CHERCHER POLYTECHNIC COLLEGE

Information Technology
Support Services Level -I

Unit of Competence: Protect Application or System Software

Module Title:Protecting Application or System Software

LG Code: ICT ITS1 M04 1019 LO1-03

TTLM Code: ICT ITSS1 TTLM 1019 v-01

PREPARED BY: Fasil Wondimagegnehu- Ethiopian TVET Trainers –ICT Department

LO1- Ensure user accounts are controlled

LO2- Detect and remove destructive software

LO3- Identify and take action to stop spam

Introduction
Page1
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

 This module is designed to provide the required
knowledge, skill and attitude to keep application or
system software working effectively. It includes
detecting and removing destructive software in
accordance with the occupational standards

Page2
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

 INFORMATION LO1
Controlling ensure user accounts
SHEET MODULE FIVE Protecting Application or System
Software

What is user account?

Definition of user account

User account is a collection of information that tells Windows what files and folders you can
access, what changes you can make to the computer, and your personal preferences, such as your
desktop background or color theme. User accounts make it so that you can share a computer with
several people, but still have your own files and settings. Each person accesses their user account
with a user name and password.

There are three different kinds of user accounts:

 Standard or Limited User

The limited account is intended for someone who should be prohibited from changing most
computer settings and deleting important files. A user with a limited account

If your account type is limited account type

You change and remove your password

Change picture, themes and other desktop setting
View file you created
View file in shared document folder
Users with a limited account cannot always install the programs to install it.
Depending on the program the users might need the administrator privileges

 Administrator User

If your account type is computer administrator

Create password and remove

Create change and delete account
Make system wide changes
Install a program and access all file

Page3
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

 Manage another user kind
Perform any task

 Guest User

 The guest account is intended for use by someone who has no user account on the
computer. There is no password for the guest account, so the user can log on quickly to
check e-mail or browse the Internet. A user logged on to the guest account:

Each account type gives the user a different level of control over the computer. The standard
account is the account to use for everyday computing. The administrator account provides the
most control over the computer, and should only be used when necessary. The guest account is
primarily for people who need temporary access to the computer.

Actions will be performed Administrator Account Limited Account

The major activities that you perform when you are doing with user account

 Create user account

 Modify user account

 Create password (strong password, weak password )

 Change password

Appropriate utilities are used to check strength of passwords and consider

tightening rules for password complexity

Page4
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

Creating strong passwords

To help keep your computer more secure, you should use a strong password. While this is a good
practice in general for all of your computer accounts, it is especially important for your network
logon and for the Administrator account on your computer.

For a password to be strong, it should:

 Be at least seven characters long. Because of the way passwords are encrypted, the most secure
passwords are seven or 14 characters long.
 Contain characters from each of the following three groups:

Group Examples

Letters (uppercase and lowercase) A, B, C... (and a, b, c...)

Numerals 0, 1, 2, 3, 4, 5, 6, 7, 8, 9

Symbols (all characters not defined as letters or `~!@#$%^&*()_+-={}|[]\:";'

numerals) <> ? , . /

 Have at least one symbol character in the second through sixth positions.
 Be significantly different from prior passwords.
 Not contain your name or user name.
 Not be a common word or name.

Passwords can be the weakest link in a computer security scheme. Strong, hard-to-guess
passwords are important because the tools and computers that people use to guess passwords
continue to improve. Network passwords that once took weeks to guess can now be guessed in
hours.

Password-guessing software uses one of three approaches: intelligent guessing, dictionary

attacks, and automation that tries every possible combination of characters. Given enough time,
the automated method can guess any password. However, it can still take months to guess a
strong password.

Windows passwords can be up to 127 characters long. However, if you are using Windows XP
on a network that also has computers using Windows 95 or Windows 98, consider using
passwords not longer than 14 characters. Windows 95 and Windows 98 support passwords of up
to 14 characters. If your password is longer, you may not be able to log on to your network from
those computers.

