Is there a difference between PC malware and PC virus?

Drsunil V October 13, 2013

Is there a difference between PC malware and PC virus? In other words, can antimalware tool act a antivirus not necessitating an antivirus?

  1. Hovsep A
    October 26, 2013 at 9:45 am

    antimalware can do offline detection if you have updated database to the latest definition, you dont have to be connected to internet for scan to progress

  2. Dalsan M
    October 14, 2013 at 7:47 pm

    Personally, I think Panda Cloud Antivirus is a good and light software. I'd rank it up near Bitdefender.

    I wouldn't trust antimalware software above antivirus software, but instead use them in conjunction with each other. The only thing is if both software actively scan, which would cause conflicts. Panda Cloud with Malwarebytes Antimalware free edition would be very good protection for your computer, since if one doesn't find any viruses or malware, the other one should. This isn't always the case, but it is better to have more than one solution for extra protection.

    • Drsunil V
      October 16, 2013 at 7:33 am

      I have read your response with care and understood it's points. Strictly speaking , antimalware includes protection against viruses. So accordingly , isn't it a type of antivirus?

    • Bruce E
      October 16, 2013 at 8:33 am

      Most antivirus software will pick up trojans, worms, viruses, and some rootkits. Some will also treat "tracking cookies" as a low risk item and remove them. They normally do not include all of the crapware toolbars that get packaged with software downloads (and are automatically installed by those who don't read the installation dialogs). Most antimalware products will detect the tolbars, etc and remove them. They also tend to be a bit better about detecting (and sometimes removing) rootkits. Each individual antivirus and antimalware product has its own strengths and weaknesses and NONE of them cover everything equally well. That is why you should use a good antivirus (or Internet Security Suite) as well as at least one on-demand antimalware product on EVERY Windows system you have deployed.

      The only exception I ever make to this rule is for businesses that are using a network firewall that is configured to block access to proxies, an intrusion detection system, and all traffic through the firewall is logged on a secure, listen-only logging machine, preferably to a write-only device. The logs need to be reviewed daily and all outbound traffic needs to be vetted to ensure it is not an attempt by an internal user to bypass the firewall rule sets (i.e. accessing newly set up proxy servers). In these cases, I will go with a trusted centralized antivirus on all deployed Windows machines (including servers) and skip the antimalware. The centralization of the AV allows the network administrator to control the automatic distribution of AV engine and virus definition updates across the network from a single interface and makes it harder for an internal user to either accidentally or intentionally disable the protection and updates.

    • Dalsan M
      October 16, 2013 at 2:19 pm

      One analogy I'd like to use for this situation is that antimalware is more like a primary care physician, a doctor that tries to find out many issues and treat what it can. This would cover more areas, but not always as in depth as a specialist. Even if there is active scanning, many times the higher threats are not found without a thorough scan. Antivirus is more like a specialist, one that treats more specific areas of higher threats, but also actively scans for higher threats and many times finds threats before a thorough scan. The main exception, as Bruce states, is rootkit detection and removal, where antimalware (MalwareBytes Antimalware) may be better at than many antivirus software.

      Other security measures must be considered, as well. A decent firewall, good browsing and downloading habits, and thoroughly reading and paying attention to what is going on as you are using the computer is a must because no matter what protection software you may have installed, most likely will not help user error.

      Also, from my experience, active scanning antimalware software usually does not detect nearly as much as an antivirus software. The better detection rate (mostly more mild to moderate threats) by antimalware is through manual scanning. That is why purchasing MalwareBytes Antimalware does very little extra protection than the free version.

      Antivirus software uses different methods of detection than antimalware does, which is usually why it can be safe to run both actively together, except during thorough scanning. Antivirus software normally detects more threats as you are using the computer, which is why I trust an antivirus software over any antimalware software. Good antimalware software normally will detect more than antivirus software during manual scanning, which is why I would use MalwareBytes free version over the paid version.

    • Drsunil V
      October 20, 2013 at 5:20 pm

      Do you imply that Antimalware does offline detection and AV does online detection? though both detect viruses?

  3. Shawn R
    October 14, 2013 at 12:43 pm

    I repair computers. The vast majority of my service calls are for malware problems. If my customers are not running Windows 8, which has a very good anti-virus program, I install the free version of AVG on their machines, even if they are running Norton or McAfee. I do this because those two paid programs take up a huge amount of space and cost a yearly fee. AVG is much smaller, is very highly rated and it's free. I also encourage them to buy Malwarebytes which has a one time cost but, in my experience, catches a lot of malware.

    • Bruce E
      October 16, 2013 at 9:40 am

      Uh... Why would you want to remove a product that achieves better protection AND performance scores to replace it with an inferior (by test score comparision) product? I can understand getting rid of McAfee, but Norton outperformed AVG in testing by AV-TEST (Jun/Aug '13) and Dennis Labs (Jul/Sep '13). Then you go and purchase Malwarebytes which has a free edition that does everything that is needed without the cost. Granted you can't schedule updates and scans or do on-access scanning with it, but with another AV product being used for continuous protection, Malwarebytes should only be used for on-demand scanning to prevent resource contention with multiple on-access scanners and it isn't a big deal to do a definition update prior to running an on-demand scan. And if someone is really paying attention, they can be using Norton for free pretty much forever by buying the previous version when stores are clearing it off of their shelves and still giving you the upgrade rebate every year. After all, the codes are not to activate the software, but to activate the subscription for virus defintion updates.

