Glossary
| Definitions and explanations of common antivirus terminology. |
|
A | B | C |
D | E | F |
G | H | I |
J | K | L | M | N | O |
P | Q | R |
S | T |
U |
V | W | X | Y |
Z |
A
AV Killer
A powerful tool for hackers intended to disable users' Antivirus programs and personal firewalls to escape detection.Adware / Spyware
Software that downloads and displays advertisments. This type of software is often bundled with software that is available freely on the Internet.Antivirus
Antivirus refers to products and technology used to detect, protect and remove malicious code from your infected system. Antivirus vendors share information and resources to ensure rapid response to malicious code outbreaks. Most antivirus vendors participate in independent testing that certifies their products to detect and/or disinfect viruses.Appender / Appending virus
A virus that inserts a copy of its code at the end of its target file.Archive
A group of files compressed into a single file to preserve space. Commonly used archive file formats are ZIP, TAR, ARJ, LZH, UC2. Archives are convenient for containing files that you want to preserve as backups or as a convenient way of sending multiple files to someone.Attachment
An attachment is a file that is added to an outgoing e-mail, e.g. a picture or a Word document. Attachments are the most common carriers of viruses and you should never open an attachment that comes from an unknown source.B
Backdoor
A program that allows access to a computerīs resources via a network connection. Backdoors can create a security hole in your system that can be used to access your computer.Blacklist
There are two kinds of blacklists:IP-blacklists
Publication of a group of IP addresses known to be sources of spam. The goal of these blacklists are to provide a list of IP addresses that a network can use to filter out undesireable traffic. However, since spammers are constantly changing their IP addresses, the effectiveness of IP-blacklists is limited.
r-user blacklists
Lists of e-mail addresses or domain names from which spam filters allow messages to be received. The list can be gradually compiled over a period of time and can be edited whenever the user wants.
Boot sector virus
A boot sector virus usually spreads via infected floppy disks. When a user unintentionally leaves the infected disk with a boot sector virus, the boot sector of the userīs local drive (C:\) will also be infected. Boot sector viruses simply take up memory space or may contain a malicious load. The simplest method to avoid Boot sector viruses is to alter the CMOS settings to boot from the local C:\ drive first, rather than from floppy.Bug
A fault in a computer system, usually associated with software.C
Cavity infector
Searches for a suitably sized hole or gap in the target file, then insert its code without increasing the length of the file, but preserving its functionality. It alters the programīs entry point so the virus code runs first or makes whatever changes to the host to gain control. This gives the virus a chance to copy itself elsewhere in the memory before the host file uses the data area overwritten by the virus. One of the first parasitic file infectors Lehigh, was a Cavity virus.Command-line scanner
A powerful scanner that disinfects malicious viruses, worms and trojans in all major file types. Command-line scanner is commonly used for Unix based platforms.Customer number
A number preserved for customers to access their F-Prot Antivirus products on our website.D
Disinfection
Cleaning or deleting a virus infection.Downloader
A program that downloads another program, usually a virus or other malware, and runs it.Dropper
A program that installs a virus without being infectious itself.E
EICAR
EICAR is a product of the European Institute for Computer Antivirus Research and is a special test file. This dummy file is detected by antivirus products exactly as if it were a virus. Naturally, the file is not a virus. When executed, EICAR.COM will display the text 'EICAR-STANDARD-ANTIVIRUS-TEST-FILE' and exit.Executable files
A file in a format that the computer can directly execute. Executables in DOS and Windows usually have a .exe or a .com extension.F
False positive
If it is claimed that a suspicious object is found when in reality it is clean, a false positive is said to have occurred. This problem is usually fixed in the next virus signature file release.File Virus
A file virus inserts its code into executable files. When the infected file is being accessed, the virus may overwrite the entire file. Overwriting viruses cause permanent damage to the content of the overwritten files. Infected files cannot be disinfected and instead must be deleted and restored from backup. The most infamous example is "Loveletter", which is operated as an e-mail worm, file virus, and Trojan downloader. File-infecting viruses have targeted a range of operating systems, including Macintosh, UNIX, DOS, and Windows.Firewall
A software and/or hardware used to prevent unauthorized access from a computer system or network of computer systems.H
Heuristic scanner
A scanning technique that looks for patterns, activities or suspicious code that may indicate a new virus. Most leading antivirus packages incorporate a heuristic scanning technique to detect new or previously undetected viruses in the wild.Heuristics analysis
Analysis instructions contained within a program or macro to determine whether the program is likely to be a virus.Hoax
Hoax warnings are typically scare alerts started by malicious people and passed on by innocent users who think they are helping the community by spreading the warning. If you receive a warning about a security threat, please look into it further before you forward it to other users.I
Internet worm
Unlike a virus, an Internet worm does not infect other files. It creates copies of itself over and over again until it exhausts system resources. The best known Internet worm was "Loveletter", which was actually a mixed threat: a mass-mailing Internet worm, an overwriting file virus, and a password-stealing Trojan.M