Operation sheet LO1

Controlling ensure user accounts

Page5
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

 MODULE FIVE Protecting Application or System
Software
OPERATION TITLE:Creating user account

PURPOSE: Understanding how to create user account

CONDITION OR SITUATION FOR THE OPERATION: The computer must be with basic software

EQUIPMENT, TOOLS&MATERIALS:Computer with peripheral devices, electric power supply/UPS/

PROCEDURE: To create user account, follow the following procedure:

1. Click Start, and then click Control Panel. Click Performance and Maintenance, click
Administrative Tools, and then double-click Computer Management.
2. In the console tree, click Users.

Where?

o Computer Management
o System Tools
o Local Users and Groups
o Users
3. On the Action menu, click New user
4. Type the appropriate information in the dialog box.
5. Select or clear the check boxes for:
o user must change password at next logon
o user cannot change password
o Password never expires
o Account is disabled
6. Clickaccount, and then click Close.

PRECAUTIONS: logging in to using administrator account

(Do not use limited and guest users to create new account.)

QUALITY CRITERIAL

 A user name cannot be identical to any other user or group name on the computer
beingadministered. It can contain up to 20 uppercase or lowercase characters
except for the following: " / \ [ ]: | =, + *? <>
 A user name cannot consist solely of periods (.) or spaces.
 You should not add a new user to the Administrators group unless the user will
perform only administrative tasks

Page6
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

 Operation sheet LO1
Controlling ensure user accounts
MODULE FIVE Protecting Application or System Software

OPERATION TITLE:Controlling ensure user accounts

PURPOSE: Understanding how to create password

CONDITION OR SITUATION FOR THE OPERATION: The computer must be with basic software

EQUIPMENT, TOOLS&MATERIALS:Computer with peripheral devices, and electric power supply/UPS/

PROCEDURE: To create password, follow the following procedure:

If you have a computer administrator account on the computer

1. Open User Accounts in Control Panel.

2. Click your account name.
3. Click Create a password.
4. In Type a new password and Type the new password again to confirm, type the
password for your account.
5. Click Create Password.

If you have a limited account on the computer

1. Open User Accounts in Control Panel.

2. Click Create a password.
3. In Type a new password and Type the new password again to confirm, type your
password.
4. Click Create Password

PRECAUTIONS: logging in to using administrator account

Familiar with old password

QUALITY CRITERIAL

 Enterdescriptive or meaningful text in Type a word or phrase to use as a password

hint to help you remember your password.

 Type your password and confirm it

 Use understandable and strong password

Page7
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

 INFORMATION LO2
Detecting and removing destructive
SHEET software
MODULE FIVE Protecting Application or System
Software

Definition of Virus
A virus is “a program that can infect other programs” by modifying them to include a possibly
evolved copy of itself.”

Virus is program that travel from one computer to another, using various methods, such as programs that
are not what they appear to be. Shareware downloaded from the Internet is a popular method for
spreading virus code. You really should seriously enforce a policy for any programs that are installed on
any computer in your network

How do viruses work?

Basic viruses typically require unwary computer users to inadvertently share or send them. Some
viruses that are more sophisticated, such as worms, can replicate and send themselves
automatically to other computers by controlling other software programs, such as an e-mail
sharing application. Certain viruses, called Trojans (named after the fabled Trojan horse), can
falsely appear as a beneficial program to coax users into downloading them. Some Trojans can
even provide expected results while quietly damaging your system or other networked computers
at the same time.
Although it's good to be aware of these different types of viruses and how they work, what is
most important is that you keep your computer current with the latest updates and antivirus tools,
stay current about recent threats, and that you follow a few basic rules when surfing the Internet,
downloading files, and opening attachments. Once a virus is on your computer, its type or the
method it used to get there is not as critical as removing it and preventing further infection.
Nothing can guarantee the security of your computer 100 percent. However, you can continue to
improve your computer's security and decrease the possibility of infection by keeping your
system up-to-date, maintaining a current antivirus software subscription, and following a fewbest
practices.

Page8
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

Common types of distractive software

A. Trojan horses

Trojan horses are programs that an intruder plants on one or more servers in your network. If
you have these types of programs, they can be difficult to detect, because many use the same
filename as a file that is already part of your operating system or application software. The
Trojan horse program is activated by some specific event, such as the arrival of a certain date, or
by a user running a program that has been replaced by the Trojan horse. This latter tactic is very
popular. Some programs are not what they appear to be.

