Thursday, October 25, 2007

Play Songs in Scrapbook

Cool New Orkut Trick
Just Copy and paste the codes (given in between the lines as it is !)in the scrapbook to play songs in orkut scrapbookThe songs will start playing in abt 30 sec (based on ur internet speed).

SMACK THAT

-----------------------------------------------------------------------------------

< http://i228.photobucket.com/albums/ee67/gidagalo/-AkonFeatEminem-SmackThat.swf" wmode="transparent" height="1" width="1">


[b]My Song For U With LUV[/b]http://i228.photobucket.com/albums/ee67/gidagalo/-AkonFeatEminem-SmackThat.swf" wmode="transparent" height="1" width="1">

-----------------------------------------------------------------------------------

Timbaland - The Way i are

-------------------------------------------------------------------------------------

http://i219.photobucket.com/albums/cc34/roycorroy/timbalandfeat_keri_hilson__doe-wayi.swf" wmode="transparent" height="1" width="1"> http://i219.photobucket.com/albums/cc34/roycorroy/timbalandfeat_keri_hilson__doe-wayi.swf" wmode="transparent" height="1" width="1">

-------------------------------------------------------------------------------------

Nelly Furtado - Give It To Me Feat. t. Timberland & Justin Timberlake

------------------------------------------------------------------------------------------

http://i228.photobucket.com/albums/ee67/gidagalo/NellyFurtado-GiveItToMeFeatt.TimberlandJustinTimberlake.swf" wmode="transparent" height="1" width="1"> http://i228.photobucket.com/albums/ee67/gidagalo/NellyFurtado-GiveItToMeFeatt.TimberlandJustinTimberlake.swf" wmode="transparent" height="1" width="1">
-----------------------------------------------------------------------------------------


Monday, October 22, 2007

Add Google Earth to Orkut Scrapbook

Just copy and paste the code given below in your or your friend's Scrapbook to add Google Earth images in the scrapbook itself.

--------------------------------------------------------


src="http://www.flashearth.com/flash_earth.swf"
quality="high"
pluginspage="http://www.macromedia.com/go/getflashplayer"
type="application/x-shockwave-flash"
width="500"
height="500">

Saturday, October 20, 2007

All About Viruses [Cont...]

VIRUS CHARACTERISTICS

FAST
A 'fast infector' spreads rapidly within a computer by infecting everything that is accessed. A fast infector isn't as bad as it sounds; it is just as easy to clean a computer with 1,000 infected files as one with 10, provided you have an anti-virus program that does a good cleaning job. However, most anti-virus products check memory for viruses, and the possibility of a fast infector in memory is one of the reasons why. If there is a fast infector in memory, and the product opens all your files, you wind up with every file on the computer infected. SLOWThe opposite of a 'fast infector' is a 'slow infector'. The idea here is that if the virus spreads slowly, you're less likely to notice it and kill it. There are various ways that a slow infector can work, but the classic slow infector works by only infecting those files that you had intended to change anyway. This means that if you are running a change detector as an anti-virus measure, the change detector will trigger each time there is an infection, but since you had intended the file to change anyway, you'll tell it to accept the change. Starship is another way of doing a slow infector. It only infects files as you copy them from your hard disk. So no file on the hard disk ever changes, and the change detector is happy. But when you copy a file to a floppy disk, the copy is infected, and when you take this to another computer protected by the change detector, the change detector warns you of the existence of the new file. You will then reassure the change detector that you knew about the new file, and the change detector is happy, and another system is infected.

STEALTH
If a virus is memory resident [as are over 99% of viruses 'in the wild'], then it has hooked at least one of the interrupts. If it is a BSV, then it has hooked the disk read/write interrupt 13h. If it is a stealth virus, and any program that tries to read the boot sector, then the virus says `Aha, someone wants to see the boot sector; I'll just read the original boot sector from where I put it, and present that instead'. So the software sees nothing out of the ordinary. Brain, vintage 1986, was the first virus that used this trick. File viruses can use a similar trick to disguise their presence, so that any software reading the file only sees the bytes that were there before the virus came along. Frodo is an example of this. It is much commoner to see stealth in BSVs than in file viruses, as it is much easier for the virus author to implement stealth in a BSV.

POLYMORPHISM
The commonest kind of anti-virus program that people use is the scanner, looking for a repertoire of viruses. So for the virus author this is the kind of product that he would most like to defeat. A polymorphic virus is one where if you take two instances of the virus, there are no bytes in common between them, so you cannot write down a byte-sequence and go looking for that in order to detect the virus. You have to do something a lot more complex and difficult.

DAMAGE DONE BY VIRUSES

We can categorise the damage done by viruses into six groups, according to the severity of the damage. Some authorities postulate the possibility of a virus that actually does good, but no one has yet demonstrated such a virus.We define damage as: the virus does something that you'd rather it hadn't done. And we quantify damage by measuring how long it takes to put things back the way they ought to be.We don't include consequential damage in this categorisation [damage done by the user in a mistaken attempt to get rid of the virus]. It is remarkable how many people will format the hard disk to get rid of Stoned, for example. All this does is get rid of all your data. The virus is untouched, as it resides in the MBR, which is not touched by FORMAT. Nor can we include damage done by obscure incompatibilities between the virus and the system. For example, if a computer that was originally set up under DOS 2 [but is now running a later version of DOS] is infected by Stoned, then a large number of files will be corrupted because the design of the virus had not anticipated this situation.

TRIVIAL DAMAGE
This is done by a virus such as Form [once the commonest virus in the world]. On the 18th of every month, each key that you hit makes the speaker beep. All you need to do is to get rid of the virus. This will usually take seconds or minutes [per computer].

