’t be; Changed browser homepage without permission; Extremely slow internet browsing; New toolbars, extensions or plugins suddenly populated in your browser; Frequent redirection to incorrect websites
SpywareGathers personal data on the device’s user without alerting the victimCan be installed deliberately by others or delivered through trojan codes and phishing messagesIncreased lag on your device’s system; New files and programs you didn’t install; Unusually low battery capacity; Suddenly dysfunctional antivirus software; Sudden increases in data or bandwidth usage; Sudden uptick in unwanted ads or pop-ups

Viruses

A “virus” is not a term that is interchangeable with “malware.” Instead, a virus is a category of malware. It creates copies of itself to spread from device to device. Most viruses are attached to an executable file, which means that the virus is only activated when a user unknowingly runs the malicious host file or program. When that happens, the viral code will be executed alongside the code for the host program. Computer viruses can infect a device when a user downloads an infected file (intentionally or not). This download can be initiated by interacting with pirated media, free games, phishing emails, malicious websites or links to insecure content.

How to Spot a Virus:

  • Unusual problems with general device performance (i.e. long time to open programs, issues shutting down or restarting, frequent system crashes, error messages, etc.)
  • Missing files
  • Appearance of new files or applications that you never downloaded
  • Emails that seem to send autonomously from your account
  • Unusual browser lagging
  • Malfunctioning firewalls or antivirus systems

Worms

Like a virus, a worm is a set of infected code that can be transmitted from device to device. A worm is different from a virus in that this type of malware is self-replicating and can cause damage without depending upon human action. Additionally, although worms can also gain access to your device through suspicious message attachments and spammy instant messages, they tend to seek instabilities in their target systems that they can exploit. Once downloaded, a worm can modify, add or delete files, hog a computer’s physical and digital resources, steal data and install a backdoor to allow a hacker into your device’s system.

How to Spot a Worm:

  • New or missing files you never downloaded or deleted
  • Unusual speed and performance issues (lagging, crashing, etc.)
  • Unreasonably full hard drive space

Bots

Bots are pieces of malware that can remotely perform certain tasks on command, which means that they can follow instructions from a non-present source. These can be introduced into your device via an infected site, downloaded content or other malware entering your system, and they rely on receiving instructions from a third-party server to wreak havoc on cyber victims. Among the variety of purposes they serve, bots include the ability to add your system to something called a “botnet,” which is a network of bot-infected systems. A botnet that consists of thousands of bot-infected systems would have vast amounts of processing power.

It should be noted that some botnets are good! They service things like search engines, for example. On the other hand, malicious bots can be self-propagating pieces of malware that infect host computers while reporting to their server of origin. Bots that have infected a system can collect personal data, launch Denial of Service (DoS) attacks or install backdoors for hackers access.

How to Find Bots

How to Spot a Bot:

  • Extremely slow internet speeds (some users report a “zombie-like” device that is on but unresponsive)
  • Unusual system crashes
  • Pop-ups that appear without being prompted by a browser
  • Sudden settings changes that are irreversible
  • Unfamiliar or missing files and programs
  • Fan begins working while device is idle
  • Email messages leave your accounts even though you did not send them

Trojans

Trojans are types of malware that operate under the disguise of legitimate programs or links. Once downloaded, it generally offers its host hacker access to your device—this is usually how trojan-based identify theft begins. Some trojans will sit dormant on your device until further instructions come from the host hacker, while others are designed to begin immediately. Aside from being a backdoor to your device for cyber criminals, trojans can also try to deactivate your security software, bypass your security settings and introduce additional malware to your system. They have also been known to hijack devices into forced involvement with something called a Distributed Denial of Service (DDoS) system. That just means that, if your device gets strapped into this botnet, it will be forced to participate in attacks on other systems or networks by overloading the victim’s internet traffic capabilities.

How to Spot a Trojan:

  • Extra-slow device performance
  • Unrecognized programs installed on computer
  • Unusual pop-ups that request personal information

Ransomware

Ransomware is a recognizable type of malware that is often delivered through a trojan embedded in the phishing emails, suspicious attachments and unsafe links. Once downloaded, a hacker can enter your device’s system through the trojan code to begin controlling your data. Some hackers wait to observe victims to get a better idea about the ransom amount that user could pay, to check out what kind of information is on the computer and to ensure that there are no backups that the victim could use to restore their content and get around the ransomware. Other cyber criminals waste no time on surveillance and begin locking things down immediately.

Either way, a victim will find a message announcing that their data is being held hostage in exchange for payment. Their files and programs will be either partially or fully restricted until the perpetrator’s desires are realized (although there are no guarantees that the promise of data release will be honored). Some versions of ransomware will delete the data if the deadline is not met, others threaten to publish that data publicly if their demands are not satisfied.

How to Spot Ransomware:

  • Partial or full lockdown on your files and programs
  • A message or pop-up announcing hacker’s intent to continue blocking your data unless you pay a ransom

Adware

Adware affects your system’s advertising behavior. If infected, your system might be throwing up ads everywhere it can on your screen. This particular type of malware generates money for its creators through two types of revenue: cost for displaying the ad on the screen and cost for each click through which the end user accesses the ad. These can get into your device when you download “free” software or when you visit an infected site that takes advantage of vulnerabilities in your browser. Although this seems more annoying than harmful, some versions of adware tag team with spyware to report information back to whoever unleashed them. Although that information is theoretically data that helps the adware know which ads to show you, you might not know if it is stealing any extra information from you.

