O'Reilly logo

Windows Vista Security: Praxisorientierte Sicherheit für Profis by Marcus Nasarek

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

520
|
Chapter 15: Protecting Your Computer with Windows Defender and Windows Firewall
emulate the beginning lines of code executed by a program to identify the program’s
behavior as self-modifying, or it may use a similar technique to discover that a pro-
gram is looking for other executable files. In either case, the antivirus program may
flag the file as a virus. Heuristic filters employ replicable methods to study, ascer-
tain, or identify viruses through their perceived behavior.
Sandboxes emulate an operating system and allow code to run in a simulated envi-
ronment. When the code runs, the antivirus program analyzes the emulated operat-
ing system for changes that are perceived as a virus. These types of analysis require
sophisticated programs and use large amounts of computer resources to run. These
features lend themselves to finding new viruses and keeping them out of the user
environment, but they do not lend themselves to real-time analysis, requiring the
antivirus program to run either as a managed background process or during off-peak
usage times.
Each process lends itself to different types of virus identification and removal pro-
cesses. Not all antivirus programs use the same methods of identification; therefore,
it is often a good idea to use multiple antivirus solutions to identify viruses on your
computer. No one antivirus program can identify and eliminate all viruses. Take the
time to research the different antivirus programs available, including free scanners
online, to help identify and eliminate viral code from your computer.
Understanding Spyware
Spyware falls into a broad category of software designed to gain control of a com-
puter without the user’s consent. As the name suggests, the program loaded onto the
computer spies on the user, and the industry has come to realize that spyware also
allows a remote user to control how the computer operates. Sometimes spyware only
offers the data housed on the computer for use in spying on a user’s habits. Some
companies use this data for targeted advertising or to manipulate content based on
the user’s browsing habits.
Spyware watches what you do on your computer and sends the data over the Internet
to a collection point for future use. Sometimes these collection points are data ware-
house computers that let marketing groups purchase browsing habits to begin an
advertising campaign based on the way you and other people browse the Web,
thereby allowing them greater financial gain. Some types of spyware will attempt to
record your keystrokes in the hopes of getting personal information for monetary
gain. These programs try to intercept any usernames, passwords, or credit card infor-
mation you use while online, and they are the most dangerous type of spyware.
Other spyware programs monitor the use of web sites on the compromised com-
puter. They then attack you with a barrage of pop-up windows. Some simply begin
popping up advertisements of competitor web sites in the hopes of gaining advertis-
ing dollars through your clicking on the advertisements. Most of these types of pro-
grams fall into a category called adware. Not all pop-up windows are associated with

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required