Viruses, Malware, and PUPs, Oh My!

Viruses, Malware, and PUPs, Oh My!

Your definitely not in Kansas anymore, Dorothy.

Many people call me and say they have a virus on their system. They usually don’t. Less than 1% of the PCs I work on actually have a virus. Most have combinations of adware and PUPs (Potentially Unwanted Programs). But the word “virus” has entered the  common computer lexicon as a malicious program.

Malware, adware, ransomware, bots, trojans, backdoors, rootkits; what do these words mean?

Here is a list of the common malware types and their definitions!




  • Adware: The least dangerous and most common malware. Adware displays ads on your computer. Definitely some of the most obnoxious malware.
  • Backdoors: Backdoors are much the same as Trojans or worms, except that they open a “backdoor” onto a computer, providing a network connection for hackers or other malware to enter or for viruses or SPAM to be sent.
  • Bots: Software programs created to automatically perform specific operations. While some bots are created for relatively harmless purposes (video gaming, internet auctions, online contests, etc), it is becoming increasingly common to see bots being used maliciously. Bots can be used in botnets (collections of computers to be controlled by third parties) for DDoS attacks, as spambots that render advertisements on websites, as web spiders that scrape server data, and for distributing malware disguised as popular search items on download sites.
  • Browser Hijacker: When your homepage changes  you may have been infected with one form or another of a browser hijacker. This dangerous malware will redirect your normal search activity and give you the results the developers want you to see. Its intention is to make money off your web surfing. Using this homepage and not removing the malware lets the source developers capture your surfing interests. This is especially dangerous when banking or shopping online. These homepages can look harmless, but in every case they allow other infections into your system.
  • Keyloggers: Records everything you type on your PC in order to glean your log-in names, passwords, and other sensitive information, and send it on to the source of the keylogging program. Many times keyloggers are used by corporations and parents to acquire computer usage information.
  • Malware: Malware is short for malicious software, meaning software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise cause harm to the host computer. Malware is a broad term that refers to a variety of malicious programs.
  • Phishing: The phishing scam masquerades as a legitimate website or link to a site, but what it’s really trying to do is “fish” for information. By fooling you into thinking that you’re visiting your bank or a shopping or government website, the scam gets you to divulge personal or financial information, which the Bad Guys then exploit.
  • PUM: Stands for “Potentially Unwanted Modification.” A PUM is an unwanted change made to your computer’s settings. PUMs can be performed by both legitimate applications and malware, though changes made by malware are more likely to cause serious problems. In some cases, you may not know about a PUM until after it has taken place.
  • PUP: (Potentially Unwanted Program) An application that is installed along with the desired application the user actually asked for. Also called a “barnacle,” in most cases, the PUP is spyware, adware or some other unwanted software. However, what makes spyware or adware a PUP rather than pure malware is the fact that the end user license agreement (EULA) does inform the user that this additional program is being installed. Considering hardly anyone ever reads the license agreement, the distinction is a subtle one.
  • Ransomware: A form of malware that essentially holds a computer system captive while demanding a ransom. The malware restricts user access to the computer either by encrypting files on the hard drive or locking down the system and displaying messages that are intended to force the user to pay the malware creator to remove the restrictions and regain access to their computer. Ransomware typically spreads like a normal computer worm (see below) ending up on a computer via a downloaded file or through some other vulnerability in a network service.
  • Rogue security software: This one deceives or misleads users. It pretends to be a good program to remove malware infections, but all the while it is the malware. Often it will turn off the real anti-virus software. Tries to get you to pay money to fix problems it creates or falsely claims exist.
  • Rootkit: A rootkit is a type of malicious software designed to remotely access or control a computer without being detected by users or security programs. Once a rootkit has been installed it is possible for the malicious party behind the rootkit to remotely execute files, access/steal information, modify system configurations, alter software (especially any security software that could detect the rootkit), install concealed malware, or control the computer as part of a botnet.Rootkit prevention, detection, and removal can be difficult due to their stealthy operation. Because a rootkit continually hides its presence, typical security products are not effective in detecting and removing rootkits. As a result, rootkit detection relies on manual methods such as monitoring computer behavior for irregular activity, signature scanning, and storage dump analysis. Organizations and users can protect themselves from rootkits by regularly patching vulnerabilities in software, applications, and operating systems, updating virus definitions, avoiding suspicious downloads, and performing static analysis scans.
  • Spam: The electronic sending of mass unsolicited messages. The most common medium for spam is email, but it is not uncommon for spammers to use instant messages, texting, blogs, web forums, search engines, and social media. While spam is not actually a type of malware, it is very common for malware to spread through spamming. This happens when computers that are infected with viruses, worms, or other malware are used to distribute spam messages containing more malware. Users can prevent getting spammed by avoiding unfamiliar emails and keeping their email addresses as private as possible.
  • Spyware: Spyware is software that spies on you, tracking your internet activities usually in order to send adware back to your system. Or to send it to someone monitoring you.
  • Trojan: The most dangerous malware. Trojans are written with the purpose of discovering your financial information, taking over your computer’s system resources, and in larger systems creating a “denial-of-service attack ” Denial-of-service attack: an attempt to make a machine or network resource unavailable to those attempting to reach it. Example: AOL, Yahoo or your business network becoming unavailable.
  • Virus: A virus is a contagious program or code that attaches itself to another piece of software, and then reproduces itself when that software is run. Most often this is spread by sharing software or files between computers. Email can be another injection point.
  • Worm: Computer worms are among the most common types of malware. They spread over computer networks by exploiting operating system vulnerabilities. Worms typically cause harm to their host networks by consuming bandwidth and overloading web servers. Computer worms can also contain “payloads” that damage host computers. Payloads are pieces of code written to perform actions on affected computers beyond simply spreading the worm. Payloads are commonly designed to steal data, delete files, or create botnets.Computer worms can be classified as a type of computer virus, but there are several characteristics that distinguish computer worms from regular viruses. A major difference is that computer worms have the ability to self-replicate and spread independently while viruses rely on human activity to spread (running a program, opening a file, etc). Worms often spread by sending mass emails with infected attachments to users’ contacts.