Let’s face it for many being on the computer is hassle-full. Being on the computer isn’t fun and productive any more.
Whether your home or business computers are online or offline over time they seem to slow down and many times crash. Being on the computer isn’t fun and productive any more. What is it that
causes these problems?
It’s my experience that the average individual knows a lot about his/her chosen field and very little about computer repair services and protecting information stored on a home or business computer.
Most of us are looking for a simple easy way to work or play on our computer. Unfortunately, computers have become complicated, necessary tools. Yet, it seems, several months after purchasing a computer it begins to bog down and run slower. You might experience mysterious freeze ups and crashes. Once this problem turns into a nuisance, generally, the computer is taken into a computer repair service shop where it will be out of commission for a week or so and a few hundred dollars spent to clean it up.
Most people don’t understand the relationship between a slow running computer and cyber-crime. Yet, the relationship is huge. There is a huge need to develop safe computer practices and rely on
an emerging computer industry called “Personal Computer Services.”
One of the ways I like to describe computer safe practices is by comparing it to safe dental practices. We are encouraged to develop an everyday practice of flossing and cleaning teeth, right? We do this to keep the teeth clean and avoid dental problems like infection and tooth decay in the future. In other words we do this to avoid dental hassles. We want a hassle-free dental experience.
Now, when you compare best dental practices to keeping your computer running like new, you need to implement similar measures. Only this time instead of brushing and flossing you have to develop safe computer practices including purchasing the computer repair service money can buy. On top of that, you’ll also need to set up a safe practices guideline for everyone in your family.
A slow running computer or a computer that crashes frequently may be a sign of Malware (Trojans, viruses, worms, and other malicious code) on your computer. These hacker tools not only can be used to steal sensitive information from your computer they slow your computer down or even cause computer crashes. Unfortunately, traditional over-the-counter computer protection products don’t keep up with this growing problem. If they did would we continue to have these problems?
Over the last three years there’s been a huge shift from curious hackers to professional hackers creating devious methods to steal proprietary information from computers like yours. This evolving threat is costing individuals and businesses tens of billions of dollars every year. V. McNiven, an advisor to the U.S Department of treasury has stated, “The proceeds from cyber-crime are now greater than the sale of illegal drugs.
These evil hackers continue to find more devious ways of stealing financial and proprietary information. It is important that every individual, family and business have a computer repair service plan in place to protect themselves from these cyber terrorists.
You might be surprised to learn that computers that don’t go online are vulnerable through file sharing from infected flash drives, cds and floppies. These devices, when infected, can install scrambling software or logic bomb software that opens up the possibility of extortion to get your proprietary information back.
A 2007 PC Magazine survey of 42,000 PCs worldwide released last September showed the top speed killers. The problems included:
· Over 52 percent of the PCs surveyed were clogged up with spyware
· Over 60 percent of the PCs surveyed had un-optimized Internet settings slowing the Internet down and even signaling that spyware and other malware have secretly stolen portions of your bandwidth to run on your PC.
· Surveyed computers also contained an average of twelve serious registry problems per unit that may have been caused by spyware and other malware.
Incredible, many of these computers are supposedly protected by the over-the-counter products that aren’t doing what they promise to do. So how can individuals and small businesses protect against identity theft, fraud and extortion? How can they get their computers back to running like new again?
Here are six crucial steps to protecting your computer and making it fun and productive again:
1. Keep your computers patched. Microsoft has automatic patch updates. Make sure are signed up to receive them.
2. Use professional enterprise grade anti-virus and anti-spyware at the email and web gateways. Install a professional grade by-directional firewall to guard against backdoor threats.
3. Use sender-authentication technologies, such as Sender Policy Framework (SPF) to make phishing far more difficult since – In theory – phishers will only be able to send their spam from “unapproved” domains.
4. Develop and enforce a password policy. This will make passwords difficult to be guessed. Use a different password for each situation. Make sure these passwords are changed frequently. If you use one password for every web site, for example, and a phisher manages to steal it, all of your online activity is at risk. Sophos, an enterprise grade Internet Security Company, recently conducted a business poll and discovered 41 percent of the respondents were using the same password for all web sites.
5. Keep an eye on the advice from organizations promoting safe computing. Many of their web sites will list the latest threats, and give advice on how to protect your home and business against them.
6. Always report suspicious activity.
Just as important, find a computer repair service that offers “Personal Computer Services.” Your personal computer service should include online repair at no additional cost. The end result: hassle-free computing making being on the computer fun and productive again. With the right computer repair service, using computers at home and at work should be hassle-free allowing you to focus more on your home and business activities.
Wednesday, November 26, 2008
Tuesday, November 25, 2008
Computer Virus
In 1983, Fred Cohen coined the term “computer virus”, postulating a virus was "a program that can 'infect' other programs by modifying them to include a possibly evolved copy of itself.” The term virus is actually an acronym for Vital Information Resources Under Seize. Mr. Cohen expanded his definition a year later in his 1984 paper, “A Computer Virus”, noting that “a virus can spread throughout a computer system or network using the authorizations of every user using it to infect their programs. Every program that gets infected may also act as a virus and thus the infection grows.” Computer viruses, as we know them now, originated in 1986 with the creation of Brain - the first virus for personal computers. Two brothers wrote it (Basid and Farooq Alvi who ran a small software house in Lahore, Pakistan) and started the race between viruses and anti-virus programs which still goes on today.
Using the above explanation, it can be said that viruses infect program files. However, viruses can also infect certain types of data files, specifically those types of data files that support executable content, for example, files created in Microsoft Office programs that rely on macros.
Compounding the definition difficulty, viruses also exist that demonstrate a similar ability to infect data files that don't typically support executable content - for example, Adobe PDF files, widely used for document sharing, and .JPG image files. However, in both cases, the respective virus has a dependency on an outside executable and thus neither virus can be considered more than a simple ‘proof of concept’. In other cases, the data files themselves may not be infectable, but can allow for the introduction of viral code. Specifically, vulnerabilities in certain products can allow data files to be manipulated in such a way that it will cause the host program to become unstable, after which malicious code can be introduced to the system. These examples are given simply to note that viruses no longer relegate themselves to simply infecting program files, as was the case when Mr. Cohen first defined the term. Thus, to simplify and modernize, it can be safely stated that a virus infects other files, whether program or data.
Computer viruses are called viruses because they share some of the traits of biological viruses. A computer virus passes from computer to computer like a biological virus passes from person to person.
There are similarities at a deeper level, as well. A biological virus is not a living thing. A virus is a fragment of DNA inside a protective jacket. Unlike a cell, a virus has no way to do anything or to reproduce by itself -- it is not alive. Instead, a biological virus must inject its DNA into a cell. The viral DNA then uses the cell's existing machinery to reproduce itself. In some cases, the cell fills with new viral particles until it bursts, releasing the virus. In other cases, the new virus particles bud off the cell one at a time, and the cell remains alive.
A computer virus shares some of these traits. A computer virus must piggyback on top of some other program or document in order to get executed. Once it is running, it is then able to infect other programs or documents. Obviously, the analogy between computer and biological viruses stretches things a bit, but there are enough similarities that the name sticks.
A computer virus is a program that replicates. To do so, it needs to attach itself to other program files (for example, .exe, .com, .dll) and execute whenever the host program executes. Beyond simple replication, a virus almost always seeks to fulfill another purpose: to cause damage.
Called the damage routine, or payload, the destructive portion of a virus can range from overwriting critical information kept on the hard disk's partition table to scrambling the numbers in the spreadsheets to just taunting the user with sounds, pictures, or obnoxious effects.
It’s worth bearing in mind, however, that even without a ”damage routine”, if viruses are allowed to run unabated then it will continue to propagate--consuming system memory, disk space, slowing network traffic and generally degrading performance. Besides, virus code is often buggy and can also be the source of mysterious system problems that take weeks to understand. So, whether a virus is harmful or not, its presence on the system can lead to instability and should not be tolerated.
Some viruses, in conjunction with "logic bombs," do not make their presence known for months. Instead of causing damage right away, these viruses do nothing but replicate--until the preordained trigger day or event when they unleash their damage routines on the host system or across a network.
Impact of Viruses on Computer Systems
Virus can be reprogrammed to do many kinds of harm including the following.
1.Copy themselves to other programs or areas of a disk.
2.Replicate as rapidly and frequently as possible, filling up the infected system’s disk and memory rendering the systems useless.
3.Display information on the screen.
4.Modify, corrupt or destroy selected files.
5.Erase the contents of entire disks.
6.Lie dormant for a specified time or until a given condition is met, and then become active.
7.Open a back door to the infected system that allows someone else to access and even control of the system through a network or internet connection.
8.Some viruses can crash the system by causing some programs (typically Windows) to behave oddly.
How viruses spread from one system to another?
The most likely virus entry points are email, Internet and network connections, floppy disk drives, and modems or other serial or parallel port connections. In today's increasingly interconnected workplace (Internet, intranet, shared drives, removable drives, and email), virus outbreaks now can spread faster and wider than ever before.
The following are some common ways for a virus to enter the users’ computer system:
•Email attachments
•Malicious scripts in web pages or HTML email
•FTP traffic from the Internet (file downloads)
•Shared network files & network traffic in general
•Demonstration software
•Pirated software
•Shrink-wrapped, production programs (rare)
•Computer labs
•Electronic bulletin boards (BBS)
•Diskette swapping (using other people’s diskettes for carrying data and programs back and forth)
High risk files
The most dangerous files types are:
.EXE, .COM, .XLS, .DOC, .MDB
Because they don't need any special conversion to infect a computer -- all they've got to do is run and consequently the virus spreads. It has been estimated that 99% of all viruses are written for these file formats.
A list of possible virus carriers includes:
EXE - (Executable file)
SYS - (Executable file)
COM - (Executable file)
DOC - (Microsoft Word)
XLS - (Microsoft Excel)
MDB - (Microsoft Access)
ZIP - (Compressed file, common in the USA)
ARJ - (Compressed file, common in the USA)
DRV - (Device driver)
BIN - (Common boot sector image file)
SCR - (Microsoft screen saver)
Common Symptoms Of Virus Infection
Computer does not boot.
Computer hard drive space is reduced.
Applications will not load.
An application takes longer to load than normal time period.
Hard dive activity increases especially when nothing is being done on the computer.
An anti virus software message appears.
The number of hard drive bad sectors steadily increases.
Unusual graphics or messages appear on the screen
Files are missing (deleted)
A message appears that hard drive cannot be detected or recognized.
Strange sounds come from the computer.
