VIRUS AND OTHER STINKY STUFF:
Remedies for Virus Relief From a "Security and Privacy" article posted by Microsoft. When you hear about a computer virus going around, it's time to make doubly sure that your computer is not vulnerable to catch—or pass along—the infection. Besides the preventative actions you can take, there are things you need to do if you think you have a virus to get your computer back to health. How Do I Know If a Virus alert is Genuine? Is it real or is it a hoax? If you've seen or read about a new virus via a reputable news source or publication, it is probably not a hoax. However, if you receive an e-mail, even from someone you know, regarding a new virus alert that asks you to pass it along, stop! This is a common trick used by virus creators to spread the infection. Instead of forwarding a virus alert e-mail to your address list, confirm whether or not the virus alert is real by contacting either your antivirus vendor or Microsoft® Product Support Services. Once you've confirmed that the virus threat is real, the next course of action is to fix it. How Do I Know If I Have It? Unless you have antivirus software installed on your computer, you simply won't be able to know if it has been infected. In many cases, a virus can slow your computer's processor or trigger other unusual behavior; however, these symptoms can also be caused by a number of unrelated reasons. Keep up-to-date with the latest virus definitions by regularly visiting your antivirus software vendor's Web site to download them, or by running scheduled updates to your antivirus software. Only then will your software be able to recognize the latest identified threats. How Do I Get Rid of It? Once you have identified that you have a virus, follow the directions on your antivirus software vendor's Web site to download the latest definitions or updates that will fix or remove the virus. In some cases, you may also need to follow the steps provided to manually remove viral code within your system. If you need further assistance, you can contact your antivirus software vendor or Microsoft Product Support Services for support in removing the virus. (To obtain virus removal support from Microsoft Product Support Services, you will need current antivirus software installed on your computer.)
Email, Kazaa, and mIRC Worm - WORM_GIBE.B From Trend Micro WORM_GIBE.B propagates via email, shared folders using Kazaa, and via Internet Relay Chat applications such as mIRC. When propagating via email, it obtains its recipients from email addresses listed in the Windows Address Book and addresses remotely retrieved from certain news servers. This worm arrives in an email as a security patch from Microsoft. It sends email with a random subject, message body, and attachment name. This malware affects Windows 95, 98, ME, NT, 2000, and XP platforms. This worm arrives as either a zipped email attachment, or as a file retrieved from a Kazaa file-sharing application, or Internet Relay Chat. Upon first execution, it displays a fake license message and drops the following files in the Windows directory: -Gibe.dll - this is the exact copy of this worm -DX3DRndr.exe - this is the mailer component of this worm -MSBugAdv.exe - this component connects to a random server listed in the dropped WMSysDx.bin file -WMSysDx.bin - this is the list containing the URL that this worm connects to. It also drops compressed copies of itself in zip format as UPDATE.ZIP or a random file name in the Windows and Windows Temporary folders. In addition, it creates a subfolder in the Windows Temporary directory using a random name. In the folder, it drops an .EXE format and a .ZIP format copy of itself. The file name of the files could be any of 13 possible names. Then, this worm adds a registry entry so that its copy executes on the infected system on subsequent Windows startups. This worm uses its own Simple Mail Transfer Protocol (SMTP) engine to propagate via email. It obtains the email addresses of its recipients from the Windows Address Book. The email that it sends out contains a random subject, message body, and attachment name. In some instances, the worm may send an email with a blank message body. The malware also connects to any of 137 specific Network News Transfer Protocol (NNTP) servers where it attempts to search for addresses where it can send email.
