User Manual

ManualsBrandsESET ManualsComputing & Network ProductsCyber Security PRO Antivirus for Mac, 1 Year, 3 Users

Adware itself is not dangerous, users may only be bothered by

the advertisements. The danger lies in the fact that adware

may also perform tracking functions (as spyware does).

If you decide to use a freeware product, pay particular

attention to the installation program. The installer will most

likely notify you of the installation of an extra adware

program. Often you will be allowed to cancel it and install the

program without adware.

Some programs will not install without adware, or their

functionality will be limited. This often means that adware

may access the system in a “legal” way, because users have

agreed to it. In this case, it is better to be safe than sorry. If

there is a file detected as adware on your computer, it is

advisable that you delete it, since there is a high probability

that it contains malicious code.

12.1.6 Spyware

This category covers all applications which send private

information without user consent/awareness. Spyware uses

tracking functions to send various statistical data such as a list

of visited websites, email addresses from the user‘s contact

list, or a list of recorded keystrokes.

The authors of spyware claim that these techniques aim to

find out more about users’ needs and interests and allow

better-targeted advertisement. The problem is that there is no

clear distinction between useful and malicious applications

and no one can be sure that the retrieved information will not

be misused. The data obtained by spyware applications may

contain security codes, PINs, bank account numbers, etc.

Spyware is often bundled with free versions of a program by

its author in order to generate revenue or to offer an incentive

for purchasing the software. Often, users are informed of the

presence of spyware during a program‘s installation to give

them an incentive to upgrade to a paid version without it.

Examples of well-known freeware products which come

bundled with spyware are client applications of P2P (peer-to-

peer) networks. Spyfalcon or Spy Sheriff (and many more)

belong to a specific spyware subcategory, they appear to be

antispyware programs, but in fact they are spyware programs

themselves.

If a file is detected as spyware on your computer, we

recommend deleting it, since there is a high probability that it

contains malicious code.

12.1.7 Potentially unsafe applications

There are many legitimate programs whose function is to

simplify the administration of networked computers.

However, in the wrong hands they may be misused for

malicious purposes. ESET Cyber Security provides the option

to detect such threats.

Potentially unsafe applications are typically commercial,

legitimate software. This classification includes programs such

as remote access tools, password-cracking applications, and

keyloggers (a program that records each keystroke a user

types).

12.1.8 Potentially unwanted applications

Potentially unwanted applications are not necessarily

intended to be malicious, but may affect the performance of

your computer in a negative way. Such applications usually

require consent for installation. If they are present on your

computer, your system behaves differently (compared to the

way it behaved before their installation). The most significant

changes are:

new windows you haven’t seen previously are opened

activation and running of hidden processes

increased usage of system resources

changes in search results

applications communicate with remote servers

12.2 Types of remote attacks

There are many special techniques that allow attackers to

compromise remote systems. These are divided into several

categories.

12.2.1 DoS attacks

DoS, or Denial of Service, is an attempt to make a computer or

network unavailable for its intended users. The

communication between afflicted users is obstructed and can

no longer continue in a functional way. Computers exposed to

DoS attacks usually need to be restarted in order to work

properly.

In most cases, the targets are web servers and the aim is to

make them unavailable to users for a certain period of time.

12.2.2 DNS Poisoning

Using DNS (Domain Name Server) poisoning, hackers can trick

the DNS server of any computer into believing that the fake

data they supplied is legitimate and authentic. The fake

information is cached for a certain period of time, allowing

attackers to rewrite DNS replies of IP addresses. As a result,

users trying to access Internet websites will download

computer viruses or worms instead of their original content.

12.2.3 Port scanning

Port scanning is used to determine which computer ports are

open on a network host. A port scanner is software designed

to find such ports.

A computer port is a virtual point that handles incoming and

outgoing data; this is crucial from a security point of view. In a

large network, the information gathered by port scanners may

help to identify potential vulnerabilities. Such use is legitimate.