Some viruses take control of the keyboard and occasionally substitute a neighboring key for the one actually pressed. Another virus "swallows" key presses so that nothing appears on the screen.
Also interesting are system time effects. Clocks going backwards are especially frightening for workers who cannot wait to go home. More seriously though, this type of virus can cause chaos for programs which depend on the system time or date.
Some viruses can cost the user dearly by dialing out on his modem. We do not know of one which dials premium telephone numbers but no doubt we shall see one soon. One particularly malicious virus dials 911 (the emergency number in the USA) and takes up the valuable time of the emergency services.
Categories of viruses
Depending on the source of information different types of viruses may be categorized in the following ways:
PDA VIRUSES
The increasing power of PDAs has spawned a new breed of viruses. Maliciously creative programmers have leveraged the PDA's ability to communicate with other devices and run programs, to cause digital mayhem.
The blissfully safe world where users of these devices could synchronize and download with impunity came to an end in August 2000 with the discovery of the virus Palm Liberty. Since then, many more viruses have been discovered.
Though not yet as harmful as their PC-based cousins, these viruses still pose a threat to unsuspecting users. Their effects vary from the harmless flashing of an unwanted message or an increase in power consumption, to the deletion of all installed programs. But the threat is growing, and the destructiveness of these viruses is expected to parallel the development of the devices they attack.
MULTIPARTITE VIRUSES
A virus that combines two or more different infection methods is called a multipartite virus. This type of virus can infect both files and boot sector of a disk. Multi-partite viruses share some of the characteristics of boot sector viruses and file viruses: They can infect .com files, .exe files, and the boot sector of the computer’s hard drive. On a computer booted up with an infected diskette, the typical multi-partite virus will first make itself resident in memory then infect the boot sector of the hard drive. From there, the virus may infect a PC's entire environment. Not many forms of this virus class actually exist. However, they do account for a disproportionately large percentage of all infections. Tequila and Anticad are the examples of multipartite viruses.
BOMBS
The two most prevalent types of bombs are time bombs and logic bombs. A time bomb hides on the victim’s disk and waits until a specific date before running. A logic bomb may be activated by a date, a change to a file, or a particular action taken by a user or a program. Bombs are treated as viruses because they can cause damage or disruption to a system.
BOOT SECTOR VIRUSES
Until the mid-1990s, boot sector viruses were the most prevalent virus type, spreading primarily in the 16-bit DOS world via floppy disk. Boot sector viruses infect the boot sector on a floppy disk and spread to a user's hard disk, and can also infect the master boot record (MBR) on a user's hard drive. Once the MBR or boot sector on the hard drive is infected, the virus attempts to infect the boot sector of every floppy disk that is inserted into the computer and accessed. Examples of boot sector viruses are Michelangelo, Satria and Keydrop.
Boot sector viruses work like this: Let us assume that the user received a diskette with an infected boot sector. The user copied data from it but forgot to remove it from drive A:. When he started the computer next time the boot process will execute the infected boot sector program from the diskette. The virus will load first and infect the hard disk. Note that this can be prevented by changing the boot sequence in CMOS (Let C: drive boot before A:). By hiding on the first sector of a disk, the virus is loaded into memory before the system files are loaded. This allows it to gain complete control of DOS interrupts and in the process replaces the original contents of the MBR or DOS boot sector with their own contents and move the original boot sector data to another area on the disk. Because the virus has infected a system area of the hard disk it will be loaded into memory each time the computer is started. It will first take control of the lowest level disk system services before executing the original boot sector code which it has stored in another part of the hard disk. The computer seems to behave exactly as it should. Nobody will notice the extra few fractions of a second added to the boot sequence.
During normal operation the virus will happily stay in memory. Thanks to the fact that it has control of the disk services it can easily monitor requests for disk access - including diskettes. As soon as it gets a request for access to a diskette it will determine that there is a diskette in the floppy drive. It will then examine its boot sector to see if it has already been infected. If it finds the diskette clean it will replace the boot sector with its own code. From this moment the diskette will be a "carrier" and become a medium for infections on other PC's.
The virus will also monitor special disk requests for access to the boot sector. The boot sector contains its own code, and a request to read it could be from an anti-virus program checking for virus presence. The virus will not allow the boot sector to be read and will redirect all requests to the place on the hard disk where it has backed up the original contents. In this way nothing unusual is detected. Such methods are called stealth techniques and their main goal is to mask the presence of the virus. Not all boot viruses use stealth but those which do are common.
Boot viruses also infect the non-file (system) areas of hard and floppy disks. These areas offer an efficient way for a virus to spread from one computer to another. Boot viruses have achieved a higher degree of success than program viruses in infecting their targets and spreading.
Boot virus can infect DOS, Windows 3.x, Windows 95/98, Windows NT, and even Novell Netware systems. This is because they exploit inherent features of the computer (rather than the operating system) to spread and activate.
Cleaning up a boot sector virus can be performed by booting the machine from an uninfected floppy system disk rather than from the hard drive, or by finding the original boot sector and replacing it in the correct location on the disk.
CLUSTER VIRUSES
This type of virus makes changes to a disks file system. If any program is run from the infected disk, the program causes the virus to run as well. This technique creates the illusion that the virus has infected every program on the disk.
E-MAIL VIRUSES
These types of viruses can be transmitted via e-mail messages sent across private networks or the internet. Some e-mail viruses are transmitted as an infected attachment- a document file or program that is attached to the message. This type of virus is run when the victim opens the file that is attached to the message. Other types of email viruses reside within the body of the message itself. To store a virus, the message must be encoded in html format. Once launched many e-mail viruses attempt to spread by sending messages to everyone in the victim’s address book; each of those contains a copy of the virus.
The latest thing in the world of computer viruses is the e-mail virus called Melissa virus which surfaced in March 1999. Melissa spread in Microsoft Word documents sent via e-mail, and it worked like this:
Someone created the virus as a Word document uploaded to an Internet newsgroup. Anyone who downloaded the document and opened it would trigger the virus. The virus would then send the document (and therefore itself) in an e-mail message to the first 50 people in the person's address book. The e-mail message contained a friendly note that included the person's name, so the recipient would open the document thinking it was harmless. The virus would then create 50 new messages from the recipient's machine. As a result, the Melissa virus was the fastest-spreading virus ever seen and it forced a number of large companies to shut down their e-mail systems at that time.
The ILOVEYOU virus, which appeared on May 4, 2000, was even simpler. It contained a piece of code as an attachment. People who double clicked on the attachment allowed the code to execute. The code sent copies of itself to everyone in the victim's address book and then started corrupting files on the victim's machine. This is as simple as a virus can get. It is really more of a Trojan horse distributed by e-mail than it is a virus.
The Melissa virus took advantage of the programming language built into Microsoft Word called VBA, or Visual Basic for Applications. It is a complete programming language and it can be programmed to do things like modify files and send e-mail messages. It also has a useful but dangerous auto-execute feature. A programmer can insert a program into a document that runs instantly whenever the document is opened. This is how the Melissa virus was programmed. Anyone who opened a document infected with Melissa would immediately activate the virus. It would send the 50 e-mails, and then infect a central file called NORMAL.DOT so that any file saved later would also contain the virus! It created a huge mess.
FILE INFECTING VIRUSES
File infectors operate in memory and usually infect executable files with the following extensions: *.COM, *.EXE, *.DRV, *.DLL, *.BIN, *.OVL, *.SYS. They activate every time the infected file is executed by copying themselves into other executable files and can remain in memory long after the virus has activated.
Thousands of different file infecting viruses exist, but similar to boot sector viruses, the vast majority operates in a DOS 16-bit environment. Some, however, have successfully infected the Microsoft Windows, IBM OS/2, and Apple Computer Macintosh environments.
File viruses can be separated further into sub-categories by the way they manipulate their targets:
TSR FILE VIRUSES
A less common type of virus is the terminate-and-stay-resident file virus. As the name suggests these infect files usually these are .com and .exe files. there are however some device driver viruses, some viruses that infect overlay files, and although over 99% of executable programs have the extension .com and .exe, some do not .For a TSR virus to spread some one has to run an infected program. The virus goes memory resident typically looking at each program run thereafter and infects it. Examples of TSR file viruses are Dark Avenger and Green Caterpillar.
OVERWRITING VIRUSES
These viruses infect by overwriting part of their target with their own code but, by doing so, they damage the file. The file will never serve another purpose other than spreading the virus further. Because of this they are usually detected quickly and do not spread easily.
PARASITIC VIRUSES
These viruses attach themselves to executables without substantially changing the contents of the host program. They attach by adding their code to the beginning, end, or even middle of the file and divert program flow so that the virus is executed first. When the virus has finished its job, control is passed on to the host. Execution of the host is a little delayed but this is usually not noticeable.
MACRO VIRUSES
Many older applications had simple macro systems that allowed the user to record a sequence of operations within the application and associate them with a specific keystroke. Later, the user could perform the same sequence of operations by merely hitting the specified key.
Newer applications provide much more complex macro systems. User can write entire macro-programs that run within the word processor or spreadsheet environment and are attached directly onto word processing and spreadsheet files. Unfortunately, this ability also makes it possible to create macro viruses.
Macro viruses currently account for about 80 percent of all viruses, according to the International Computer Security Association (ICSA), and are the fastest growing viruses in computer history. Unlike other virus types, macro viruses aren’t specific to an operating system and spread with ease via email attachments, floppy disks, Web downloads, file transfers, and cooperative applications.
Macro viruses are, however, application-specific. A macro virus is designed to infect a specific type of document file, such as Microsoft word or excel files. They infect macro utilities that accompany such applications as Microsoft Word and Excel, which means a Word macro virus cannot infect an Excel document and vice versa. A macro virus is embedded in a document file and can travel between data files in the application and can eventually infect hundreds of files if undeterred and in the process do various levels of damage to data from corrupting documents to deleting data.
Macro viruses are written in "every man's programming language" -- Visual Basic -- and are relatively easy to create. They can infect at different points during a file's use, for example, when it is opened, saved, closed, or deleted
A typical chronology for macro virus infection begins when an infected document or spreadsheet is loaded. The application also loads any accompanying macros that are attached to the file. If one or more of the macros meet certain criteria, the application will also immediately execute these macros. Macro viruses rely upon this auto-execution capability to gain control of the application’s macro system.
Once the macro virus has been loaded and executed, it waits for the user to edit a new document, and then kicks into action again. It attaches its virus macro programs onto the new document, and then allows the application to save the document normally. In this fashion, the virus spreads to another file and does so in a completely discrete fashion. Users have no idea of the infection. If this new file is later opened on another computer, the virus will once again load, be launched by the application, and find other unsuspecting files to infect.
