REGARDS,
M.A.HAMEED.
Sunday, January 31, 2010
IF ANY TIME U GET THE VIRUS DONT BE PANIC JUST FOLLOW THIS STEPS AND HOPE U WILL BE GET RIDE OF IT ....IF NOT U CAN JUST COMMENT ME I WILL HELP U ....
In just over a decade, most of us have been familiar with the term computer virus. Even those of us who don't know how to use a computer have heard about viruses through Hollywood films such as Independence Day or Hackers (though Hollywood's depiction of viruses is usually highly inaccurate). International magazines and newspapers regularly have virus-scares as leading stories. There is no doubt that our culture is fascinated by the potential danger of these viruses. Many people believe the worst a virus can do is format your hard disk. In fact, this type of payload is now harmless for those of us who back up our important data. Much more destructive viruses are those which subtly corrupt data. Consider, for example, the effects of a virus that randomly changes numbers in spreadsheet applications by plus or minus 10% at stockbrokers.
But don’t lay the blame for viruses on the technology or the machines that executes that technology. The fundamental truth about computer viruses is that they are a people problem. People create viruses for various reasons. People disseminate virus infections either deliberately or as a result of the very human traits of innocence, ignorance, or carelessness. And the people who are the potential victims of this phenomenon can acquire the knowledge to turn a real threat into a reasonably calculated risk that they can
For Microsoft Office applications, there is a simple safety measure:
Word or Excel will skip loading such a macro if the [SHIFT] key is held down while the file is being loaded from the File/Open dialog box. It does not necessarily work if the file is opened by double-clicking in File Manager or launched from ECSMail or a Web browser.
For example, to open a Word document without automatically executing any macros:
1. Save it to a file
2. Start up Word
3. From the File menu, choose Open and select the file you wish to load
4. Hold down the [SHIFT] key and click on [OK]
5. Keep the [SHIFT] key depressed until the document has finished loading
Follow these steps to get rid of one of these viruses-
1. Power down your system. When you switched on again, boot from a clean, write protected operating system master diskette.
2. Use a virus scanning utility program to scan the files for these programs and identify which have been infected.
3. Delete each of these infected file from the system.
4. Get out your original documentation and disks for the application program. Use them to repeat the installation procedure so that the infected files are replaced by the original non infected versions.
Removing Boot Sector Virus:-
Remember that a boot sector virus attaches itself to instructions in the disk sector, which are loaded in to memory immediately when the system is powered on.
To remove this type of virus you must reverse the infection process, the virus out and reinstalling the original boot sector coding. To do this we must follow the following command:
1. Use the DOS utility called the SYS command as follows
Type the command SYS C: at the A> prompt. If the transfer has been completed smoothly, you get the response
System transferred
2. The SYS command may not always remove the boot sector virus, so you may need to use a program that is designed for this task. one such program is called MDISK and can be downloaded from the computer virus industry Association bulletin board.
3. Third and last option is that to try to back up all your data files before carrying out the next step- reformatting hard disk.
Lots of things can go wrong with computers, with most problems usually arising from software bugs or hardware malfunctions. However, when two or more troublesome virus like symptoms appear at the same time, the odds on an infection increase, that’s when you should check your system for the virus. If you have observed any of the following symptoms of virus infection.
1.Program load take longer than normal.
2.Disk accesses seem to be excessive for very simple tasks.
3.Unusual error message appear.
4.Access lights come on when there is no obvious reason.
5.System memory is reduced.
6.Files mysteriously disappear.
7.Available disk space is reduced for no good reason.
8.Executable programs change size.
9.Icons change in appearance.
A virus is said to be polymorphic if its code appears to be different every time it replicates (though generally each replication of the virus is functionally identical). This is usually achieved by encrypting the body of the virus, and adding a decryption routine which is different for each replication. When a polymorphic virus replicates, a portion of the decryption code is modified.
A portion of virus generally called a mutation engine creates a random encryption key to encrypt the remainder of the virus. The key stored with, the virus, and the mutation engine itself is altered. When an infected program is invoked, the virus uses the stored random key to decrypt the virus. When the virus replicates, a different random key is selected.
Additionally, random, do-nothing blocks of code can be embedded in the program and are shuffled around to further vary the signature. In essence, it looks like a different program to virus scanners.