A related term to know here is malvertising, which involves the use of legitimate advertising to secretly introduce malware onto a user’s computer. An ad infected with malvertising software would appear to originate from a real website but clicking on it would deliver a user to a site that it did not advertise or it would prompt a forced download of malware before the user can do anything about it. A malvertising link might carry a user to a website that advertises something other than what the user was looking for, or the website itself could contain malicious content.

How to Spot Adware:

  • Ads appearing in places where they shouldn’t be
  • Changed browser homepage without permission
  • Extremely slow internet browsing
  • New toolbars, extensions or plugins suddenly populated in your browser
  • Frequent redirection to incorrect websites or sites you weren’t expecting to be directed to

Spyware

Spyware is software that covertly gathers data about a victim through their system. Although this software is sometimes implemented by users to view what their loved ones do online (for example, some parents supervise their child’s online activities as those children learn to navigate the digital world responsibly), it can be used by hackers to steal sensitive data. This can be done by logging keystrokes (what you type on your keyboard), harvesting login credentials, implementing banking trojans, recording audio or video and more. It can track things like geographical location, call logs, contact lists, photos taken on your phone and cookies from your browser.

Although this type of malware can be introduced to a victim system through a trojan code or phishing link, it can also be installed by someone who has physical or Wi-Fi access to your computer. Remember to lock your devices with passwords, never leave them unattended in a public place and be sure to use Wi-Fi you trust completely. If you cannot be certain of a secure Wi-Fi but you do need the connection, use a Virtual Private Network (VPN).

How to Spot Spyware:

  • Increased lag on your device’s system
  • New files and programs you didn’t install
  • Unusually low battery capacity
  • Suddenly dysfunctional antivirus software
  • Sudden increases in data or bandwidth usage
  • Sudden uptick in unwanted ads or pop-ups (spyware is often paired with adware to help the adware know which ads to shove onto your screen)

Other Useful Malware Terms

Fileless Malware

Fileless malware makes up approximately 50% of malware today and doesn’t exploit users through the traditional file system. Instead, it infects devices under the guise of legitimate programs so that it can sneak undetected into your device’s memory without even touching the hard drive. It can therefore make changes to the files that are native to your Operating System (OS). This makes it tough to discover and remove.

Scareware

Scareware is a social engineering strategy by online perpetrators to scare users into believing that they need to immediately download or purchase something. This is one method cyber criminals use to force victims into interacting with malicious content. Frightening users into performing a desired action immediately can result in the loss of privacy, information and money on the part of the victim.

Rootkit

A rootkit is an application which allows remote access to your device by a third party. Although this software can be positively utilized by IT professionals trying to help frantic users do damage control on their devices, it can also be used by cyber criminals to gain access to a victim’s personal data.

What Can I Do to Remove Malware from My Device?

  • Run an antivirus scan on your software. Your software will guide you through the process of threat elimination.
  • Delete temporary files from your system. Look up the specific steps that match with your system.
  • Reinstall your operating system. Take your device to a professional to ask if you’re unsure.
  • Back up your device to its most recent backup point if you have backed it up in any cloud service or external drive.
What to do About Malware

How Can I Prevent Malware Infections in the Future?

Know the basics of staying safe online. Here are some pointers:

  • Use updated antivirus protection and operating systems on your device.
  • Don’t click on questionable links or pop-ups.
  • Don’t open an email or attachment to an email unless you are certain that you trust the sender.
  • Only download software and applications from established and legitimate programs.
  • Use cloud accounts to back up your device.
  • Beware of any amazing offers that are “free,” which may actually come at the cost of your data security.

Frequently asked questions

What is malware?

Malware is short for “malicious software,” and it is any piece of software that can be used to do harm online to another user, device, server or network. The effects of malware potentially include invaded privacy, stolen personal data, dysfunctional devices and more.

What is the difference between worms and viruses?

Viruses depend on an end-user victim to initiate the program that they are attached to. When that happens, a virus can continue to infect files and be passed along. A worm, on the other hand, can replicate independently and insert itself into a system’s loopholes—even without interaction from the victim.

What is the difference between adware and malvertising?

The goal of adware is to push undesired ads onto your screen by any means necessary. Some of those ads might be malicious, but they can also be ads for legitimate products or services. The goal of malvertising, on the other hand, is to sneak malware onto your device under the disguise of an ad that promotes a seemingly legitimate product or service. These ads may appear in places you would normally expect an ad to be, or they may latch onto a real business’s name to deliver you to a similar-but-different malicious website. One unifying characteristic of both of these strategies is that they are not beyond trying to scare users into interacting with them. An example of a fear-based ad might be, “Your computer has been infected with a virus. Click here now to have it removed!”

How do I know if my device has been infected with malware?

Basically, if your computer starts to demonstrate unusual behavior, it’s time to inspect your device for potential malware. This new behavior would likely be sudden and might include slowdowns, crashing, new files, missing files, unreasonably full hard drive space, excessive pop-ups, suspicious messages sent from your own accounts and more. Note that a few of these symptoms, like slowing down and crashing, can also occur naturally in older devices. When you’re checking for malware, you’re looking for behavior that is not normal for your device’s age and Operating System (OS). Remember to keep your OS as updated as possible.

Written by Sarah Solomon

Edited by Henry St. Pierre

What Is Spectrum TV Essentials?

Spectrum TV Essentials is a live TV streaming service that includes over 70 entertainment, lifestyle and children’s networks. But there’s a catch.

What Is YouTube TV?

YouTube TV is one of the most popular live TV streaming services around, offering over 100 live TV channels. Find out if this service is worth it for you.

What’s the Difference Between Internet and Wi-Fi?

When you sign up for internet service, you’ll likely want Wi-Fi to go along with it. Internet and Wi-Fi work together to bring connectivity to every wired and wireless device in your home. But what’s the difference between them?