Finally, as far as a macro virus is concerned, the application serves as the operating system. A single macro virus can spread to any of the platforms on which the application is installed and running. For example, a single macro virus that uses Microsoft Word could conceivably spread to Windows 3.x, Windows 95/98, Window NT, and the Macintosh.
Macro viruses for Word
In the summer of 1995, Microsoft Word 6 was the first product affected with macro virus. The first one (WM/Concept.A) was really only a proof of concept - one of the installed macros (called Payload) contained only this remark:
“That's enough to prove my point”
Most macro viruses for Word use a feature called 'automacros'. The basic principle is that some macros with special names are automatically executed when Word starts, opens a file, or closes a file. The macro virus then inserts macros into NORMAL.DOT - a standard template which is loaded every time Word starts.
In Word there are some ways to disable automacros but this isn't the ultimate solution. Some macro viruses use other methods to take control over the Word environment.
Another method of self-protection may be to set NORMAL.DOT to read only. But this can also be bypassed and, in addition, it prevents the user from customizing the template.
Macro viruses for Excel
Excel has the same opportunities for virus authors as Word. It has automacros and a directory called XLSTART from which templates are automatically loaded.
But Excel does not have just normal VBA macros like Word. In Excel there are so called 'formulas' - macros stored in spreadsheet cells. The first macro virus using this technology was XF/Paix.
Macro viruses for other MS Office products:
Writing a macro virus for other Office products is not difficult. There have been already some viruses for Access, and it is expected that there will be macro viruses for Power Point in the near future.
But those macro viruses are not as dangerous as the macro viruses for Word or Excel. Not because of some limitation of these other Office products, but because data files from these products are not so frequently shared.
There is one danger which can be seen in today's Power Point even without native macro viruses written for this product. Programmers can include in their presentation any number of objects from Excel or Word. And these objects can be infected with macro viruses - if they edit the presentation and open the infected object with its parent application, then the virus can spread further.
But the current situation may change dramatically over the next few years. Microsoft has licensed VBA technology to many firms, so one can expect to see more macro viruses for other products, too.
POLYMORPHIC VIRUSES
This type of virus can change itself each time it is copied, making it difficult to isolate. Most simple viruses attach identical copies of themselves to the files they infect. An anti-virus program can detect the virus’s code (or signature) because it is always the same and quickly ferret out the virus. To avoid such easy detection, polymorphic viruses operate somewhat differently. Unlike the simple virus, when a polymorphic virus infects a program, it scrambles its virus code in the program body. This scrambling means that no two infections look the same, making detection more difficult. These viruses create a new decryption routine each time they infect, so every infected file will have a different sequence of virus code.
STEALTH VIRUSES
Stealth viruses actively seek to conceal themselves from attempts to detect or remove them. They also can conceal changes they make to other files, hiding the damage from the user and the operating system.
Stealth viruses, or Interrupt Interceptors, as they are sometimes called, take control of key DOS-level instructions by intercepting the interrupt table, which is located at the beginning of memory. This gives the virus the ability to do two important things: 1) gain control of the system by re-directing the interrupt calls, and 2) hide itself to prevent detection. They use techniques such as intercepting disk reads to provide an uninfected copy of the original item in place of the infected copy (read-stealthing viruses), altering disk directory or folder data for infected program files (size-stealthing), or both. For example, the Whale virus is a size-stealthing virus. It infects .EXE program files and alters the folder entries of infected files when other programs attempt to read them. The Whale virus adds 9216 bytes to an infected file. Because changes in file size are an indication that a virus might be present, the virus then subtracts the same number of bytes (9216) from the file size given in the directory/folder entry to trick the user into believing that the file’s size has not changed.
An antivirus program which is not equipped with anti-stealth technology will be deceived.
COMPANION VIRUSES
A companion virus is the exception to the rule that a virus must attach itself to a file. The companion virus instead creates a new file and relies on a behavior of DOS to execute it instead of the program file that is normally executed. These viruses target EXE programs. They create another file of the same name but with a COM extension containing the virus code. These viruses take advantage of a property of MS-DOS which allows files to share the same first name in the same directory (e.g. ABC.EXE and ABC.COM) but executes COM files in preference to EXE files.
For example, the companion virus might create a file named CHKDSK.COM and place it in the same directory as CHKDSK.EXE. Whenever DOS must choose between executing two files of the same name where one has an .EXE extension and the other a .COM extension, it executes the .COM file. This is not an effective way of spreading but has one big advantage - it does not amend files in any way and so can escape integrity tests or resident protection. Another method which can be used by companion viruses is based on defined path. A virus simply puts an infected file into the path listed before the directory within the original program.
PROGRAM VIRUSES
Like normal programs, program viruses must be written for a specific operating system. The vast majority of viruses are written for DOS but some have been written for Windows 3.x, Windows 95/98, and even UNIX. All versions of Windows are compatible with DOS and can host DOS viruses with varying degrees of success. Program viruses infect program files, which commonly have extensions such as .COM, .EXE, .SYS, .DLL, .OVL, or .SCR. Program files are attractive targets for virus writers because they are widely used and have relatively simple formats to which viruses can attach.
Malicious Programs and Scripts
Viruses that infect agent programs (such as those that download software from the Internet; for example, JAVA and ActiveX).
WORM
A worm is a computer program that has the ability to copy itself from machine to machine. Worms normally move around and infect other machines through computer networks. An entire LAN or corporate e-mail system can become totally clogged with copies of a worm, rendering it useless. Worms are commonly spread over the internet via e-mail message attachments and through internet relay chat channels.
For example, the Code Red worm replicated itself over 250,000 times in approximately nine hours on July 19, 2001.
A worm usually exploits some sort of security hole in a piece of software or the operating system. For example, the Slammer worm (which caused mayhem in January 2003) exploited a hole in Microsoft's SQL server.
Worms use up computer time and network bandwidth when they are replicating, and they often have some sort of evil intent. A worm called Code Red made huge headlines in 2001. Experts predicted that this worm could clog the Internet so effectively that things would completely grind to a halt.
The Code Red worm slowed down Internet traffic when it began to replicate itself, but not nearly as badly as predicted. Each copy of the worm scanned the Internet for Windows NT or Windows 2000 servers that do not have the Microsoft security patch installed. Each time it found an unsecured server, the worm copied itself to that server. The new copy then scanned for other servers to infect. Depending on the number of unsecured servers, a worm could conceivably create hundreds of thousands of copies.
The Code Red worm was designed to do three things:
•Replicate itself for the first 20 days of each month
•Replace Web pages on infected servers with a page that declares "Hacked by Chinese"
•Launch a concerted attack on the White House Web server in an attempt to overwhelm it
The most common version of Code Red is a variation, typically referred to as a mutated strain, of the original Ida Code Red that replicated itself on July 19, 2001.
TROJAN HORSES
Trojans, another form of malware, are generally agreed upon as doing something other than the user expected, with that “something” defined as malicious. Most often, Trojans are associated with remote access programs that perform illicit operations such as password-stealing or which allow compromised machines to be used for targeted denial of service attacks. One of the more basic forms of a denial of service (DoS) attack involves flooding a target system with so much data, traffic, or commands that it can no longer perform its core functions. When multiple machines are gathered together to launch such an attack, it is known as a distributed denial of service attack, or DDoS.
Because Trojan horses do not make duplicates of themselves on the victims disk (or copy themselves to other disks), they are not technically viruses. But because they can do harm, many experts consider them to be a type of virus. Trojan horses are often used as by hackers to create a back door to an infected system. Trojans, such as BackOrrifice are very dangerous. If anyone runs this program and his computer is connected to the internet, then the hacker can take control of that computer - transfer files to or from the computer, capture screen contents, run any program or kill any running process, etc.
Once a Trojan is installed onto the system this program has the same privileges as the user of the computer and can exploit the system to do something the user did not intend such as:
Delete files
Transmit to the intruder any files that the user can read
Change any files that the user can modify
Install other programs with the user’s privileges
Execute privilege-elevation attacks—the Trojan can attempt to exploit a weakness to raise the level of access beyond the user running the Trojan. If successful, the Trojan can operate with increased privileges.
Install viruses
Install other Trojans
The Following Tips Will Help The User To Minimize Virus Risk:
If the users are truly worried about traditional (as opposed to e-mail) viruses, they should be running a more secure operating system like UNIX. One should never hear about viruses on these operating systems because the security features keep viruses (and unwanted human visitors) away from the hard disk.
If the users are using an unsecured operating system, then buying virus protection software is a nice safeguard. Some popular anti virus programs include:
•McAfee Virus Scan
•Norton Anti Virus
•Virex
•PC—cillin
•Avast!
•AVG Anti Virus System
Automatic protection of anti-virus software should be turned on at all times.
The users should perform a manual scan (or schedule a scan to occur automatically) of their hard disks weekly. These scans supplement automatic protection and confirm that the computer is virus-free.
Scan all floppy disks before first use.
Disable floppy disk booting -- most computers now allow the user to do this, and that will eliminate the risk of a boot sector virus coming in from a floppy disk accidentally left in the drive.
The users should Enable Automatic Update option of their anti-virus software in order to update their virus definition files.
Creation and maintenance of a rescue disk should be done by the user in order to facilitate recovery from certain boot viruses.
Periodic backups of the hard disk should be done.
Users’ should buy legal copies of all software they use and make write-protected backups.
Email messages and email attachments from unknown people should not be opened. Attachments that come in as Word files (.DOC), spreadsheets (.XLS), images (.GIF and .JPG), etc., are data files and they can do no damage (noting the macro virus problem in Word and Excel documents mentioned above). A file with an extension like EXE, COM or VBS is an executable, and an executable can do any sort of damage it wants. Further it should be verified that the "author" of the email has sent the attachments. Newer viruses can send email messages that appear to be from a person user know.
The potential users should make sure that Macro Virus Protection is enabled in all Microsoft applications, and they should never run macros in a document unless they know specifically the functionality of the macros.
Appropriate Passwords should be assigned to the shared network drives.
Things that are not viruses!
Joke programs
Joke programs are not viruses and do not inflict any damage. Their purpose is to frighten their victims into thinking that a virus has infected and damaged their system. For example, a joke program may display a message warning the user not to touch any keys or else the computer’s hard disk will be formatted.
Droppers
A dropper is a program that is not a virus, nor is it infected with a virus but when run it installs a virus into memory on to the disk, or onto a file. Droppers have been written sometimes as a convenient carrier for a virus and sometimes as an act of sabotage.