A virus such as the one just described is easily detected because an infected version of a program is longer than the corresponding uninfected one. One way thwart such a simple means of a detecting a virus is to compress the executable file so that both the infected and uninfected versions are of identical length. The following diagram describes it more clearly.
We assume that program p1 is infected with the virus CV.
When the program is invoked, control passes to its virus, which performs the following steps:
*For each uninfected file p2 that is found, the virus first compress that file to produce p2*, which is shorter than original program by the size of virus.
*A copy of the virus is prep ended to the compressed program.
*The compressed version of the original infected program, p1* is uncompressed.
*The uncompressed original program is executed.
There is particular type of file virus that that many people don't understand. These are the files from the Microsoft Office applications (e.g., MS Word, MS Excel, MS Access, etc.). These programs all have their own macro languages (a BASIC like language) built in. The associated files (MS Word documents or templates and MS Excel spreadsheet files) are usually thought of only as data files so many people are surprised that they can be infected. But these files can contain programs (the macro language) that are executed when you load one of these files into the associated product. The program inside of these files is interpreted by the MS Office application. What is now a language originally began as a very simple macro language that the user could use to combine keystrokes to automate some routine function? The macro language in these products has since grown substantially and now is a fully capable language based on Visual Basic (VBA). Since anything that contains a program can potentially be infected by a virus, these files can harbor viruses.
A micro virus is particularly threatening for a number of reasons:
1. A micro virus is platform independent .virtually all of the macro viruses infect M-S Word documents. Any hardware platform and operating system that supports word can be infected.
2. Macro V infects documents not executable portion of code. Most of the information in the computer is stored in the form of document not program.
3. Macro virus is easily spread. A very common method is by electronic mail.
In terms of sheer number of viruses, these are the most common kind. The simplest file viruses work by locating a type of file that they know how to infect (usually a file name ending in ".COM" or ".EXE") and overwriting part of the program they are infecting. When this program is executed, the virus code executes and infects more files. These overwriting viruses do not tend to be very successful since the overwritten program rarely continues to function correctly and the virus is almost immediately discovered. The more sophisticated file viruses modify the program so that the original instructions are saved and executed after the virus finishes.
Be aware that many file viruses (such as 4096 which is also known as Frodo) also infect overlay files as well as the more usual *.COM and *.EXE files. Overlay files have various extensions, but ".OVR" and ".OVL" are common examples.
The most significant type of viruses is following:-
Boot sector virus: - it infects a master boot record or boot record and spreads when a system is booted from the disk containing the virus.
Parasitic virus: - the traditional and most common form of virus .it is also called as file virus. A parasitic virus attaches itself to executable files and replicates, when the infected program is executed, finding other executable files to infect.
Stealth virus :- A form of virus explicitly designed to hide itself from detecting by antivirus software.
Polymorphic virus:- A virus that mutates with every infection, making detection by the “signature” of the virus impossible.
Viruses come in a great many different forms, but they all potentially have three phases to their execution, the dormant, the infection phase and the attack phase:
Dormant Phase:-
The virus is idle. The virus is eventually be activated by some event, such as a date, the presence of another program or file, or the capacity of disk exceeding some limit. Not all viruses have this phase.
Infection phase:-When the virus executes it will infect other programs. What is often not clearly understood is precisely when it will infect the other programs. Some viruses infect other programs each time they are executed, other viruses infect only upon a certain trigger. This trigger could by anything; it could be a day or time, an external event on your PC, a counter within the virus etc. Some viruses are very selective about when they infect programs; this is vital to the virus's survival. If the virus infects too often, it is more likely to be discovered before it can spread far. Virus writers want their programs to spread as far as possible before anyone detects them. This brings up an important point which bears repeating:
It is a serious mistake to execute a program a few times -- find nothing infected and presume there are no viruses in the program. You can never be sure that the virus simply hasn't triggered its infection phase!
Many viruses go resident in the memory of your PC just as a terminate and stay resident (TSR) program such as Sidekick(R) does. This means the virus can wait for some external event such as inserting a diskette, copying a file, or executing a program to actually infect another program. This makes these viruses very dangerous since it's hard to guess what trigger condition they use for their infection. Resident viruses frequently corrupt the system software on the PC to hide their existence.
