Today, our Personal Computers are more protected than ever, because there are a lot of programs that detect and eliminate threats that want to access our computer. Nevertheless, we can not say that Personal Computers are more secure than a few decades ago.
Without a doubt, the computers with Windows Operating Systems installed on it, are most at risk, because most threats have as their objective Microsoft's Operating Systems. Due to this situation, many tools for Virus, Spyware and Malware detection and elimination are developed.
It is important to know how to differentiate what action is performed by each type of threat since it is possible that antivirus detects a threat in a file that is harmless and does not detect other types of file which can cause any type of discomfort to the end-user.
The programs that have malicious intentions, they are known as Malware. So the following types of programs are classified as Malware (Malicious Software).
A Virus is a program, library or code, that spreads itself and infects other files. The intention of the virus is usually harmful: delete computer files, infect and corrupt files, or damage the file structure of the Operating System. Viruses have been decreasing over the years, as they tend to be detected quickly by antivirus engines.
As the Virus, the worms spread itself and all over the hard disk. Their intention is not to damage or delete files, but simply to spreads itself as much as possible. This leads to a reduction of the hard disk space available, and high consumption of CPU, which is transformed into a slower Operating System. Worms can be spread to other computers on the network, searching for and taking advantage of known vulnerabilities on Operating Systems.
This type of files/programs are installed on the computer with the “form” of a normal program. That is to say, Trojans come hidden in programs that perform a specific function. For example, we can download a program that serves to exchange files, and this program, in addition to download the files, can execute harmful actions hidden and transparent to the user. Unlike viruses, Trojans do not spread itself to other files, but it is usual to find them on the Internet hidden on some Installers. A Trojan can make the computer to be controlled remotely by another user, so despite not being destructive, it's a threat to the privacy of the user whose PC is infected with a Trojan.
This type of software, hide his presence to the Operating system and to the user, in such a way that despite being installed and working, it will be ignored by the OS, and can perform any kind of malicious action. For some time this type of threat was difficult to detect, but currently, the vast majority of Anti-Virus is able to detect and remove this type of Malware.
This type of Malware goes a step further than the earlier, being able to block the infected computer in such a way that the user may not be able to use the keyboard or the mouse. Once the computer has blocked, the Malware will show a message requesting the payment of a sum of money to be able to unlock the computer. Obviously, we will not make any payment, because it will not unlock the computer. The only way to unlock the PC is by deleting and removing the Ransomware.
This type of Software displays advertisements in the form of pop-ups or insert ads on the web pages we browse. This type of Malware becomes very irritating since it makes impossible to browse without interruption and make impossible the use of the computer showing countless pop-up windows.
These programs collect information about the habits of use of the PC and typically use these data for commercial purposes. It can collect information about the sites visited, and gather information about the user and the computer.
PUPs differ from other Malware. Virus, Trojans, Worms, etc., usually are programs that the end-user doesn't want in his PC, however, PUPs can be programs that the end-user wants to use on his computer. For example, a user may want to have installed a file-sharing software, which, in a transparent way to the user, gathers information from his computer. That is why it is called Potentially Unwanted Programs (PUPs) because although the end-user is going to use that program for one particular function, the software brings a number of not desired “additional functions”.
These last two types of Malware (Adware and Spyware), are the most spread Malware through the Internet, and the most common cause of troubles to the end-user (and more benefits bring to a multitude of stakeholders). This is due to the fact they can pass as harmless applications, so it is easier to distribute them over the Internet.PUPs tend to be distributed through installers of other programs. That is to say, when we install a legitimate program, Adware or Spyware will be installed along with the main software. This type of installer is very common in a multitude of download pages. In Usitility we do not use these installers, and we scan our downloads in search of this type of program. You can look more information about the process we follow to detect this type of program here.
Now that we know different types of existing Malware, is convenient to know what are the False Positives. When an Antivirus software scans a file, it is possible that the file is detected as a threat, when in fact the file does not represent any danger to the user. This is called False Positive. For example, the next tool John the Ripper, which serves to decrypt passwords, will be marked as a threat by multiple Antivirus engines. This is because many Antivirus determine that this tool can be used with bad intentions and, therefore, harm to third parties. That is why we must learn to interpret the results of the Antivirus.
That said, we can only recommend you to download a good Antivirus and a good Antispyware, and make all your downloads from a trusted site such as Usitility.
by Rubén Hernández