No Love Lost - WORM_LOVEGATE.B Also from Trend Micro WORM_LOVEGATE.B is both a worm and a backdoor program. As a worm, it propagates copies of itself via network shared folders. It drops copies of itself in shared folders and in all subfolders that exist within the shared folders. This worm drops multiple copies of itself using any of the following file names in the Windows system folder: WinRpcsrv.e syshelp.exe winrpc.exe WinGate.exe rpcsrv.exe Then, it adds registry entries that allow it to execute on subsequent Windows startups. It modifies the default entries in a certain registry key so that it is executed whenever a text file is opened. By replacing the original data in this registry key, it sets itself as the default application for opening text files that are double-clicked in Windows. In shared folders and subfolders, it drops copies of itself using any of the following file names: winrpc.exe syshelp.exe fun.exe humor.exe docs.exe s3msong.exe midsong.exe billgt.exe card.exe setup.exe searchURL.exe tamagotxi.exe hamster.exe news_doc.exe PsPgame.exe joke.exe images.exe pics.exe crklist.exe source.exe sex.exe roms.exe docs.exe patch.exe LUPdate.exe pack.exe wingate.exe stg.exe ssrv.exe As a backdoor, this malware opens port 10168 and immediately sends an email notifying a remote user that the infected machine is online and can be accessed. By sending commands via the backdoor port, a remote user can execute programs on the infected machine, obtain information, and reconfigure the running backdoor program.
IF YOU SUSPECT THAT YOU HAVE A VIRUS OR IF YOU HAVE NOT SUCCESSFULLY SCANNED YOUR DRIVES FOR VIRUSES LATELY... THEN THE NEXT SUGGESTION IS FOR YOU. Free Virus scan. Trend Micro, more commonly referred to as Housecall, offers free virus scans and in most cases can fix damage down by a virus or worm that your computer may have contacted. The program works well. The first time one uses the free program it is necessary to download a small program. Trend Micro walks you through the process. Then the virus scans are quite simple for each return. You should disable any anti virus program that you have running. If you do not have a virus program I recommend that you use this program first and then download one of the free programs listed above of install any anti virus program you have purchased. Go to http://housecall.antivirus.com/ then choose the link "Scan without registering". Follow the directions.
Free Virus programs to download Quite a few KCnet members use these programs and like them. Be careful if you download a virus program and you already have one installed on your computer. You need to at least disable the program already installed. http://www.grisoft.com/html/us_index.cfm Another good free program to take a look at is: http://www.free-av.com/
10 Most Prevalent Viruses Surveyed by Trend Micro US (week of: February 10, 2003 to February 16, 2003) 1. WORM_KLEZ.H 2. JS_NOCLOSE.E 3. PE_BAGIF.A 4. WORM_KWBOT.C 5. WORM_YAHA.G 6. PE_HANTANER.A 7. JOKE_RUSS.A 8. WORM_YAHA.K 9. WORM_OPASERV.G 10. WORM_OPASERV.E
Here are a few sites of many that can help you determine if an email is a hoax or real. http://www.urbanlegends.com/ulz/ http://vil.nai.com/VIL/hoaxes.asp http://kumite.com/myths/ http://www.symantec.com/avcenter/hoax.html http://www.scambusters.org/VirusHoaxes.html http://www.snopes.com/
TECHNICALLY SPEAKING: XP Home vs Pro From the Langalist I'm not the only one prepping for Microsoft's coming abandonment of Win98: A lot of readers are asking about their upgrade options. Among those looking at XP, the most common question is "Which version; Home or Pro?" The Home version is OK, and it costs substantially less than the Pro. But it does lack some features found in the Pro version. Dell actually has a good, though limited, summary page that shows what's *not* in the Home version, here: http://www.dell.com/us/en/fed/topics/winxp_000_index.htm Paul Thurrot's excellent site goes into more detail: http://www.winsupersite.com/showcase/windowsxp_home_pro.asp And there's even more detail here: http://www.iqt.com.au/selectnewsletters/currentissue/windowsXPdifference.htm Less useful, but worth a look, is the Microsoft "how to buy" site: http://www.microsoft.com/windowsxp/home/howtobuy/choosing.asp To me, the key difference is that the Pro version has better security. For example, Microsoft considers the Encrypting File System (EFS) to be a "corporate" feature, and so took it out of the Home version of XP. But file encryption is actually a good thing overall, for anyone. There also are significant differences in networking that can matter a lot on larger networks, although most of these differences aren't important on the relatively small network in my office. All else being equal, I prefer the Pro version, although the $100 (or so) price difference may be show-stopper for many. In any case, the above resources, plus these ( http://www.google.com/search?q=features+Windows+XP+Professional+Home ), may help you figure out which version is best for you.