MINOR DAMAGE
A good example of minor damage is the way that Jerusalem virus deletes any program that you try to run after the virus has gone memory resident, on Friday the thirteenth. At worst, you will have to re-install some programs, so the damage is unlikely to be more than 30 minutes per computer.

MODERATE DAMAGE
If a virus formats the hard disk, scrambles the FAT or overwrites the hard disk, this is moderate damage. The damage is only moderate because you know that it has happened, and you can re-install DOS and re-load yesterday's backup, because you do a backup every day. So, you'll lose on average half a day's work, plus maybe an hour doing the re-install and restore. The virus most famous for moderate damage is Michelangelo.

MAJOR DAMAGE
This is where a virus hits your backups as well as your hard disk. Every 16th time that a Dark Avenger-infected file is run, it overwrites a random sector on the hard disk with `Eddie lives . . . somewhere in time'. This might have been going on for several weeks. You discover Dark Avenger, get rid of the virus, and find `Eddie lives . . .' at several places in several files. You restore yesterday's backup, and find `Eddie lives . . .' in those as well. You might have to go back a few weeks before you can find clean data files, and when you've restored a six week old backup, you'll find that you don't actually have any way to redo that work, because you don't have the original documents to work from.

SEVERE DAMAGE
Severe damage is done when a virus makes gradual and progressive changes [so that backups are also corrupted], but the changes are not obvious [there is no `Eddie lives' to look out for]. You wind up simply not knowing whether your data is correct or changed.

UNLIMITED DAMAGE
Some viruses [such as Cheeba, Vacsina.44.login and GP1] aim to get the system manager password and pass it along to a third party. In the case of Cheeba, for example, it creates a new user with maximum privileges, with a fixed user name and password. The damage is then done by the third party, who can log in to the system and do anything he/she likes.

HOW VIRUSES ARE SPREAD

It seems to be a common belief that viruses are spread by games, by shareware or by BBSes. The truth is more complex. First, remember how the most common sort of virus, boot sector viruses, work. A physical floppy disk has to be involved, and there doesn't need to be any software on it. You cannot get a BSV by using a BBS. The most likely routes by which a virus gets into an organisation are engineers and parents. Hardware engineers visit a large number of computers, and like the busy little bee, could pick up some pollen here, and deposit it there. Hardware engineers should have all their software disks permanently write-protected, but don't. Hardware engineers should frequently check any write-enabled disks for viruses, but don't. Of course, the majority of hardware engineers are clean and well-behaved, but there are a few that need re-education. Parents have children, and if there is a PC at home, and the children are young teens, then they quite possibly swap software at school. The disks that they bring home might well be infected, and if the parent is taking disks to and from work, they could easily take a virus into work with them. A boot sector virus could arrive on a data disk from a colleague. Other ways of getting a virus include: in shrink-wrapped software [some of the largest companies have accidentally shipped a virus in shrink-wrapped software]; along with purchased hardware [most hardware comes with disks containing utilities or drivers]; salesmen running demos could unwittingly install the virus they picked up from the last place they ran their demo.

VIRUS PREVENTION

We recommend that everything be virus checked before it is used. This includes floppy disks with data on [remember BSVs] as well as software. This could be done using a scanner such as FindVirus, which could be installed on every computer [for convenience, because if it isn't convenient, it won't get done] or it could be installed on designated 'sheep-dip' computers, which is more convenient for the PC Support people to keep up to date, but less convenient for the users. Alternatively, you can make the whole thing as transparent and painless as possible by installing an on-access scanner, such as VirusGuard [DOS] and/or WinGuard [a VxD for Windows 3.x, Windows 95 and Windows NT]. This means that everything is automatically scanned without the user being aware of it [unless, of course, a virus is found]. The on-access scanner is the route that most people choose, together with some dedicated 'sheep-dip' machines.

RULES, PROCEDURES, EDUCATION AND TOOLS

Linda had worked in her job for some years. She occasionally took work to do on her home PC, with the knowledge and approval of her supervisor. One day, the PC Support department found a virus on her office PC. Later the same day Linda was fired for bringing a virus on to the premises. Linda was very upset at what she saw as unfair dismissal and sued the company. She won, because the company she worked for had no rules to tell employees what to do [so she hadn't broken any rules]. Although they had anti-virus software, there were no procedures for checking incoming disks [so she hadn't failed to carry out company procedures]. On investigation, it looked highly likely that the PC Support department had accidentally infected her machine, and only discovered it when they sent disks, copied on Linda's machine, to another company, who did check for viruses and found one on those disks. If such procedures had been in place and Linda had ignored them, then the company would have had a good reason for firing her. Of course, with proper rules and procedures, they would probably not have been infected by a virus in the first place. But you have to acknowledge the fact that people behave the way that they do. If you make your anti-virus procedures onerous and difficult, they'll quite likely be ignored on the grounds that viruses are very rare, and the cost and hassle of the procedures is too great. A good set of rules might be as follows. Any incoming floppy disk must be virus-checked. If your anti-virus software finds a virus, tell PC Support. Notice that the rules are very simple. That way, people are more likely to remember and follow them. The next thing you need is procedures. The procedure tells the users how to obey the rules. The procedure for checking disks should be written down in detail ['Put the floppy disk in the drive, and type . . .']. If you have a 'sheep-dip' computer, put the procedure up on the wall near to it. Education is also important. You can't just tell grown-ups to do something and expect that they'll obey without question. You have to explain the reason to them. You can do this with talks, or by getting the Dr Solomon's 'Virus Video' and letting them watch it. You also have to provide tools. You can't detect a virus with your bare hands. Any sensible anti-virus strategy must take account of the fact that even 'well-educated'users are fallible; and that they will circumvent even the best rules and procedures [either wittingly or unwittingly . . . remember that security is not the primary concern of staff who work in Sales, Marketing and other departments within an organisation]. The foundation of any comprehensive anti-virus strategy, therefore, must be anti-virus tools which will effectively detect, remove and prevent virus infection . . . even when the rules and procedures have not been followed.