      And you really need to start treating your Win8 users better. Microsoft Security Essentials (Defender in Win8) does not score well even when it passes the tests, so you should be replacing the Microsoft default solution with something better. Hell, even AVG beats MSE out in these tests.

    • Shawn R
      October 16, 2013 at 12:45 pm

      Bruce E - Please provide link to the tests you mention. In the real world, most of my users are not very tech savvy. I provide the options that are easiest for them to use.

    • Bruce E
      October 18, 2013 at 11:41 am
  4. Dalsan M
    October 13, 2013 at 11:51 pm

    Not much can be can be added to defining the difference between the generic term of malware and the more specific term for virus. Malware comes from the terms malicious software, so any software that performs bad or malicious actions would be included in malware, including spyware, adware, tracking software and cookies, ransomeware, and viruses. Viruses are, in fact, malware that spreads across multiple computer systems, much like a cold or flu virus. Since more malicious software have been created, a terminology to differentiate between the two had to be made, especially since, technically, malicious software that does not spread from one computer to another without physically installing the malicious software is not really a virus. Originally, viruses were spread through networks without any real user interaction.

    As far as protection against viruses and malware, it is best to have an active virus scanner and an antimalware software that you run on occasion. You can get by with just an antimalware program, but you would hand to be completely proactive against any threats. This, in itself, is not always an easy feat.

    • Drsunil V
      October 14, 2013 at 6:01 pm

      Please clarify : do you mean anti malware is a substitute to AV? even though it may not be the best substitute

      Please also tell your view about cloud panda AV,

  5. Oron J
    October 13, 2013 at 11:38 am

    As Bruce says, "malware" is a general term which describes any software which is designed to do you (or your computer) harm, to steal information from you etc, whereas "virus" is a technical term which was coined in the early 80's and describes a specific type of malware. To quote from Wikipedia (, a virus is "a type of malware that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be "infected"..."

    Other "technical" types of malware include worms and trojans. Since the end of the 90's, the distintion between the types of malicious threats has waned and for a while most were described as "blended threats" or similar terms. Some AV companies chose to describe most such software as "trojans" even if its method of infection included elements of viruses or worms. A little later, the term "spyware" came into currency, and although stricly speaking "spyware" relates only to software which spies on the users (e.g. key loggers), it was often used for any malware which was not specifically a virus or a worm. Nowadays "malware" fulfils that generic role in product names, with the term spyware acting as its sidekick. When reporting malware, another category which is used is PUP (potentially unwanted software), which is emblematic of the problem with the terminology (some people might want all those toolbars on the browsers, after all...).

    As for your question regarding anti-malware vs AV software, here's the deal. Most antivirus software packages (including "internet security suites" etc), scan "on acceess", meaning that they scan any files as they are written to the disc or being read from it. To do this, they need to modify the system's standard file opening mechanisms. The implication of this is that only one AV package can run at a time, or there would be a conflict between the AV products, each trying to gain access to the file ahead of the other (this can cause the computer to "lock up", not a nice scenario!). Security software which uses other methods to scan the files, usually distinguish themselves from the "traditional" AV packages by calling themselves "anti malware" or "anti spyware". Those packages can be used at the same time as AV packages, and also as each other. For example, you can use AVIRA (an AV package), Malwarebytes Anti-Malware and SuperAntiSpyware all at the same time. Another distinction is that antimalware software often detects a much wider range of malware (including things such as tracking cookies and the PUPs mentioned above), but not all anti-malware is particularly good at detecting all types of security threats.

    As a result, you should do as Bruce suggests. Run a good AV program at all times, and have another anti-malware program installed, which you can use to scan the system when you deem necessary. Some anti-malware packages, such as the paid-for version of Malwarebytes, offer on-access scanning, and you *could* have that running, but in my opinion this is not worth it in the majority of cases as the performance hit would be more than the gain in security.

    • Drsunil V
      October 13, 2013 at 7:13 pm

      Thanks. Your reply is detailed but yet very important in terms of pc security points.
      You mentioned : "Those packages can be used at the same time as AV packages, and also as each other. "
      So one can use malware anti-malware in place of installing an antivirus? to protect against viruses. Thus if malware antimalware is installed there is not a compulsory requirement for antivirus in same workstation?

    • Drsunil V
      October 13, 2013 at 7:14 pm

      Can antimalware be used instead of antivirus in pc?

  6. Bruce E
    October 13, 2013 at 7:59 am

    A virus is a type of malware. Malware is the generic term for malicious or any software that is not necessarily desired on a computer. Some types of malware just have annoying pop-ups when you are browsing the internet. Others may hijack your default web page and search engine directing them to the writer's own page or engine (and generally generating money for them if you use it). A virus is a piece of code that inserts itself into other executable programs in order to propogate itself. A worm can propogate without having to latch onto another piece of code for transport. Worms, viruses, trojans, several toolbars, as well as other types of code are all considered malware.

    Most machines should be using an antivirus product that provides on-access protection for all files. You should also have an on-demand malware scanner (such as Malwarebytes) that is run only when directed by the user (and should be done at least weekly on high-use machines, more frequently on high-risk machines, less frequently on low-use or low-risk machines). Both types should be updated regularly (even if on-demand scanning is not performed as frequently, just to keep the database current). Just make sure you are not using on-access capabilities on multiple products simultaneously.

    • Drsunil V
      October 13, 2013 at 7:10 pm

      Thanks for elaborate reply.

Ads by Google