Malware vs virus. What’s the difference?

Malware vs. Virus
Written by Wilbur Woodham

Malware and viruses. We all heard these two cybersecurity-related terms, and people often use them interchangeably. Is such use legitimate? Let us delve into the terminology of harmful software to judge the malware vs. virus semantic dispute.

Malware is a more general concept encompassing all software written to harm targeted computers, networks, data, or users (the latter – via blackmail, spying, racketeering, etc.) A computer virus is just a type of malware, which is, by the way, not that spread nowadays. However, since the history of malicious software began with the viruses, and no other word from the known vocabulary matched their nature better, all future malware got vilified as “viruses.”

CONSIDER READING: Network security in a nutshell. That’s how you protect your workgroup.

What is a computer virus?

Computer viruses per se are pieces of code that, being added to harmless programs (or data files), contain instructions to self-replicate and harm the system where they reside (although the latter is not necessary). The viruses’ main distinctive feature is that they need a vehicle, a host. Executables and data files usually play this role. The viruses can also exist not in files in a strict sense. For example, they can incrust themselves within the boot sector or any list of commands for a processor to execute.

Creators of viruses back in the ’80s designed their brainchildren to spread from file to file and then, logically, from computer to computer via floppy disks. Viruses occasionally travel as email attachments, but some viruses spread via the Internet specifically. That means they “know” what email is, and “to send the virus-infected file by email” is a part of the instruction to the contaminated computer they contain. Ironically, the first virus transferred from one machine to another was created in the early ’70s and was spread remotely via the ARPANET, not on a floppy drive!

The main difference between viruses and other malware is that the former are not separate files (worms and Trojans are). Viruses are pieces of code, and they either use files as vehicles or integrate with non-file records (see boot sector viruses). Viruses and worms do self-replicate, while Trojans don’t.

Viruses vs. Worms vs. Trojans

Internet worms are separate-file agents that self-replicate and spread themselves via the Internet. Viruses are self-replicating pieces of code, while Trojans are files that don’t self-replicate.

CONSIDER READING: Windows 11 Security Approach: Zero-Trust Juggernaut Launched.

Conceptual mess

Although professionals always told viruses from worms and Trojans, the three being the types of malware classified by the method of spreading, popular culture inherited the term “virus” and applied it to all the variety of computer malware. As computers became widespread, and so did the malware, it became clear that average users were experiencing a conceptual mess regarding harmful software. That is so not without reason. On the one hand, there are some strict definitions in malware taxonomy, but on the other hand, there are also some optional and non-scientific terms, and they are all mixed up. So are the criteria of classification. People may think that you can put, for example, “malware,” “ransomware,” and “Trojan,” on a par and that the object in question is either “ransomware” or “Trojan.” In reality, there is a lot of malware describable as ransomware by function and a Trojan by delivery method.

So what is malware?

Malware is an umbrella term for all harmful software. These are, of course, Trojans, worms, and viruses with all the multitude of troubles they cause. By its effect, malware is categorized as ransomware, spyware, coin miners, adware etc. Software, which is not malicious itself but assists destructive programs, also falls under the definition area of “malware.” These can be backdoors, keyloggers, rootkits, etc. As for potentially unwanted applications (PUA) – whether to label them as malware is up to you. GridinSoft, for example, draws a fine line between PUA and malware calling the two “slightly different things.” Sometimes security software falsely arrests programs due to the risks of using them, although you have consciously installed those programs. In such a case, your antivirus performs an undesired action, mistaking a wanted program for an unwanted application.

RELATED: Is uTorrent safe?

As for adware – this is an ambiguous phenomenon. On the one hand, some free programs are adware (in a good sense) since they display commercial banners but still provide their services. On the other hand, some programs do no good to users but bring money to dealers who flog this adware to you without any other purpose than cashing in on dubious advertisers. You can consider the latter type of adware malware alright, although it brings inconvenience, not direct harm. Therefore, adware is not considered malware by the majority of security companies.


Hopefully, now you clearly understand the difference between malware and viruses, having even a deeper peek into the malware nomenclature. Now when someone’s antivirus detects, let’s say, a Trojan, and a person is saying: “My computer’s got a virus!” you are fully eligible to stand up, raise your index finger and declare, with your eyeballs rotating: “That is NOT a virus!”

Wilbur Woodham
Wilbur Woodham
IT Security Expert
It is better to prevent, than repair and repent!
When we talk about the intrusion of unfamiliar programs into your computer's work, the proverb "Forewarned is forearmed" describes the situation as accurately as possible. Gridinsoft Anti-Malware is exactly the tool that is always useful to have in your armory: fast, efficient, up-to-date. It is appropriate to use it as an emergency help at the slightest suspicion of infection.
Gridinsoft Anti-Malware 6-day trial available.
EULA | Privacy Policy | 10% Off Coupon
Subscribe to our Telegram channel to be the first to know about news and our exclusive materials on information security.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Malware vs virus. What's the difference?
Malware vs virus. What's the difference?
Malware and viruses. We all heard these two cybersecurity-related terms, and people often use them interchangeably. Is such use legitimate? Let us delve into the terminology of harmful software to judge the malware vs. virus semantic dispute.

German Italian

About the author

Wilbur Woodham

I was a technical writer from early in my career, and consider IT Security one of my foundational skills. I’m sharing my experience here, and I hope you find it useful.

Leave a Reply