What to do if you face error � Windows failed to start� in Windows Vista

The following error displays when starting the computer with Windows Vista:
"Windows Error Recovery: Windows failed to start. A recent hardware or software change might be the cause."
The computer may restart to this same error after selecting "Start Windows Normally".

Analyzing the cause of the Error:

1.Has the error occurred while setting up a new Computer. Has the error occurred after recovering the computer. If any of these cases has caused the error then in that case you need to select the Launch Start Repair. It will let windows to repair it's files. You can select the option from the error screen.
2.Even then if the problem persists then in that case you need to start the system recovery. Reset the computer to it's original configuration. Once done with it complete the system setup and look out for all the icons as well as the side bar items every thing should be in the right place. Now shut down the computer.
3.Once the computer is restarted and the problem still persist there then you may take the below mentioned steps. This will help you recover the Windows desktop.
4.Remove the hardware that you have recently added:


Follow these steps to remove the recently added hardware.

1.Switch off the system & unplug the power cable from the system
2.The next step should be to unplug all the peripherals those are not at all required or necessary like network cable, zip drive, scanner etc.
3.Now press the power button on the system for around 5 seconds and then release it.
4. Now plug in the power cord.
5. Turn on the system
6. The monitor will show the message again you need to let the timer to get over.
7. If the error reflects again on the system skip to the next step.
8. If the system successfully restarts and gets to the Windows desktop, you need to plug any of the unplugged device and wait till Windows recognizes it
Continue to connect the devices to the computer, you need to restart the system each time you connect a new hardware, you need to do this till the time the hardware that is causing the error is not recognized. It is not recommended to use the device that has caused error , any more.


How to restore the system with system restore

• Turn off the system
• Now remove all the devices from the system except the mouse, keyboard and monitor
• Now turn on the system once again and when you see the logo screen you need to press the F8 key multiple times.
• You will see a Windows start up screen.

Now using the arrow keys select the Safe Mode with Command Prompt and press enter.

If still you see the error message the next step you need to perform is system recovery.
When you see the logon screen , select the administrator, now enetr the password if prompted to.
Now the command window will appear, enter the following command.
cd \windows\system32\restore
Once the new prompt appears enter rstrui
System restore screen will now open in front of you.
That screen will have several option s and steps you need to follow to recover the system to the earlier state.
Now try to the restart the system and even then if the problem persists you need to perform a recovery of the system that too with a data recovery software.
For any sort of the CD DVD corruption you can opt for CD recovery software.

New Version - Improved GUI

New versions are great.  People get all excited and everywhere you look you see rainbows.  Forge now has 5,995 cards.  Thanks to the efforts of many people, Forge has 303 new cards and a wealth of user interface upgrades.  We had 15 people, who are listed below, that directly helped with this version of Forge.  This is our biggest number yet.

For a complete list of new cards, go to the post here.  Scroll down to find the text "Added many cards, including:" then click "Open".

Above is Forge's new look.  The current picture is just a temporary picture to give you an idea of what this will look like when finished. If you want to replace this picture then copy a new picture of your choice into the /forge/res/images/ui/ folder. The code will look for a file named "newgame_background.jpg" in this folder.  Wizards Wallpaper of the Week archive is a great place to find replacement art.

Let me briefly explain the options that Forge has.  The "Stack AI Land" option will make the AI a little better by stacking its deck so it doesn't get mana screwed or flooded.  The "Developer Mode" option allows people use very small decks, only 4 cards, in order to make sure that a specific card works correctly.

Above is a picture of the improved deck editor.  Each of the icons at the top represents instant, sorcery, etc..  Now you can easily search by card name, to see if Forge has your favorite.  The text search is very useful and I quickly searched for all cards that deal 2 damage.

To find cards that have alternate winning conditions search for "win " with a space.  If you only search for "win" you will finds cards like Windwright Mage that have "win" somewhere in their card text.  In the past the deck editor was slow when searching or filtering cards but now it is much faster.

A few of the interesting new cards are:  Boon Reflection (5W, Enchantment) - If you would gain life, you gain twice that much life instead.  Clone (3U, Creature) which is a great card because you can copy any creature and if I understand the rules correctly, Clone can also kill annoying legendary creatures. Cryptic Command (1UUU, Instant) - "Choose two � Counter target spell; or return target permanent to its owner's hand; or tap all creatures your opponents control; or draw a card."  Cryptic Command is impressive from a programming point of view because it is more complicated than your average card.  I programmed the red version, Incendiary Command, years ago.

Below is taken from changes.txt which was written by Chris H. (I have also stolen one other sentence which I used in this post.)

Sloth, Dennis and Choppic worked together to contribute a neat, new feature for the New Battlefield user interface. There are now three symbolic icons that will overlay creature cards. These icons are used to denote summoning sickness and whether a creature is attacking or blocking. Please note that you must use have the "New GUI" checkbox marked "yes". The battlefield icons are 32 x 32 pixel .png type pictures. You may be able to replace them with icons from one of the icon archives that can be found on the internet.

The constructed mode deck editor card filters are now icons rather than the old style checkbox type filters. The deck editor filter icons are now 24 x 24 pixel .png files. The constructed mode deck editor now includes three textboxes that you can use to apply additional filtering to the cards that are listed in the All Cards table. These three filters allow you to filter by card name, type, and text.

[Now back to me.]

Forge.zip (11 MB) - This is the 1/14 version which was released on the forums.

12-22.zip (115 MB) Card Pictures - Put these in your /res/pics directory.  If that link doesn't work try this.

This is most of the card pictures.  You can download the rest of them from Forge's opening screen by selecting "Menu", then "Download Card LQ Pictures".  LQ stands for low-quality.  Forge also allows you to download bigger, high-quality (HQ) card pictures.

Many people helped with this version. A special thank you goes out to them:

Dennis Bergkamp

Rob Cashwalker

Friar Sol

Slapshot5

Sloth

Hellfish

Snacko

Choppic

SoulStorm

Fnoed

Jaedayr

Gofishus

Sentient6

jhhh

Zirbert

Chris H

p.s.
--I try to avoid jargon but it is useful.  GUI stands for graphic user interface.