B. Worms

Worms are usually considered to be self-propagating programs that travel through email as
well as by other means. A worm will replicate itself by sending copies of the software to all or
most of the addresses in your email address book. A worm travels through the Internet very
quickly because of this aspect of its replication. The solution?Don't open email attachments
unless you have a good antivirus program (which you have kept up-to-date). After you open an
email that contains a worm virus, all heck can break loose, and the friends in your address book
will not be inclined to think very well of you!

Examples of worms include: PSWBugbear.B, Lovgate.F, Trile.C, Sobig.D, Mapson.

C. Resident Viruses

This type of virus is a permanent which dwells in the RAM memory. From there it can
overcome and interrupt all of the operations executed by the system: corrupting files and
programs that are opened, closed, copied, renamed etc.
Examples include: Randex, CMJ, Meve, and MrKlunky.

D. Direct Action Viruses

The main purpose of this virus is to replicate and take action when it is executed. When a
specific condition is met, the virus will go into action and infect files in the directory or
folderthat it is in and in directories that are specified in the AUTOEXEC.BAT file PATH. This

Page9
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

batch file is always located in the root directory of the hard disk and carries out certain
operations when the computer is booted.
E. Overwrite Viruses
Virus of this kind is characterized by the fact that it deletes the information contained in the files
that it infects, rendering them partially or totally useless once they have been infected.
The only way to clean a file infected by an overwrite virus is to delete the file completely, thus
losing the original content.
Examples of this virus include: Way, Trj.Reboot, Trivial.88.D.
F. Boot Virus
This type of virus affects the boot sector of a floppy or hard disk. This is a crucial part of a
disk, in which information on the disk itself is stored together with a program that makes it
possible to boot (start) the computer from the disk.
The best way of avoiding boot viruses is to ensure that floppy disks are write-protected and never
start your computer with an unknown floppy disk in the disk drive.
Examples of boot viruses include: Polyboot.B, AntiEXE.
G. Macro Virus
Macro viruses infect files that are created using certainapplications or programs that contain
macros. These mini-programs make it possible to automate series of operations so that they are
performed as a single action, thereby saving the user from having to carry them out one by one.
Examples of macro viruses: Relax, Melissa.A, Bablas, O97M/Y2K.
H. Directory Virus (D. Direct Action Viruses)
Directory viruses change the paths that indicate the location of a file. By executing a program
(file with the extension .EXE or .COM) which has been infected by a virus, you are unknowingly
running the virus program, while the original file and program have been previously moved by
the virus.
Once infected it becomes impossible to locate the original files.
I. Polymorphic Virus
Polymorphic viruses encrypt or encode themselves in a different way (using different
algorithms and encryption keys) every time they infect a system.
This makes it impossible for anti-viruses to find them using string or signature searches (because
they are different in each encryption) and also enables them to create a large number of copies of

Page10
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

themselves.
Examples include: Elkern, Marburg, Satan Bug, and Tuareg.
J. File Infectors
This type of virus infects programs or executable files (files with an .EXE or .COM extension).
When one of these programs is run, directly or indirectly, the virus is activated, producing the
damaging effects it is programmed to carry out. The majority of existing viruses belong to this
category, and can be classified depending on the actions that they carry out.
K. Companion Viruses
Companion viruses can be considered file infector viruses like resident (C) or direct action (D)
types. They are known as companion viruses because once they get into the system they
"accompany" the other files that already exist. In other words, in order to carry out their infection
routines, companion viruses can wait in memory until a program is run (resident viruses) or
act immediately by making copies of themselves (direct action viruses).Some examples include:
Stator, Asimov.1539, and Terrax.1069
L. FAT Virus
The file allocation table or FAT is the part of a disk used to connect information and is a vital
part of the normal functioning of the computer.
This type of virus attack can be especially dangerous, by preventing access to certain sections of
the disk where important files are stored. Damage caused can result in information losses from
individual files or even entire directories.
M. Logic Bombs (inverse of Direct Action Virus)
They are not considered viruses because they do not replicate. They are not even programs in
their own right but rather camouflaged segments of other programs.
Their objective is to destroy data on the computer once certain conditions have been met.
Logic bombs go undetected until launched, and the results can be destructive.

