Antivirus- Know how

What is Virus?

They are small pieces of computer software which is deliberately designed to infect and harm computers. Usually viruses have a very small footprint and can remain undetected for a long time. They maybe time activated or event driven and can also be programmed to erase or damage the data. A virus is most commonly spread by human action and will continue to spread by sharing files from an infected system via USB drives, CDs, e attachments etc.

What is Worm?

A computer worm is a standalone malicious program which replicates itself in order to spread. Worm has the capability to propagate without any human interaction. It can spread via computer networks causing widespread damage. They can slow down web servers, flood communication lines and cause massive system crashes and email spam.

What is the difference between a Virus and a Worm?

Basically a virus is a set of code which attaches itself into existing files and replicates and spreads from file to file on a system whereas a worm is a separate file which replicates but does not infect other files. A worm is a special subset of virus which replicates itself and spreads via computer network or emails. A virus needs a host program through which it can spread as an attachment. The longer a virus remains in a system, the greater the number of files it affects. Worms spread at a very fast rate and usually can infect a large number of systems connected through a single network in a matter of seconds.

What is Trojan?

Trojans come disguised as videos, pictures or other software packages. They are installed without the users’ knowledge and cause harm to the system. They can be programmed to monitor keystrokes, steal user’s personal/confidential information and can also convert a computer into a Spam distribution machine. 

What is a DOS attack?

A Denial of Service (DOS) attack on a network is designed to impede the normal functioning of computers/servers by flooding the communication channels with useless traffic. They make the Servers run unusually slower and even may lead to system/website crashes.

What is a DDOS attack?

A Distributed Denial Of Service (DDOS) Attack is very similar to a DOS attack, the only difference is that it involves multiple compromised systems which are infected with some Trojan to target a single system.

What is a Key logger?

Keyloggers are surveillance software which can record and keep a log of every key the user presses. They can be misused by hackers to gain access to your confidential data such as PINs, passwords, Credit Card Numbers, Bank details etc. 

What is Spyware?

Spyware is installed in a computer to gather information secretly. They can track the users browsing habits/history; gather email addresses and can also act as keyloggers.They can even sniff network traffic to siphon off sensitive data which has been transmitted and cause adversely negative impact on systems’ performance.

What is Adware?

Adware refers to malicious software that presents unwanted advertisements (generally as popup) to the user. They usually hijack the web browser while disguised as a useful looking toolbar and change the homepage without the users’ permission. 

What is internet phishing?

Phishing is a type of fraud in which the user is tempted to go to a fake webpage (which appears legitimate) through an email or a popup link where they are asked to update personal information, such as a password, credit card, social security number, or bank account numbers, that the legitimate organization already has. This way the hacker can guile the user to disclose personal/confidential information unknowingly.

What are Rootkits?

A rootkit is a secret computer program designed to provide continued privileged access of a computer to the hacker. Originally a rootkit is a collection of tools that enabled administrator-level access to a computer or network which is called “backdoor access”. Which can result into anything from stealing of valued information or data, malfunctioning, slow down to change in behavior of the PC in any manner etc. Root kits generally cover themselves very deep inside the system (even before the OS) and are very difficult to detect.

What is Malware?

Malware or Malicious software is any kind of unwanted software that is installed without consent of the user. They are generally designed to perform unauthorized/unwanted actions. Malware is an umbrella term for all the hostile/intrusive software out there such as Virus, Worm, Trojan, Spyware, adware, etc.

What could be the symptoms of a possible Virus infection?

There can be many symptoms of a virus infection, but they do not affirm that the computer has actually been infected because some symptoms can also relate to software/hardware problems as well. A virus infection may manifest itself in one or more of following ways:

·         Computer starts “freezing”, becomes “unusually slow” or even “hangs” often

·         Strange behavior such as unexpected sounds, notifications, error messages, popup etc.

·         Files shift from their original location to some other folders on their own

·         Web Browser behaves erratically

·         Programs (like Media Player) start on their own

·         Strange emails are being sent from your account without your knowledge.

Note: If you notice one or more of the above symptoms, we highly recommend you to Scan your system with ProDot Antivirus today.

I received an email with a strange attachment, could it contain a virus?

Yes, it could be a virus. We strongly advise against opening any attachments that you do not recognize.

What is Antivirus software?

Antivirus is a computer program which is designed to proactively protect your computer against malware. They effectively defend, disarm and remove Virus, Trojan, Worm, etc. 

What is Real-Time Protection?

The real-time protection system present in ProDot Antivirus is known as Patrol. Patrol detects viruses and other malicious programs "at the moment", effectively blocking them even before they enter into the operating system or its files. Patrol tracks running processes and thus ensures reliable prevention from infection. By default, the Patrol is automatically activated every time you start ProDot Antivirus. This is a very important component of the software.