--This document was painfully constructed using Word 2010, which is horrible.  I don�t really think Microsoft is evil but the user interface is awful.  For some unknown reason, menus are bad and the ribbon interface is good, i.e. I have to hover my mouse over the little icons so I can see the tooltip text that pops up.  And for some reason Word double spaces things even when it should single space them and when I cut-and-paste it from Word into blogspot.com then it comes out single spaced.  

If I could revert Word's user interface to the previous, menu-based version, I would make millions.  Word 2010, the worst videogame ever.

How To Optimize Your Mac Using - Stellar Drive Tool Box Mac

Check out this SlideShare Presentation:

How To Optimize Your Mac Using - Stellar Drive Tool Box Mac

View more presentations from tompatrick.

Windows 7 Remote Desktop

If your PC is in a corporate environment, your IT helpdesk might be able to use Windows Remote Desktop or a similar system to gain access to your computer. You might consider it slightly disconcerting to see the pointer moving around the screen apparently on its own, but this is a good way for an organization to provide support and reduce overall costs.

Before beginning a remote help session, make sure that your PC is on. If you want to set up a remote desktop connection to another PC, you can access Remote Desktop by typing remote in the Start menu search box and selecting Remote Desktop Connection from the results that appear.

The PC you want to connect to must be on your network or virtual private network (VPN), and you will need to know its name on the system to connect. Some organizations use Remote Desktop across the Internet to provide support for customers, although others may use Remote Assistance.

The target PC will also need to be configured to receive Remote Desktop connections. These settings can be found in Control Panel by clicking System And Security, clicking System, and then clicking the Advanced System Settings link. The options to allow remote connections can be found on the Remote tab of the dialog box that appears.

You might need to allow Remote Desktop through your firewall. You can access Windows Firewall settings from the Control Panel by clicking System And Security, and then clicking Windows Firewall. Click Allow A Program Or Feature Through Windows Firewall to allow Remote Desktop.

If Remote Desktop is unable to verify the identity of the computer when you try to connect to a remote PC, a warning appears. This will happen if Windows suspects that connecting to this PC could pose a security risk to your system.

Once connected, the person who initiated the Remote Desktop connection has full access to your PC to remotely diagnose any problems.


Third-party firewalls can block Remote Desktop or Windows Remote Assistance attempts to connect to your PC. You can temporarily disable the firewall to allow connection if required. If you are using the Windows 7 built-in firewall, it is already correctly configured for remote help and won�t give you any problems.

By default, most routers allow a Remote Desktop connection across the Internet. If you cannot connect, however, you may have to log in to your router and change certain router settings, such as opening a connection port or permitting Remote Desktop. You should consult your router manual or help document for details on how to do this.

Source of Information :  Microsoft Press - Troubleshooting Windows 7 Inside Out

Does Mac OS X Get Keylogger Virus

Here is a question most of the Mac users concern about: does Mac get keylogger virus? There are a lot of discussions out there but few people exactly explain this question.

Best Registry Cleaner for Windows

Nowadays there are a number of registry cleaners available on the market and each one claims to be the best. However, many cleaners are not as good as they claim. Therefore, users wonder to know which one is the best registry cleaner for Window 7 and other operating system. It is important to learn how to select the best registry cleaner.

My web browser has been hijacked.

Spyware, adware, malware, and other Trojans are becoming an ever-growing threat to users who browse the Internet or install free programs. However, many computer users do not realize when these programs are secretly installed on a computer or realize when their system or browsers settings are changed. Below is a listing of potential symptoms a user may encounter when their browser or computer has been hijacked.

* Default home page changes to a different page; commonly an adult oriented web page.
* Computer slows down.
* New tools in the browser such as a new search toolbar is installed or added to the browser.
* Default search engine or other settings changed.
-------------------------------------

Unfortunately, many of the software programs designed to hijack a computer's browser are intentionally designed to be difficult to remove or detect. Below are recommendations on how these programs can be prevented and removed.

Free programs

When installing free programs such as KaZaA, read the disclaimers and watch for additional programs that are being installed. Many times these programs are supported by automatically installing spyware programs.

If you no longer use these programs on a regular basis, uninstalling these programs will (but not always) also uninstall any associated software that is included with them.

Add/Remove programs

If you are running Microsoft Windows and you have noticed a program that you do not wish to use or want uninstalled, see if the program can be removed through Add/Remove programs in the Control panel.

All of the legitimate companies that install toolbars onto your computer should be able to be removed through the Add/Remove programs icon in the control panel. Some examples include the Alexa Toolbar, Google Toolbar, Yahoo Toolbar, and Windows Live Toolbar.

If the spyware program you're attempting to uninstall cannot be uninstalled or gets reinstalled when you reboot the computer. Boot the computer into Safe Mode and then uninstall the program while in Safe Mode.

Restore browser settings

Some web pages and programs are designed to automatically change your browser's settings. For example, a web page or program may automatically change your default home page to an alternate home page. These issues can be corrected by following the below steps.

1. Close all browser windows so that only one window is open.
2. Visit an alternate safe site such as Computer Hope or Google.
3. Correct the settings changed, such as changing your home page back to your original home page. Additional help and information about changing your browser's settings can be found on our browser help pages.
4. Once the settings have been changed and applied, close out of the browser window.
5. The next time the browser is opened it should have the correct settings. However, if the site that changed your browser settings is visited again, it is likely that the settings will be changed again. This issue can be prevented with many of the spyware / adware programs that are available today.

Spyware / Adware / Malware detection and removal programs

Because of the ever-growing threat of these programs, many companies have developed programs that help prevent, detect, and remove these infections. Below is a listing of a few of the programs you may wish to consider.

* Malwarebytes
* Microsoft's Windows Defender
* Ad-aware from Lavasoft
* Spy Sweeper from Webroot Software
* Spybot Search and Destroy
* SpywareBlaster from Javacool Software
* HijackThis by Merijn.

A computer can have any number of spyware programs installed at the same time and it's recommended that you have more than one to ensure your computer is not infected. When running these programs if the spyware returns after rebooting the computer boot the computer into Safe Mode and run the spyware programs while in Safe Mode. Additional information about getting into Safe Mode can be found on document CHSAFE.