Execution phase:-The second phase is the attack phase. Many viruses do unpleasant things such as deleting files or changing random data on your disk, simulating typos or merely slowing your PC down; some viruses do less harmful things such as playing music or creating messages or animation on your screen. Just as the virus's infection phase can be triggered by some event, the attack phase also has its own trigger. Viruses usually delay revealing their presence by launching their attack only after they have had ample opportunity to spread. This means that the attack may be delayed for years after the initial infection. The attack phase is optional; many viruses simply reproduce and have no trigger for an attack phase. Does this mean that these are "good" viruses? No, unfortunately not! Anything that writes itself to your disk without your permission is stealing storage and CPU cycles. This is made worse since viruses which "just infect", with no attack phase, damage the programs or disks they infect. This is not intentional on the part of the virus, but simply a result of the fact that many viruses contain extremely poor quality code. One of the most common viruses, the STONED virus is not intentionally harmful. Unfortunately the author did not anticipate other than 360K floppy disks, with the result that the virus will try to hide its own code in an area on 1.2mb diskettes which causes corruption of the entire diskette.
Now that we've examined general virus behavior, let's take a closer look at the two major categories of viruses and how they operate.
Viruses come in a great many different forms, but they all potentially have three phases to their execution, the dormant, the infection phase and the attack phase:
Dormant Phase:-
The virus is idle. The virus is eventually be activated by some event, such as a date, the presence of another program or file, or the capacity of disk exceeding some limit. Not all viruses have this phase.
Infection phase:-When the virus executes it will infect other programs. What is often not clearly understood is precisely when it will infect the other programs. Some viruses infect other programs each time they are executed, other viruses infect only upon a certain trigger. This trigger could by anything; it could be a day or time, an external event on your PC, a counter within the virus etc. Some viruses are very selective about when they infect programs; this is vital to the virus's survival. If the virus infects too often, it is more likely to be discovered before it can spread far. Virus writers want their programs to spread as far as possible before anyone detects them. This brings up an important point which bears repeating:
It is a serious mistake to execute a program a few times -- find nothing infected and presume there are no viruses in the program. You can never be sure that the virus simply hasn't triggered its infection phase!
Many viruses go resident in the memory of your PC just as a terminate and stay resident (TSR) program such as Sidekick(R) does. This means the virus can wait for some external event such as inserting a diskette, copying a file, or executing a program to actually infect another program. This makes these viruses very dangerous since it's hard to guess what trigger condition they use for their infection. Resident viruses frequently corrupt the system software on the PC to hide their existence.
Execution phase:-The second phase is the attack phase. Many viruses do unpleasant things such as deleting files or changing random data on your disk, simulating typos or merely slowing your PC down; some viruses do less harmful things such as playing music or creating messages or animation on your screen. Just as the virus's infection phase can be triggered by some event, the attack phase also has its own trigger. Viruses usually delay revealing their presence by launching their attack only after they have had ample opportunity to spread. This means that the attack may be delayed for years after the initial infection. The attack phase is optional; many viruses simply reproduce and have no trigger for an attack phase. Does this mean that these are "good" viruses? No, unfortunately not! Anything that writes itself to your disk without your permission is stealing storage and CPU cycles. This is made worse since viruses which "just infect", with no attack phase, damage the programs or disks they infect. This is not intentional on the part of the virus, but simply a result of the fact that many viruses contain extremely poor quality code. One of the most common viruses, the STONED virus is not intentionally harmful. Unfortunately the author did not anticipate other than 360K floppy disks, with the result that the virus will try to hide its own code in an area on 1.2mb diskettes which causes corruption of the entire diskette.
Now that we've examined general virus behavior, let's take a closer look at the two major categories of viruses and how they operate.
Viruses come in a great many different forms, but they all potentially have three phases to their execution, the dormant, the infection phase and the attack phase:
Dormant Phase:-
The virus is idle. The virus is eventually be activated by some event, such as a date, the presence of another program or file, or the capacity of disk exceeding some limit. Not all viruses have this phase.