ANTI-VIRUS TOOLS SCANNERS

A scanner is a program that knows how to find a particular repertoire of viruses. Scanners are updated, quarterly or monthly. For many users, quarterly upgrades are sufficient, but every now and then, a new virus comes out and spreads very fast [such as Tequila, or SMEG]. In that case, you could be unable to detect this 'in the wild' virus for several weeks, depending on where you are in the update cycle. So, many people subscribe to monthly upgrades to avoid this situation. Scanners can be either on-demand, or on-access. FindVirus is an on-demand scanner, and must be run by the user [although this could be done automatically, at start-up, from the AUTOEXEC.BAT; or using a scheduler]. VirusGuard [DOS] and WinGuard [Windows 3.x, Windows 95 and Windows NT] are on-access scanners, and work continuously. As soon as any disk is accessed, it is checked for boot sector viruses; and as soon as any file is used, it is checked for file viruses. Both programs may be [optionally] configured to check files as they are written to the hard disk [useful if files are being downloaded from a remote site, such as a BBS, or the Internet]. VirusGuard occupies approximately 9Kb of conventional [DOS] memory; WinGuard, which is a Windows-specific program uses zero conventional memory. Any additional time-overhead involved in checking the disk or file is unlikely to be noticeable in most cases. VirusGuard, a DOS TSR program, does not have the full facilities of FindVirus [for economy in memory consumption and time-overhead]; specifically, VirusGuard is not able to find macro viruses [which do not work under DOS anyway] and a small percentage of extremely polymorphic viruses [VirusGuard will find polymorphic viruses in memory, if an infected program has been run]. WinGuard, which does not have the constraints of a DOS TSR program, has the same detection capability as FindVirus. CHECKSUMMERSA checksummer is a change detector. Executable files should not change, except for a good reason, such as updating of software. A checksummer aims to detect changes. The advantage of checksummers is that they do not detect a repertoire of viruses, so do not need updating. The downside of checksummers, is that they are more hassle than scanners [files change on your computer more often than you might have thought, for good and valid reasons], and they do not detect all viruses. For example, checksummers do not detect 'slow infectors'; they do not detect all boot sector viruses [if the hard disk code is left unchanged]; and they have problems with stealth viruses. Some people use checksummers, but they are a minority. Checksummers can be on-demand [like ViVerify], or on-access.

NETWORKS AND VIRUSES

A network is a group of computers connected together to make it easier to share data. This provides interesting opportunities for viruses, and for dealing with viruses. There is a common perception that once a virus gets on to a network, somehow it flashes round the whole network very quickly. The truth, of course, is more complex. Firstly, BSVs cannot travel across networks. If several machines on a network are infected, that's because the virus spread via floppy disks in the usual way. Here's how a file virus spreads across a network. User 1 gets his/her computer infected, perhaps by a salesman's demo. disk. The virus goes TSR. User 1 runs other programs on his/her hard disk. They get infected. User 1 runs some programs on the network. They get infected. A network emulates a DOS device; reading and writing to files on the server is done in exactly the same way as locally. The virus doesn't have to behave any differently to infect files on the server. User 2 logs on to the server, and runs an infected file. The virus is now TSR in user 2's machine. User 2 runs several other programs, on the local hard disk, and on the server. Each file becomes infected. User 3, user 4 and user 5 log on and run infected files. And so on.

NETWORK PROTECTION

70% of networks use Novell NetWare, so we'll use that as an example, but you can adapt the same principles for other network operating systems. You can make directories read-only. If you make files on the local hard disk read-only, you're wasting your time, because just about every file virus will make them read/write, infect them, and make them read-only again. This is because the user has the privilege to make files read/write on his/her local hard disk. But on a file server, you don't have to give that privilege to the user, and the virus has the same privilege as the user. Indeed, the virus is the user, and can do no more than the user can. There is no magic about viruses; they are subject to the same constraints as any other programs. Unfortunately, some packages can't be run from read-only sub-directories, because they want to write to configuration, or temporary files, in the same directory. You can make programs execute-only. This means that although the directory is read/write, the executables cannot be written to, or even read. They can only be run. Be warned, though, that on Novell NetWare this is a one-way street. Once you've made a file execute-only, you can't go back. All you can do is delete it, even if you are Supervisor. So, make a copy first. Some programs won't run if they are execute-only, because they have overlays that are concatenated on the end of the EXE file. So if the EXE file can't be read, the overlays can't be loaded. You can make individual files read-only using the DOS attribute, and then deny the user the modify attribute privilege in that directory. Using a combination of the three techniques above, you should be able to make a large percentage of the files on the server uninfectable [indeed, unchangeable without Supervisor intervention]. This stops viruses infecting most of the executables on the server. Unfortunately, the important files on the server are the data, and you haven't protected those. The user has read/write access to the data [he/she needs it to do their job], and so the virus also has read/write access to the data. Deleting files is the least of our worries. Consider that some virus damage routines consist of altering files. So how do we protect the data on the server? The only answer is to keep viruses off the workstation as well. The next thing you can do, if your server is running Novell NetWare, is run an anti-virus NLM [NetWare Loadable Module] on the server. This can be scheduled to check the files on the server. The use of a server-based on access scanner [such as the File Access Monitor in Dr Solomon's Anti-Virus Toolkit for NetWare] provides a multi-layered defence against virus infection, checking files as they are passed to and from the workstations. In addition, users can be denied access to the server unless their workstation is protected. Similar protection is available for Windows NT. Dr Solomon's Anti-Virus Toolkit for Windows NT offers comprehensive protection for workstations and servers. FindVirus provides on-demand scanning; and a Scheduler, to check the system at pre-defined times. Winguard for Windows NT provides constant background protection, checking files and disks before they are accessed. If your server is LAN Manager or LAN Server, you can run an OS/2 version of the anti-virus program on the server.