Hoaxes
There must be very few people on email who haven't received a chain letter with the subject line warning of a virus doing the rounds. These are often hoaxes and meant to scare people and have fun at their expense. The warnings encourage the recipient of the e-mail to pass the warning to the netizens and thus create an unnecessary furor, besides clogging mailboxes, as it usurps an air of credibility.
Methodology of virus detection applied by antivirus softwares:
Three main methods exist for detecting viruses: integrity checking (also known as checksumming), behavior monitoring and pattern matching (scanning).
Integrity checking
Antivirus programs that use integrity checking start by building an initial record of the status (size, time, date, etc.) of every application file on the hard drive. Using this data, checksumming programs then monitor the files to see if changes have been made. If the status changes, the integrity checker warns the user of a possible virus.
However, this method has several disadvantages, the biggest being that false alarms are altogether too common. The records used by checksumming programs are often rendered obsolete by legitimate programs, which, in their normal course of operations, make changes to files that appear to the Integrity checker to be viral activity. Another weakness of integrity checking is that it can only alert the user after a virus has infected the system.
Behavior monitoring
Behavior Monitoring programs are usually terminate and stay resident (TSR) and constantly monitor requests that are passed to the interrupt table. These programs are on the lookout for activities that a virus might engage in--requests to write to a boot sector, opening an executable program for writing, or placing itself resident in memory. The behavior these programs monitor is derived from a user-configurable set of rules.
Pattern matching
Using a process called "pattern matching," the anti-virus software draws upon an extensive database of virus patterns to identify known virus signatures, or telltale snippets of virus code. Key areas of each scanned file are compared against the list of thousands of virus signatures that the anti-virus software has on record.
Whenever a match occurs, the anti-virus software takes the action the user has configured: Clean, Delete, Quarantine, Pass (Deny Access for Real-time Scan), or Rename.
Self Defense Mechanisms Evolved By Viruses
Virus authors of course wish that their child successfully lives. For this reason there are many viruses outfitted with some self-defense mechanisms against anti virus systems.
Passive Defense :
Viruses use a variety of methods to hide themselves from antivirus programs. Passive defense uses programming methods which make analysis of the virus more difficult, e.g. polymorphic viruses which were developed to counter scanners looking for constant strings of virus code.
Today antivirus systems are capable of analyzing polymorphic code and searching for virus identifiers in the decrypted body. The virus authors reacted by making the encryption too complex for antivirus software to unravel, thus mistaking it for a clean program.
Active Self-defense :
Viruses actively defend themselves by protecting their own code or by attempting to damage antivirus software. A simple method is to locate antivirus software databases and amend or delete them.
More sophisticated resident viruses use stealth techniques. When they detect a request to use an infected file, they can temporarily "clean" it or report its original (uninfected) parameters. They can monitor which programs are being executed and react if it is antivirus software. The list of such reactions is endless. Usually, the execution of the antivirus program is refused, but it could be erased (often accompanied by a bogus error message) or the virus suspends its activities while it runs. There are occasionally extremely 'clever' viruses which modify the code of a specific AV program to partially disable it.
There are very rare viruses which consider an attempt to run an anti-virus program as arrogant and immediately reply with some revenge action - for example hard disk formatting.
Trap
A trap is the most malicious form of self-defense and works as follows. Although the user’s computer is infected but everything appears to work correctly. Once the user discovers the virus and removes it things get complicated - programs no longer run properly or the hard disk may become inaccessible even when booting from a clean system diskette.
The best known trap virus is One_Half. It continuously encrypts the data on a hard disk (two tracks on every boot). If it is removed from the partition sector before data files are decoded then some files will become inaccessible. At this stage the situation is serious but recovery of the data is still possible. However, if the user runs a disk utility (Scandisk etc.) to repair the damage then the data will almost certainly be lost forever.
These utilities are designed to repair relatively minor damage to file system and do not recognize the encrypted data.
Using the above explanation, it can be said that viruses infect program files. However, viruses can also infect certain types of data files, specifically those types of data files that support executable content, for example, files created in Microsoft Office programs that rely on macros.
Compounding the definition difficulty, viruses also exist that demonstrate a similar ability to infect data files that don't typically support executable content - for example, Adobe PDF files, widely used for document sharing, and .JPG image files. However, in both cases, the respective virus has a dependency on an outside executable and thus neither virus can be considered more than a simple ‘proof of concept’. In other cases, the data files themselves may not be infectable, but can allow for the introduction of viral code. Specifically, vulnerabilities in certain products can allow data files to be manipulated in such a way that it will cause the host program to become unstable, after which malicious code can be introduced to the system. These examples are given simply to note that viruses no longer relegate themselves to simply infecting program files, as was the case when Mr. Cohen first defined the term. Thus, to simplify and modernize, it can be safely stated that a virus infects other files, whether program or data.
Computer viruses are called viruses because they share some of the traits of biological viruses. A computer virus passes from computer to computer like a biological virus passes from person to person.
There are similarities at a deeper level, as well. A biological virus is not a living thing. A virus is a fragment of DNA inside a protective jacket. Unlike a cell, a virus has no way to do anything or to reproduce by itself -- it is not alive. Instead, a biological virus must inject its DNA into a cell. The viral DNA then uses the cell's existing machinery to reproduce itself. In some cases, the cell fills with new viral particles until it bursts, releasing the virus. In other cases, the new virus particles bud off the cell one at a time, and the cell remains alive.
A computer virus shares some of these traits. A computer virus must piggyback on top of some other program or document in order to get executed. Once it is running, it is then able to infect other programs or documents. Obviously, the analogy between computer and biological viruses stretches things a bit, but there are enough similarities that the name sticks.
A computer virus is a program that replicates. To do so, it needs to attach itself to other program files (for example, .exe, .com, .dll) and execute whenever the host program executes. Beyond simple replication, a virus almost always seeks to fulfill another purpose: to cause damage.
Called the damage routine, or payload, the destructive portion of a virus can range from overwriting critical information kept on the hard disk's partition table to scrambling the numbers in the spreadsheets to just taunting the user with sounds, pictures, or obnoxious effects.
It’s worth bearing in mind, however, that even without a ”damage routine”, if viruses are allowed to run unabated then it will continue to propagate--consuming system memory, disk space, slowing network traffic and generally degrading performance. Besides, virus code is often buggy and can also be the source of mysterious system problems that take weeks to understand. So, whether a virus is harmful or not, its presence on the system can lead to instability and should not be tolerated.
Some viruses, in conjunction with "logic bombs," do not make their presence known for months. Instead of causing damage right away, these viruses do nothing but replicate--until the preordained trigger day or event when they unleash their damage routines on the host system or across a network.
Impact of Viruses on Computer Systems
Virus can be reprogrammed to do many kinds of harm including the following.
1.Copy themselves to other programs or areas of a disk.
2.Replicate as rapidly and frequently as possible, filling up the infected system’s disk and memory rendering the systems useless.
3.Display information on the screen.
4.Modify, corrupt or destroy selected files.
5.Erase the contents of entire disks.
6.Lie dormant for a specified time or until a given condition is met, and then become active.
7.Open a back door to the infected system that allows someone else to access and even control of the system through a network or internet connection.
8.Some viruses can crash the system by causing some programs (typically Windows) to behave oddly.
How viruses spread from one system to another?
The most likely virus entry points are email, Internet and network connections, floppy disk drives, and modems or other serial or parallel port connections. In today's increasingly interconnected workplace (Internet, intranet, shared drives, removable drives, and email), virus outbreaks now can spread faster and wider than ever before.
The following are some common ways for a virus to enter the users’ computer system:
•Email attachments
•Malicious scripts in web pages or HTML email
•FTP traffic from the Internet (file downloads)
•Shared network files & network traffic in general
•Demonstration software
•Pirated software
•Shrink-wrapped, production programs (rare)
•Computer labs
•Electronic bulletin boards (BBS)
•Diskette swapping (using other people’s diskettes for carrying data and programs back and forth)
High risk files
The most dangerous files types are:
.EXE, .COM, .XLS, .DOC, .MDB
Because they don't need any special conversion to infect a computer -- all they've got to do is run and consequently the virus spreads. It has been estimated that 99% of all viruses are written for these file formats.
A list of possible virus carriers includes:
EXE - (Executable file)
SYS - (Executable file)
COM - (Executable file)
DOC - (Microsoft Word)
XLS - (Microsoft Excel)
MDB - (Microsoft Access)
ZIP - (Compressed file, common in the USA)
ARJ - (Compressed file, common in the USA)
DRV - (Device driver)
BIN - (Common boot sector image file)
SCR - (Microsoft screen saver)
Common Symptoms Of Virus Infection
Computer does not boot.
Computer hard drive space is reduced.
Applications will not load.
An application takes longer to load than normal time period.
Hard dive activity increases especially when nothing is being done on the computer.
An anti virus software message appears.
The number of hard drive bad sectors steadily increases.
Unusual graphics or messages appear on the screen
Files are missing (deleted)
A message appears that hard drive cannot be detected or recognized.
Strange sounds come from the computer.
Some viruses take control of the keyboard and occasionally substitute a neighboring key for the one actually pressed. Another virus "swallows" key presses so that nothing appears on the screen.
Also interesting are system time effects. Clocks going backwards are especially frightening for workers who cannot wait to go home. More seriously though, this type of virus can cause chaos for programs which depend on the system time or date.
Some viruses can cost the user dearly by dialing out on his modem. We do not know of one which dials premium telephone numbers but no doubt we shall see one soon. One particularly malicious virus dials 911 (the emergency number in the USA) and takes up the valuable time of the emergency services.
Categories of viruses
Depending on the source of information different types of viruses may be categorized in the following ways:
PDA VIRUSES
The increasing power of PDAs has spawned a new breed of viruses. Maliciously creative programmers have leveraged the PDA's ability to communicate with other devices and run programs, to cause digital mayhem.
The blissfully safe world where users of these devices could synchronize and download with impunity came to an end in August 2000 with the discovery of the virus Palm Liberty. Since then, many more viruses have been discovered.
Though not yet as harmful as their PC-based cousins, these viruses still pose a threat to unsuspecting users. Their effects vary from the harmless flashing of an unwanted message or an increase in power consumption, to the deletion of all installed programs. But the threat is growing, and the destructiveness of these viruses is expected to parallel the development of the devices they attack.
MULTIPARTITE VIRUSES
A virus that combines two or more different infection methods is called a multipartite virus. This type of virus can infect both files and boot sector of a disk. Multi-partite viruses share some of the characteristics of boot sector viruses and file viruses: They can infect .com files, .exe files, and the boot sector of the computer’s hard drive. On a computer booted up with an infected diskette, the typical multi-partite virus will first make itself resident in memory then infect the boot sector of the hard drive. From there, the virus may infect a PC's entire environment. Not many forms of this virus class actually exist. However, they do account for a disproportionately large percentage of all infections. Tequila and Anticad are the examples of multipartite viruses.
