ActiveX
A programming framework that can be embedded into applications and is often used to display web content. Malicious code can be a part of ActiveX.
Adware
Advertising software that displays third-party ads, which can include pop-ups, banners, or links embedded within web pages. Other adware may be within applications, side bars, search bars, and search results. Adware is often bundled by downloadable applications (freeware) and may not use proper disclosures.
Adware, Low Risk
Advertising software that typically does not transmit personally identifiable information and is not considered a serious privacy risk.
Application
A set of instructions directing the computer to perform a task, which can be anything from adding two numbers and outputting the result, to the complex instructions of a computer game. An application can be safe or harmful.
Application protocol
Protocols used for the transmission of application data that are transmitted in packets. Application protocols can include SMTP, POP3, HTTP, FTP, and other custom protocols.
Backdoor
A method of bypassing normal authentication and securing remote access to a computer, while attempting to remain undetected. The backdoor may take the form of an installed application or could be a modification to an existing application or hardware device.
Bot
A computer that has been exploited by an attacker and controlled remotely for specific malicious tasks. An attacker uses a Bot to send spam, participate in a Denial of Service (DoS) attack against websites or other computers, or install adware and spyware for monetary gain.
Browser
A software application that enables a user to display and interact with text, images, videos, music, games, and other information typically located on a web page. Some examples include Internet Explorer (IE), Firefox, Opera, Netscape, and Chrome.
Browser Plug-in
A software module that works within the browser to provide additional functionality. Browser Plug-ins may be installed with adware and may redirect searches to alternate sites and search results. Many Browser Plug-ins also monitor your web surfing to facilitate targeted, contextual advertising. A toolbar is one type of Browser Plug-in.
Code Injection
A technique used to insert malicious code into a running computer process. This can be done either locally or remotely through the Internet. Locally means that an application writes malicious code into another application's address space. When run, it appears as if the host application is responsible. The malicious code is executed using a trustworthy process. Some advanced users may create exceptions to allow this to happen.
Cookies
Cookies are small text files that websites place on your computer to recognize you the next time you visit. A cookie contains information that can be used for authentication, identification of a user session, user preferences, or shopping cart contents. Cookies are not harmful to your computer, but can affect your privacy. Tracking cookies are the greatest risk to your privacy by tracking websites that you visit.
Foreign cookies
A type of tracking cookie that comes from a site other than the one that you are visiting. For example, a site you are visiting may contain third party advertising images; those images may contain a cookie that will collect information about your interaction at the site. The third party can build a profile of you from your visits to sites that contain their images.
Persistent cookies
A type of tracking cookie that expires after a predetermined time. It collects identifying information about you, such as web surfing behavior or user preferences for a specific website.
Session cookies
A cookie that is erased when the user closes the web browser. The session cookie is stored in temporary memory and is not retained after the browser is closed. Session cookies do not collect personal identifying information.
DHCP
Dynamic Host Configuration Protocol enables a network connected to the Internet to assign a temporary IP address to a host automatically when the host connects to the network.
Direction
A firewall term that refers to the flow of traffic in and out of your computer. Traffic direction can be either inbound or outbound.
DNS
Converts an easy to remember name that you would type into your browser into an IP address that is understood by computers. There is a network of Domain Name Servers that operate over the Internet, making your browsing experience possible.
Drive-by download
The act of an application being downloaded without your knowledge or consent. This can happen when you click to close or respond to a random advertisement or dialog.
Exception
An exception or rule for the firewall allowing either an application, a port, or a protocol to communicate through it.
Exploit
Malware that targets security vulnerabilities in the operating system, browser, or other applications. Exploits give the attacker complete access to and control of your computer from a remote location.
Firewall
An electronic barrier for your computer where all information coming in and going out must travel. A firewall prevents external computer systems from communicating directly with your computer. A firewall analyzes information passing between the two computers, and rejects it if it does not meet certain rules or exceptions.
High Risk
A classification of malware that can severely degrade the performance and stability of your computer. Such risks may open illicit network connections, disable security software, modify system files, and install additional malware. A high risk may also collect and transmit personally identifiable information without your consent.
ICMP
Internet Control Message Protocol is an error reporting mechanism to control the flow of network traffic over IP and UDP, ensuring that the data can be reliably delivered.
IDS
Intrusion Detection System is a firewall function that gathers and analyzes information from various areas on a computer to identify possible security breaches. An IDS can detect a wide range of hostile attack signatures.
IGMP
Internet Group Management Protocol is used for streaming video and gaming, and allows for the more efficient use of resources when supporting these types of applications.
IP Address
An identifier for a computer or device that routes electronic data.
JavaScript
A scripting language commonly used to make web pages interactive, which can contain malicious code.
Key Logger
An application that captures and logs keystrokes without your knowledge and consent. The logged data is typically sent to a remote attacker through exploits, and is often used for identity theft and bank fraud.
Known Risks
Also referred to as known threats, or knowns. A risk is "known" based on threat definitions.
Low Risk
Applications that are typically not a threat to your computer or compromise your privacy unless they have been installed without your knowledge or consent. Some Low Risk applications may track online habits or display advertising within the applications themselves. These applications have only vague, minimal, or negligible effects on your privacy.
Malware
Malicious software that has clearly hostile or harmful behavior and is used to compromise individual PCs as well as entire networks.