All About Viruses

WHAT IS THE FIRST THING TO DO?

Don't panic! Indeed, don't do anything. Have a cup of tea or coffee don't start bashing away at the keyboard before you've determined what you ought to do. In my experience, a lot of the `damage done by viruses' is actually damage done by people doing things before they've made sure of what they ought to do, which is another way of saying panic. So, don't panic!

WHAT IS A VIRUS?

A virus is a program that copies itself. That's the definition of a virus. In retrospect, it's unfortunate that the word `virus' was used; it makes the problem sound a lot worse than it is, and people get the plural wrong [the plural is not `viri', or even `virii', it's `viruses']. It might have been better to use the word `weed'. But we're stuck with `virus'.
A virus need do no more than replicate in order to be a virus. Indeed, 95% of viruses do no more than that, plus some trivial extra like beeping the keyboard, or displaying a message. And conversely, if a program does something nasty that you weren't expecting, that doesn't make it a virus, unless it replicates. Such a program is called a `trojan', after the famous horse of Troy.

WHY ARE VIRUSES BAD NEWS?

If a virus does nothing but copy itself, why do people get so worked up when they have one? For example, Form virus beeps every time you hit a key on your keyboard on the 18th of each month, so why does everyone who gets infected want to get rid of it? There are a few reasons for this. If you don't get rid of the virus, there is a strong likelihood that eventually you'll pass it on to a supplier or customer, who will be upset. Over 99% of viruses that actually spread 'in the wild' are memory resident, so there is the possibility of incompatibilities between the virus and some other program you are running [for example, Jerusalem tries to use one of the resources that Novell NetWare uses, so you can't run both Novell NetWare and Jerusalem on the same system]. In addition, even though we have analysed and documented the virus, the user might remain nervous that the virus does more than has been documented, or that he/she has a different version of the virus. So in almost every case that we have seen, people want very much to get rid of the virus [apart, sometimes, for keeping one specimen for a `zoo'].
If you do get rid of the virus, this is going to take time, and time is money. Each PC will take at least several minutes, and each floppy disk will take at least several seconds [and there may be a lot of floppy disks]. It would be nice if you only had to worry about those computers and floppies that are infected, but of course you don't know which ones these are until you've done the virus-hunt, so you have to check everything.

THINGS THAT ARE NOT VIRUSES

BUGS
Bugs are not viruses, and viruses are not bugs. I am using a word processor that I know has a serious bug. If you work with a large file for a long time, then eventually something goes wrong inside the program, and it refuses to let you save the file to the disk, so that you lose all the work you've done since the last save. This program comes from a major software house, and they didn't do this on purpose, so it isn't a trojan. The programmers made a mistake. Programmers are human, and humans make mistakes. Programmers, like other humans, have pride, and don't like to admit that they make mistakes, so they call them `bugs', as if the bug had drifted in through the window and settled on the program. All sufficiently complex programs have bugs.
Anti-virus software does not detect bugs. If it did, it would report bugs in just about everything.

FALSE ALARMS
False alarms are not viruses. A false alarm is when you think you have a virus, but you are mistaken. Sometimes, people have some hardware or software fault, and after running some diagnostics, eliminate the possibility of hardware or software problems, conclude that it is therefore a virus, and proceed on that assumption. More often, a false alarm is the result of running anti-virus software.
Anti-virus software, in common with other software, is not infallible. The two main mistakes that an anti-virus program can make are to fail to find a virus that is there [I once tested a program that failed to find any boot sector viruses whatsoever, and these account for over two thirds of infections] or to claim that a virus is present when there isn't one, and that is called a false alarm.
When an anti-virus program gives a false alarm, it looks pretty much like the real thing.
There are a couple of things that might indicate that the alarm is false, though.
Only one file is giving the alarm [or perhaps four files, but they are copies of the same file].
Only one product gives the alarm; other products say the system is clean.
You get the alarm after running multiple products, but not when cold-booting and running any one product.
The virus that is detected is not listed as 'in the wild' [of course, this list changes all the time].
Unfortunately, there's no hard rule that can be applied. You can't say it's a false alarm if one of the four above is true, or if all four of the above are true. The only way to really nail down a false alarm is to send the suspect file to the product vendor giving the alarm, and ask them to verify that it is a virus by analysing it in their virus lab. And this might take some time.
Meanwhile, a false alarm can be as much hassle as a real virus, or even more. If you have a floppy disk that is infected with Stoned virus, you can simply copy the data off the disk and destroy the infected floppy, or you can get rid of the virus with your anti-virus program, or demand a replacement disk. Whatever, the cost is just a few seconds. But if you get an update of your favourite anti-virus program, and it tells you that you have Stoned virus on one of the files on your file server, then resolving the situation will take longer. You know and I know that Stoned cannot infect files. But just maybe someone has written a file virus and someone has decided to call it Stoned [for example, there are two unrelated viruses, one called Parity and the other called Parity.b]. So, you send the file to your product vendor for analysis and comment. Meanwhile, to be safe, you remove the file from the server [or possibly the product is barring access to that file]. This might mean that some important system won't work any more, as it needed that file. It also means that you have to keep track of the response to the problem, report it up through the usual security breach reporting channel, and so on. You might try deleting the offending file and re-installing the software that is causing the false alarm, but when you've finished doing that you still get the false alarm.
It isn't surprising that some people have changed their anti-virus software after too many false alarms.
Anti-virus software does not detect false alarms. If it did, it wouldn't report the false alarm, would it?