Microsoft Windows XP users

If you are running Microsoft Windows XP, updating to the latest Service Pack will help protect your computer against spyware.

Try alternative browser

Because Microsoft Internet Explorer is the most widely used browser today and because of its vulnerabilities, switching to an alternative browser such as Mozilla Firefox can significantly reduce the amount of spyware you get on your computer.

System Restore

Users who are running Microsoft Windows XP and are not able to remove a program that has hijacked their computer or browser may also wish to consider running the Microsoft System Restore and restore the computer to an earlier date.

How do I know if my computer has been hacked?

Most computer problems are not caused by computer hackers, it is more common for a computer to be hijacked then hacked. It can be difficult to detect a hacker on a computer because generally nothing changes to help disguise the hack. Below are the most common things that change after a computer is hacked.

New programs installed

In some situations, you may see new programs or files to the computer. If you are the only user on the computer and new programs are installed, this could be an indication of a hacked computer. However, there are also several legitimate reasons why a new program may appear on the computer, as listed below.

• Operating system or other program received updates that included new programs or files.
• When installing a new program it may have installed other programs. For example, it is common for plugins and other free programs to have a check box asking if it is ok to install a new Toolbar or anti-virus on your computer. If these boxes are checked, new programs are installed.
• Any other person who logs on your computer could install new programs.

Below is a listing of programs that may indicate a hacker has been on the computer.

• Back doors and Trojans are by far the most common programs to be installed on the computer after it has been hacked. These programs allow the hacker to gain access to the computer.
• IRCclients are another common way for a hacker to get into a computer or remotely control thousands of computers. If you have never participated in a IRC chat, your computer may have been hacked.
• Spyware, rogue anti-virus programs, and malware can be an indication of a hacker. However, are more commonly a sign that your computer has been hijacked while on the Internet.

Computer passwords have changed

Online passwords

Sometimes, after an online account is hacked the attacker changes the password to your account. Try using the forgot password feature to reset the password. If your e-mail address has changed or this feature does not work, contact the company who is providing the service, they are the only ones who can reset your account.

Local computer password

If your password to log into your computer has changed, it may have been hacked. There is no reason why a password would change on its own. Log into an administrator account to change your accounts password.

Lost or Forgottern Windows Password

E-mail spam being sent

When an e-mail account is hacked or taken over, the attacker almost always uses that account to spread spam and Viruses. If your friends, family, or coworkers are receiving e-mail from you advertising something like Viagra your e-mail is compromised. Log into your e-mail and change your e-mail account password.

E-mail addresses can also be spoofed without hacking the e-mail account. After changing the e-mail password, if your friends continue to get e-mails you have not sent, it is likely someone is spoofing your e-mail address.

Getting Bounce back E-mails from addresses I don't know.

Increased network activity

For any attacker to take control of a computer, they must remotely connect to that computer. When someone is remotely connected to your computer, your Internet connection will be slower. Also, many times after the computer is hacked it becomes a zombie to attack other computers.

Installing a bandwidth monitor program on the computer can help determine what programs are using what bandwidth on your computer. Windows users can also use the netstat command to determine remote established network connections and open ports.

There are dozens of other legitimate reasons why your Internet connection may also be slow.

Why is my Internet connection so slow

Unknown programs wanting access

Computer security programs and firewalls help restrict access to programs on a network or Internet. If the computer prompts for access to programs you do not know, rogue programs may be installed, or it may have been hacked. If you do not know why a program needs access to the Internet, we recommend blocking access to that program. If you later discover these blocks cause problems, they can be removed.

A firewall prompting you for access may also just be someone trying to probe your network, king for open or available ports in your network.

Security programs uninstalled

If the computers anti-virus, anti-malware program, or firewall that has been uninstalled or disabled this can also be an indication of a hacked computer. A hacker may disable these programs to help hide any warnings that would appear while they are on the computer.

Computer doing things by itself

When someone is remotely connected to a computer they can remotely control any device. For example, a mouse cursor could be moved or something could be typed. If you see the computer doing something as if someone else was in control, this can be an indication of a hacked computer.

Modem users

If the computer is dialing the Internet on its own, it is an indication that a program needs to connect to the Internet. It is common for programs like e-mail clients to do this to check for new e-mail. However, if you cannot identify what program needs Internet access, this can also be an indication of a hacked computer.

Internet browser home page changed or new toolbar

Internet browser changes such as your home page changing to a different web page, a new toolbar getting added, your search provider changing, web pages getting redirected are all signs of a browser getting hijacked and not a computer hacker

About Virus

A computer virus is a computer program that can copy itself^[1] and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.^[2]

Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.^[3][4]

As stated above, the term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, even those that do not have the reproductive ability. Malware includes computer viruses, computer worms, Trojan horses, most rootkits, spyware, dishonest adware and other malicious and unwanted software, including true viruses. Viruses are sometimes confused with worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself automatically to other computers through networks, while a Trojan horse is a program that appears harmless but hides malicious functions. Worms and Trojan horses, like viruses, may harm a computer system's data or performance. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious or simply do nothing to call attention to themselves. Some viruses do nothing beyond reproducing themselves.

The first academic work on the theory of computer viruses (although the term "computer virus" was not invented at that time) was done by John von Neumann in 1949 who held lectures at the University of Illinois about the "Theory and Organization of Complicated Automata". The work of von Neumann was later published as the "Theory of self-reproducing automata".^[5] In his essay von Neumann postulated that a computer program could reproduce.

In 1972 Veith Risak published his article "Selbstreproduzierende Automaten mit minimaler Informations�bertragung" (Self-reproducing automata with minimal information exchange).^[6] The article describes a fully functional virus written in assembler language for a SIEMENS 4004/35 computer system.

In 1980 J�rgen Kraus wrote his diplom thesis "Selbstreproduktion bei Programmen" (Self-reproduction of programs) at the University of Dortmund.^[7] In his work Kraus postulated that computer programs can behave in a way similar to biological viruses.