What is Firewall?

Firewall is an interface between the Internal Network (Home or Corporate Network) and the Internet. They are designed to filter out all the unwanted data or “Packets” which may cause harm to your Computer.

What is a File Shredder?

It is a software utility used to permanently delete files from your system. Files deleted using a shredder cannot be recovered.

What are parental controls?

Parental controls are designed to safeguard your children against internet threats. 

What is password manager?

Password Manager is used to create a repository for all your credentials managed by a single master password. The passwords are heavily encrypted and are accessible only by you.

How do I create a strong password?

A strong password consists of a combination of UPPERCASE, lowercase, numeric (123214), and Symbolic (! @#$ %^) characters. 

What is System Cleaner?

It is a utility which is used to optimize and speed up your system by deleting unnecessary files which take up space.

What is a virtual Keyboard?

Virtual keyboards are used to protect the user against the Keylogger threats, as mentioned above.

What is Duplicate File Finder?

It is used to detect multiple instances (Clones) of the same file. This way you can free up disk space by deleting the “Clones” of your files.

What is Startup Manager?

Startup Manager is used to enable/disable the automatic startup of third party applications (Software which activates once the Windows™ boots).

What is Task Manager?

Task Manager is used to terminate the applications which become unresponsive or make your computer slow.

How can I protect against root kit infection?

Install an Antivirus with anti-malware and anti-root kit features and always keep them activated and updated.

Install a firewall that will protect against unauthorized access to your computer.

Always ensure that the applications installed on your computer should be up-to-date and make sure to install any security updates or patches supplied by manufacturers of the specific application.

How to identify a phishing e-mail?

Company - These e-mails are sent out to thousands of different e-mail addresses and often the person sending these e-mails has no idea who you are. If you have no affiliation with the company the e-mail address is supposedly coming from, it's fake.

Spelling and grammar - Improper spelling and grammar is almost always a dead giveaway. Look for obvious errors.

No mention of account information - If the company really was sending you information regarding errors to your account, they would mention your account or username in the e-mail.

Deadlines - E-mail requests an immediate response or a specific deadline.

How can I protect against phishing?

Keep antivirus up to date – One of the most important things you can do to avoid phishing attacks is keep your antivirus software up-to-date because most antivirus vendors have signatures that protect against some common technology exploits. If your antivirus software is not up-to-date, you are usually more susceptible to attacks that can hijack your Web browser and put you at risk for phishing attacks.

Do not click on hyperlinks in e-mails – Never click on any hyperlink in an e-mail, especially from unknown sources. You never know where the link is going to really take you or whether it will trigger malicious code. Some hyperlinks can take you to a fake HTML page that may try to scam you into typing sensitive information. If you really want to check out the link, manually retype it into a Web browser.

Verify https (SSL) – Whenever you are passing sensitive information such as credit cards or bank information, make sure the address bar shows "https://" rather than just "http://" and that you have a secure lock icon at the bottom right hand corner of your Web browser. You can also double-click the lock to guarantee the third-party SSL certificate that provides the https service.

Don't enter sensitive or financial information into pop-up windows - A common phishing technique is to launch a bogus pop-up window when someone clicks on a link in a phishing e-mail message. This window may even be positioned directly over a window you trust. Even if the pop-up window looks official or claims to be secure, you should avoid entering sensitive information because there is no way to check the security certificate. Close pop-up windows by clicking on the X in the top-right corner. Clicking cancel may send you to another link or download malicious code.

Deadlines - Be doubtful of emails with urgent requests for personal financial information and delete them. Many fake emails use strong and often threatening language to convince you that something bad will happen (i.e., your account will be shut down) if you do not click the provided link immediately and update or validate your account information.

Regular checking - Log in regularly to check your online accounts. It's wise to check your accounts at least once a week. If you don't check them very often, you may allow criminals a lot of time to do damage before you realize it.

Safeguard your online activity - You should always log out of an online banking session anytime you step away from your computer. And, be sure to shut off or disconnect your computer from the Internet when not in use.

Protect your online identity - If you use a computer with public access, such as in a library or Internet cafe, please ensure that any User IDs and passwords you enter are not saved on that computer. You should also delete all temporary internet files and clear all history as well as cookies of the browser after use.

What is internet pharming?

Pharming is a form of online fraud very similar to phishing as pharmers rely upon the same bogus websites and theft of confidential information. However, where phishing must entice a user to the website through ‘attraction’ in the form of a phony email or link, pharming re-directs victims to the bogus site even if the victim has typed the correct web address. This is often applied to the websites of banks or e-commerce sites.