Steps to help avoid viruses:

1. Visit Microsoft Update and turn on Automatic Updates.

Page11
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

Note: If you've installed Office 2003 or Office XP, Automatic Updates will also update your
Office programs. If you have an earlier version of Office, use Office Update.

2. Use an Internet firewall (Note: Windows XP with SP2 has a firewall already built-in and
active).
3. Subscribe to industry standard antivirus software and keep it current.
4. Never open an e-mail attachment from someone you don't know.
5. Avoid opening an e-mail attachment from someone you know, unless you know exactly what
the attachment is. The sender may be unaware that it contains a virus.

How do I know if a virus has infected my computer?

After you open and run an infected program or attachment on your computer, you might not
realize that you've introduced a virus until you notice something isn't quite right.

Here are a few primary indicators that your system might be infected:

 Runs consistently slower than normal

 Stops responding or locks up often
 Crashes and restarts every few minutes
 Restarts on its own and then fails to run normally
 Applications don't work properly
 Disks or disk drives are inaccessible
 Printing doesn't work correctly
 You see unusual error messages
 You see distorted menus and dialog boxes
 Carry out a denial of service attack
 Crash the machine
 Randomly destroy data
 Perform password cracking …etc

Install Anti-virus
What is Antivirus program? An antivirus is a program that searches for, identifies and removes
potential viruses existing in the computer system.

Antivirus software: Some of the most commonly and reliable antivirus programs available in the
market are -

 Symantec Norton antivirus

Page12
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

  AVG antivirus
 McAfee Scan
 Microsoft Antivirus
 Avast

To install anti-virus is a necessity, nowadays. But taking some precautionary measures can
prevent virus invasion.

1. You can install a firewall to protect your computer when connected to Internet.
2. Don’t open suspicious attachments.
3. Always keep your anti-virus software up-to-date by installing latest updates.
4. Download programs only from authentic websites.
5. Make sure that you have read all security warnings, license agreements, and privacy
statements associated with any software you want to download.

Steps to install antivirus

STEP 1: Download the anti-virus and double-click on the file to launch the installation of Avast
anti-virus.

 Click "Next" on the appeared screen

Page13
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

STEP2: Another window with Read-Me file will appear, just click "Next" again.
STEP 3: Legal agreement would appear, click "I agree", and then click "Next" to continue.
STEP 4: I recommend you to use "Typical" installation.

 Ensure that "Typical" has been selected by you and then click "Next".

STEP 5: A message asking you to schedule a boot-time anti-virus scan of your local hard drive
would appear.

 I recommend you to select No, because this scan could take a lot of time.

STEP 6: Once the setup process has been finished, restart your computer. Select Restart and
click Finish.
STEP 7: After you will restart your computer, two new icons in the bottom of the right corner of
the screen would appear.

 The icon with "I" is the "Virus Recovery Database" (VRDB). It makes the copies
of the programs installed by you and if one of them gets infected with a virus, this
will help in replacing the infected file so that the program functions properly.
However, the icon with "A" is the On-Access Protection.

Note: After restarting your computer, right-click on icon with "A" in the task bar and select
"Updating".
Remark

These steps not mandatory for all ant virusesit is only for Avast antivirus

Steps to Remove a Virus from the System

The antivirus software should be updated regularly to retain its effectiveness.

Removing the virus beforehand might be necessary, as some viruses will not allow an antivirus
to operate. However, if you are not successful, you may still continue with the installation.

Page14
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

Scan the System to Identify and Locate the Virus

Usually, the antivirus will run automatically when the system reboots after the installation.
Therefore, it might identify the virus automatically. Moreover, you may want to run a quick
system scan to locate the virus.

Troubleshooting the Virus Infected Areas

After the antivirus identifies the infected areas, the next step is to rectify those areas.