In 1984 Fred Cohen from the University of Southern California wrote his paper "Computer Viruses - Theory and Experiments".^[8] It was the first paper to explicitly call a self-reproducing program a "virus"; a term introduced by his mentor Leonard Adleman.

An article that describes "useful virus functionalities" was published by J. B. Gunn under the title "Use of virus functions to provide a virtual APL interpreter under user control" in 1984.^[9]

Science Fiction

The Terminal Man, a science fiction novel by Michael Crichton (1972), told (as a sideline story) of a computer with telephone modem dialing capability, which had been programmed to randomly dial phone numbers until it hit a modem that is answered by another computer. It then attempted to program the answering computer with its own program, so that the second computer would also begin dialing random numbers, in search of yet another computer to program. The program is assumed to spread exponentially through susceptible computers.

The actual term 'virus' was first used in David Gerrold's 1972 novel, When HARLIE Was One. In that novel, a sentient computer named HARLIE writes viral software to retrieve damaging personal information from other computers to blackmail the man who wants to turn him off.

Virus programs

The Creeper virus was first detected on ARPANET, the forerunner of the Internet, in the early 1970s.^[10] Creeper was an experimental self-replicating program written by Bob Thomas at BBN Technologies in 1971.^[11] Creeper used the ARPANET to infect DEC PDP-10 computers running the TENEX operating system.^[12] Creeper gained access via the ARPANET and copied itself to the remote system where the message, "I'm the creeper, catch me if you can!" was displayed. The Reaper program was created to delete Creeper.^[13]

A program called "Elk Cloner" was the first computer virus to appear "in the wild" � that is, outside the single computer or lab where it was created.^[14] Written in 1981 by Richard Skrenta, it attached itself to the Apple DOS 3.3 operating system and spread via floppy disk.^[14][15] This virus, created as a practical joke when Skrenta was still in high school, was injected in a game on a floppy disk. On its 50th use the Elk Cloner virus would be activated, infecting the computer and displaying a short poem beginning "Elk Cloner: The program with a personality."

The first PC virus in the wild was a boot sector virus dubbed (c)Brain,^[16] created in 1986 by the Farooq Alvi Brothers in Lahore, Pakistan, reportedly to deter piracy of the software they had written.^[17]

Before computer networks became widespread, most viruses spread on removable media, particularly floppy disks. In the early days of the personal computer, many users regularly exchanged information and programs on floppies. Some viruses spread by infecting programs stored on these disks, while others installed themselves into the disk boot sector, ensuring that they would be run when the user booted the computer from the disk, usually inadvertently. PCs of the era would attempt to boot first from a floppy if one had been left in the drive. Until floppy disks fell out of use, this was the most successful infection strategy and boot sector viruses were the most common in the wild for many years.^[1]

Traditional computer viruses emerged in the 1980s, driven by the spread of personal computers and the resultant increase in BBS, modem use, and software sharing. Bulletin board-driven software sharing contributed directly to the spread of Trojan horse programs, and viruses were written to infect popularly traded software. Shareware and bootleg software were equally common vectors for viruses on BBS's.^{[citation needed]}

Macro viruses have become common since the mid-1990s. Most of these viruses are written in the scripting languages for Microsoft programs such as Word and Excel and spread throughout Microsoft Office by infecting documents and spreadsheets. Since Word and Excel were also available for Mac OS, most could also spread to Macintosh computers. Although most of these viruses did not have the ability to send infected e-mail, those viruses which did take advantage of the Microsoft Outlook COM interface.^{[citation needed]}

Some old versions of Microsoft Word allow macros to replicate themselves with additional blank lines. If two macro viruses simultaneously infect a document, the combination of the two, if also self-replicating, can appear as a "mating" of the two and would likely be detected as a virus unique from the "parents".^[18]

A virus may also send a web address link as an instant message to all the contacts on an infected machine. If the recipient, thinking the link is from a friend (a trusted source) follows the link to the website, the virus hosted at the site may be able to infect this new computer and continue propagating.

Viruses that spread using cross-site scripting were first reported in 2002,^[19] and were academically demonstrated in 2005.^[20] There have been multiple instances of the cross-site scripting viruses in the wild, exploiting websites such as MySpace and Yahoo.

Infection strategies

In order to replicate itself, a virus must be permitted to execute code and write to memory. For this reason, many viruses attach themselves to executable files that may be part of legitimate programs. If a user attempts to launch an infected program, the virus' code may be executed simultaneously. Viruses can be divided into two types based on their behavior when they are executed. Nonresident viruses immediately search for other hosts that can be infected, infect those targets, and finally transfer control to the application program they infected. Resident viruses do not search for hosts when they are started. Instead, a resident virus loads itself into memory on execution and transfers control to the host program. The virus stays active in the background and infects new hosts when those files are accessed by other programs or the operating system itself.

Nonresident viruses

Nonresident viruses can be thought of as consisting of a finder module and a replication module. The finder module is responsible for finding new files to infect. For each new executable file the finder module encounters, it calls the replication module to infect that file.

Resident viruses

Resident viruses contain a replication module that is similar to the one that is employed by nonresident viruses. This module, however, is not called by a finder module. The virus loads the replication module into memory when it is executed instead and ensures that this module is executed each time the operating system is called to perform a certain operation. The replication module can be called, for example, each time the operating system executes a file. In this case the virus infects every suitable program that is executed on the computer.

Resident viruses are sometimes subdivided into a category of fast infectors and a category of slow infectors. Fast infectors are designed to infect as many files as possible. A fast infector, for instance, can infect every potential host file that is accessed. This poses a special problem when using anti-virus software, since a virus scanner will access every potential host file on a computer when it performs a system-wide scan. If the virus scanner fails to notice that such a virus is present in memory the virus can "piggy-back" on the virus scanner and in this way infect all files that are scanned. Fast infectors rely on their fast infection rate to spread. The disadvantage of this method is that infecting many files may make detection more likely, because the virus may slow down a computer or perform many suspicious actions that can be noticed by anti-virus software. Slow infectors, on the other hand, are designed to infect hosts infrequently. Some slow infectors, for instance, only infect files when they are copied. Slow infectors are designed to avoid detection by limiting their actions: they are less likely to slow down a computer noticeably and will, at most, infrequently trigger anti-virus software that detects suspicious behavior by programs. The slow infector approach, however, does not seem very successful.