How can I protect against pharming?

You can check the website URL. Always ensure that, once the page has loaded, that the URL is spelt correctly and hasn’t redirected to a slightly different spelling, perhaps with additional letters or with the letters swapped around.

One of the biggest fears is that pharmers will attack major banking services or e-commerce sites. When you reach the payment point or the point wherein you are asked to type in banking passwords and usernames, ensure that the http has changed to https, as the ‘s’ stands for secure. You can also use Virtual keyboard of the particular banking website if available. To enter your credentials keep your anti-virus software and browser up to date this can also help to protect against pharming instances, especially when you enter an unsecured site without realizing.

What is a key-logger?

A key logger also known as keystroke logger is software or hardware device which monitors each and every key typed by you on your keyboard. It can be used by parents to keep eye on their children or company owner to spy on their employees. Most key loggers allow not only keyboard keystrokes to be captured but also are often capable of collecting screen captures from the computer. Normal key logging programs store their data on the local hard drive, but some are programmed to automatically transmit data over the network to a remote computer or Web server. Key loggers are sometimes part of malware packages downloaded onto computers without the owners' knowledge.

How can the computer get infected by a key-logger?

By using an infected USB device.

By downloading cracks or key gens from internet. These files often contain viruses or key loggers.

By installing games or software from unknown publishers.

By downloading and installing programs from torrents.

By visiting a website that exploits some browser vulnerability, this usually happens when you are using an outdated browser or have outdated plug-ins in a browser, or your operating system is not up-to-date with the latest security patches.

How can I protect against key loggers?

Key logger can be used by cyber criminals to get sensitive information such as your Bank credit card details, or password of any social networking sites etc. In order to be safe keep following points in your mind:

• Never use your online banking from cyber cafe. If you want to use then clear all the details of your username and password and clear the browser history as well as browser cookies.

• You can even use above method to protect your Facebook profile, yahoo or Gmail id.

• When you enter cyber cafe make sure that no hardware device is attached to keyboard wire.

• Stop downloading suspicious things from unknown software developers. Only install something when you really need it and don’t risk your security for the next calorie counter or YouTube downloader. A great way to way to bypass this problem is to find a web based software alternative that you don’t have to install on your computer.

• Key loggers works by recording the keys pressed on the keyboard. You can bypass this system by using the mouse to write the important information through On-Screen keyboard.

What is Man-in-the-browser attack or Man-in-the-middle attack?

A man-in-the-browser attack is a threat that is capable of stealing login credentials, account numbers and various other types of financial information. The attack combines the use of Trojan horses which has been attached on your browser with a unique phishing approach to indicate a window that overlays the browser on a given computer and whenever you visit any banking website or any payment gateway site it activates and simply captures data as the user enters it. The user is completely unaware of that the data is being hijacked, since he or she is interacting with a legitimate site. The attack does not interfere with the transaction in any way at this point.

How can I protect against Man-in-the-browser attack?

Install an Antivirus with anti-malware and anti-spyware features and always keep then activated and updated.

Always ensure that the applications installed on your computer as well as you operating system should be up-to-date and make sure to install any security updates or patches supplied by manufacturers of the specific application.

Be alert when online. If you’re asked to fill in more fields on a form than usual, or to enter information your bank or other sites normally don’t ask (especially for a “new security feature”), or if you’re asked to enter your password more frequently, these should raise some red flags. So please don’t enter any of your personal/confidential information.

What is false positive?

A false positive occurs when a virus scanner certifies a file as a virus when it is not. This can occur due to a faulty signature in the file which matches the same pattern contained in a virus signature.

What is false negative?

A false negative is complete opposite to a false positive. A false negative occurs when a virus scanner fails to detect a virus in an infected file. The antivirus scanner may fail to detect the virus because the virus is new and no signature is yet available, or it may fail to detect because of configuration settings or even faulty signatures.

What is boot time scanning?

In our computer there are several essential files like boot files, windows system filesand start up files which are responsible for computer booting and applications startup. The antivirus scans all these files before the operating system fully loads up, quickly and efficiently to ensure that your operating system is virus free.

What is an Email scanner?

Email scanner checks all incoming and outgoing mails for malwares and any other threats enabling safe and secure e-mail communication. So that you can communicate through mail securely.

What is Heuristic analyzer?

Heuristic analyzer is an advanced technology of virus detection which detects infections through the behavior of the filesnot by the database. It allows detecting objects which are suspicious and being infected by any unknown or new modification of known viruses. Files which are found by heuristic analyzer are considered to be probably infected.

How your credit card details can be stolen or your online banking account can be accessed?