BOMBS
The two most prevalent types of bombs are time bombs and logic bombs. A time bomb hides on the victim’s disk and waits until a specific date before running. A logic bomb may be activated by a date, a change to a file, or a particular action taken by a user or a program. Bombs are treated as viruses because they can cause damage or disruption to a system.
BOOT SECTOR VIRUSES
Until the mid-1990s, boot sector viruses were the most prevalent virus type, spreading primarily in the 16-bit DOS world via floppy disk. Boot sector viruses infect the boot sector on a floppy disk and spread to a user's hard disk, and can also infect the master boot record (MBR) on a user's hard drive. Once the MBR or boot sector on the hard drive is infected, the virus attempts to infect the boot sector of every floppy disk that is inserted into the computer and accessed. Examples of boot sector viruses are Michelangelo, Satria and Keydrop.
Boot sector viruses work like this: Let us assume that the user received a diskette with an infected boot sector. The user copied data from it but forgot to remove it from drive A:. When he started the computer next time the boot process will execute the infected boot sector program from the diskette. The virus will load first and infect the hard disk. Note that this can be prevented by changing the boot sequence in CMOS (Let C: drive boot before A:). By hiding on the first sector of a disk, the virus is loaded into memory before the system files are loaded. This allows it to gain complete control of DOS interrupts and in the process replaces the original contents of the MBR or DOS boot sector with their own contents and move the original boot sector data to another area on the disk. Because the virus has infected a system area of the hard disk it will be loaded into memory each time the computer is started. It will first take control of the lowest level disk system services before executing the original boot sector code which it has stored in another part of the hard disk. The computer seems to behave exactly as it should. Nobody will notice the extra few fractions of a second added to the boot sequence.
During normal operation the virus will happily stay in memory. Thanks to the fact that it has control of the disk services it can easily monitor requests for disk access - including diskettes. As soon as it gets a request for access to a diskette it will determine that there is a diskette in the floppy drive. It will then examine its boot sector to see if it has already been infected. If it finds the diskette clean it will replace the boot sector with its own code. From this moment the diskette will be a "carrier" and become a medium for infections on other PC's.
The virus will also monitor special disk requests for access to the boot sector. The boot sector contains its own code, and a request to read it could be from an anti-virus program checking for virus presence. The virus will not allow the boot sector to be read and will redirect all requests to the place on the hard disk where it has backed up the original contents. In this way nothing unusual is detected. Such methods are called stealth techniques and their main goal is to mask the presence of the virus. Not all boot viruses use stealth but those which do are common.
Boot viruses also infect the non-file (system) areas of hard and floppy disks. These areas offer an efficient way for a virus to spread from one computer to another. Boot viruses have achieved a higher degree of success than program viruses in infecting their targets and spreading.
Boot virus can infect DOS, Windows 3.x, Windows 95/98, Windows NT, and even Novell Netware systems. This is because they exploit inherent features of the computer (rather than the operating system) to spread and activate.
Cleaning up a boot sector virus can be performed by booting the machine from an uninfected floppy system disk rather than from the hard drive, or by finding the original boot sector and replacing it in the correct location on the disk.
CLUSTER VIRUSES
This type of virus makes changes to a disks file system. If any program is run from the infected disk, the program causes the virus to run as well. This technique creates the illusion that the virus has infected every program on the disk.
E-MAIL VIRUSES
These types of viruses can be transmitted via e-mail messages sent across private networks or the internet. Some e-mail viruses are transmitted as an infected attachment- a document file or program that is attached to the message. This type of virus is run when the victim opens the file that is attached to the message. Other types of email viruses reside within the body of the message itself. To store a virus, the message must be encoded in html format. Once launched many e-mail viruses attempt to spread by sending messages to everyone in the victim’s address book; each of those contains a copy of the virus.
The latest thing in the world of computer viruses is the e-mail virus called Melissa virus which surfaced in March 1999. Melissa spread in Microsoft Word documents sent via e-mail, and it worked like this:
Someone created the virus as a Word document uploaded to an Internet newsgroup. Anyone who downloaded the document and opened it would trigger the virus. The virus would then send the document (and therefore itself) in an e-mail message to the first 50 people in the person's address book. The e-mail message contained a friendly note that included the person's name, so the recipient would open the document thinking it was harmless. The virus would then create 50 new messages from the recipient's machine. As a result, the Melissa virus was the fastest-spreading virus ever seen and it forced a number of large companies to shut down their e-mail systems at that time.
The ILOVEYOU virus, which appeared on May 4, 2000, was even simpler. It contained a piece of code as an attachment. People who double clicked on the attachment allowed the code to execute. The code sent copies of itself to everyone in the victim's address book and then started corrupting files on the victim's machine. This is as simple as a virus can get. It is really more of a Trojan horse distributed by e-mail than it is a virus.
The Melissa virus took advantage of the programming language built into Microsoft Word called VBA, or Visual Basic for Applications. It is a complete programming language and it can be programmed to do things like modify files and send e-mail messages. It also has a useful but dangerous auto-execute feature. A programmer can insert a program into a document that runs instantly whenever the document is opened. This is how the Melissa virus was programmed. Anyone who opened a document infected with Melissa would immediately activate the virus. It would send the 50 e-mails, and then infect a central file called NORMAL.DOT so that any file saved later would also contain the virus! It created a huge mess.
FILE INFECTING VIRUSES
File infectors operate in memory and usually infect executable files with the following extensions: *.COM, *.EXE, *.DRV, *.DLL, *.BIN, *.OVL, *.SYS. They activate every time the infected file is executed by copying themselves into other executable files and can remain in memory long after the virus has activated.
Thousands of different file infecting viruses exist, but similar to boot sector viruses, the vast majority operates in a DOS 16-bit environment. Some, however, have successfully infected the Microsoft Windows, IBM OS/2, and Apple Computer Macintosh environments.
File viruses can be separated further into sub-categories by the way they manipulate their targets:
TSR FILE VIRUSES
A less common type of virus is the terminate-and-stay-resident file virus. As the name suggests these infect files usually these are .com and .exe files. there are however some device driver viruses, some viruses that infect overlay files, and although over 99% of executable programs have the extension .com and .exe, some do not .For a TSR virus to spread some one has to run an infected program. The virus goes memory resident typically looking at each program run thereafter and infects it. Examples of TSR file viruses are Dark Avenger and Green Caterpillar.
OVERWRITING VIRUSES
These viruses infect by overwriting part of their target with their own code but, by doing so, they damage the file. The file will never serve another purpose other than spreading the virus further. Because of this they are usually detected quickly and do not spread easily.
PARASITIC VIRUSES
These viruses attach themselves to executables without substantially changing the contents of the host program. They attach by adding their code to the beginning, end, or even middle of the file and divert program flow so that the virus is executed first. When the virus has finished its job, control is passed on to the host. Execution of the host is a little delayed but this is usually not noticeable.
MACRO VIRUSES
Many older applications had simple macro systems that allowed the user to record a sequence of operations within the application and associate them with a specific keystroke. Later, the user could perform the same sequence of operations by merely hitting the specified key.
Newer applications provide much more complex macro systems. User can write entire macro-programs that run within the word processor or spreadsheet environment and are attached directly onto word processing and spreadsheet files. Unfortunately, this ability also makes it possible to create macro viruses.
Macro viruses currently account for about 80 percent of all viruses, according to the International Computer Security Association (ICSA), and are the fastest growing viruses in computer history. Unlike other virus types, macro viruses aren’t specific to an operating system and spread with ease via email attachments, floppy disks, Web downloads, file transfers, and cooperative applications.
Macro viruses are, however, application-specific. A macro virus is designed to infect a specific type of document file, such as Microsoft word or excel files. They infect macro utilities that accompany such applications as Microsoft Word and Excel, which means a Word macro virus cannot infect an Excel document and vice versa. A macro virus is embedded in a document file and can travel between data files in the application and can eventually infect hundreds of files if undeterred and in the process do various levels of damage to data from corrupting documents to deleting data.
Macro viruses are written in "every man's programming language" -- Visual Basic -- and are relatively easy to create. They can infect at different points during a file's use, for example, when it is opened, saved, closed, or deleted
A typical chronology for macro virus infection begins when an infected document or spreadsheet is loaded. The application also loads any accompanying macros that are attached to the file. If one or more of the macros meet certain criteria, the application will also immediately execute these macros. Macro viruses rely upon this auto-execution capability to gain control of the application’s macro system.
Once the macro virus has been loaded and executed, it waits for the user to edit a new document, and then kicks into action again. It attaches its virus macro programs onto the new document, and then allows the application to save the document normally. In this fashion, the virus spreads to another file and does so in a completely discrete fashion. Users have no idea of the infection. If this new file is later opened on another computer, the virus will once again load, be launched by the application, and find other unsuspecting files to infect.
Finally, as far as a macro virus is concerned, the application serves as the operating system. A single macro virus can spread to any of the platforms on which the application is installed and running. For example, a single macro virus that uses Microsoft Word could conceivably spread to Windows 3.x, Windows 95/98, Window NT, and the Macintosh.
Macro viruses for Word
In the summer of 1995, Microsoft Word 6 was the first product affected with macro virus. The first one (WM/Concept.A) was really only a proof of concept - one of the installed macros (called Payload) contained only this remark:
“That's enough to prove my point”
Most macro viruses for Word use a feature called 'automacros'. The basic principle is that some macros with special names are automatically executed when Word starts, opens a file, or closes a file. The macro virus then inserts macros into NORMAL.DOT - a standard template which is loaded every time Word starts.
In Word there are some ways to disable automacros but this isn't the ultimate solution. Some macro viruses use other methods to take control over the Word environment.
Another method of self-protection may be to set NORMAL.DOT to read only. But this can also be bypassed and, in addition, it prevents the user from customizing the template.
Macro viruses for Excel
Excel has the same opportunities for virus authors as Word. It has automacros and a directory called XLSTART from which templates are automatically loaded.
But Excel does not have just normal VBA macros like Word. In Excel there are so called 'formulas' - macros stored in spreadsheet cells. The first macro virus using this technology was XF/Paix.
Macro viruses for other MS Office products:
Writing a macro virus for other Office products is not difficult. There have been already some viruses for Access, and it is expected that there will be macro viruses for Power Point in the near future.