Vectors and hosts

Viruses have targeted various types of transmission media or hosts. This list is not exhaustive:

• Binary executable files (such as COM files and EXE files in MS-DOS, Portable Executable files in Microsoft Windows, the Mach-O format in OSX, and ELF files in Linux)
• Volume Boot Records of floppy disks and hard disk partitions
• The master boot record (MBR) of a hard disk
• General-purpose script files (such as batch files in MS-DOS and Microsoft Windows, VBScript files, and shell script files on Unix-like platforms).
• Application-specific script files (such as Telix-scripts)
• System specific autorun script files (such as Autorun.inf file needed by Windows to automatically run software stored on USB Memory Storage Devices).
• Documents that can contain macros (such as Microsoft Word documents, Microsoft Excel spreadsheets, AmiPro documents, and Microsoft Access database files)
• Cross-site scripting vulnerabilities in web applications (see XSS Worm)
• Arbitrary computer files. An exploitable buffer overflow, format string, race condition or other exploitable bug in a program which reads the file could be used to trigger the execution of code hidden within it. Most bugs of this type can be made more difficult to exploit in computer architectures with protection features such as an execute disable bit and/or address space layout randomization.

PDFs, like HTML, may link to malicious code. PDFs can also be infected with malicious code.

In operating systems that use file extensions to determine program associations (such as Microsoft Windows), the extensions may be hidden from the user by default. This makes it possible to create a file that is of a different type than it appears to the user. For example, an executable may be created named "picture.png.exe", in which the user sees only "picture.png" and therefore assumes that this file is an image and most likely is safe, yet when opened runs the executable on the client machine.

An additional method is to generate the virus code from parts of existing operating system files by using the CRC16/CRC32 data. The initial code can be quite small (tens of bytes) and unpack a fairly large virus. This is analogous to a biological "prion" in the way it works but is vulnerable to signature based detection. This attack has not yet been seen "in the wild".

Methods to avoid detection

In order to avoid detection by users, some viruses employ different kinds of deception. Some old viruses, especially on the MS-DOS platform, make sure that the "last modified" date of a host file stays the same when the file is infected by the virus. This approach does not fool anti-virus software, however, especially those which maintain and date Cyclic redundancy checks on file changes.

Some viruses can infect files without increasing their sizes or damaging the files. They accomplish this by overwriting unused areas of executable files. These are called cavity viruses. For example, the CIH virus, or Chernobyl Virus, infects Portable Executable files. Because those files have many empty gaps, the virus, which was 1 KB in length, did not add to the size of the file.

Some viruses try to avoid detection by killing the tasks associated with antivirus software before it can detect them.

As computers and operating systems grow larger and more complex, old hiding techniques need to be updated or replaced. Defending a computer against viruses may demand that a file system migrate towards detailed and explicit permission for every kind of file access.

Avoiding bait files and other undesirable hosts

A virus needs to infect hosts in order to spread further. In some cases, it might be a bad idea to infect a host program. For example, many anti-virus programs perform an integrity check of their own code. Infecting such programs will therefore increase the likelihood that the virus is detected. For this reason, some viruses are programmed not to infect programs that are known to be part of anti-virus software. Another type of host that viruses sometimes avoid are bait files. Bait files (or goat files) are files that are specially created by anti-virus software, or by anti-virus professionals themselves, to be infected by a virus. These files can be created for various reasons, all of which are related to the detection of the virus:

• Anti-virus professionals can use bait files to take a sample of a virus (i.e. a copy of a program file that is infected by the virus). It is more practical to store and exchange a small, infected bait file, than to exchange a large application program that has been infected by the virus.
• Anti-virus professionals can use bait files to study the behavior of a virus and evaluate detection methods. This is especially useful when the virus is polymorphic. In this case, the virus can be made to infect a large number of bait files. The infected files can be used to test whether a virus scanner detects all versions of the virus.
• Some anti-virus software employs bait files that are accessed regularly. When these files are modified, the anti-virus software warns the user that a virus is probably active on the system.

Since bait files are used to detect the virus, or to make detection possible, a virus can benefit from not infecting them. Viruses typically do this by avoiding suspicious programs, such as small program files or programs that contain certain patterns of 'garbage instructions'.

A related strategy to make baiting difficult is sparse infection. Sometimes, sparse infectors do not infect a host file that would be a suitable candidate for infection in other circumstances. For example, a virus can decide on a random basis whether to infect a file or not, or a virus can only infect host files on particular days of the week.

Stealth

Some viruses try to trick antivirus software by intercepting its requests to the operating system. A virus can hide itself by intercepting the antivirus software�s request to read the file and passing the request to the virus, instead of the OS. The virus can then return an uninfected version of the file to the antivirus software, so that it seems that the file is "clean". Modern antivirus software employs various techniques to counter stealth mechanisms of viruses. The only completely reliable method to avoid stealth is to boot from a medium that is known to be clean.

Self-modification

Most modern antivirus programs try to find virus-patterns inside ordinary programs by scanning them for so-called virus signatures. A signature is a characteristic byte-pattern that is part of a certain virus or family of viruses. If a virus scanner finds such a pattern in a file, it notifies the user that the file is infected. The user can then delete, or (in some cases) "clean" or "heal" the infected file. Some viruses employ techniques that make detection by means of signatures difficult but probably not impossible. These viruses modify their code on each infection. That is, each infected file contains a different variant of the virus.

Encryption with a variable key

A more advanced method is the use of simple encryption to encipher the virus. In this case, the virus consists of a small decrypting module and an encrypted copy of the virus code. If the virus is encrypted with a different key for each infected file, the only part of the virus that remains constant is the decrypting module, which would (for example) be appended to the end. In this case, a virus scanner cannot directly detect the virus using signatures, but it can still detect the decrypting module, which still makes indirect detection of the virus possible. Since these would be symmetric keys, stored on the infected host, it is in fact entirely possible to decrypt the final virus, but this is probably not required, since self-modifying code is such a rarity that it may be reason for virus scanners to at least flag the file as suspicious.