Infection phase:-When the virus executes it will infect other programs. What is often not clearly understood is precisely when it will infect the other programs. Some viruses infect other programs each time they are executed, other viruses infect only upon a certain trigger. This trigger could by anything; it could be a day or time, an external event on your PC, a counter within the virus etc. Some viruses are very selective about when they infect programs; this is vital to the virus's survival. If the virus infects too often, it is more likely to be discovered before it can spread far. Virus writers want their programs to spread as far as possible before anyone detects them. This brings up an important point which bears repeating:
It is a serious mistake to execute a program a few times -- find nothing infected and presume there are no viruses in the program. You can never be sure that the virus simply hasn't triggered its infection phase!
Many viruses go resident in the memory of your PC just as a terminate and stay resident (TSR) program such as Sidekick(R) does. This means the virus can wait for some external event such as inserting a diskette, copying a file, or executing a program to actually infect another program. This makes these viruses very dangerous since it's hard to guess what trigger condition they use for their infection. Resident viruses frequently corrupt the system software on the PC to hide their existence.
Execution phase:-The second phase is the attack phase. Many viruses do unpleasant things such as deleting files or changing random data on your disk, simulating typos or merely slowing your PC down; some viruses do less harmful things such as playing music or creating messages or animation on your screen. Just as the virus's infection phase can be triggered by some event, the attack phase also has its own trigger. Viruses usually delay revealing their presence by launching their attack only after they have had ample opportunity to spread. This means that the attack may be delayed for years after the initial infection. The attack phase is optional; many viruses simply reproduce and have no trigger for an attack phase. Does this mean that these are "good" viruses? No, unfortunately not! Anything that writes itself to your disk without your permission is stealing storage and CPU cycles. This is made worse since viruses which "just infect", with no attack phase, damage the programs or disks they infect. This is not intentional on the part of the virus, but simply a result of the fact that many viruses contain extremely poor quality code. One of the most common viruses, the STONED virus is not intentionally harmful. Unfortunately the author did not anticipate other than 360K floppy disks, with the result that the virus will try to hide its own code in an area on 1.2mb diskettes which causes corruption of the entire diskette.
Now that we've examined general virus behavior, let's take a closer look at the two major categories of viruses and how they operate.
Taxonomy of malicious programs
Trap doors
Trap doors are a secret entry point in to a program that allows some one that aware of the trap door to gain access without going through the usual security access procedures. Trap doors become threats when they are used by unscrupulous programmers to fain unauthorized access.
Logic Bombs
Just like a real bomb, a logic bomb will lie dormant until triggered by some event. The trigger can be a specific date, the number of times executed, a random number, or even a specific event such as deletion of an employee's payroll record. When the logic bomb is triggered it will usually do something unpleasant. This can range from changing a random byte of data somewhere on your disk to making the entire disk unreadable. The changing of random data on disk may be the most insidious attack since it would do a lot of damage before it would be detected.
Trojans
These are named after the Trojan horse which delivered soldiers into the city of
Viruses
Here's our definition:
“A virus is a program which reproduces its own code by attaching itself to other programs in such a way that the virus code is executed when the infected program is executed.”
You could also say that the virus must do this without the permission or knowledge of the user
A worm is a self-reproducing program which does not infect other programs as a virus will, but instead creates copies of itself, which create even more copies. These are usually seen on networks and on multi-processing operating systems, where the worm will create copies of itself which are also executed. Each new copy will create more copies quickly clogging the system. The so called Morris ARPANET/INTERNET "virus" was actually a worm. It created copies of itself through the ARPA network, eventually bringing the network to its knees. It did not infect other programs as a virus would, but simply kept creating copies of itself which would then execute and try to spread to other machines.
Zombie
A zombie is a program that secretly takes over another internet –attached computer and then uses that computer to launch that are difficult to trace to the zombie’s creator .Zombies are used in denial of services attacks, typically against targeted websites.
I'm going to present an easy to understand but detailed explanation of viruses and other types of malicious software. For now, it's enough to understand that viruses are potentially destructive software that spreads from program to program or from disk to disk. Computer viruses, like biological viruses, need a host to infect; in the case of computer viruses this host is an innocent program. If such a program is transferred to your PC, other programs on your PC will become infected. (I'll shortly explain in more detail how this happens.) Even though some viruses do not intentionally damage your data, I consider all viruses to be malicious software since they modify your programs without your permission with occasional disastrous results.