Some additional Information for those contemplating upgrading the Operating System. Windows XP home edition system requirements: http://www.microsoft.com/windowsxp/home/howtobuy/upgrading/sysreqs.asp Who can Upgrade: http://www.microsoft.com/windowsxp/pro/howtobuy/upgrading/matrix.asp Online check to see if your system can be upgraded. Note this works for the upgrade to Windows XP Pro but not for XP Home. http://www.microsoft.com/windowsxp/pro/howtobuy/upgrading/advisor.asp
BE CAREFUL WITH PEER-TO-PEER FILE SWAPPING This one from Kim Komando talks about "kids" and file swapping but I know many adults that get involved with the file swapping opportunities on the net. Using Kazaa is a good example. (MLF) Peer-to-peer (P2P) file swapping has grown to huge proportions on the Internet. If your child has signed up, double check what is going on. Typically, these systems give individuals access to particular folders on others' hard drives. Be sure your child is not giving people access to sensitive personal information, such as credit card numbers. The P2P programs are downloaded from the Internet. They may well be accompanied by spyware programs. These applications check your surfing habits and report back to a computer on the Internet. Ads are then tailored for what are perceived to be your interests. Kim talks about the spybots but there are many viruses transferred via the P2P technique. (MLF)
What's the difference between USB and Firewire? I'm thinking about a new computer. When I bought my last one three years ago, USB was the big thing. Now there's USB 2.0 and Firewire. What do I need? Kim Komando's answer: You're running up against the march of technology. The first version of USB (universal serial bus) was hot three years ago. But it is being supplanted by much faster technologies. Peripherals such as printers or cameras hook up to the USB connections on the computer. Most computers have USB connections both in the back and front. The first generation USB is 1.1. It moves data at 12 megabits per second. That was speedy in its day. But Apple overwhelmed it with Firewire. (Firewire's technical name is IEEE 1394 Serial Bus. Is it any wonder Apple renamed it?) Firewire transfers data at 400 megabits per second. It is made for both Apple machines and PCs. Then, along came USB 2.0. That's actually faster than Firewire, running at 480 megabits per second. Most new PCs now have a mix of USB 1.1 and 2.0 connections. Some things, like mice and keyboards, have no use for 2.0's high speed, so 1.1 is sufficient. But if you're downloading video from a camcorder, you'll need all the speed you can get. Those are big, big files! USB 2.0 ports can handle 1.1 devices, but they run at 1.1 speed. Of course, the Firewire folks aren't resting. They're working on a version that will move up to 3.2 gigabits of data per second, eventually. Presumably, we'll get a faster USB someday, too. So, what should you buy? This situation is typical of computers. No matter how long you wait, you never stay ahead of the technology curve. And you don't really need to. If you're buying a PC, try to get some USB 2.0 ports. Also, try to get at least one Firewire port. That will give you maximum flexibility. Apple computers come with Firewire and the much slower USB 1.1 ports.