An old, but compact, encryption involves XORing each byte in a virus with a constant, so that the exclusive-or operation had only to be repeated for decryption. It is suspicious for a code to modify itself, so the code to do the encryption/decryption may be part of the signature in many virus definitions.

Polymorphic code

Polymorphic code was the first technique that posed a serious threat to virus scanners. Just like regular encrypted viruses, a polymorphic virus infects files with an encrypted copy of itself, which is decoded by a decryption module. In the case of polymorphic viruses, however, this decryption module is also modified on each infection. A well-written polymorphic virus therefore has no parts which remain identical between infections, making it very difficult to detect directly using signatures. Antivirus software can detect it by decrypting the viruses using an emulator, or by statistical pattern analysis of the encrypted virus body. To enable polymorphic code, the virus has to have a polymorphic engine (also called mutating engine or mutation engine) somewhere in its encrypted body. See Polymorphic code for technical detail on how such engines operate.^[21]

Some viruses employ polymorphic code in a way that constrains the mutation rate of the virus significantly. For example, a virus can be programmed to mutate only slightly over time, or it can be programmed to refrain from mutating when it infects a file on a computer that already contains copies of the virus. The advantage of using such slow polymorphic code is that it makes it more difficult for antivirus professionals to obtain representative samples of the virus, because bait files that are infected in one run will typically contain identical or similar samples of the virus. This will make it more likely that the detection by the virus scanner will be unreliable, and that some instances of the virus may be able to avoid detection.

Metamorphic code

To avoid being detected by emulation, some viruses rewrite themselves completely each time they are to infect new executables. Viruses that utilize this technique are said to be metamorphic. To enable metamorphism, a metamorphic engine is needed. A metamorphic virus is usually very large and complex. For example, W32/Simile consisted of over 14000 lines of Assembly language code, 90% of which is part of the metamorphic engine.^[22][23]

Vulnerability and countermeasures

The vulnerability of operating systems to viruses

Just as genetic diversity in a population decreases the chance of a single disease wiping out a population, the diversity of software systems on a network similarly limits the destructive potential of viruses. This became a particular concern in the 1990s, when Microsoft gained market dominance in desktop operating systems and office suites. The users of Microsoft software (especially networking software such as Microsoft Outlook and Internet Explorer) are especially vulnerable to the spread of viruses. Microsoft software is targeted by virus writers due to their desktop dominance, and is often criticized for including many errors and holes for virus writers to exploit. Integrated and non-integrated Microsoft applications (such as Microsoft Office) and applications with scripting languages with access to the file system (for example Visual Basic Script (VBS), and applications with networking features) are also particularly vulnerable.

Although Windows is by far the most popular target operating system for virus writers, viruses also exist on other platforms. Any operating system that allows third-party programs to run can theoretically run viruses. Some operating systems are more secure than others. Unix-based operating systems (and NTFS-aware applications on Windows NT based platforms) only allow their users to run executables within their own protected memory space.

An Internet based experiment revealed that there were cases when people willingly pressed a particular button to download a virus. Security analyst Didier Stevens ran a half year advertising campaign on Google AdWords which said "Is your PC virus-free? Get it infected here!". The result was 409 clicks.^[24][25]

As of 2006^[update], there are relatively few security exploits targeting Mac OS X (with a Unix-based file system and kernel).^[26] The number of viruses for the older Apple operating systems, known as Mac OS Classic, varies greatly from source to source, with Apple stating that there are only four known viruses, and independent sources stating there are as many as 63 viruses. Many Mac OS Classic viruses targeted the HyperCard authoring environment. The difference in virus vulnerability between Macs and Windows is a chief selling point, one that Apple uses in their Get a Mac advertising.^[27] In January 2009, Symantec announced the discovery of a trojan that targets Macs.^[28] This discovery did not gain much coverage until April 2009.^[28]

While Linux, and Unix in general, has always natively blocked normal users from having access to make changes to the operating system environment, Windows users are generally not. This difference has continued partly due to the widespread use of administrator accounts in contemporary versions like XP. In 1997, when a virus for Linux was released � known as "Bliss" � leading antivirus vendors issued warnings that Unix-like systems could fall prey to viruses just like Windows.^[29] The Bliss virus may be considered characteristic of viruses � as opposed to worms � on Unix systems. Bliss requires that the user run it explicitly, and it can only infect programs that the user has the access to modify. Unlike Windows users, most Unix users do not log in as an administrator user except to install or configure software; as a result, even if a user ran the virus, it could not harm their operating system. The Bliss virus never became widespread, and remains chiefly a research curiosity. Its creator later posted the source code to Usenet, allowing researchers to see how it worked.^[30]

The role of software development

Because software is often designed with security features to prevent unauthorized use of system resources, many viruses must exploit software bugs in a system or application to spread. Software development strategies that produce large numbers of bugs will generally also produce potential exploits.

Anti-virus software and other preventive measures

Many users install anti-virus software that can detect and eliminate known viruses after the computer downloads or runs the executable. There are two common methods that an anti-virus software application uses to detect viruses. The first, and by far the most common method of virus detection is using a list of virus signature definitions. This works by examining the content of the computer's memory (its RAM, and boot sectors) and the files stored on fixed or removable drives (hard drives, floppy drives), and comparing those files against a database of known virus "signatures". The disadvantage of this detection method is that users are only protected from viruses that pre-date their last virus definition update. The second method is to use a heuristic algorithm to find viruses based on common behaviors. This method has the ability to detect novel viruses that anti-virus security firms have yet to create a signature for.

Some anti-virus programs are able to scan opened files in addition to sent and received e-mails "on the fly" in a similar manner. This practice is known as "on-access scanning". Anti-virus software does not change the underlying capability of host software to transmit viruses. Users must update their software regularly to patch security holes. Anti-virus software also needs to be regularly updated in order to recognize the latest threats.