Macro virus
Basically, macro viruses reside in documents from languages like Visual Basic, Microsoft Office and most commonly Word and Excel. Just like any other viruses, loss of critical data is the common effect.Malware
Software that includes any threatening programs that are meant to be destructive, such as viruses and worms.Mass-mailer
Mass mailers are worms that attach themselves to malicious e-mail sent automatically to contacts in an address book or corresponding list. Mass mailers often harvest these e-mail addresses from the hard drives of infected computers. Typically a mass mailer arrives at a computer attached to an e-mail message. In some cases such an infected attachment can start automatically, in other cases a user has to run the attachment in order to become infected.Memory resident virus
A virus that stays in memory after the host program is executed and has been terminated. In contrast, viruses that are not memory resident are only activated when an infected application runs.Multipartite virus
Infects both program and files, master boot records, boot sector and it must be cleaned away. Use a clean, write-protected boot disk to boot your system from drive A:\ to make sure that it is being cleaned.O
P
POP3
Post Office Protocol Version 3 (POP3) is a standard protocol used to allow users to download their e-mail from the mail server to their computer.Phishing
The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has.Polymorphic virus
A type of virus that changes its code segments so that it "appears" different from one infected file to another, thereby making detection more difficult.Proxy server
A server that acts as an intermediary between a computer and the Internet to ensure security, administrative control,and caching service. Caching speeds up Internet access. If an Internet site is frequently requested, it is kept in the proxy's cache, so that when you request it again, it is delivered directly from the proxy's cache instead of from the original Internet site.
R
Real-time Scanner
One of the scanning options that only operates in the background. It automatically monitors the computer system to provide high security against unknown threats. The Real-time Scannerīs uses minimal memory usage allows users to continue working at a normal speed.Replication
Replication is a well-known behavior of a virus. It allows plenty of time to replicate before it activates.Rootkit
Software that conceals logins, processes, files, logs or system data. Rootkits are often used to hide malware or other unwanted processes that are installed on, or operating on a system.S
SMTP
Simple Mail Transfer Protocol (SMTP) is a protocol used in sending and receiving e-mail. Most e-mail systemsthat send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an e-mail client using either POP3 or IMAP.
Scan engine
Software that scans computer systems for security threats such as viruses and worms. Antivirus scan engines use virus signature files to receive updates on the latest security threats. Antivirus scan engines also need to be upgraded once in a while.Scanner
A virus detection program that searches, prevents and removes any malicious code on your system. See also Antivirus.Spam
Spam is unsolicited junk e-mail. From the sender's point of view, it is a form of bulk mail. To the receiver, it is usually considered to be junk e-mail. It's roughly equivalent to unsolicited telephone marketing calls except that the user pays for part of the message since everyone shares the cost of maintaining the Internet. Spammers typically send an e-mail to a distribution list with millions of addresses, expecting only a tiny number of readers to respond to their offer. Spam has become a major problem for all Internet users.Stealth virus
A virus that hides itself in the boot sector so it remains undetected, making it difficult to disinfect. It has the ability to alter data to hide the virus by intercepting the boot sector.Subscription
An agreement giving the subscriber an official permission to use F-Prot Antivirus products and for virus signature files updates and software upgrades.T
Time bomb
A time bomb uses some specific date or time to trigger the activation.Trojan
A Trojan is a program made to appear harmless in order for users to be duped into installing it, or is installed without their knowledge.U
Updater
A component of F-Prot Antivirus that handles the virus signature file updates and software upgrade.V
Virus
A virus is a piece of programming code, usually disguised as something else, that causes some unexpected and usually undesirable event. A virus is often designed so that it is automatically spreads to other computer users. Viruses can be transmitted as attachments to e-mail messages, as downloads, or be present on a diskette or CD. The person from whom the e-mails appear to be sent, or from whom the downloaded files or diskettes originate, is often unaware of the virus. Some viruses wreak their effect as soon as their code is executed; other viruses lie dormant until circumstances cause their code to be executed by the computer. Some viruses are playful in intent and effect ("Happy Birthday, Ludwig!") and some can be quite harmful, erasing data or causing your hard disk to require reformatting.Virus signature files
Antivirus scanning engines rely on virus signature files to feed them information on new security threats. Virus signature files are usually updated at least once a week.W
Whitelist
A whitelist is a list of e-mail addresses or domain names from which spam filters will allow messages to be received. The list can be gradually compiled over a period of time, and can be edited whenever the user wants.Windows Management Instrumentation
Windows Management Instrumentation (WMI), is a set of extensions to theWindows Driver Model. WMI provides an operating system interface through which instrumented components can provide information and notification.
Worm
Worms are malicious programs that copy themselves from system to system, rather than infiltrating legitimate files. Worms are often mass mailers.Z