Antivirus Glossary of Terms
ActiveX:
A Microsoft technology that allows certain plug-ins to install when viewing some web pages (similar to Java applet). The difference is, when installed,
ActiveX can access the Windows Operating System directly.
This has caused a number of vulnerabilities that virus and spyware operators are able to exploit and thus download their malware directly to your operating system.
When viewing a web page that asks you to install ActiveX Controls, and you don't absolutely need it, say no.
Adware:
A type of software that monitors a user's web-surfing habits then displays ads based on that data. Adware is usually bundled with another software (like a screensaver,
or toolbar) and downloaded along with that software. The user typically has to agree to accept the adware, however, the agreement is usually buried in small print.
While adware is not typically dangerous in the sense that it doesn't steal any vital information, nor disable your system, it can be annoying an difficult to get rid of.
Signs of adware include pop-ups, a different search experience, and other advertisements. Adware, sypware, and malware are very similar, but technically different.
Antispyware:
Software that detects, destroys and prevents future spyware attacks. Antispyware software will scan your system when you install it. The software will then either quarantine
or delete any infected files. Most antispyware software then offers some kind of real-time scanning to protect against future threats.
Antivirus:
Software that detects, destroys, and prevents future viruses from infesting your computer system. Antivirus software will typically scan your system upon install in order to
detect any virus infestations. The antivirus software will then delete or quarantine the infected files.
The Antivirus software will then provide some kind of shield against future virus attacks.
Archive:
Backup versions of your files in case you need to roll-back your system after a malware attack. These files are usually compressed for easier storage as .zip or .rar.
Attachment:
A file (document or picture) that is "attached" to an email. Malicious sypware or viruses can be embedded in an attachment, then launched when you open them.
Remember: don't open email attachments you aren't expecting--even if they're from someone you know.
Backdoor:
A "doorway" into your PC system sometimes left there purposely by programers in case of emergency. Malware operators can often exploit these backdoors to
install malicious software. Most antivirus and antispyware software can detect and protect backdoors.
Blacklist:
A list of unwanted emails. The opposite would be a "whitelist" of trusted email senders. Anti-spam software use a blacklists to prevent spam.
Bug:
A generic term for any problem or fault found in any software.
Disinfection:
The process of cleaning up a computer system from viruses, spyware, or any other malware.
Downloader:
A software program that secretly downloads another, malicious software program. An example would be a harmless toolbar that you download to your
PC which is loaded with third-party adware.
Executable files:
Files that enable a program to launch. Executable files can be good or bad depending on what they intend to do. Typically, executable files end in the extension: .exe
False Positive:
A false reading of a safe file. Sometimes, virus or spyware scanners will find a safe file and accidentally label it as malicious. Usually, this is remedied upon the next scan.
However, this can become annoying and leaving you less confident in your scanner's ability to detect real malware.
File Virus:
A virus that lays dormant in a safe file until that file is executed. The virus then becomes active and often destroys that file in the process. The only solution is to
delete the file and recover it from a backup copy.
Heuristics:
A real-time scanning technology that attempts to protect against unknown malware before it attacks your computer.
Hoax:
A fake warning started by malware programmers. The virus is often embedded in this fake warning. If you get a warning about a security threat, the hoax intends for you to
pass it along to other, innocent people thus spreading the virus.
IMAP:
One of the most popular mechanisms for downloading email into a mail client like Microsoft Outlook, Microsoft Outlook Express, or Mozilla Thunderbird.
IMAP, the Internet Message Access Protocol,
is designed to allow a user access to his or her email from multiple computers such that all emails sent, received, and deleted (and even your folders) are automatically "synced" to other computers
with access to your account.
IMAP is often used by people who need access to email from multiple areas at once like the office, home, and a laptop. With IMAP emails sent from one computer automatically appear in your 'Sent' items
on your other computers, too.
Because of this any viruses that get emailed to you on one computer are also on your other computers, too, which is why having
antivirus software
on every computer is so critical.
Keylogger:
A type of spyware that captures every keyboard stroke. This technology can either be used by parents wanting to capture logins and passwords to monitor their children, or it
can be used by spyware to steal logins and passwords to sensitive sites like online banks.
Malware:
Any type of software that causes harm or discomfort to the user or system (short for Malicious Software). Included types of malware are: viruses, spyware, adware, keyloggers, rootkits, etc.
On-Demand Scanner:
A type of technology that can scan your computer for infestations on-demand. Antivirus, antispyware, antiadware, and firewalls typically have the ability to scan your PC whenever you choose.
Phishing:
A method of gathering information from a user: like credit card numbers, social security numbers, login info, passwords, etc. Phishers typically draw the user onto a fake site
(like an online banking site for instance) and require the user to type in their personal account info. Phishing has been know to facilitate identity theft.
POP3:
(Post Office Protocol Version 3) This is a method that allows an email client to download emails from the mail server (ex: Outlook or Thunderbird). This is often a vulnerable
port that malware operators can exploit.
Real-time Scanner:
A type of technology that continuously scans your PC for incoming attacks. Sometimes, this can be a drain on stystem resources slowing your computer down. However, real-time scanning can prevent most malware attacks.
Rootkit:
A bundle of software applications (a "kit") that can directly access the highest permissions levels on your computer (the "root"). Rootkits can embed and operate completely undetected by the user.
Malicious rootkits are designed to take control of a computer at its very deepest core levels by changing files and settings to suit its needs.
Rootkit detection can be very, very tricky, and it's a vital piece of newer anti-virus and anti-spyware applications.
SMTP:
(Simple Mail Transfer Protocol) The method of transmitting email over the internet. Email can then be download from the mail server by POP3 or IMAP.
Spam
A wide range of unwanted advertisements. Spam can be delivered in email, web site pop-ups, or adware. Spam is typically not dangerous, but can also include viruses from time to time.
Spyware:
Any software that is installed secretly and is used to collect surfing information, login passwords, credit card numbers, etc. Spyware, viruses, adware are techinally different,
but overlap in many ways. The end result is that spyware is unwanted and malicious software.
Time bomb:
A virus that will lie dormant until a specific time or date before it becomes active.
Trojan:
Like the old Greek story, a Trojan (as in "Trojan Horse") is a piece of software that appears harmless, but is in fact malicious. Trojans dupe the user into thinking they are harmless until
they're installed on the user's computer and it's too late.
Virus:
A piece of malicious software that creates unwanted behavior in your PC. Viruses typically reproduce themselves allowing them to infect other computers as they are unknowingly passed along.
Viruses can cause damage to files, disks, or hard drives.
Virus signature files:
A list of known viruses currently circulating. Antivirus engines rely on this list of known viruses so their software can block infection.
Whitelist:
A list of "friendly" email addresses. The opposite would be a "blacklist" of unwanted email addresses like spammers or phishers. A whitelist only allows known email addresses to be delivered.
Worm:
A self-replicating program designed to send copies of itself to other computers in the network. While worms aren't necessarily viruses themselves, they can create backdoors for viruses to exploit.