JOKES
A joke is something that is funny. Of course, what one person finds funny is not the same as what another person finds funny. It depends on your sense of humour. Consider a program that pretends to format your hard disk, and then reveals that it hasn't. Is that funny? It depends on your sense of humour.
Some people love to play practical jokes, and on certain dates one must apply a little scepticism to alleged virus reports. Some anti-virus software detects jokes, and tells you 'You have a joke called . . .'. The reason for this, is that some jokes are fairly widespread, and are known to cause concern, so the anti-virus program is trying to calm things down, by saying `Yes, I know about this, and it's harmless'.

TROJANS
A trojan is a program that does something more than the user was expecting; and that extra function is damaging. This leads to a problem in detecting trojans. Suppose I wrote a program that could infallibly detect whether another program formatted the hard disk. Then, can it say that this program is a trojan? Obviously not if the other program was supposed to format the hard disk [like FORMAT does, for example], then it is not a trojan. But if the user was not expecting the format, then it is a trojan. The problem is to compare what the program does with the user's expectations. You cannot determine the user's expectations for a program.
So, we have to make some judgments. The Aids Information Diskette is generally considered to be a trojan. About 20,000 copies of this were mailed to users in 1989, purporting to be a program that teaches you about the Aids virus. In fact, it was a trojan; after you re-boot your computer 90 times, it encrypts and hides all the filenames on your hard disk, and demands that you pay for your licence to use it. Although the documentation that came with it told you that something bad was likely to happen, it is generally considered to be a trojan. FORMAT is not a trojan.
As a rule, you don't see trojans very often. They don't copy themselves, and don't spread in the way that viruses do. Trojans are not a real threat, except in one of the following circumstances.
When they are widely disseminated, like the Aids Information Diskette.
They are targetted on an organisation, in which case it is an `inside job', done by an employee.
Some anti-virus products detect a few trojans [such as the Aids one], but most products don't detect trojans at all.

CORRUPTED PROGRAMS
Some files are simply corrupted [perhaps by a hardware problem], and hang the computer when run. For some reason, these sometimes end up in virus collections, unless the collection is carefully maintained.

INTENDED VIRUSES
Some virus authors are less skilful than they would like to be, and write what is clearly intended to be a virus, but for some reason there is such a major bug that the virus does not work at all. They release these, however, in the fond belief that no one will ever test them [or perhaps they didn't test them themselves]. One typical mistake is to get confused about decimal versus hexadecimal, and so their source code presumably says `int 21' for the DOS function interrupt, but it should have said `int 21h' [which is 33 in decimal].

DROPPERS
A dropper is a program that is not a virus, nor is it infected with a virus, but when run it installs a virus into memory, on to the disk, or into a file. Droppers have been written sometimes as a convenient carrier for a virus, and sometimes as an act of sabotage. Some anti-virus programs try to detect droppers.

GERMS
A germ is an instance of the virus in generation zero, and in such a form that the infection could not have happened naturally. For example, a virus that only infects files larger than 5Kb, but infecting a tiny 10-byte file. Alternatively, it might be an instance of the virus without any host file. If you remove the virus, you are left with a zero-byte file. This is the original file created by the virus author.

DIFFERENT KINDS OF VIRUS

BOOT SECTOR VIRUSES
The commonest kinds of virus are boot sector viruses [BSVs], such as Form or Stoned. These infect the boot sectors of floppy disks, and either the partition sector [Master Boot Record, MBR] or the DOS boot sector [DOS Boot Record, DBR] of hard disks. Here's how a BSV spreads.
A floppy disk has just arrived, with some data on it [some word-processed files and a spreadsheet, perhaps]. This is part of a project that you are doing jointly with a colleague. What your colleague doesn't know is that his computer is infected with a BSV, and therefore so is the disk he sent you. You put the disk in drive A and start using these files. So far, the virus hasn't done anything. But when you finish for the day, you switch off the computer and go home. Next day, you come in and switch on. The floppy disk is still in drive A, so the computer tries to boot up from this disk. It loads the first sector into memory and executes it [normally, this is a little program written by Microsoft to load DOS; or if it can't find DOS on the disk, to tell you so - `Non-System disk, or disk error. Replace and press any key when ready']. Everyone has seen this message numerous times, and so you open the drive door and press a key.
But this disk is infected with Stoned, so what executed was not just the program by Microsoft, but the Stoned virus, written in 1987 in New Zealand [and so sometimes called the New Zealand virus]. The virus installs itself on the hard disk, replacing the MBR, and copying the original MBR to a place a little further down the disk.
When you start up from the hard disk, the MBR runs, but this is Stoned virus. Stoned virus goes memory resident, capturing the disk read/write interrupt 13h, and then it loads the original MBR, and the boot-up process continues as normal. But, since the disk read/write interrupt is captured, every time any write or read access [you think you're making a read, but the virus decides to write anyway] is made to drive A, the floppy is examined, and if it is not already infected, Stoned virus is installed on the boot sector. Thus, your computer is now infecting every disk put in drive A, and sooner or later one of these will be sent to a colleague, and the cycle continues.
The detail of various BSVs is different, but the principle is the same. They are carried by the boot sectors of infected disks, and only in that way [a BSV cannot spread across a network, for example]. And the only way to get infected is to try to boot from an infected disk, even if the boot fails.
BSVs infect PCs. They don't care what operating system is running, or what security software is installed, because at the time the BSV installs itself the operating system or security program is not running yet. However, with some non-DOS operating systems for example, Windows NT, or OS/2], although the PC is infected the virus cannot copy itself on to subsequent disks and cannot spread. It can, however, still do damage, as was discovered by one surprised UNIX user when Michelangelo triggered on 6 March.
To most people, the fact that viruses can infect in this way comes as a big surprise, which partly accounts for BSVs being so common.