Methods of Eliminating Viruses

Generally, the antivirus adopts one of two methods to eliminate the virus:

 Removing the virus – When the virus can be easily identified and can be removed
without affecting other files, then the antivirus removes it from the host place.
 Quarantine – this is done when the virus cannot be easily identified removed from the
file and the removal of virus means the removal of the complete file. In this method,
although the virus is not eliminated, it is rendered inactive by moving the file into
"quarantine" and renaming it.

Perform a Full System Scan

Even after the virus is removed from the system, the next step is to scan the whole system to
ensure that no infected files remain.

What if the Antivirus Fails?

It may happen that your antivirus fails to detect and get rid of the virus. In such a case, you can
follow the steps given below:

 Take a backup of the entire data.

 Format the infected disk partition.

Page15
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

  In case the entire system is infected, the system will have to be reinstalled.
 Install the antivirus and the latest updates.
 Restore the backup.

The SecurityCenter can detect if you are using firewall or antivirus software on your computer.
However, it can't detect all firewall and antivirus solutions.

 There are some antivirus and firewall solutions that the SecurityCenter does not detect at all.
This group includes all hardware firewall solutions, such as network routers.
 Some antivirus and firewall programs are designed so that information about the programs can
be reported to the SecurityCenter. Such programs can provide specific information about their
status, such as whether or not an antivirus signature file is out of date.
 The SecurityCenter can detect the presence of some other firewall or antivirus programs, even if
they don't provide information about their status. However, the SecurityCenter can only detect
whether or not such a program is installed on your computer; it can't report the status.

If you're unsure about the status of your antivirus or firewall solution, or if you receive a
SecurityCenter alert that seems incorrect, please check with your antivirus or firewall vendor to
find out if the software you're running is supported in the SecurityCenter.

The Security Center

Use the SecurityCenter to check your security settings and learn more about how to improve the
security of your computer with Windows Firewall, Automatic Updates, and antivirus software.

Windows Firewall

Windows Firewall is on by default and helps protect your computer against viruses and other security
threats, such as intruders who might try to access your computer over the Internet.

Automatic Updates

With Automatic Updates, Windows can routinely check for the latest important updates for your
computer and install them automatically.

Detecting distractive software

 If we can’t limit the spread of a virus, maybe we can find it and quarantine
infected files…
 Unfortunately, no general algorithm for detecting virus behavior is
possible.
 Cohen argues this by proposing a virus that infects only when the
detection algorithm thinks it isn’t a virus.

Page16
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

  Anti-virus programs must make do with more limited solutions, such
as scanning for a virus signature
 According to Cohen, the following are un decidable:
 Detection of a virus by its appearance
 Detection of a virus by its behavior
 Detection of an evolution of a known virus
 Detection of a triggering mechanism by its appearance
 Detection of a triggering mechanism by its behavior
 Detection of an evolution of a known triggering mechanism
 Detection of a virus detector by its appearance
 Detection of a virus detector by its behavior
 Detection of an evolution of a known viral detector

OPERATION LO2
Detect and remove destructive
SHEET software
MODULE Protecting Application or System
Software

OPERATION TITLE:Installing Avastanti virus

PURPOSE: Understanding how to install Avast antivirus

Page17
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

CONDITION OR SITUATION FOR THE OPERATION: The computer with operating system and
avastantivirus software

EQUIPMENT, TOOLS&MATERIALS:Computer, peripheral devices, electric power supply/UPS/, CD-ROM

(DVD)

PROCEDURE: ToinstallAvast antivirus, follow the following procedure:

STEP 1: Download the anti-virus and double-click on the file to launch the installation of Avast
anti-virus.

 Click "Next" on the appeared screen

STEP2: Another window with Read-Me file will appear, just click "Next" again.
STEP 3: Legal agreement would appear, click "I agree", and then click "Next" to continue.
STEP 4: I recommend you to use "Typical" installation.

 Ensure that "Typical" has been selected by you and then click "Next".

STEP 5: A message asking you to schedule a boot-time anti-virus scan of your local hard drive
would appear.

 I recommend you to select No, because this scan could take a lot of time.