The bottom line is that if you have a virus, you are no longer in control of your PC. Every time you boot your PC or execute a program the virus may also be executing and spreading its infection. While most viruses haven't been written to be destructive, almost all viruses can cause damage to your files--mostly because the viruses themselves are very poorly written programs. If viruses destroy nothing else, they destroy your trust in your PC--something that is quite valuable
The bottom line is that if you have a virus, you are no longer in control of your PC. Every time you boot your PC or execute a program the virus may also be executing and spreading its infection. While most viruses haven't been written to be destructive, almost all viruses can cause damage to your files--mostly because the viruses themselves are very poorly written programs. If viruses destroy nothing else, they destroy your trust in your PC--something that is quite valuable
A virus is a program which reproduces its own code by attaching itself to other programs in such a way that the virus code is executed when the infected program is executed.
Java Technology Changes Our Life
- Easy to Start: Since Java programming language is completely based on object-oriented language, it's easy very simple and easy to learn, especially for programmers already known with C or C++.
- Easy to write code: As compared to program metrics (class counts, method counts, and so on) tell us that a program written in the Java programming language can be four times smaller as compare to the same program written in C++.
- Write better code: The Java programming language encourages good coding practices, and manages automatic garbage collection which helps you avoid memory leaks. Based on the concept of object orientation, its Java Beans component architecture, and wide-range, easily extendible, flexibility and API can reuse existing, tested code and introduce fewer bugs.
- Develop programs and Time Safer: The Java programming language is easier and simpler than C++, as such, manages your development time upto twice as fast when writing in it. The programs will also require fewer lines of code.
- Platform Independencies: The program keep portable and platform independent by avoiding the use of libraries written in other languages.
- Write Once and Used in any Java Platform : Any Source code of Program are written in the Java programming language, that is compiled into machine-independent byte codes and run consistently on any platform of java.
- Distribute software makes work easy : Using Java Web Start software, users will be able to launch own applications with a single click on mouse. An automatic version check initially weather users are always up to date with the latest version of your software. If an update is available for it, the Java Web Start software will automatically update their installation.
TOOLS OF JAVA
Java is a high-level programming language and powerful software platform. On full implementation of the Java platform gives you the following features:
- JDK Tools: The JDK tools provide compiling, Interpreter, running, monitoring, debugging, and documenting your applications. The main tools used are the
Javaccompiler, thejavalauncher, and thejavadocdocumentation tool. - Application Programming Interface (API): The API provides the core functionality of the Java programming language. It gives a wide collection of useful classes, which is further used in your own applications. It provides basic objects and interface to networking and security, to XML generation and database access, and much more.
- Deployment Technologies: The JDK software provides two type of deployment technology such as the Java Web Start software and Java Plug-In software for deploying your applications to end users.
- Graphical User Interface Toolkits: The Swing and Java 2D toolkits provide us the feature of Graphical User Interfaces (GUIs).
- Integrated Libraries: Integrated with various libraries such as the Java IDL API, JDBC API, Java Naming and Directory Interface TM ("J.N.D.I.") API, Java RMI, and Java Remote Method Invocation over Internet Inter-ORB Protocol Technology (Java RMI-IIOP Technology) enable database to access and changes of remote objects.
Java Preferred Over Other Languages
The Java is a high-level programming language that can be supported by all of the following features:
| Simple | Architecture neutral |
| Object oriented | Portable |
| Distributed | High performance |
| Multithreaded | Robust |
| Dynamic | Secure |
Java has advantages over other languages and environments that make it suitable for just about any programming task.
Why Java?
Similar to C++ so it is familiar to commercial programmers.
Does not include the nasty dangerous parts of C++ so it is safe.
Extensive run-time type information and safe dynamic link-loading is available.
Includes string and multi-thread support in the language.
Automatic memory management.
Data type sizes and arithmetic behaviour are fixed and fully defined for all platforms.
Has useful standard OO libraries.
Documentation can be extracted from the source code.
Security checking is built in to the libraries and virtual machine.
Supports unicode for ease of internationalisation.
Write once, run anywhere, any platform (no porting, no client configuration .. well almost!)
Vast amount of supplier and programmer support and acceptance. It is unkillable.
Loads and runs over the WWW, 40 million potential clients.
What is Java?
Java allows you to play online games, chat with people around the world, calculate your mortgage interest, and view images in 3D, just to name a few. It's also integral to the intranet applications and other e-business solutions that are the foundation of corporate computing.........Plzz comment
