Basic steps to protect you from viruses
Tips for all users
Basic steps to protect you from viruses
1 - Use your antivirus correctly and make sure to update it regularly.
2 - Install a reliable firewall, important if you are outside of ITQB. You cant use a free personal firewall for Windows non-Microsoft, see more info here: Personal Firewall .
3 - Make regular back-up copies of your system files.
4 - Update software applications with manufacturers patches.
5 - Always act with caution when reading e-mail and handling suspicious files.
VĂrus Glossary
The technical terminology used in virus alerts and descriptions can be confusing. The glossary below contains definitions for some of the most common terms.
Adware
A legitimate, non-replicating program designed to display ads to the end-user, often based on monitoring of browsing habits. Often adware contains spyware in order for the program to know which advertisements to display based on the current user’s preference. Adware displays ads often in exchange for the right to use a program free of charge (a variation on the shareware concept).
Backdoor
A program that opens secret access to systems, and is often used to bypass system security. A Backdoor program does not infect other host files, but nearly all Backdoor programs make low-level operating system modifications (i.e. it makes changes to the registry). Backdoors usually hitch a ride in on trojans. Once they are in place and they have executed, they hide themselves while opening a port on your computer to allow others in. Some backdoors are placed by hackers once they gain access allowing themselves easier entrance later, or if their original entryway is blocked.
Blended Threat
A virus which uses multiple infection techniques. This may include the exploitation of various program vulnerabilities, incorporation of trojan behavior, file infection routines, Internet propagation routines, network share propagation routines, and spreading without any human intervention.
Keylogger
A trojan that, upon execution, logs every keystroke or activity in a system. Although they are similar to third-party parenting/monitoring software, some keyloggers actually employ the same techniques as parenting/monitoring software to gather valuable data such as usernames, passwords, and personal information from unsuspecting users.
Macro Virus
A "macro" is a saved set of instructions that users may create or edit to automate tasks within certain applications or systems. A Macro Virus is a malicious macro that a user may execute inadvertently and that may cause damage or replicate itself. Some macros replicate, while others infect documents. Unlike other virus types, macro viruses aren't specific to an operating system and spread with ease via email attachments, floppy disks, Web downloads, file transfers, and cooperative applications. Macro viruses are typically written in Visual Basic and are relatively easy to create. They can infect at different points during a file's use (for example, when a file is opened, saved, closed, or deleted).
Malware (Malicious Software)
Programs that are intentionally designed to perform some unauthorized (and often harmful or undesirable) act such as viruses, worms, and trojans.
Polymorphic Virus
A virus that contains a special routine that changes parts of the virus code with each replication to evade detection by antivirus software.
Spyware
A software program that monitors a user’s computing habits and personal information and sends this information to third parties without the user’s authorization or knowledge.
Trojan (Trojan Horse)
A program or a part of program code that performs unexpected or unauthorized, often malicious, actions. The main difference between a trojan and a virus is the Trojan's inability to replicate. Trojans cause damage, unexpected system behavior, and compromise the security of systems, but do not replicate. If a malicious program replicates, then it should be classified as a virus. A Trojan, coined from Greek mythology's Trojan Horse, typically comes in good packaging but has some hidden malicious intent within its code. When a Trojan is executed users will likely experience unwanted system errors, problems in operation, and sometimes loss of valuable data.
Virus
A program or a part of program code that replicates - that is, "infects" another program, boot sector, partition sector, or document that supports macros, by inserting itself or attaching itself to that medium. Most viruses only replicate, though, many do a large amount of damage as well.
Worm
A self-contained program (or set of programs) that is able to spread functional copies of itself or its segments to other computer systems. The propagation usually takes place via network connections or email attachments. The worm may do damage and compromise the security of the computer. It may arrive in the form of a joke program or software of some sort.
Hoax
A chain letter that usually spreads a false virus warning.
Joke
A program with annoying or funny functionality, but it’s not destructive.
Replication mechanism
A mandatory part of every virus and worm. If it doesn’t have a replication mechanism, it’s by definition not a virus or worm.
Time bomb
Destructive action triggered at some specific date or time.
On-demand scanner
A virus scanner which is started manually.
Real-time scanner
A scanner that operates in the background, allowing a user to continue working at normal speed, with no significant slowing.
Multipartite virus
A virus composed of several parts. Every part of a multipartite virus needs to be cleaned away, to give assurance of non-infection.
Stealth virus
A virus that hides itself by intercepting disk access requests. When an anti-virus program tries to read files or boot sectors to find the virus, the stealth virus feeds the anti-virus program a clean image of file or boot sector.
On-access scanner
Real-time scanner, a background process that provides a constant guard against viruses.
Credits - SI/ITS (ITQB); Symantec Corportation; Trend Micro, Inc; Network Associates, Inc; Help Net Security; and the University of Alberta.