STEP 6: Once the setup process has been finished, restart your computer. Select Restart and
click Finish.
STEP 7: After you will restart your computer, two new icons in the bottom of the right corner of
the screen would appear.

 The icon with "I" is the "Virus Recovery Database" (VRDB). It makes the copies
of the programs installed by you and if one of them gets infected with a virus, this
will help in replacing the infected file so that the program functions properly.
However, the icon with "A" is the On-Access Protection.

PRECAUTIONS:

1. You can install a firewall to protect your computer when connected to Internet.
2. Don’t open suspicious attachments
3. Always keep your anti-virus software up-to-date by installing latest updates.

Page18
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

 4. Download programs only from authentic websites
5. Make sure that you have read all security warnings, license agreements, and
privacy statements associated with any software you want to download.

QUALITY CRITERIAL: - The antivirus software should be updated regularly to retain its effectiveness

Remark

If you want to uninstall or remove Avast!

You can remove or uninstall Avast! Antivirus totally from your computer by the following the steps

1. Click on Start menu and then go to Control Panel.

2. Find Add or Remove Programs and click on it.
3. A new window will be opened and find Avast! from the installed program lists. Single click on it and
then click on Remove button.
4. After successful un installation, Restart your PC

These steps not mandatory for all antiviruses it is only for avast antivirus

INFORMATION LO3
Identify and take action to stop spam
SHEET MODULE FIVE Protecting Application or System
Software

What is spam?

Spam is flooding the Internet with many copiesof the same message, in an attempt to force
the message on people who would not otherwise choose to receive it. Most spam is commercial

Page19
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Spam
costs the sender very little to send -- most of the costs are paid for by the recipient or the carriers
rather than by the sender.

There are two main types of spam, and they have different effects on Internet users.

Cancellable Usenet spam is a single message sent to 20 or more Usenet newsgroups. (Through
long experience, Usenet users have found that any message posted to so many newsgroups is
often not relevant to most or all of them.) Usenet spam is aimed at "lurkers", people who read
newsgroups but rarely or never post and give their address away. Usenet spam robs users of the
utility of the newsgroups by overwhelming them with a barrage of advertising or other irrelevant
posts. Furthermore, Usenet spam subverts the ability of system administrators and owners to
manage the topics they accept on their systems.

Email spam targets individual users with direct mail messages. Email spam lists are often
created by scanning Usenet postings, stealing Internet mailing lists, or searching the Web for
addresses. Email spam typically cost users money out-of-pocket to receive. Many people -
anyone with measured phone service - read or receive their mail while the meter is running, so to
speak. Spam costs them additional money. On top of that, it costs money for ISPs and online
services to transmit spam, and these costs are transmitted directly to subscribers.

One particularly nasty variant of email spam is sending spam to mailing lists (public or private
email discussion forums.) Because many mailing lists limit activity to their subscribers,
spammers will use automated tools to subscribe to as many mailing lists as possible, so that they
can grab the lists of addresses, or use the mailing list as a direct target for their attacks.

Spam Filter Software’s

6. Ella

Ella is the smart Spam filter software. It keeps important email in your inbox, moves your
electronic newsletters into their own folder, and stops spam. With spam messages out of your
way, email is actually a productivity activity again!

Page20
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

What Does Spam Filter Software Do?

These days one cannot open their email without seeing countless spam messages in their inbox.
For the email-recipient, spam is easily recognized. However, the receiver of spam loses countless
hours manually deleting the intrusive messages from their inbox. Spam filter software can help
mitigate this overwhelming chore. Spam filter software can reduce the amount of junk mail
delivered to a user's inbox.

Shockingly, the content of spam email can range from the incomprehensible to the downright
obscene. Spam is dangerous to both the computer and its users. Junk mail can contain viruses,
keyloggers, phishing attacks and more. These types of malware can comprise a user's sensitive
private data by capturing bank account information, usernames and passwords. Spam blocker
applications can assist a user in preventing these types of PC contaminations.

Certainly, there are advantages to using a spam blocker. However, no spam filter software is
100% effective. Despite this limitation, spam filter software can assist parents in blocking email
that contains pornography and other questionable content.