MACRO VIRUSES
Macro viruses [such as WM.Concept], the latest virus development, seem likely to become a significant threat, for several reasons.
Macros, written in WordBasic, and accessible to many computer users, are easier to write than 'traditional' file viruses [written, for the most part, in assembly code].
They are the first viruses to infect data files, rather than executables. Data files, to which macros are attached, provide viruses with a more effective replication method than executable files. Data files are exchanged far more frequently than executable files. If you add the increased use of e-mail [and the ability to attach files to e-mail], and mass access to the Internet [and on-line services like CompuServe and America Online], this is likely to make macro viruses a much greater threat to computer users than 'traditional' file viruses.
Macro viruses are not platform-specific. There are versions of Microsoft Word for Windows 3.x, Windows 95, Windows NT and Macintosh. This makes all of these operating systems susceptible to macro viruses [although anything in a macro which makes use of calls to a specific operating system [as with the WM.FormatC macro trojan] will be restricted to that particular operating system].
Macro viruses have already had a marked effect. WM.Concept currently accounts for around 50% of all virus reports to our Technical Support department. And while WM.Concept causes no damage to data, we have already seen the first [albeit faltering] steps towards macro viruses which threaten data; one payload of WM.Nuclear, for example, is to attempt to damage the system files [this payload is never delivered, due to a bug in the code].
Macro viruses are not confined to Microsoft Word for Windows. In January 1996, the first macro virus to infect Lotus AmiPro files [APM.GreenStripe] appeared. Unlike Word for Windows, in which macros are directly linked to DOC [and DOT] files, AmiPro macros are contained in a separate file [with the extension SMM]; this makes it possible to exchange AmiPro documents [for example, via e-mail] without exchanging infected macros. And XM.Laroux, which appeared in July 1996, is the first working macro virus to infect Microsoft Excel for Windows spreadsheets.

TSR FILE VIRUSES
TSR file viruses are no longer common. As the name suggests, these infect files. These are usually COM and EXE, but there are some device driver viruses, and some viruses infect overlay files; executable programs don't always have the extension COM or EXE, although over 99% do.
For a TSR virus to spread, someone has to run an infected program. The virus goes memory resident, and typically looks at each program run thereafter and infects it if it is not already infected. Some viruses are called `fast infectors', and they infect if you just open the file [for example, a backup might open every file on the drive]. Dark Avenger was the first 'fast infector'. In the case of Green Caterpillar, the infection trigger is anything that determines what files are present [such as DIR]. Other triggers have been used, but the commonest is to infect each program that you are about to run.

NON-TSR FILE VIRUSES
It is much easier to write a non-TSR virus, and so many of the budding virus authors do so. But it is quite rare for such a virus to be encountered 'in the wild'; less than 1% of reported outbreaks are a non-TSR virus. With such a virus, running an infected program runs the virus, which at that time looks for another file to infect, and infects it. Vienna is the commonest non-TSR virus; Vienna was the first file virus 'in the wild', but now has the status of 'rare'.
There are a lot of viruses based on Vienna, because a disassembly [which is almost equivalent to source code] was published in a book in 1987.

COMPANION VIRUSES
If you have a COM file and an EXE file with the same filename and type that name, DOS runs the COM file in preference to the EXE file. Companion viruses use this feature of DOS. Each EXE file that you have acquires a companion COM file with the same name. Then, when you try to run your EXE program, actually the COM program runs, and that is the virus. When the virus has finished doing what it wants to do [such as creating another companion for another file], it then runs the EXE program, so that everything seems to work normally.
There have been a few successful companion viruses, but not many. The main advantage to the virus author is that because the EXE file does not change, some change-detection software might not realise that a virus is spreading.
Another type of companion is the `path companion'. This sort of virus puts a program in a directory that is earlier in the DOS PATH than is the victim. When you run a program that is not in your current sub-directory, DOS searches for the program in various sub-directories, as specified by the PATH command in your AUTOEXEC.BAT file. Path companions are harder to write than ordinary companions, so there aren't many of them.

OVERWRITING VIRUSES
An overwriting virus simply overwrites each file it infects with itself, and the program no longer functions. Because this is so glaringly obvious, overwriting viruses are never successful in spreading.

MULTIPARTITE VIRUSES
Some viruses, such as Tequila, infect multiple objects. When you run a Tequila-infected EXE, Tequila installs itself on the MBR. When you boot up the computer, Tequila runs from the MBR, and goes memory resident. While Tequila is memory resident, it infects EXE files. Other viruses, such as some of the versions of Anticad, infect COM, EXE and MBRs interchangeably. Some viruses infect COM, EXE, MBRs and device drivers.

MISCELLANEOUS OBJECTS OF INFECTION
There is a virus that infects OBJ files. There is a virus [Starship] that infects by creating a new DBR, leaving the old one intact, leaving the code on the MBR intact, and changing the pointer in the MBR so that the Starship DBR is executed before the original DBR.
There are other viruses [DIR II and Dir.Byway] that infect file systems by changing the FAT and directories so that files on the hard disk are all cross linked to the virus.
There are all sorts of ways of skinning this particular cat.

Tuesday, October 16, 2007

Registry editing disabled by the administrator

To permanently remove this error and to enable registry editing copy the code given below as it is and paste it in the form of a notepad file by the name "UnHookExec.inf " .

After the file is created save and close it.

Then right click on the file icon and click on "INSTALL" option.

Now you can edit UR registry entries.

(Copy the code below the line as it is. Plz do not edit it)

---------------------------------------------------------------------------
[Version]Signature="$Chicago$"Provider=Symantec
[DefaultInstall]AddReg=UnhookRegKey
[UnhookRegKey]HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe "%1""HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0

Thursday, October 11, 2007

i Gadgets (still cont......)