CNET | NEWS.COM WEEK IN REVIEW March 1, 2003 A new sheriff is aiming to clean up the wild, wild Internet: the U.S. Justice Department. The Justice Department has adopted a new crime-fighting tactic: seizing control of domain names for Web sites that allegedly violate the law. The Justice Department took over the iSoNews.com domain, whose owner pleaded guilty to using his site to sell "mod" chips that let Microsoft Xbox and Sony PlayStation owners modify their devices so that they could use them to play illegally copied games, or "warez." Visitors to the site were greeted with the message: "The domain and Web site were surrendered to U.S. law enforcement pursuant to a federal prosecution and felony plea agreement for conspiracy to violate criminal copyright laws." But the Web site is still online and accessible via means other than the domain name. iSoNews.com regulars have resorted to using the site's numeric IP address and are continuing to discuss the case. Earlier in the week, the Justice Department indicted 11 Web site operators for allegedly selling illegal devices including bongs and holders for marijuana cigarettes. Attorney General John Ashcroft said that the domain names for the Web sites allegedly set up to sell illegal "drug paraphernalia" would be pointed at servers located at the Drug Enforcement Administration. "With the advent of the Internet, the illegal drug paraphernalia industry has exploded," Ashcroft said. The prosecutions represent the federal government's boldest attempt yet to shutter Web sites that sell drug paraphernalia. Federal law could also be employed to strike back at computers that are attacking a company or home network, a technology-law expert says. Curtis Karnow said during a speech at the Black Hat Security Briefings conference that no court case has yet established precedent regarding the use of a limited counterstrike to stop Internet attackers but that nuisance statutes appear to apply. Nuisance laws allow the state and private individuals to file lawsuits aimed at ending activities deemed harmful to a community. They have been used to close buildings that house drug dealers and to shut down businesses, such as quarries, that create excessive dust in a neighborhood. In hot pursuit of pirates The federal government has its sites on the growing copyright wars too. Key politicians chided universities for not doing enough to limit peer-to-peer piracy, calling unauthorized copying a federal crime that should be punished appropriately. Members of Congress said at a hearing that peer-to-peer piracy was a crime under a 1997 federal law, but universities continued to treat file-swapping as a minor infraction of campus disciplinary codes. Under the 1997 No Electronic Theft Act, it is a federal crime to willfully share copies of copyrighted products such as software, movies or music with anyone if the value of the work exceeds $1,000, or if the person hopes to receive files in return. So far the Justice Department has not tried to use the NET Act to imprison peer-to-peer pirates. 321 Studios is asking a judge to block Hollywood's attempts to stop it from shipping its DVD-copying products, claiming its software is protected free speech. The company has been sued by seven major movie studios, which claim 321's DVD X Copy and DVD Copy Plus programs are helping to promote movie piracy. However, in its latest filing, 321 argued that its products are protected free speech and that the studios are violating the First Amendment by trying to quash them. The company said the software is designed to allow people to make backups of DVDs they already own. Two major trade groups filed a slew of civil lawsuits against people they claim were selling pirated copies of films and software via online auction sites. The Motion Picture Association of America brought 12 cases against individuals who were allegedly auctioning pirated editions of popular films. The Business Software Alliance, whose members include Adobe and Apple Computer, filed a handful of similar cases against people it said were selling stolen or illegally copied pieces of software.
