Viruses and Malware

-
You've no doubt heard about antivirus solutions and that you likely need one to keep your machine safe. But what exactly is a virus, and what does an antivirus service actually do? How do viruses differ from malware? Do you need anti-malware if you already have an antivirus solution? I'll attempt to provide answers to these questions in this blog post.

Software viruses

Computer viruses are applications that infect files on a computer, and propagate by finding additional files to infect on the same computer, and potentially on additional hosts connected to the network. By corrupting files, the viruses have the effect of rendering files and applications inoperable and thus can cause a significant amount of damage and frustration.

The notion of files becoming "infected", and the malicious software being replicated and spread to other parts of the system is why the "virus" terminology is so apt: this behavior seems to mimic the pathological viruses affecting humans.

Historically, viruses were one of the more prevalent forms of malicious software (malware) and therefore received a lot of attention relative to other types of malware. However, it's important to note that viruses are not the only forms of malware.

Malware

Malware refers to any type of malicious software and this presently includes a wide range of types including (but not necessarily limited to):
  • Viruses
  • Trojans
  • Ransomware
  • Rootkits
  • Worms
  • Spyware
  • Adware
Fig 1. Various forms of Malware (non-exhaustive)

As you can see, viruses are but one of many forms of malware. Therefore, all viruses are malware, but not all forms of malware are viruses.

Antivirus and Anti-malware

If viruses are only one form of malware then it would seem logical that the right thing to do would be to run anti-malware, not antivirus, software to check for malware being installed/run on a computer. Right? Well, that's where things get interesting.

Even though technically it's quite true that it's malware we're interested in defending our computers against, for historical reasons the term "antivirus" has continued to be used to refer to software that deals with all forms of malware, not just viruses. I highly suspect the reasoning here is that it's to keep things simple: a lot of non-technical people are already familiar with the notion of viruses and antiviruses and probably don't need more terms to deal with. Perhaps the antivirus developers were concerned that by changing out the terminology they'd lose customers looking for pure antivirus solutions; I really don't know for sure, but I suspect as much. As someone interested in using language correctly (and interested in Computer Security) it pains me a bit that the terminology wasn't updated in the commercial products and that all antivirus solutions weren't just renamed to anti-malware products. This causes additional complications because some software applications have been advertised specifically to target anti-malware such as trojans and ransomware (MalwareBytes is one such example), which may leave some users curious if they need a separate antivirus solution as well.

So what should you do if you want to protect your computer from modern malware? Clearly this is all a bit confusing. I've heard some folks (some reputable content creators on YouTube, and other reputable tech sites on the web) say that you should run an antivirus program alongside an anti-malware program. For example, sites here and here claim it's a great combo to run Windows Defender together with an anti-malware solution like MalwareBytes (The PC Security Channel has some interesting thoughts on relying purely on MalwareBytes and separately on the actual benefits of Windows Defender). Personally I think that combo is likely to be overkill since, to add to some of the confusion, most modern "antivirus" solutions are in fact anti-malware solutions. For the most part, they have more appropriately renamed themselves to avoid some, but perhaps not all, confusion: Bitdefender lists itself as a "cybersecurity solution", Sophos lists itself as having "cybersecurity to block advanced viruses, malware, exploits, and ransomware", and Kaspersky describes itself as an "advanced antivirus and security suite" (admittedly the last one is a bit confusing with the reintroduction of the term antivirus).

Conclusion

In conclusion, know that all forms of malicious software can be aptly categorized as malware. There definitely still exist viruses but these days trojans, ransomware, adware, spyware, and a host of other types are considered more commonplace. If you want to keep your system protected you'd best look for a solution that can handle these more modern threats and not just handle traditional viruses.

Fortunately, most modern antivirus solutions are likely competent at handling malware as well. I recommend reading the documentation carefully to be sure this is the case before making a purchasing decision.

Comments

Post a Comment

Popular posts from this blog

Review of Sophos Home Premium

-
Image
This is my third review in a row (in a matter of three months) of different antivirus applications. Following my trials and reviews of Kaspersky and Bitdefender , I decided to try out Sophos this month. One of my chief reasons for trying out Sophos is because of the gushing praise provided by The PC Security Channel , a channel on YouTube I generally enjoy for his objective reviews of antivirus software. Reviews such as this  and this  more recent video. Overall, TPSC demonstrates that Sophos is a very thorough and reliable antivirus solution. I trust Leo's reviews and so I wanted to try this out myself using the trial provided at their site. This blog post covers my experience using Sophos for the month so far. Sophos Application Given the super strong feedback from TPSC, I was strongly looking forward to Sophos and perhaps this set up a lot of strong expectations for the application. While Kaspersky and Bitdefender seemed relatively similar to one another, Sophos was dr...
Read more

Review of Bitdefender Internet Security 2020

-
Image
About a month ago I installed a trial version of Bitdefender Internet Security . This blog post goes over my experience with it, highlighting the features and what I liked and didn't. Bitdefender Application Bitdefender is the second antivirus solution I've tried a trial of recently (the first being Kaspersky, as documented here ). Having just come from using Kaspersky for a month the differences were quite apparent, especially the UI. I'll go over the features and my opinions further below. Shown below is the application window as seen when you start up Bitdefender Internet Security. Features and Tools The application provides a suite of tools broken down by tab and category, with the some default (and frequently used) features available on the "Dashboard" home page (seen in the image above). This includes a useful link to run a "quick scan" and access a few other features such as the VPN and Safepay privacy option. There is a an option t...
Read more

Review of Kaspersky Internet Security 2020

-
Image
I installed a trial version of Kaspersky Internet Security to see whether I'd be happy to use it long term. This blog post goes over my experience using the product and what I like/dislike so far. Kaspersky Kaspersky Lab , founded by Eugene Kaspersky, is a Russian-based cybersecurity firm focusing on antivirus/anti-malware solutions for businesses and home users. Their antivirus solutions receive quite a lot of praise and are positively reviewed on tech sites. Despite consistently receiving very strong reviews and having reportedly excellent results against malware, Kaspersky Lab does receive some negative reviews based solely on the fact that the company is headquartered in Russia and user data is stored in their Russian-based data centers (this isn't true for European customers : their data is kept and processed in data centers in Zurich, Switzerland). The Russian aspect of the company has been enough of a reason for US government agencies to discontinue use of Kaspers...
Read more