Malware Definitions and Information

Adware usually acts without a user’s authorization or knowledge. While adware is not always malicious, it typically tracks a user’s Internet activity and sends information, such as email addresses, to advertisers. Many free utilities are known to install hidden Adware so that the developer of the utility can recover developmental costs. With the information taken from the user’s computer, the user may be a target for pop-up/pop-under advertisements, additional toolbars, and spam.

This term is used to describe a program created to obtain unauthorized access to your system.

Browser Plugins
Browser plugins can affect your web browser in a variety of ways. Some plugins may create windows to display additional information on a web page you’re viewing, and others may replace a websites’ banner advertisements with their own. Some plugins may simply change your home page, while others are used to monitor and report your Internet activity to a parent server. This spyware is usually not stopped by your firewall, because it’s seen by the firewall as part of your browser.

Browser Hijackers
Browser hijackers change your Internet web browser settings without your permission. Sometimes this means changing your home page to a pay-per-click site so that the author of the browser hijacker software earns money. Occasionally, browser hijackers may change your browser’s default search page so that all your queries lead to pay-per-click sites, while also tracking your Internet activity. Unfortunately, simply restoring your browser to factory settings usually will not prevent the browser hijacker from working.

A Downloader is a software application which may download and install additional malware to your system. The downloaded malware may have the ability to re-install itself, which makes it difficult to remove manually.

Form Grabber
This term describes a malicious program that has been created to steal the web form information of a user before it is submitted online over a (hopefully) secure connection.

A Hijacker is an application that may take control of your browser’s settings in order that to redirect you to other websites. A Hijacker may cause your browser to behave sluggishly.

Keyloggers record every keystroke you make on your PC, often with the intent of capturing usernames, passwords, credit card numbers, bank account numbers, etc. Some keyloggers also take screen shots of your computer activity, monitor emails/ online chatting, and (when installed by someone authorized to do so) are often used to monitor child or employee computer activity. Even in cases such as these, keyloggers usually work secretly.

This term describes the technique used by cybercriminals to acquire personal information (usernames, passwords, banking information, etc.) from users by masquerading as a legitimate business entity in an email or other form of electronic communication.  Many times attackers will spam spoofed emails appearing as a banking institute or Paypal.

Proxy is a firewall that blocks and re-creates a connection between two points.   Proxy has an ability to hide a user from the outside world or an attacker from a user. For malicious purposes, a proxy may be used to make a connection anonymously between an attacker and your computer. This makes the connection much more difficult to notice. SMTP and FTP may be used in conjunction with Firewall Killers, Downloaders, RATs, and Trojans.

Rogue Anti-Virus
Rogue anti-virus programs are fake programs that are designed to look and behave just like a legitimate virus removal application. Rogue anti-virus programs are usually created by hackers who attempt to take your money through devious tactics. Rogue anti-virus programs use pop-ups, fake scans and alert messages as scare methods. Rogue anti-virus may scan your system displaying erroneous results of viruses present on your computer. Rogue anti-virus programs may cause damage to your computer and can be difficult to remove in some cases. Rogue anti-virus programs, as well as, rogue anti-spyware programs and rogue registry programs are known to be used by Trojan makers to install malware and other scumware.

Remote Administration Tools
Remote administration tools are mostly used by network administrators to control your PC remotely. The main purpose of this spyware is to control and fix your computer settings without having to physically be in the same location. However, sometimes remote administration tools are used for illegal purposes, such as unauthorized remote control that may allow access to your personal and financial information.

This term describes programs that are created to conceal specified processes or other programs (usually malicious) to evade the detection of antivirus software.

This term describes a malicious program created to discreetly steal confidential information. Many times the stolen information is relayed to a 3rd party (spammers, hackers).

A Toolbar consists of a group of buttons that may perform certain tasks, such as provide an additional search bar or additional bookmarks. A toolbar for Internet Explorer is normally located below the menu bar at the top of the form. Toolbars are usually created by Browser Helper Objects.

Trojan Horse
This term describes a program that has been developed to appear safe and harmless, however is malicious.

This term describes a program that can replicate on its own and does so by attaching itself to another (usually) non-malicious program.  When the program is executed, the coded virus routine is carried out.

This term also describes a program that can replicate on its own; however, instead of attaching itself to a host like a virus, it spreads by using other means of replication, such as attaching itself to an email, using open network shares, copying itself to available external drives and devices, etc.