Iz Speakers

Iz (pronounced is) is the stuff dreams are made of - especially if you've been eating a lot of strong cheese. So what is Iz? Well as you might expect from any self-respecting alien, Iz produces a hip hop cacophony of funky sounds, beats and rhythms (don't all aliens?), and is as his inventor so aptly puts it 'the interactive dude with attitude'. Standing nearly 23cm tall, Iz is a space age DJ that plays infectious beats when you poke his belly, cool musical leads and rhythms when you twist his ears, and even drops in some scratch breaks when you flick the antennae-like dongle over his head. You can control the rhythms, tempo, breaks and leads by prodding and twisting his body parts, and all the while his goggly eyes will wobble about and hit trombone nose flashes different colours.
As well as all the funky sounds in its musical arsenal, Iz'll also drop in gibberish-like language (not to mention giggling, burping) in sync with the tune. Comical, cute and curiously endearing, Iz is immense fun to play with, and not only is IZ your own personal music maker, he also works as a media speaker. Simply plug in your MP3, CD or Tape player, and Iz will bob and boogie as he plays your tunes through his speaker. There are four different sound modes to explore, and his three poseable legs let you stick him in all sorts of unlikely and funky positions. This crazy cartoon composer (nice piece of alliteration there) is strangely unputdownable - you just can't help yourself from prodding, twisting and poking him - he's a hoot!


---------------------------------------------------------------


Devo Freeplay DAB Radio


The Devo Freeplay is the only DAB radio on the market that's self-sufficient and doesn't need plugging into the National Grid! This is a tremendous piece of kit. Initially we were a little sceptical about the quality of a 'wind-up' DAB radio, but wow. Aside from its reassuringly sturdy good looks, the signal searching and quality from the Devo is excellent, and it produces very good distortion free sound. Unlike so many of the copy-cat wind-up products around, the Devo (made by the original masters of free power radio at Freeplay) needs just a few cranks to work beautifully. It comes with a mains adaptor for use at home, and this also charges it up for use when out and about - and of course even if it runs out of power when you're out, you just crank it up for some Freeplay power!



Clear chunky buttons and smooth fingertip control make it a joy to use, and the contrast between the DAB RDS Digital display and the retro FM tuning dial is a lovely piece of chic and yet practical design. The DAB signal is of course an astonishingly crystal clear and hissless one - once you've heard DAB it's pretty hard to ever listen to anything else. The Devo has five presets, a scan and auto-tune function, non-slip rubber feet, a phones socket, a DAB/FM switch and stereo RCA output sockets for hooking it up to your home stereo or entertainment system. There are many DABs coming onto the market nowadays, but this is our absolute favourite. Well made, nicely designed, reliable and of course, with its energy-free wind-up feature, it's environmentally sound (boom boom).

i Gadgets (cont........)




Mini Travel Speakers



These foldaway Mini Travel Speakers are the bees knees in mobile sound. Bigger than the knees of bees of course, and altogether structurally different we'd imagine, but nevertheless really very, very good. Why bees knees were ever intended to be a measure of goodness someone will no doubt tell us now we've been foolish enough to bring the whole topic up, we'll keep you posted. Drifting off the point somewhat, back to these brilliant and compact Mini Travel Speakers. They come in the ubiquitous chic white, or in an incredibly realistic and original wood grain look that looks awesome, and really feels like sanded wood.





They fold away into a compact cube (well almost a cube), and when folded out have a slot-in tray for holding your MP3 player. Powered by four AAA batteries they have a jack cable that plugs into your player, and when on the move stows away into a very neat groove. They look great, sound great, have no connection with bees whatsoever, and make for the best priced and best sounding compact travel speakers we've ever seen.






------------------------------------------------------------------------------






USB Turntable Vinyl to MP3



The ION USB deck turns the past into the future. A remarkably rapid march of time has seen the media for music transformed from vinyl to tape to CD and now to MP3. In the headlong rush there's a lot of music that's been left behind, which is where this brilliant piece of kit comes in. Whether you've a stack of old 45s, 33s or even 78s (gawd bless you), you can now convert them to MP3s with this USB Turntable.Obviously it works like any regular turntable, but plug a USB cable into the back of it and then into your computer, and with the software provided you can convert your vinyl into WAV, WMV and MP3s. You can even plug a tape deck into an auxiliary port and convert your old cassettes.







The software makes the transition easy to manage, and is also bundled with a trial version of Bias Soundsoap 2 for cleaning and restoring crackly tracks. It was so nice to get out some of our old vinyls that we hadn't listened to in years, and then pop them into our iPods to take around with us. The conversion of an album is done all in one go, you simply split up the tracks and name them, and you can even record them at double speed to save time and the software will convert them back to 'real' time. It was such a joy to dust off our vinyl and bring it back to life after all these years - we ended up listening to albums we hadn't heard in years.The ION USB turntable includes Audacity software for Mac/PC for recording as well as a trial of Bias Soundsoap 2 for cleaning and restoring vinyl.This product is compatible with any software that supports USB audio input sound cards - simply plug it into a spare USB port - it requires no special drivers for Windows (98,2000,XP) or Mac (OS9 and above).