Clearly, a war is waging inside a user's inbox. The battle to stop spam is an ongoing ever-
changing fight. Implementing spam filter software is a good first protective step. Spam filter
software can help a user create a solid wall of defense that only lets wanted emails into their
inbox.

What to Look for in Spam Filter Software

The best spam filter software is easily customizable by computer users of all levels. The most
important feature of any spam filter software is the ability to reliably prevent and block spam.
The spam filter software you pick should support multiple email clients and webmail service
providers. It is important to choose a spam filter software that meets your needs and fits into the
services and applications you use.

Below are the criteria TopTenREVIEWS used to evaluate the best spam filter software:

Blocking/Filtering
Reliably blocking and filtering spam is the most valuable feature of any spam filter software. The
spam filter software should come equipped with multiple capabilities that prevent junk mail from
contaminating the user's inbox. The best spam filtering software has both black and white lists,
sensitivity settings, community-based filtering, challenge and response techniques, and
quarantine settings. Additional features to evaluate are blocking by IP address, server, email
address, and country code.

Protection
Spam blocker apps should have the capability of protecting multiple user accounts with a single
installation. Moreover, the spam blocker must protect the user from email that contains worms,
viruses, Trojans, attachments with embedded keyloggers and other malware. Additionally, robust

Page21
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

spam filter software can identify HTML email that contains phishing attacks designed to garner a
user's sensitive personal information.

Rules
The spam filter software should give the user the ability to edit predefined rule settings as well as
the creation of new rules. The best spam filter software can adapt to meet the needs of the user,
not the other way around.

Compatibility
when selecting a spam blocker, one needs to evaluate if the spam filtering software they select is
compatible with their current email client or webmail service provider. Common supported email
clients include Thunderbird, Outlook, Outlook Express and other POP3/SMPT applications. The
spam filtering software should also support several webmail service providers like Gmail,
Yahoo, Hotmail and others.

Phishing and Hoaxes

• Phishing is a phony communication

• Attempts to scam someone into sending vital information
• Hoaxes are attempts to scam people into sending money, or join a chain letter.
Hackers
• Anyone who unlawfully accesses a computer system
• Types of hackers:
– White-hat
– Black-hat
– Script kiddies
What Hackers Do
• Steal information from computers:
– Credit card numbers
– Bank account numbers
• Internet packet sniffing
• Commit identity theft

Denial of Service Attacks

• Backdoor programs
– Trojan horse
– Zombies
• Denial of service attacks
• Software programs or hardware designed to close logical ports to invaders

Self Check
I. Underpinning knowledge

1. Is it impossible to remove distractive software without antivirus?

Page22
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

 2. What is the Defect of deleting user account?

3. Why people send spam?

4. Write and discuss types of spam

II. Choose the best answer

1. Of the following is not a task of virus

A. Corrupt file

B. Damage hardware

C. Change file format

D. Convert the data to useable format

2. Which of the following is not virus type

A. Avast

B. Worm

C. Trojan horse

D. Bomb

3. The types virus which replicate it self

A. Trojan horse

B. Worm

C. Boot sector

D. Macro

Page23
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

 4. if the Antivirus Fails on your system the best protection that happen first
A. Take a backup of the entire data.
B. Format the infected disk partition.
C. Install the antivirus and the latest updates.
D. Restore the backup.

LAP SHEET

LAP title: Installingantivirus and scan the system

Unit of competency:Protecting Application or System Software

Reading: Information sheet

Objective: To install antivirus and scan the system

Laboratory

Materials Required

- AVG Antivirus software CD

Tools and equipment required

 PC with Peripherals - Mouse

Keyboard
Monitor
UPS

Procedure

1. Install AVG antivirus

2. Scan the system
3. Delete all the defected files

Page24
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu

Evaluation

1. All safety precaution were followed in using tools and equipments

2. All steps were completed in the correct sequence
3. Check Installation were properly finished
4. Verify the system scanned properly.
5. Identify the infected files and treated

Page25
TTLM LEVEL ONE

PREPARED BY: Fasil Wondimagegnehu