But those macro viruses are not as dangerous as the macro viruses for Word or Excel. Not because of some limitation of these other Office products, but because data files from these products are not so frequently shared.
There is one danger which can be seen in today's Power Point even without native macro viruses written for this product. Programmers can include in their presentation any number of objects from Excel or Word. And these objects can be infected with macro viruses - if they edit the presentation and open the infected object with its parent application, then the virus can spread further.
But the current situation may change dramatically over the next few years. Microsoft has licensed VBA technology to many firms, so one can expect to see more macro viruses for other products, too.
POLYMORPHIC VIRUSES
This type of virus can change itself each time it is copied, making it difficult to isolate. Most simple viruses attach identical copies of themselves to the files they infect. An anti-virus program can detect the virus’s code (or signature) because it is always the same and quickly ferret out the virus. To avoid such easy detection, polymorphic viruses operate somewhat differently. Unlike the simple virus, when a polymorphic virus infects a program, it scrambles its virus code in the program body. This scrambling means that no two infections look the same, making detection more difficult. These viruses create a new decryption routine each time they infect, so every infected file will have a different sequence of virus code.
STEALTH VIRUSES
Stealth viruses actively seek to conceal themselves from attempts to detect or remove them. They also can conceal changes they make to other files, hiding the damage from the user and the operating system.
Stealth viruses, or Interrupt Interceptors, as they are sometimes called, take control of key DOS-level instructions by intercepting the interrupt table, which is located at the beginning of memory. This gives the virus the ability to do two important things: 1) gain control of the system by re-directing the interrupt calls, and 2) hide itself to prevent detection. They use techniques such as intercepting disk reads to provide an uninfected copy of the original item in place of the infected copy (read-stealthing viruses), altering disk directory or folder data for infected program files (size-stealthing), or both. For example, the Whale virus is a size-stealthing virus. It infects .EXE program files and alters the folder entries of infected files when other programs attempt to read them. The Whale virus adds 9216 bytes to an infected file. Because changes in file size are an indication that a virus might be present, the virus then subtracts the same number of bytes (9216) from the file size given in the directory/folder entry to trick the user into believing that the file’s size has not changed.
An antivirus program which is not equipped with anti-stealth technology will be deceived.
COMPANION VIRUSES
A companion virus is the exception to the rule that a virus must attach itself to a file. The companion virus instead creates a new file and relies on a behavior of DOS to execute it instead of the program file that is normally executed. These viruses target EXE programs. They create another file of the same name but with a COM extension containing the virus code. These viruses take advantage of a property of MS-DOS which allows files to share the same first name in the same directory (e.g. ABC.EXE and ABC.COM) but executes COM files in preference to EXE files.
For example, the companion virus might create a file named CHKDSK.COM and place it in the same directory as CHKDSK.EXE. Whenever DOS must choose between executing two files of the same name where one has an .EXE extension and the other a .COM extension, it executes the .COM file. This is not an effective way of spreading but has one big advantage - it does not amend files in any way and so can escape integrity tests or resident protection. Another method which can be used by companion viruses is based on defined path. A virus simply puts an infected file into the path listed before the directory within the original program.
PROGRAM VIRUSES
Like normal programs, program viruses must be written for a specific operating system. The vast majority of viruses are written for DOS but some have been written for Windows 3.x, Windows 95/98, and even UNIX. All versions of Windows are compatible with DOS and can host DOS viruses with varying degrees of success. Program viruses infect program files, which commonly have extensions such as .COM, .EXE, .SYS, .DLL, .OVL, or .SCR. Program files are attractive targets for virus writers because they are widely used and have relatively simple formats to which viruses can attach.
Malicious Programs and Scripts
Viruses that infect agent programs (such as those that download software from the Internet; for example, JAVA and ActiveX).
WORM
A worm is a computer program that has the ability to copy itself from machine to machine. Worms normally move around and infect other machines through computer networks. An entire LAN or corporate e-mail system can become totally clogged with copies of a worm, rendering it useless. Worms are commonly spread over the internet via e-mail message attachments and through internet relay chat channels.
For example, the Code Red worm replicated itself over 250,000 times in approximately nine hours on July 19, 2001.
A worm usually exploits some sort of security hole in a piece of software or the operating system. For example, the Slammer worm (which caused mayhem in January 2003) exploited a hole in Microsoft's SQL server.
Worms use up computer time and network bandwidth when they are replicating, and they often have some sort of evil intent. A worm called Code Red made huge headlines in 2001. Experts predicted that this worm could clog the Internet so effectively that things would completely grind to a halt.
The Code Red worm slowed down Internet traffic when it began to replicate itself, but not nearly as badly as predicted. Each copy of the worm scanned the Internet for Windows NT or Windows 2000 servers that do not have the Microsoft security patch installed. Each time it found an unsecured server, the worm copied itself to that server. The new copy then scanned for other servers to infect. Depending on the number of unsecured servers, a worm could conceivably create hundreds of thousands of copies.
The Code Red worm was designed to do three things:
•Replicate itself for the first 20 days of each month
•Replace Web pages on infected servers with a page that declares "Hacked by Chinese"
•Launch a concerted attack on the White House Web server in an attempt to overwhelm it
The most common version of Code Red is a variation, typically referred to as a mutated strain, of the original Ida Code Red that replicated itself on July 19, 2001.
TROJAN HORSES
Trojans, another form of malware, are generally agreed upon as doing something other than the user expected, with that “something” defined as malicious. Most often, Trojans are associated with remote access programs that perform illicit operations such as password-stealing or which allow compromised machines to be used for targeted denial of service attacks. One of the more basic forms of a denial of service (DoS) attack involves flooding a target system with so much data, traffic, or commands that it can no longer perform its core functions. When multiple machines are gathered together to launch such an attack, it is known as a distributed denial of service attack, or DDoS.
Because Trojan horses do not make duplicates of themselves on the victims disk (or copy themselves to other disks), they are not technically viruses. But because they can do harm, many experts consider them to be a type of virus. Trojan horses are often used as by hackers to create a back door to an infected system. Trojans, such as BackOrrifice are very dangerous. If anyone runs this program and his computer is connected to the internet, then the hacker can take control of that computer - transfer files to or from the computer, capture screen contents, run any program or kill any running process, etc.
Once a Trojan is installed onto the system this program has the same privileges as the user of the computer and can exploit the system to do something the user did not intend such as:
Delete files
Transmit to the intruder any files that the user can read
Change any files that the user can modify
Install other programs with the user’s privileges
Execute privilege-elevation attacks—the Trojan can attempt to exploit a weakness to raise the level of access beyond the user running the Trojan. If successful, the Trojan can operate with increased privileges.
Install viruses
Install other Trojans
The Following Tips Will Help The User To Minimize Virus Risk:
If the users are truly worried about traditional (as opposed to e-mail) viruses, they should be running a more secure operating system like UNIX. One should never hear about viruses on these operating systems because the security features keep viruses (and unwanted human visitors) away from the hard disk.
If the users are using an unsecured operating system, then buying virus protection software is a nice safeguard. Some popular anti virus programs include:
•McAfee Virus Scan
•Norton Anti Virus
•Virex
•PC—cillin
•Avast!
•AVG Anti Virus System
Automatic protection of anti-virus software should be turned on at all times.
The users should perform a manual scan (or schedule a scan to occur automatically) of their hard disks weekly. These scans supplement automatic protection and confirm that the computer is virus-free.
Scan all floppy disks before first use.
Disable floppy disk booting -- most computers now allow the user to do this, and that will eliminate the risk of a boot sector virus coming in from a floppy disk accidentally left in the drive.
The users should Enable Automatic Update option of their anti-virus software in order to update their virus definition files.
Creation and maintenance of a rescue disk should be done by the user in order to facilitate recovery from certain boot viruses.
Periodic backups of the hard disk should be done.
Users’ should buy legal copies of all software they use and make write-protected backups.
Email messages and email attachments from unknown people should not be opened. Attachments that come in as Word files (.DOC), spreadsheets (.XLS), images (.GIF and .JPG), etc., are data files and they can do no damage (noting the macro virus problem in Word and Excel documents mentioned above). A file with an extension like EXE, COM or VBS is an executable, and an executable can do any sort of damage it wants. Further it should be verified that the "author" of the email has sent the attachments. Newer viruses can send email messages that appear to be from a person user know.
The potential users should make sure that Macro Virus Protection is enabled in all Microsoft applications, and they should never run macros in a document unless they know specifically the functionality of the macros.
Appropriate Passwords should be assigned to the shared network drives.
Things that are not viruses!
Joke programs
Joke programs are not viruses and do not inflict any damage. Their purpose is to frighten their victims into thinking that a virus has infected and damaged their system. For example, a joke program may display a message warning the user not to touch any keys or else the computer’s hard disk will be formatted.
Droppers
A dropper is a program that is not a virus, nor is it infected with a virus but when run it installs a virus into memory on to the disk, or onto a file. Droppers have been written sometimes as a convenient carrier for a virus and sometimes as an act of sabotage.
Hoaxes
There must be very few people on email who haven't received a chain letter with the subject line warning of a virus doing the rounds. These are often hoaxes and meant to scare people and have fun at their expense. The warnings encourage the recipient of the e-mail to pass the warning to the netizens and thus create an unnecessary furor, besides clogging mailboxes, as it usurps an air of credibility.
Methodology of virus detection applied by antivirus softwares:
Three main methods exist for detecting viruses: integrity checking (also known as checksumming), behavior monitoring and pattern matching (scanning).
Integrity checking
Antivirus programs that use integrity checking start by building an initial record of the status (size, time, date, etc.) of every application file on the hard drive. Using this data, checksumming programs then monitor the files to see if changes have been made. If the status changes, the integrity checker warns the user of a possible virus.
However, this method has several disadvantages, the biggest being that false alarms are altogether too common. The records used by checksumming programs are often rendered obsolete by legitimate programs, which, in their normal course of operations, make changes to files that appear to the Integrity checker to be viral activity. Another weakness of integrity checking is that it can only alert the user after a virus has infected the system.
Behavior monitoring
Behavior Monitoring programs are usually terminate and stay resident (TSR) and constantly monitor requests that are passed to the interrupt table. These programs are on the lookout for activities that a virus might engage in--requests to write to a boot sector, opening an executable program for writing, or placing itself resident in memory. The behavior these programs monitor is derived from a user-configurable set of rules.
Pattern matching
Using a process called "pattern matching," the anti-virus software draws upon an extensive database of virus patterns to identify known virus signatures, or telltale snippets of virus code. Key areas of each scanned file are compared against the list of thousands of virus signatures that the anti-virus software has on record.