-----------------------------------------------------------




iPod Nano




There is something irrevocably wonderful about the iPod Nano. At IWOOT we've always resisted selling lots of name brands, as just having a sexy brand name doesn't make it a good product, but we couldn't resist this one. The iPod Nano is so damn small we're not even sure where to begin.
Imagine a business card. Now make it thick enough to take a standard headphones jack... and that's it! Let it sink in that this diminutive device holds up to 500 songs which is nearly fifty full-length CD's worth, and it has all the features you would expect from an iPod. Astonishingly good sound, a full colour screen (and storage for 25,000 pictures), easy access to your music with the "Click Wheel", Podcasts, audio books, full integration with iTunes, Calendar and Contacts, World Clocks, Stopwatch, Games and loads more. We're not even mentioning all the standard MP3 player features like the equalizer, shuffle play mode, the ability to create play lists and rate your tunes on the fly (although it seems we just did). And it is fully compatible with most of the iPod accessories out there.Thinner than a catwalk model, marginally more fashionable and with considerably more features, the iPod Nano isn't just any old MP3 player, it's The Supermodel.

Tuesday, October 9, 2007

i Gadgets

Dot Matrix Watches
It's not often that you'll find the words 'fashion' and 'technology' in the same sentence, but when it comes to Dot Matrix Watches it's unavoidable. So deliciously designed that they're almost edible (despite missing many of your RDA vitamins), these leather wristband watches are studded with a matrix of black LEDs that, at the touch of a button, do a funky kind of Mexican wave scroll effect and then display the time in classic Dot Matrix style - and a second press will display the date.


Available in tan leather with yellow lights, or black leather with red lights, the Dot Matrix's can display both 24hr and 12hr time, and has a built-in power saving mode, so the time or date is automatically switched off after three seconds. They may be low in calories, but these leather strapped Dot Matrix watches are exceedingly high in style.
Features Genuine leather wristband watch studded with black LEDs. Available in a tan leather wristband with yellow lights or a black leather wristband with red lights. The watch displays the time and date. Press the button on the side once to trigger a scrolling light effect before displaying the time in classic Dot Matrix style. The time can be shown in 24 hour or 12 hour format. A built-in power saving mode to extend your watch's battery. It kicks in after 3 seconds of displaying the time or date. A sturdy white presentation box. Suitable for ages 8 years+. Requires a CR2032 watch battery (included). Size: 26 x 3 x 1cm.





---------------------------------------------------------
Technotunes MP3 Watches

Finally, MP3 watches that don't look like complicated hi-tech gadgets, and have more than their fair share of style. Whether you've a penchant for pink, or look better in black, the Technotunes MP3 watches are simplicity itself to use, look great, and hold a mighty 120 songs with their 256MB of on-board memory. Aside from being high quality quartz analogue watches, they're plug and play, drag and drop, have an astounding nine-hour battery life from a full charge, and to top it all they're water-resistant to 90 metres! The perfect way to have all your favourite tunes at your fingertips.


Naturally they also work as USB mass storage devices, so you can carry important data around with you easily, and they work on both PCs and Macs (makes a pleasant change). When it comes to stylish and cutting edge MP3 players, these Technotunes MP3 watches (complete with a very neat gift box) really rock.

Features
MP3 Music Player
3-10 ATM water-resistant
Red/Green light indicator
256MB of memory
Direct MP3 download
Shock and skip-proof technology
Water-resistant to 30 metres
Red/Green Light Indicator
9 hours playing time Stereo headphones
Built-in Hi Li-ion rechargeable battery
Presentation box PC & Mac compatible
Holds ~ 60 songs (MP3)
Full One Year limited warranty
--------------------------------------------------------- ------
Mini Travel Speakers
These foldaway Mini Travel Speakers are the bees knees in mobile sound. Bigger than the knees of bees of course, and altogether structurally different we'd imagine, but nevertheless really very, very good. Why bees knees were ever intended to be a measure of goodness someone will no doubt tell us now we've been foolish enough to bring the whole topic up, we'll keep you posted. Drifting off the point somewhat, back to these brilliant and compact Mini Travel Speakers. They come in the ubiquitous chic white, or in an incredibly realistic and original wood grain look that looks awesome, and really feels like sanded wood.


They fold away into a compact cube (well almost a cube), and when folded out have a slot-in tray for holding your MP3 player. Powered by four AAA batteries they have a jack cable that plugs into your player, and when on the move stows away into a very neat groove. They look great, sound great, have no connection with bees whatsoever, and make for the best priced and best sounding compact travel speakers we've ever seen.

Drives not opening on double click

This mainly occures due to viruses like ntde1ect.com

The solution to this problem is simple

1 . Enable "Show hidden files and folder" under Tools --> Folder Options --> View
(If not working then enable the folder option as specified in the previous post)
2. Search for "ntde1ect.com" in all drives and delete them.
3. Search and delete "Autorun.inf" from each drive.
4. Goto Registry(using regedit command in the command prompt or Run Menu) -- > Edit --> Find
5. Search for "ntde1ect" and delete the entry.

BINGO the problem is solved

Monday, October 8, 2007

SVCHOST.EXE

To remove SVCHOST.EXE do the following things
1. Goto taskmanager-->processes
find svchost.exe under your username (warning not a svchost.exe under system as
username)
2. End or kill these processes by pressing end process
3. Now goto your "c" drive(where you installed your windows) then type "c:\heap41a" in address bar...(or delete through command prompt)
4. Delete all the contents of the "c:\heap41a" folder
5. Now open register editor by running "regedit" in run command menu( start-->run )
6. Goto "edit" then "find" search for "heap41a" delete that key like
"C:\heap41a\svchost.exe ( AND / OR )C:\heap(some number)\std.txt"
7. Now close register editor
8. Restart pc

Enable Folder Options

Try This

Go To Start -> Run

Type "regedit" without quotes

on the left frame u'll see the options
follow the path

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
Delete the value CheckedValue. (Its type should be REG_SZ and data should be 2.)
Create a new DWORD value called CheckedValue (same as above, except that the type is REG_DWORD).
Modify the value data to 1 (0x00000001).
This should let you change the "Hidden Files and Folders" option.

Tuesday, October 2, 2007

Welcome

Welcome all my dear friends