Virus Science

Adware
Adware is software that presents banner ads or in pop-up windows through a bar that appears on a computer screen. Those advertising spots usually can't be removed and are consequently always visible. The connection data allow many conclusions on the usage behavior and are problematic in terms of data security.

Backdoors
A backdoor can gain access to a computer by going around the computer access security mechanisms.

A program that is being executed in the background generally enables the attacker almost unlimited rights. User's personal data can be spied with the backdoor's help, but are mainly used to install further computer viruses or worms on the relevant system.

Boot viruses
The boot or master boot sector of hard drives is mainly infected by boot sector viruses. They overwrite important information necessary for the system execution. One of the awkward consequences: the computer system cannot be loaded any more…

Bot-Net
A Bot-Net is collection of softwarre bots, which run autonomously. A Bot-Net can comprise a collection of cracked machines running programs (usually referred to as worms, Trojans) under a common command and control infrastructure. Boot-Nets server various purposes, including Denial-of-service attacks, etc., partly without the affected PC user's knowledge. The main potential of Bot-Nets is that the networks can achieve dimensions on thousands of computers and its bandwidth sum bursts most conventional Internet accesses.

Dialer
A dialer is a computer programm that establishes a connection to the Internet or to another computer network through the telephone line or the digital ISDN network. Fraudsters use dialers to charge users high rates when dialing up to the Internet without their knowledge.

EICAR test file
The EICAR test file is a test pattern that was developed at the European Institute for Computer Antivirus Research for the purpose to test the functions of anti-virus programs. It is a text file which is 68 characters long and its file extension is “.COM” all virus scanners should recognize as virus.

Exploit
An exploit (security gap) is a computer program or script that takes advantage of a bug, glitch or vulnerability leading to privilege escalation or denial of service on a computer system. A form of an exploit for example are attacks from the Internet with the help of manipulated data packages. Programs can be infiltrated in order to obtain higher access.

Grayware
Grayware operates in a way similar to malware, but it is not spread to harm the users directly. It does not affect the system functionality as such. Mostly, information on the patterns of use is collected in order to either sell these data or to place advertisements systematically.

Hoaxes
The users have obtained virus alerts from the Internet for a few years and alerts against viruses in other networks that are supposed to spread via email. These alerts are spread per email with the request that they should be sent to the highest possible number of colleagues and to other users, in order to warn everyone against the "danger".

Honeypot
A honeypot is a service (program or server), which is installed in a network.

It has the function to monitor a network and to protocol attacks. This service is unknown to the legitime user - because of this reason he is never addressed. If an attacker examines a network for the weak points and uses the services which are offered by a Honeypot, it is protocolled and an alert sets off.

Keystroke logging
Keystroke logging is a diagnostic tool used in software development that captures the user's keystrokes. It can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks. Like this, confidential and personal data, such as passwords or PINs, can be spied and sent to other computers via the Internet.

Macro viruses
Macro viruses are small programs that are written in the macro language of an application (e.g. WordBasic under WinWord 6.0) and that can normally only spread within documents of this application. Because of this, they are also called document viruses. In order to be active, they need that the corresponding applications are activated and that one of the infected macros has been executed. Unlike "normal" viruses, macro viruses do consequently not attack executable files but they do attack the documents of the corresponding host-application.

Polymorph viruses
Polymorph viruses are the real masters of disguise. They change their own programming codes - and are therefore very hard to detect.

Program viruses
A computer virus is a program that is capable to attach itself to other programs after being executed and cause an infection. Viruses multiply themselves unlike logic bombs and Trojans. In contrast to a worm, a virus always requires a program as host, where the virus deposits his virulent code. The program execution of the host itself is not changed as a rule.

Script viruses and worms
Such viruses are extremely easy to program and they can spread - if the required technology is on hand - within a few hours via email round the globe.

Script viruses and worms use a script language such as Javascript, VBScript etc. to infiltrate in other new scripts or to spread by activation of operating system functions. This frequently happens via email or through the exchange of files (documents).

A worm is a program that multiplies itself but that does not infect the host. Worms can consequently not form part of other program sequences. Worms are often the only possibility to infiltrate any kind of damaging programs on systems with restrictive security measures.

