Active X Control
A small program that provides additional features for web pages or a web browser. Currently, only Microsoft's Internet Explorer browser supports ActiveX controls. An ActiveX control is automatically downloaded from a website and installed on a computer by Internet Explorer the first time a user visits the page.
Attribute
A setting for a tag, that affects the way the tag is displayed.
Back Door
A feature built into a program by its designer, which allows them to gain full or partial access to your system.
Boot Disk
A boot disk is a floppy disk that has a copy of the files needed to start up your computer. When you start your computer from a boot disk, the operating system runs from the disk and not from the hard drive. A boot disk can be useful as a back-up if your hard drive's boot process becomes damaged by a virus. You may be able to avoid reformatting your hard drive by starting the computer with the boot disk and reloading the boot files onto your computer.
Boot Records
Those areas on diskettes or hard disks that contain some of the first instructions executed by a PC when it is booting. Boot records must be loaded and executed in order to load the operating system. Viruses that infect boot records change them to include a copy of themselves. When the PC boots, the virus program is run and will typically install itself into memory before the operating system is loaded.
Boot Sector Infector
A virus, which infects the original boot sector on a floppy diskette. These viruses are particularly serious because information in the boot sector is loaded into memory first, before virus protection code can be executed. A "strict" boot sector infector infects only the boot sector, regardless of whether the target is a hard disk or a floppy diskette. Some viruses always attack the first physical sector of the disk, regardless of the disk type.
COM File
COM is short for command, being a file that contains instructions that can do something on your computer. COM files are for DOS based systems and tend to run faster than EXE type programs. Viruses will often infect COM files. When the COM file is run the virus is run as well, often loading it into memory. Note: The Windows operating system treats files with a .COM extension the same as other executable type files. Some viruses and trojans use a filename ending in .COM (i.e. http://virus.com). Typically, these are portable executable files and not real COM files.
Companion Virus
A companion virus will rename either itself or its target file in an attempt to trick the user into running the virus rather than another program. For example, a companion virus attacking a file named GAME.EXE may rename the target file to GAME.EX and create a copy of itself called GAME.EXE. Alternatively, it may simply rename itself to GAME.COM and rely on the user running "GAME" from a command prompt as the operating system would then run GAME.COM rather than GAME.EXE.
Cookie
A small text file which is deposited on your hard drive by a website you visit. This file identifies your computer. It records your preferences and other data about your visit to that site. When you return to the site, the site knows who you are. Cookies can thus be used for longer term data collection.
Cookie 3rd Party
These cookies are placed by ad networks and Internet marketing companies - not by the site you are visiting.
Dropper
An executable file that, when run "drops" a virus or trojan. A "Dropper" file's intention is to create a virus or trojan and then execute it on the user's system.
Encryption
A change made to data, code or a file so that it can no longer be read or accessed without processing (or decrypting). Viruses may use encryption in order to hinder detection by hiding their viral code. Viruses may also encrypt (change) code or data on a system as part of their payload.
EXE File
EXE, or executable files are programs that do things on your computer. For example: tank.exe may be a tank game. Files with different extensions like .dll are often support files for a program. Viruses commonly infect EXE files. After such an infection, the virus is run each time the program is run.
File Infector
A virus which attaches itself to, or associates itself with a file. File infectors usually append themselves to regular program files or overwrite program code. The file-infector class is also used to refer to programs that do not physically attach to files but associate themselves with program filenames.
Heuristic
A method of scanning which looks for patterns or activities that are virus like. Most leading packages have a heuristic scanning method to detect new or previously undetected viruses in the wild. Heuristic scans can however lead to false alarms.
Hoax
This is usually an email message that warns of a non-existent virus. This can do harm by spreading fear.
HTML
HyperText Markup Language. The language in which web pages are written.
INI File
A place for programs to store instructions or settings, which are used during operation. Virus authors often utilize the WIN.INI, SYSTEM.INI, and WININIT.INI files.
Joke Program
This is not a virus, but a program that simulates destructive behavior, such as deleting files.
Logic Bomb
When a Trojan Horse is left to lie dormant - only to attack when the conditions are just right.
Macro
A saved set of instructions that users may create or edit to automate tasks within certain applications or systems. A Macro Virus is a malicious macro that a user may execute inadvertently and that may cause damage or replicate itself.
Malware (Malicious Software)
Programs that are intentionally designed to perform some unauthorized (and often harmful or undesirable) act such as viruses, worms and trojans.
MIME
Multipurpose Internet Mail Extension is an Internet protocol that allows other information such as word processing documents, graphics, sound and video to be sent as attachments to email messages. Email programs that allow you to send and receive these types of files are said to be MIME-compliant.