One may also minimize the damage done by viruses by making regular backups of data (and the operating systems) on different media, that are either kept unconnected to the system (most of the time), read-only or not accessible for other reasons, such as using different file systems. This way, if data is lost through a virus, one can start again using the backup (which should preferably be recent).

If a backup session on optical media like CD and DVD is closed, it becomes read-only and can no longer be affected by a virus (so long as a virus or infected file was not copied onto the CD/DVD). Likewise, an operating system on a bootable CD can be used to start the computer if the installed operating systems become unusable. Backups on removable media must be carefully inspected before restoration. The Gammima virus, for example, propagates via removable flash drives.^[31][32]

Recovery methods

Once a computer has been compromised by a virus, it is usually unsafe to continue using the same computer without completely reinstalling the operating system. However, there are a number of recovery options that exist after a computer has a virus. These actions depend on severity of the type of virus.

Virus removal

One possibility on Windows Me, Windows XP, Windows Vista and Windows 7 is a tool known as System Restore, which restores the registry and critical system files to a previous checkpoint. Often a virus will cause a system to hang, and a subsequent hard reboot will render a system restore point from the same day corrupt. Restore points from previous days should work provided the virus is not designed to corrupt the restore files or also exists in previous restore points.^[33] Some viruses, however, disable System Restore and other important tools such as Task Manager and Command Prompt. An example of a virus that does this is CiaDoor. However, many such viruses can be removed by rebooting the computer, entering Windows safe mode, and then using system tools.

Administrators have the option to disable such tools from limited users for various reasons (for example, to reduce potential damage from and the spread of viruses). A virus can modify the registry to do the same even if the Administrator is controlling the computer; it blocks all users including the administrator from accessing the tools. The message "Task Manager has been disabled by your administrator" may be displayed, even to the administrator.^{[citation needed]}

Users running a Microsoft operating system can access Microsoft's website to run a free scan, provided they have their 20-digit registration number. Many websites run by anti-virus software companies provide free online virus scanning, with limited cleaning facilities (the purpose of the sites is to sell anti-virus products). Some websites allow a single suspicious file to be checked by many antivirus programs in one operation.

Operating system reinstallation

Reinstalling the operating system is another approach to virus removal. It involves either reformatting the computer's hard drive and installing the OS and all programs from original media, or restoring the entire partition with a clean backup image. User data can be restored by booting from a Live CD, or putting the hard drive into another computer and booting from its operating system with great care not to infect the second computer by executing any infected programs on the original drive; and once the system has been restored precautions must be taken to avoid reinfection from a restored executable file.

These methods are simple to do, may be faster than disinfecting a computer, and are guaranteed to remove any malware. If the operating system and programs must be reinstalled from scratch, the time and effort to reinstall, reconfigure, and restore user preferences must be taken into account. Restoring from an image is much faster, totally safe, and restores the exact configuration to the state it was in when the image was made, with no further trouble.

Growth of Computer Forensics

Awhile ago I was hired by a computer forensics company to work as a consultant. This is a term that mingles detective work, marketing, and sales. Forensic investigative work takes years of training and passing several certifications, like IACIS, the International Association of Computer Investigative Specialists. After a crash course in computer forensics, I continued my research.

Disc Film Scanning to DVD

Disc film is an old outdated Kodak format developed in 1982. Disc film came housed within a plastic cartridge which provided the user with a disc of 15 images, as negatives. The size of the negatives on the disc were 11x8mm exposures arranged around the outside of the disc, with the disc being rotated 24° between each image. The format, although convenient, did not prove to be particularly popular amongst consumers. This can be mainly attributed to the fact that the images were only 11x8mm, which resulted in sub-par quality on the resulting images.

ISO Repair & Recovery Disc For Windows 7

Image by Sergio Rondan via Flickr

If you're like most PC users, it is likely that Windows 7 with a new PC or laptop. And if you're like 99% of the population, you get the new machines from leading manufacturers. Dell, Acer, HP, Toshiba, Lenovo, they all have one thing in common: they give you a real Windows installation disc 7 with your purchase. Instead, do what they call a "recovery disc" (that if you're lucky - otherwise you'll have a recovery partition instead) with the team and leave it at that.

No matter what you just paid a thousand dollars for a machine that comes with a valid license of Windows 7 - your computer manufacturer just do not want to spend the money (or perhaps take on the responsibility) to give a Windows 7 install DVD to accompany your expensive purchase.

The problem is that Windows 7, the installation media serves more than one purpose. There is only one way to get Windows installed, it is also the only way of recovering a borked installation. The DVD of Windows 7 has a full "recovery center" that provides the option of recovering your system via automated recovery (searches for problems and attempts to fix them automatically) and material to revert to a restore point, the recovery of a full backup of the PC, or access a command-line recovery console for advanced recovery.

Fortunately, Microsoft seems to have realized this problem and have thankfully made a recovery disk for this purpose. DVD containing the contents of Windows 7 is "recovery center," as we have come to refer to it. Can not be used to install or reinstall Windows 7, and only serves as a Windows PE interface to recovering your PC. Technically, you could re-create the installation media to the media freely downloadable from Microsoft (namely the Microsoft WAIK kit, a download of several gigabytes), but it's damn decent of Microsoft to make it available for Windows users may not be able to create such a thing on their own. You can make your own copy of Windows 7 Ultimate Edition, but now have an easier alternative.

What it does: The Windows 7 recovery discs can be used to access a system recovery menu, giving you options of using System Restore, Complete PC Backup, automated system repair, and a command line system for manual advanced recovery.

What not to do: You can use the Windows 7 recovery discs to reinstall Windows - just fixed (does not replace Windows.

Why you need it: If you bought your PC from a major retailer, you did not get this disc with your purchase.

Even if the the data is not recovered using the CD you can use DVD Recovery Software

Related articles

• Symptoms that indicate you need CD/DVD data recovery software

  Tom Patrick
  

Six Steps To Protect Your Wireless Networks

If you have a Wi-Fi network at home or in a small office, intruders may be after you, who troll city streets, looking for unprotected wireless networks . It may not just be malicious attackers who cause problems. If you don't change the defaults of your wireless network, a neighbor with the same router make and model might accidentally connect to your network, stealing your bandwidth or reconfiguring your router and network without your knowledge.

