Terminology

 

ActiveX Controls

A type of web browser plug-in that allows users to view and use interactive content on a website. ActiveX Controls are dedicated for use with Microsoft's web browser, Internet Explorer.

ActiveX Controls are generally used to enhance the user's online browsing experience. They may however pose a threat if:

• They (deliberately or unintentionally) cause harm to the user's machine or data AND
• The security settings on the user's web browser's security settings allow them to be automatically and silently installed OR
• The user installs the plug-in without fully understanding the threat it may pose

As ActiveX Controls are able to access the hard disk and have a significant amount of control over system operations, malicious ActiveX Controls can be a significant security risk if they are successfully implanted on the computer.

Generally, maintaining high security settings on the web browser and exercising due caution when browsing websites is sufficient to prevent unwanted or undesirable ActiveX Controls from accessing the computer. Certain webpages may require the user to download and install customized, third-party ActiveX Controls from the website itself in order to view them correctly.

 

 

Alternate Data Stream

An extension to Microsoft's Windows NT File System (NTFS) that provides compatibility with files created using Apple's Hierarchical File System (HFS).

Applications must write special code if they want to access and manipulate data stored in an alternate stream. Some applications use these streams to evade detection.

 

 

Antispyware

A program that scans the computer system for spyware programs. Most anti-spyware programs include disinfection/removal functionality in order to uninstall any spyware found on the system.

An anti-spyware program may be a standalone application, though nowadays many anti-virus programs also include anti-spyware functionality.

 

 

Antivirus

A program that scans for and identifies malicious files on a computer system.

An antivirus program's core is the scanning engine, the module responsible for scanning every file on the computer system to find supicious or malicious files.

The scanning engine works in tandem with the program's antivirus database, a collection of virus signatures that identify known malicious files. During the scanning process, the scanning engine compares to each scanned file to those in its database. If a match is found between a virus signature and a scanned file, the file is considered malicious.

 

 

Antivirus Database

A collection of virus detections or signatures used by an antivirus program during its scanning process to identify malware.

When scanning a computer for malicious programs, an antivirus program compares each file inspected against the virus signatures in its database; if a match is found, this indicates that the file is shares enough similarities with a known malware to be flagged.

Because this type of analysis depends on the antivirus program having an accurate signature with which to perform a comparison, it is known as signature-based detection.

As new malware is constantly being created, new virus signatures must continually be added to antivirus databases to identify these new threats. An antivirus program is therefore most effective if its antivirus database contains the latest updates.