Operating System
The underlying software that allows you to interact with your computer. The operating system controls the computer's storage, communications, and task management functions. Examples of common operating systems include Microsoft Windows, MS-DOS, MacOS, and Linux.
Packet
A segment of data sent from one computer or network device to another computer or network device over a network. Packets may contain such information as its source, destination, size, and other useful information, enabling the packet get to its destination.
Patches
A critical update that repairs a vulnerability in the software.
Phishing
An email or instant messaging fraud in which a message is sent to a recipient falsely claiming to be legitimate in an attempt to scam the recipient into surrendering private information that will be used for identity or monetary theft.
POP3
Post Office Protocol 3 is a standard protocol for receiving email. POP3 servers use port 110. POP3 configuration is typically done from an email application.
Port
A communications endpoint for applications and processes. Ports 1-1023 are reserved for standard services and the operating system. Ports 1024-65535 can be used by any application.
Program
See Application.
Protocol
The set of rules governing the format and control of messages being sent around a network.
Proxy
A computer system or an application that acts as an intermediary for facilitating access to content on the Internet.
Rogue Security Application
A type of malware that appears like an ordinary antivirus application that attempts to dupe or badger you into purchasing the application. Rogue security applications usually pop-up on websites as intrusive warnings that claim that your computer is infected and offer to scan and clean it. These should never be trusted. Legitimate antivirus companies will NEVER use this way of "notifying" you. Some rogue security applications may install malware or even steal the credit information that you enter, possibly resulting in identity theft.
Rootkit
Software that cloaks the presence of files and data to evade detection, while allowing an attacker to take control of your computer without your knowledge. Rootkits are typically used by viruses, spyware, trojans, and back doors, to conceal themselves from virus detection software.
Rule
One or more firewall exceptions that can consist of applications, protocols, ports, and direction of traffic.
Service
An executable that performs specific functions designed not to require user intervention. A service usually starts when the Windows operating system is booted and runs in the background while Windows is running.
SMTP
Simple Mail Transfer Protocol is an Internet standard for the transmission of email.
Spam
Unsolicited commercial email that is often sent in bulk to a multitude of email accounts.
Spyware
Software that transmits information to a third party without notifying you. It is also referred to as trackware, hijackware, scumware, snoopware, and thiefware.
Surveillance
An application that monitors and captures data from a computer including screenshots, keystrokes, web cam and microphone data, instant messaging, email, websites visited, applications run, files accessed, and files shared on a P2P (peer to peer) network. Many surveillance tools can run in stealth mode, hidden from the user, and have the ability to store captured data for later retrieval by or transmission to another computer.
TCP
Transmission Control Protocol provides reliable delivery of a stream of bytes from an application on one computer to another application on another computer.
Toolbar
A type of browser plug-in that adds a third-party utility bar to a web browser. A Toolbar typically has a search function and provides search results for paid advertisers. It often has buttons that are links to advertisers web pages. An advertising toolbar may track browsing and search queries in order to display contextually relevant search results and ads.
Traces
The smallest unit of malware that is detected and can include files, folders, or Registry keys/values. A risk is made up of these smaller units.
Threat Definitions
Threat Definitions are what an antivirus tool uses to identify all sorts of malware, whether by scans, email protection, or real-time protection.
Trojan
A type of malware that is installed under false or deceptive pretenses, appearing to be completely harmless to a user but is in fact harmful containing malicious code.
UDP
User Datagram Protocol allows applications to send messages (datagrams) to other hosts on an IP network. UDP is used for transmission of DNS queries, audio files, video files, or other types of streaming media which promote speed over reliability.
Unknown
A potential risk that has yet to be established as a "known" risk by the definitions. An unknown could be safe to your computer; it just has yet to be determined to be either safe or unsafe.
VBScript
Visual Basic Scripting Edition is an Active Scripting language that talks to host applications using Windows Script, commonly used on websites. Malicious code can be a part of VBScript.
Virus
A piece of malware that can replicate itself and invade other applications or files in order to spread. Viruses typically spread when users execute infected files or load infected files from flash drives or through infected attachments and files in emails. Most viruses include a "payload" that can be anywhere from annoying and disruptive to harmful and damaging. Viruses can cause system damage, loss of valuable data, or can be used to install other malware.
VPN
A Virtual Private Network consist of nodes on a public network, such as the Internet, that communicate among themselves using encryption technology so that their messages are as safe from being intercepted and understood by unauthorized users as if the nodes were connected by private lines.
WAN
A telecommunication network that covers a broad area. Business and government entities utilize WANs to relay data among employees, clients, buyers, and suppliers from various geographical locations.
WiFi
Wireless Fidelity is a radio frequency standard that is used to connect devices, such as laptops, WiFi phones, or other portable devices together using a wireless connection.
WiFi hotspot
A venue that offers WiFi access where the public can use a laptop, WiFi phone, or other portable devices to access the Internet.
Worm
A type of malware that spreads itself without any user intervention. Worms are similar to viruses in that they self-replicate. Unlike viruses, however, worms spread without attaching to or infecting other applications and files. A worm can spread across computer networks via security holes on vulnerable devices connected to the network. Worms can also spread through email by sending copies of itself to everyone in the user's address book. A worm may consume a large amount of system resources and cause the device to become noticeably slow.
Zombie
See Bot.