PROFESSIONS IN COMPUTER SCIENCE

What, then, do computer scientists do? There are many professions for people with degrees and with a background in computer science. Consider a few of the most common professional jobs.


Programmer
A computer scientist�s natural activity is in front of a computer, writing a program, so of course it stands to reason that his or her general job title is programmer. While the basic concepts of programming never change, two programmers can have jobs that are very different from each other. Writing a computer game, for example, is different than writing tax-preparation software. Two broad subcategories of programming are applications and systems. An applications programmer writes programs directly for users. Someone who helped create Microsoft Word is an applications programmer. A systems programmer writes programs that operate computers behind the scenes. For example, a systems programmer would create the software that directs traffic around the Internet. Even within these categories, programmers have different specialized knowledge. A programmer writing software for a bank needs some knowledge of finance, while one developing software to display molecules needs some background in chemistry. It should be noted that while �programmer� is still in use as a general term, it has fallen out of favor as a job title. This is because the work of developing software involves creating specifications and designs; that is, it�s now more than just programming. In response, a new term has arisen to reflect the total process: software engineer.


Software Engineer
A software engineer is involved in all stages of software development, from initial meeting with prospective clients to installing updates to a program years after it was first developed. In truth, most programmers are actually software engineers since it would be difficult for anyone to do a good job of writing a program if they haven�t been involved in the early stages of design. The term �software engineer� arose not only to better reflect a total process, which includes programming, as we noted above, but also because of the growing importance of correct software in the computer industry. Computers are increasingly involved in our lives, and are often critical to what we do, so software failure could be catastrophic. Consider a construction analogy in which a 100-story tower has been designed and tested by someone who was called a �builder.� If you worked there, you�d no doubt prefer that the building were designed by a �structural engineer��someone who rigorously tested the design in accordance with accepted principles. Similarly, an astronaut boarding a space shuttle doesn�t want to rely on a computer program written by a mere �programmer� to bring the craft safely back home, but instead wants the software written by a �software engineer.� Again, these activities imply that a formal, proven process was used to create the software. It gives a greater assurance that the software is free of serious defects.


Systems Analyst
A systems analyst makes decisions when whole systems must be introduced, upgraded, or replaced. If a chain of grocery stores determines that its current inventory control system is inadequate, for instance, a systems analyst� or team of analysts�would decide what the best solution is, taking into account all the costs involved, including purchasing new hardware, developing new software, training employees to use the new system, and so on. The best solution for the grocery store chain could involve replacing all the computers at the checkout counters or writing new software for the existing hardware. You can see in the above example that the term �system� encompasses not only computers and software, but everything that interacts with them, including the people who use them. A good systems analyst must take the skills, needs, and wants of other employees into account when making decisions. Note that many people with the title �systems analyst� do not analyze systems exclusively, especially in smaller organizations. They are also involved in the development of the software once the system plan has been approved. Thus, systems analysts are often software engineers as well.


System Manager
Once a new system is in place, someone must ensure that it continues to work. A person responsible for maintaining an existing computer system is a system manager. He or she monitors the hardware and software, and, if the needed use of the system outstrips its capacity, prioritizes requests. The system manager also supervises day-to-day tasks with the system, such as the replacement or repair of malfunctioning equipment, and is involved in the same kind of high-level decisions as systems analysts. At some organizations, both roles may be combined into one position, which is given an omnibus title such as �information technology manager.�


Network Manager
A network is a set of computers connected together so they can share data. A network manager is a kind of system manager who specializes in network operations: keeping the network operational, connecting new computers to the network as new employees are hired, upgrading the networking technology as needs change, and performing similar tasks. This position is fraught with peril, because at many offices all work must cease when the network is �down,� or nonoperational.


Researcher
A computer science researcher is involved in formal investigation of the computer science field, which is a little different than research in other sciences. A researcher in chemistry, for example, might mix several chemicals together as an experiment, observe the results, determine the properties of the existing compound, and compare this result with the result that was expected�the hypothesis. A computer science researcher, in contrast, does not generally conduct experiments. Since it is exactly known how a computer will interpret a given instruction or set of instructions, the researcher will know, or can test, whether a given idea will work before it is actually implemented as a program. Indeed, much research can be done without using a computer at all.

Research in this field can be practical or theoretical. Practical research has a known application already, such as an improvement for an existing process; for instance, a method to search Web pages faster or better. Theoretical research is meant to advance the discipline, without a specific practical goal in mind. Of course, today�s theoretical solution may turn out to have practical ramifications tomorrow. At one time, most research in computer science was performed at colleges and universities by faculty members whose salaries were at least partially funded by grants from government and private research organizations. Further research came from candidates for doctoral degrees whose research topics related to their faculty mentor. While academic research still takes place, an increasing amount of research is done by private companies. Because the software industry is so lucrative, market forces can often drive research faster than academic concerns. While an exceptional computer science department in a university might have an annual research budget of $5 million, Microsoft (the world�s largest software company) has an annual research budget of over $5 billion.


Teacher
Like all disciplines, computer science needs people in the current generation to teach those from the next generation, to pass along the accumulated knowledge and experience of the field. At one time, most teachers of computer science were college professors. Now, computer science is often taught in high school as well. And because the industry is advancing so fast and there�s a need to teach workers who are already in the field, companies employ teachers as well. Commonly, they give seminars to keep a company�s employees up-to-date with the latest technologies.


Chief Information Officer
Not many people have the title Chief Information Officer, but that this title even exists is testament to the importance of computing in the business world. A Chief Information Officer, or CIO, is at the highest level of management, involved with all the central decisions affecting the company. This constitutes a historical change in modern companies. Before there were CIOs, computing was considered an appendage of business, rather than an integral part of it. Like a services department, it was called when something specific was needed. Now, of course, computers help guide a company�s direction. Information technology can no longer be considered an afterthought, after the strategic plans have been made. The use of technology must be part of the plans themselves. Chief Information Officers come from a variety of backgrounds, but tend to have education and experience both in computer science and business.

Source of Information : Broadway-Computer Science Made Simple 2010