Whenever a match occurs, the anti-virus software takes the action the user has configured: Clean, Delete, Quarantine, Pass (Deny Access for Real-time Scan), or Rename.
Self Defense Mechanisms Evolved By Viruses
Virus authors of course wish that their child successfully lives. For this reason there are many viruses outfitted with some self-defense mechanisms against anti virus systems.
Passive Defense :
Viruses use a variety of methods to hide themselves from antivirus programs. Passive defense uses programming methods which make analysis of the virus more difficult, e.g. polymorphic viruses which were developed to counter scanners looking for constant strings of virus code.
Today antivirus systems are capable of analyzing polymorphic code and searching for virus identifiers in the decrypted body. The virus authors reacted by making the encryption too complex for antivirus software to unravel, thus mistaking it for a clean program.
Active Self-defense :
Viruses actively defend themselves by protecting their own code or by attempting to damage antivirus software. A simple method is to locate antivirus software databases and amend or delete them.
More sophisticated resident viruses use stealth techniques. When they detect a request to use an infected file, they can temporarily "clean" it or report its original (uninfected) parameters. They can monitor which programs are being executed and react if it is antivirus software. The list of such reactions is endless. Usually, the execution of the antivirus program is refused, but it could be erased (often accompanied by a bogus error message) or the virus suspends its activities while it runs. There are occasionally extremely 'clever' viruses which modify the code of a specific AV program to partially disable it.
There are very rare viruses which consider an attempt to run an anti-virus program as arrogant and immediately reply with some revenge action - for example hard disk formatting.
Trap
A trap is the most malicious form of self-defense and works as follows. Although the user’s computer is infected but everything appears to work correctly. Once the user discovers the virus and removes it things get complicated - programs no longer run properly or the hard disk may become inaccessible even when booting from a clean system diskette.
The best known trap virus is One_Half. It continuously encrypts the data on a hard disk (two tracks on every boot). If it is removed from the partition sector before data files are decoded then some files will become inaccessible. At this stage the situation is serious but recovery of the data is still possible. However, if the user runs a disk utility (Scandisk etc.) to repair the damage then the data will almost certainly be lost forever.
These utilities are designed to repair relatively minor damage to file system and do not recognize the encrypted data.
Saturday, November 22, 2008
Computer Knowledge Shoroom
COMPUTER KNOWLEDGE SHOWROOM is one of the Google and Clickbank business partner. Those advertiser were formed to satisfy customer requirements for quality Computer products, services and others which related to business online.
These advertiser have received a great deal of recognition and has been written up in many major publications. This computer Knowledge Web will provide all of their products in other side and has key goal is to provide a premium service, which delivers effective solutions, and provides exceptional value to their customers and clients. As a result, the computer Knowledge Web has surpassed many major competitors in a very fast paced and competitive business online.
Computer Knowledge Web offers over 30,000 parts with huge inventory in stock to maintain delivery of all orders in a timely manner. We recognize that every client has its own unique perspective and goals that often require innovative and new approaches. Therefore, Google Clickbank highly qualified sales and support staff are always ready to help clients fulfill all their computing and other needs. Also, Computer Knowledge Web will give you about web tutorial, IT know knowledge, and all off information technology.
The COMPUTER KNOWLEDGE SHOWROOM products, expertise and service you need to make your business successful. Fast shipping, fast answers, the industry's largest in-stock inventories, custom configurations and more. Just find the seller link and find the product you need on their site. You can get all of Information Technology Products need here... let's Enjoy your browsing.......
Again, it is my intention to provide the highest level of customer service. I aim to make your first and every purchase with Computer Knowledge Web Ads
These advertiser have received a great deal of recognition and has been written up in many major publications. This computer Knowledge Web will provide all of their products in other side and has key goal is to provide a premium service, which delivers effective solutions, and provides exceptional value to their customers and clients. As a result, the computer Knowledge Web has surpassed many major competitors in a very fast paced and competitive business online.
Computer Knowledge Web offers over 30,000 parts with huge inventory in stock to maintain delivery of all orders in a timely manner. We recognize that every client has its own unique perspective and goals that often require innovative and new approaches. Therefore, Google Clickbank highly qualified sales and support staff are always ready to help clients fulfill all their computing and other needs. Also, Computer Knowledge Web will give you about web tutorial, IT know knowledge, and all off information technology.
The COMPUTER KNOWLEDGE SHOWROOM products, expertise and service you need to make your business successful. Fast shipping, fast answers, the industry's largest in-stock inventories, custom configurations and more. Just find the seller link and find the product you need on their site. You can get all of Information Technology Products need here... let's Enjoy your browsing.......
Again, it is my intention to provide the highest level of customer service. I aim to make your first and every purchase with Computer Knowledge Web Ads
Pocketdish is a Breath of Fresh Air in a Stale Market
There are so many electronic gadgets, devices, and tools out there, that consumers have to learn in order to get not only what they , but also what they need. The designers of all portable video devices have tried to make sure that they have something that sets them apart from the others, but some of these features work better than others. For example, the Video iPod has the distinguishing feature of being made by Apple computer. Besides the fact that video and music downloaded from Apple's on line store- iTunes- will only play on devices made by Apple, there's really nothing to distinguish the iPod from its competition. This strategy seems to work well enough for the iPod though. But when Microsoft recently released its answer to the iPod in the form of a device it calls the Zune, its efforts fell flat.
Other eletronic devices have tried to distinguish themselves in more substantial ways than just brand loyalty and an elitist online video and music store. Some go for raw power- like the model that has a massive 180 gigabyte hard drive. Others go for maximum portability with tiny screens and measly 2 gigabyte hard drives. One has built in wifi capability for surfing the Internet, acts as a digital video recorder, can be turned into a camcorder with the addition of a digital camera, and can be plugged into a car stereo system or a home stereo for listening to digital music. While this is an impressive list of features, it's easy to suspect that a device that claims to do all of those things probably doesn't do any of them very well.
Then there's the PocketDish from Dish Network. The PocketDish is a portable video device that has all of the features of its competition, but rather than a bunch of superfluous features that don't really amount to much of a difference, it has a feature that makes a big difference in how easy it is to use. This feature is an ability to download video from a Dish Network digital video recorder. While this might not sound that impressive at first, once the implications of the idea sink in, it's easy to see the benefit of such a feature. Since other portable video players download their video from the Internet in general and online stores in particular, the ability to get exactly the video that you want through an interface that you're familiar with is an enormous advantage. That's because the Internet is a frustrating place to get video from. It can be difficult to find the video that you're looking for, there are format compatibility problems to be aware of, and most downloads require you to pay a small fee. None of that is a concern with the PocketDish.
As an added bonus, the PocketDish is also a portable digital video recorder which means that you can get video from almost any video device in addition to Dish Network's digital video recorders. The only disadvantage is that the PocketDish can only record video this way in real time, but that's offset by the advantage of being able to store up to four times as much video recorded this way as the same unit could download from Dish Network.
These features make the PocketDish stand out among all of the other portable video players on the market.
Other eletronic devices have tried to distinguish themselves in more substantial ways than just brand loyalty and an elitist online video and music store. Some go for raw power- like the model that has a massive 180 gigabyte hard drive. Others go for maximum portability with tiny screens and measly 2 gigabyte hard drives. One has built in wifi capability for surfing the Internet, acts as a digital video recorder, can be turned into a camcorder with the addition of a digital camera, and can be plugged into a car stereo system or a home stereo for listening to digital music. While this is an impressive list of features, it's easy to suspect that a device that claims to do all of those things probably doesn't do any of them very well.
Then there's the PocketDish from Dish Network. The PocketDish is a portable video device that has all of the features of its competition, but rather than a bunch of superfluous features that don't really amount to much of a difference, it has a feature that makes a big difference in how easy it is to use. This feature is an ability to download video from a Dish Network digital video recorder. While this might not sound that impressive at first, once the implications of the idea sink in, it's easy to see the benefit of such a feature. Since other portable video players download their video from the Internet in general and online stores in particular, the ability to get exactly the video that you want through an interface that you're familiar with is an enormous advantage. That's because the Internet is a frustrating place to get video from. It can be difficult to find the video that you're looking for, there are format compatibility problems to be aware of, and most downloads require you to pay a small fee. None of that is a concern with the PocketDish.
As an added bonus, the PocketDish is also a portable digital video recorder which means that you can get video from almost any video device in addition to Dish Network's digital video recorders. The only disadvantage is that the PocketDish can only record video this way in real time, but that's offset by the advantage of being able to store up to four times as much video recorded this way as the same unit could download from Dish Network.
These features make the PocketDish stand out among all of the other portable video players on the market.
Wednesday, November 19, 2008
Learn About Computers
“There’s too much to learn!” “Everything changes so quickly!” “I just don’t understand!”
These are all common reactions to the overwhelming challenge of learning to use a personal computer. The volume of information, the pace of change and the intimidating technical language can make learning about computers seem like an unattainable and unrealistic goal.
However, with the right strategy, learning about computers doesn’t have to be impossible. In fact, thanks to numerous opportunities on the Internet, free computer learning courses are available to everyone and, with a structured approach; you can overcome the barriers to learning about computers and find yourself mastering computer skills quickly and painlessly.
The first step on your path to learning about computers is to tune out all of the ridicule from your friends, forget your precocious eight-year-old niece’s computer skills and focus on yourself. You can do this by defining what success means to you. Do this by setting a few compelling and attainable goals that are relevant to you and assigning them realistic timelines. Make sure these goals are observable and measurable so that you know when you’ve achieved them and can celebrate your success.
For example, if you’ve never touched a computer before, you might set a goal of being able to turn the machine on and to launch three of your favorite programs by the end of your first month of learning. Or you might focus on a specific area of learning about computers, such as navigating the Internet, and set a goal of being able to find two free computer learning courses on a program you would like to learn. Your first goal should be challenging, but not overwhelming. If you stay in your comfort zone, you won’t advance, but if you set goals you can’t achieve, you’ll quickly become discouraged. By achieving some success early on, you’ll be more motivated to challenge yourself to learn faster. This will also make learning about computers fun, which will keep your motivation at a high level.
After you’ve met your first goal – and you will! – take a little time out to celebrate your success. Brag to a friend or family member. Treat yourself to a reward for overcoming all the fear, doubt and uncertainty that comes with tackling such a daunting task. Once you’ve tasted a little success and gotten your feet wet, you’ll have a much clearer idea of what you want and need to learn. If you’ve learned how to launch your three favorite programs, you might realize that you really want or need to master one of those programs. If your goal was to navigate to some free computer learning courses, you might soon realize that you need to understand the features and functionality of a specific site. While it’s tempting at this point to dive in and learn all there is to know, resist that temptation, or you’ll risk becoming overwhelmed. Remember to read sections of the web site that will teach you how to use the site properly. You can often find these under sections like FAQs, How it Works and Getting Started.