How to do better with digital photography. This is some good advise from Microsoft pasted from an MSN pub sent in email. For top advice on getting better pictures, check out: How Photo Savvy Are You? Take a fun quiz on the basics of photography. http://photos.msn.com/editorial/EditorialStart.aspx?article=PhotoQuiz§ion=NOTEBOOKS What Makes a Photo Good? A checklist for shooting and evaluating your photos. http://photos.msn.com/editorial/EditorialStart.aspx?article=WhatMakesAPhotoGood§ion=FEATURES Get Better Color Pro tips for managing color balance and saturation. http://photos.msn.com/editorial/EditorialStart.aspx?article=GetBetterColor§ion=NOTEBOOKS And as the new 2003 digital cameras are introduced, you can get the latest major announcements on MSN Photos. Cool New 2003 Digital Cameras and Gear The ins and outs of perfecting your digital images. http://photos.msn.com/editorial/EditorialStart.aspx?article=CoolNew2003DigitalCamerasAndGear§ion=FEATURES Tip of the Month As many veteran photographers will tell you, the best pictures often emerge only after expert cropping. Cropping can happen when you take the picture (the best way), or on the computer. Here are a few tips for cropping as you shoot and on the computer. * Look carefully through the viewfinder to recognize the "real" picture. Include only elements that complement but do not compete with the main subject. * Fill the frame with the subject. Move closer than you normally would and experiment with different angles to isolate the subject. * Crop on the computer to eliminate distractions. Sometimes distractions can't be avoided during shooting, but you can crop them out on the computer. Remember that the more you crop, the smaller the printed picture you can make because there are fewer pixels in the cropped image than in the original. * Crop on the computer for creative effect, message, and specialized use. Creative cropping creates an artistic effect. For example, cropping a boring scenic into a narrow horizontal image creates a panorama that can be more interesting than the original. INTERESTING SITES : FREE SUPPLIES TO GET YOUR THINGS WHERE THEY'RE GOING Good advice from Kim Komando about land mail and suppplies. If you're planning to mail something sizeable, fragile or valuable, don't run off to the office supply store for a protective envelope. Check first at the Postal Store, run by the U.S. Postal Service. The store has lots of specialized labels you can printed with your name and address. It also has envelopes and boxes. You should be able to find what you need. And it's all free, delivered to your home or office. Check it all out at: http://supplies.usps.gov Look around there you can even print your own postage. (MLF)
Wanted! Info about... Did you ever get into one of those discussions about so and so and then you are not sure whether the so and so is still breathing? This site will settle that discussion and more, once and for all time. This site tracks whether famous people are still alive or whether they have passed away. It can settle a lot arguements. You will not find (MLF) listed here, now or later, it says famous. http://www.dead-or-alive.org/dead.nsf/pages-nf/main
Roadside Peek Hey, hey, hey! You are going to like this opportunity to travel and view the past, mostly recent past, your past. Roadside Peek will take you on a roadside journey in time. As you travel, visit old motels, bowling alleys, drive-in theatres, neon signs, petrol pumps, googie sites, tiki villages, and much more. This site can take days if you soak it all in. http://roadsidepeek.com/index.htm
Giant Lava Lamp From Amanda at Worldstart. Are they serious? You cannot imagine the ambiance projected by this creation. Just visualize reclining in a public mineral spa, ogling a giant lava lamp, while your body is bathed in nature's medicinal wonders warmed and bubbling from the depths of the earth. (MLF) How can you get tourists to stop in your town rather than blink and miss it? Build a giant lava lamp! Soap Lake, a once bustling spa town due to its unique mineral lake, is located in Eastern Washington State and is no longer bustling, but in fact needs re-development. Two enterprising citizens have proposed building a giant Lava Lamp in the very center of the town. The giant lava lamp, which was approved by both the town and the county, will hold an estimated 60,000 gallons of water. Stop by this site often to check out their progress. http://www.giantlavalamp.com
NativeWeb Also from Amanda. NativeWeb is a site that is dedicated to bringing information from and about indigenous nations, peoples, and organizations around the world— from Abenaki to Zuni, they are all here! Their goal is not just to preserve information, but to foster communication between native and non-native people, to conduct research, and to provide resources for indigenous peoples to use technology. Find information from all sorts of cultures, definitely a time consuming page, as there is so much to see and read. But it’s worth it check it out. http://www.nativeweb.org/
Chemtrails/contrails!! What are they and how did they get there? Did you ever think about them? Some of them could be a bit more than vapor. On the surface this site, study and photos might appear to be messages from radicals, alarmists, or reactionaries. You should read it, do more research, form an opinion, maybe act. At least access the first site. http://www.chemtrailcentral.com/ more information http://hdgc.epp.cmu.edu/eppclass/wwwboard/messages/35.html http://www.grida.no/climate/ipcc_tar/wg3/176.htm http://www.rense.com/general18/scatteringEdTellerwithnotes.pdf