Spyware
Spyware are so called spy programs that intercept or take partial control of a computer's operation without the user's informed consent. Spyware is designed to expolit infected computers for commerical gain. Typical tactics furthering this goal include delivery of unsolicited pop-up advertisements. AntiVir is able to detect this kind of software with the category "ADSPY" or "adware-spyware".

Trojan horses (short Trojans)
Trojans are pretty common nowadays. We are talking about programs that pretend to have a particular function, but that show their real image after execution and carry out a different function that, in most cases, is destructive. Trojan horses cannot multiply themselves, which differenciates them from viruses and worms. Most of them have an interesting name (SEX.EXE or STARTME.EXE) with the intention to induce the user to start the Trojan. Immediately after execution they become active and can, for example, format the hard drive. A dropper is a special form of Trojan that 'drops' viruses, i.e. embeds viruses on the computer system.

Zombie
A Zombie-PC is a computer that is infected with malware programs and that enables hackers to abuse computers via remote control for criminal purposes. The affected PC, for example, can start Denial-of-Service- (DoS) attacks at command or send spam and phishing emails.

Credit: Avira Antivir

How to Add Your Own Windows Tips

Open your registry and find the key below.

HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows\ CurrentVersion\ Explorer\ Tips

Create a new string valued named by incrementing the existing value names and set it to the required tip text.

How to Add an Option to Print the Contents of a Folder

Would you like to be able to right click any folder in Explorer and print its contents? You can add this option to the context menu by following these steps:

First, you need to create a batch file called Printdir.bat. Open Notepad or another text editor and type (or cut and paste) this text:

@echo off
dir %1 /-p /o:gn > "%temp%\Listing"
start /w notepad /p "%temp%\Listing"
del "%temp%\Listing"
exit

Now, in the Save As dialog box, type "%windir%\Printdir.bat" (without the quotation marks) and click the Save button.
Click Start, Control Panel, Folder Options.
Click the File Types tab, and then click File Folder.
Click the Advanced button.
Click the New button.

In the Action box, type "Print Directory Listing" (without the quotation marks).

In the Application used to perform action box, type "Printdir.bat" (without the quotation marks).

Click OK in all three dialog boxes to close the dialog boxes.

You're not quite finished yet! Now you need to edit the Registry, so open your favorite Registry Editor.

Navigate to HKEY CLASSES ROOT\Directory\shell.

Right click on "default" and select Modify.
In the File Data box, type "none" (without the quotation marks).

Click OK and close the Registry Editor.

Now when you right click a folder, you'll see the option to Print Directory Listing. Selecting it will print the contents of the folder.

Who needs a stinking program to print a folder directory?

How to add an Internet URL address bar to Windows XP taskbar?

You can add an Internet URL address bar to your Windows XP taskbar. Doing so will let you type in URLs and launch Web pages without first launching a browser. It will also let you launch some native Windows XP applications in much the same way as you would via the Run menu (so you could type in calc to launch the calculator or mspaint to launch Microsoft Paint. Here's how you add the address bar:

1. Right-click on the taskbar, select Toolbars, and then click Address.

2. The word Address will appear on your taskbar.

3. Double click it to access it.

4. If that doesn't work, your taskbar is locked. You can unlock it by right-clicking on the taskbar again and uncheck Lock the Taskbar.

NOTE: You may also need to grab the vertical dotted lines beside the word Address and drag it to the left to make the Address window appear.

How To Access Your Folders From Your Taskbar

This is an easy way to get to the folders on your system without having to open a Windows Explorer Window every time you want to access files. I find it very useful to have this feature as it allows me to access my Folders and Drives immediately and saves me a lot of time.

This works in Windows XP:

1. Right Click an empty spot on your Taskbar (Between your Start Button and your System Tray).
2. Click Toolbars.
3. Click New Toolbar.
4. A Small Window will Open that allows you to pick the folder you wish to make a Toolbar. If you want to access your Desktop Without having to minimize all your windows. Just Pick Desktop. If you want to access ONLY your My Documents Folder, Select that. Any folder will work for this.
5. Click OK.
The New Tool bar will appear at the bottom of your screen next to your System Tray.

If you find this to be not useful, Repeat Steps 1 and 2 and then check click the Toolbar you created that has a check mark next to it. And it will disappear.