To keep your learning on track, identify your ultimate goal and then break that down into smaller steps and goals to get you there. Once you’ve broken down your end goal into a collection of smaller, bite-size chunks of skills to learn, make sure you assign dates to each of them so that you have a timeline with which to work. Again, it’s important to challenge yourself, but don’t set timelines that are so aggressive that they seem unrealistic. Once you know all the things that you need to learn and by when, it’s simply a matter of finding the resources for learning about computers by exploring the Internet, bookstores, libraries and classroom options, such as local community colleges. There are also several free computer learning courses online that will get you started in the right direction. Most of these courses allow you to learn at your own pace and will give you a great start to learning computers with little or no financial obligation. With a little research, you can find a reputable online computer learning courses, and be on your way to materializing your goals for learning about computers in no time.
Tackling the enormous undertaking of learning how to use your computer can be overwhelming. However, by breaking it down into manageable tasks and setting your own pace for learning, you’ll be a computer guru on your own terms in no time.
These are all common reactions to the overwhelming challenge of learning to use a personal computer. The volume of information, the pace of change and the intimidating technical language can make learning about computers seem like an unattainable and unrealistic goal.
However, with the right strategy, learning about computers doesn’t have to be impossible. In fact, thanks to numerous opportunities on the Internet, free computer learning courses are available to everyone and, with a structured approach; you can overcome the barriers to learning about computers and find yourself mastering computer skills quickly and painlessly.
The first step on your path to learning about computers is to tune out all of the ridicule from your friends, forget your precocious eight-year-old niece’s computer skills and focus on yourself. You can do this by defining what success means to you. Do this by setting a few compelling and attainable goals that are relevant to you and assigning them realistic timelines. Make sure these goals are observable and measurable so that you know when you’ve achieved them and can celebrate your success.
For example, if you’ve never touched a computer before, you might set a goal of being able to turn the machine on and to launch three of your favorite programs by the end of your first month of learning. Or you might focus on a specific area of learning about computers, such as navigating the Internet, and set a goal of being able to find two free computer learning courses on a program you would like to learn. Your first goal should be challenging, but not overwhelming. If you stay in your comfort zone, you won’t advance, but if you set goals you can’t achieve, you’ll quickly become discouraged. By achieving some success early on, you’ll be more motivated to challenge yourself to learn faster. This will also make learning about computers fun, which will keep your motivation at a high level.
After you’ve met your first goal – and you will! – take a little time out to celebrate your success. Brag to a friend or family member. Treat yourself to a reward for overcoming all the fear, doubt and uncertainty that comes with tackling such a daunting task. Once you’ve tasted a little success and gotten your feet wet, you’ll have a much clearer idea of what you want and need to learn. If you’ve learned how to launch your three favorite programs, you might realize that you really want or need to master one of those programs. If your goal was to navigate to some free computer learning courses, you might soon realize that you need to understand the features and functionality of a specific site. While it’s tempting at this point to dive in and learn all there is to know, resist that temptation, or you’ll risk becoming overwhelmed. Remember to read sections of the web site that will teach you how to use the site properly. You can often find these under sections like FAQs, How it Works and Getting Started.
To keep your learning on track, identify your ultimate goal and then break that down into smaller steps and goals to get you there. Once you’ve broken down your end goal into a collection of smaller, bite-size chunks of skills to learn, make sure you assign dates to each of them so that you have a timeline with which to work. Again, it’s important to challenge yourself, but don’t set timelines that are so aggressive that they seem unrealistic. Once you know all the things that you need to learn and by when, it’s simply a matter of finding the resources for learning about computers by exploring the Internet, bookstores, libraries and classroom options, such as local community colleges. There are also several free computer learning courses online that will get you started in the right direction. Most of these courses allow you to learn at your own pace and will give you a great start to learning computers with little or no financial obligation. With a little research, you can find a reputable online computer learning courses, and be on your way to materializing your goals for learning about computers in no time.
Tackling the enormous undertaking of learning how to use your computer can be overwhelming. However, by breaking it down into manageable tasks and setting your own pace for learning, you’ll be a computer guru on your own terms in no time.
Wednesday, November 12, 2008
CCTV CAMERAS
Have you ever think about modern security gadgets for our protection? Of a truth, it may cross our minds as we watch the news, or hear of a robbery attack. Yet, we probably haven't taken any steps to ensure safety of our most treasured assets and properties at home or in our offices. Unfortunately most people think it won't happen to them. It would be nice if that were true, but as statistics show, it's not. Every year, more than 1200 robbery incidences are reported globally. Several high profile companies, banks,government establishments etc. Lose several millions of dollars and vital documents during such operations. But for the best brand security cameras, Access control systems, Finger print locks, Fire and alarm systems at affordable prices. It's the first of a new generation to utilise Encrypted data from cards to Readers. Extremely intelligent controllers operat virtually and automously, Minimizing network traffic and eliminating Bandwidth concerns. Using the latest in electronic processing and networking technology.
Saturday, November 8, 2008
THE JARGON BUSTER
When i say JARGON BUSTER many would easily think of Credit cards, as part of the financial industry. But the JARGON BUSTER that i'm talking about here is one of the major components of computer system. RAM. When you open a program, your computer loads it from your hard drive into an area which is known as the RAM or RANDOM Access memory. RAM is accessed much more quickly than data read from the hard drive, which therefore allows your programs to respond faster. The more RAM you have installed, the more data can be loaded simultaneously. The result of this is a better overall computer performance. Some times we may be wondering how best to handle the RAM, but to do this, always handle by the edges and avoid touching the chips or gold contacts.
More also, you may be determining how much RAM you need, but sincerely compare your RAM with the recommended amounts for your operating system. Other programs use RAM,too, so the more the better.
You may need to know how much RAM you need, honestly windows XP can manage a maximum of up to 4GB of RAM, so that's the ideal maximum. However, it will run well with 1GB.
HOT TIP
Buy new RAM. Hold memory in your pc might be slower than any new RAM you purchase. Therefore, always buy all-new RAM, as mixing old and new may slow down your pc.
More also, you may be determining how much RAM you need, but sincerely compare your RAM with the recommended amounts for your operating system. Other programs use RAM,too, so the more the better.
You may need to know how much RAM you need, honestly windows XP can manage a maximum of up to 4GB of RAM, so that's the ideal maximum. However, it will run well with 1GB.
HOT TIP
Buy new RAM. Hold memory in your pc might be slower than any new RAM you purchase. Therefore, always buy all-new RAM, as mixing old and new may slow down your pc.
Wednesday, November 5, 2008
HOW DO I KEEP MY COMPUTER SAFE ON THE INTERNET
"Internet Safety" sounds like an impossible task but its really possible,high level protection can be implementedHardly will a day pass and we don't hear something about a new threat being unleashed on the internet, we hear of hackers,we hear of new viruses being written.Some people believe that microsoft product are more vulnerable.Some believe otherwise,antivirus companies work day and night to be up to date.There are threats to your passwords, every program or pop-up you see on your screen is screened properly before you click.A popular saying that 'only a stand alone system is safe' lies on everyone's lips.Here are some fews tips that you should consider and it will save you a lot of trouble. 'Prevention is better than cure'.Use a Firewall - A firewall is a piece of software or hardware that acts as a gateway between your computer and the internet and acts as protective sheild.It could also behave like a filter that sorts what goes in and out between your system and the internet. For example, a firewall may allow checking email and browsing the web, but disallow some other applications (If you're using a phone to dial-in to the internet, a firewall is not as important, though it doesn't hurt to have one. A software firewall may be your only option, though.)Virus Scan - Sometimes, typically via email, virii are able to cross the wall and end up on your computer anyway. A virus scanner will locate and remove them from your hard disk. A real time virus scanner will notice them as they arrive, even before they hit the disk, but at the cost of slowing down your machine a little. Important: because new virii are arriving every day, it's important to keep your virus definitions up-to-date. Be sure to enable the scanning software's automatic-update feature and have it do so every day. Spyware is similar to virii in that they arrive unexpected and unannounced and proceed to do something undesired. Normally spyware is relatively benign from a safety perspective, but it can violate your privacy by tracking the web sites you visit, or add "features" to your system that you never requested for. The worst offenders are spyware that take over normal functions of your system. For example, some like to redirect your web searches to other sites to try and infect you with something. Of course some spyware could act like a virus,it might as well be a virus, the negative effects it can have on your system can be so drastic. The good news is that, like virus scanners, there are spyware scanners that will locate and remove the offending software.Stay Up-To-Date - I can say it in my haste that 90% of virus infections don't have to happen. Software vulnerabilities that the viruses exploit usually already have patches available by the time the virus reaches a computer. The reason is simply because you refuse to install the latest updates that would have prevented the infection in the first place. I still see this on a regular bases that patches that were made like 2 years ago still affect a lot of systems,it simply shows that your protection is obsolete. The solution is simple: enable automatic updates, and visit Windows Update regularly.Don't be ignorant- Without mincing words , all the protection in the world won't save you from yourself. Don't open attachments that you aren't positive are ok. Don't fall for phishing scams. Don't click on links in email that you aren't positive are safe. Don't install "free" software without checking it out first - many "free" packages are free because they come loaded with spyware, adware and worse. When visiting a web site, did you get a pop-up asking if it's ok to install some software you're not sure of because you've never heard of it? Don't say "OK". Not sure about some security warning you've been given? Don't ignore it. Choose strong passwords, and don't share them with others. Assuming you browse you browse on your laptop or other mobile devices using internet hot spots, free Wifi or cafes, you must take extra precautions. Make sure that your email access is via secure connections, or that your regular mail is over an encrypted connection as well. Don't let people spy on and get to know your password by watching you when you type and have access to your security details. Monitor who has access to your system - In any security outfit,i discover the major thing they do is to man the entrance and the exit,what goes in and what goes out is the very vital to any security system. All of the precautions I've listed will be useless if other people can get to use your system and don't adhere to any of these precautions. Your password to your windows should be kept secret.They might not follow the safety rules neccessary outlined. A Family member getting to your system can gain access to very important details like your pins,credit card details.So who are you to blame?The truth remain that the major responsibility in keeping your system safe lies with you.You are the chief security officer of your system protection scheme.Beyond the antivirus, the anti- spam and the likes, you have a part to play.
Subscribe to:
Posts (Atom)