By entering your personal and banking data on a fake website – By clicking on the link in a phishing e-mail, by accidentally mistyping the web address of your bank or being redirected to a fake website using an unsafe connection.

By visiting a legitimate but compromised website.

By using an infected PC – Malicious programs can redirect to a phishing web site, steal passwords and credit card data stored on your hard drive and can intercept the information exchanged with your bank.

By intercepting what you type on keyboard – malwares and key loggers

How to bank online safely?

Criminal gangs are constantly inventing new ways to try and get their hands on your money, but you can help keep the cash in your bank account safe and reduce your chances of becoming a victim of fraud by following these simple steps:

1) First of all, make sure your computer or laptop is protected with a good security software program and anti-virus software. Keep them all, along with your browser, up-to-date.

2) Different banks have different security measures for online banking but if you have to set up a password, make sure it is a mixture of letters and numbers and is different from an email password. If you access your email from an insecure computer, scammers could steal your password details and use them to access your account. Also, don't write your passwords down in full or share them with anyone. Always change your password at least once in a month and remember it.

3) Never disclose personal details, such as your password, on email or over the phone unless, of course, it is one you have agreed with your bank for telephone banking.

4) However, if you received a call, or email, from your bank which you weren't expecting treat it with suspicion, regardless of the apparent name of the organization contacting you. Never follow a link from an email purporting to be from your bank or open an email from an unknown source as it may contain a virus.

Action point: If you receive a suspicious email, known as a phishing email, purporting to be from your bank report it to Action Fraud using its online tool while you can also inform your bank direct.

5) Before entering your account details into a website, make sure there is a padlock symbol in your browser and that the web address changes from starting with 'http' to 'https' - this means the connection is secure.

6) If you have a wireless network at home, make sure you have activated the security settings on your wireless router to make it secure and prevent others accessing it.

7) Avoid accessing your bank account from a public computer or unsecured wireless network. If you do use a public computer, never leave it unattended when logged in and always log out properly when you've finished your banking session.

8) If you experience any problems logging on, telephone your bank, don't send an email. 9) Avoid posting personal information like your email address, date of birth and phone number on social network websites like Face book and Twitter. Only accept friend requests from people you know. Someone posing as an interesting person asking to become friends may actually be an ID thief. Check your privacy settings carefully and make sure only people you trust can view your profile.

10) Regularly check your bank account and credit card statements for suspicious transactions. If you spot something unfamiliar, report it to your bank or card provider as soon as you can.

Salient features of PAV & PMS.

1) Auto Root kit scan

How root kit infects your PC?

Root kit virus is a virus attachment to any file, folder, cracks, key gens and torrents which downloaded from unknown sources.

How root kit works?

It works in your PC as an undercover (hidden) agent, programmed to modify the administrative rights to give backdoor access of your PC to the hacker through internet. Which can result into anything from stealing of valued information or data, malfunctioning, slow down to change in behavior of the PC in any manner etc.

Auto Root kit scanner detects all the root kits in real time patrolling so that no root kit virus infects your computer and data and keeps your computer safe from unauthorized access.

2) Boot time scanning

In our computer there are several essential files like boot files, windows system files, start up files and start up services which are responsible for computer booting and applications startup. ProDot antivirus scans all these files during operating system booting quickly and efficiently to ensure that your operating system is virus free.

3) Smart firewall (Automatic & interactive)

What firewall does?

A Firewall monitors network traffic and works automatically allow applications access to outbound or inbound connections.

What additional ProDot Antivirus firewall does?

ProDot Smart Firewall monitors network traffic and automatically allows applications access to internet outbound connections which prevents external attacks and protects system against malicious attempts to take control over it but it also gives you the option to configure the firewall manually according to your needs.

Smart firewall scans all the applications installed in your computer and windows processes to protect you from any intrusion or infection.

4) Web filter

What a web filter does?

Web filter in ProDot Antivirus scans all the websites and check for harmful threats & malwares and also blocks the content.

With web filter you can also block any http website manually (not https as they are already secured) on your computer to restrict the access of that website.

5) Email scanner/ Anti-spam

Mail filter in ProDot Antivirus checks all incoming and outgoing mails for malwares and any other threats enabling safe and secure e-mail communication. So that you can communicate through mail securely.

6) Heuristic analyzer

Heuristic analyzer is an advanced technology of virus detection which detects infections through the behavior of the files. ProDot Antivirus Heuristic Analyzer allows detecting objects which are suspicious and being infected by any unknown or new modification of known viruses. Files which are found by heuristic analyzer are considered to be probably infected.

ProDot Group ©2013. Powered by Arraymultimedia Pvt. Ltd.