Multi-partite Virus
A virus that infects Master Boot Records, Boot Sectors and Files.
OS
Operating system, such as DOS, Windows, Sun/OS, Unix, Linux, FreeBSD, PalmOS, MacOS.
Overwriting Virus
A virus that overwrites files with its own viral code.
Parasitic
A virus that requires a host to help it to spread.
Polymorphic
A virus that attempts to evade detection by changing its internal structure or its encryption techniques. Polymorphic viruses change their "form" with each infection in order to avoid detection by antiviral software that scans for signature "forms". Less sophisticated systems are referred to as self-encrypting.
POP
Post Office Protocol, the current champ in Internet email mailbox access standards, but its limitations: basically, you connect to a server and download all your messages which are then deleted from the server which discourages flexibility. Of course, some clients let you leave all messages on the server, and/or refuse to download messages above a certain size. Still, as messages become longer, with multimedia (such as sound or video) objects and the like, we'll want some flexibility in what we retrieve and when we retrieve it. That's where IMAP comes in. The current version of POP is POP3.
Protocol
A protocol is the set of rules that computers use to communicate with each other. The use of protocols assures that different network products or programs can work together. Any product that uses a given protocol should work with any other product using the same protocol.
Registry
A database that is used to store instructions and other information. The database is broken down in to keys, which values are set for. The alternative to using an INI file in many cases, this Microsoft Windows component is often utilized by virus authors.
Scripting Virus
Script viruses are written in script programming languages, such as VBScript and JavaScript. VBScript (Visual Basic Script) and JavaScript viruses make use of Microsoft's Windows Scripting Host to activate themselves and infect other files. Since Windows Scripting Host is available on Windows 98 and Windows 2000, the viruses can be activated simply by double-clicking the *.vbs or *.js file from Windows Explorer. HTML viruses use the scripts embedded in HTML files to do their damage. These embedded scripts automatically execute the moment the HTML page is viewed from a script-enabled browser.
Self-Encrypting Viruses
A virus, which uses self-encrypting techniques to make detection more difficult.
Self-Extracting Files
A file that, when run, extracts itself. Most files transferred across the Internet are compressed to save disk space and lower transfer times. The self-extracting program can extract a virus or Trojan Horse. These types of viruses can be effective since the scanning of compressed files is a rather new technique used by most leading anti-virus packages. You cannot get a virus by just downloading a self-extracting file. You must run it. Always scan new files before using them.
Signature
A series of letters and numbers within the code of a virus, which are unique.
Signature File
A database of various virus signatures; the reference used to compare found strings during the disinfecting of a computer. Signature files are called a variety of names including the ever-popular DAT file update used by VirusScan. It's important to download or purchase signature file updates often to provide yourself with the best possible protection available to date.
SMTP
Simple Mail Transfer Protocol is a protocol for sending email messages. Most email systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an email client using either POP or IMAP.
Spyware
Software that gathers information about a user as he or she navigates around the web. It is intended to track surfing habits in order to build marketing profiles. Spyware is often included in "free downloads" from the web where the license agreement (which so many of us accept without reading), may mention that information about your habits will be transmitted back to the company's website - but not information specifically about you. Spyware is cause for public concern about privacy on the Internet.
Tags
Tags are used to define elements in HTML.
Trigger
An event that a virus writer has programmed the virus to watch for - such as a date, the number of days since the infection occurred, or a sequence of keystrokes. When the trigger event occurs, it activates the virus, which then dispenses its payload.
Trojan Horse
A program that either pretends to have, or is described as having, a set of useful or desirable features, but actually contains a damaging payload. Most frequently the usage is shortened to "Trojan". Trojan Horses are not technically viruses, since they do not replicate.
Variant
A modified version of an original virus. These modifications can be as simple as a text change, or adding/deleting a few lines of code. It's not uncommon to see a virus changed, and often damaged, by other virus authors over time.
VBS File
New method of spreading viruses by using Visual Basic Scripting. Not usually a problem, unless a user has either IE5 or Outlook 98 or higher.
Virus
A program that is capable of replicating with little or no user intervention, and the replicated program(s) also replicate further.
Web Bug
A graphic on a web page or in an email message that is designed to monitor who is reading the web page or email message. A Web Bug is often invisible because they are typically only 1 x 1 pixel in size with no color. Among the information collected is the IP address of the computer that the Web Bug is sent to, the URL of the page the Web Bug comes from and the time it was viewed. The Web Bug is also known as a 1 x 1 GIF, invisible GIF and tracker GIF.
Worm
A virus that spreads by creating duplicates of itself on other drives, systems or networks.
Zip File
A file that has been compressed and given the file name extension .zip (usually). Zipped files may contain viruses. Make sure your anti-virus program scans for viruses in compressed files.
