KCNET NEWSLETTER 11/16/03 TECHNICAL PAGE
VIRUS AND OTHER STINKY STUFF TECHNICALLY SPEAKING INTERESTING SITES
VIRUS AND OTHER STINKY STUFF WORM_LOVGATE.G From Trend Micro Virus type: Worm Damage Potential: High Distribution Potential: High Description: This memory-resident worm is a slightly modified variant of WORM_LOVGATE.F. The only difference between this variant and the earlier .F variant is the name of the event that both create to indicate memory-residency. This memory-resident worm propagates through network shares by dropping copies of itself to shared folders with read/write access. The files that it drops can have any of the following file names: * Are you looking for Love.doc.exe * autoexec.bat * The world of lovers.txt.exe * How To Hack Websites.exe * Panda Titanium Crack.zip.exe * Mafia Trainer!!!.exe * 100 free essays school.pif * AN-YOU-SUCK-IT.txt.pif * Sex_For_You_Life.JPG.pif * CloneCD + crack.exe * Age of empires 2 crack.exe * MoviezChannelsInstaler.exe * Star Wars II Movie Full Downloader.exe * Winrar + crack.exe * SIMS FullDownloader.zip.exe * MSN Password Hacker and Stealer.exe This worm also propagates via email by replying to all new messages received in Microsoft Outlook and Outlook Express. The email message has the following characteristics: From: <Infected User’s Name> To: <Original Sender> Subject: RE: <Original Subject> Message body: ''’<Infected User’s Name>’ wrote: ==== ><Original Body> > ==== <Original Sender’s SMTP account> account auto-reply: If you can keep your head when all about you Are losing theirs and blaming it on you; If you can trust yourself when all men doubt you, But make allowance for their doubting too; If you can wait and not be tired by waiting, Or, being lied about,don't deal in lies, Or, being hated, don't give way to hating, And yet don't look too good, nor talk too wise; ... ... more look to the attachment.
> Get your FREE <Original Sender’s SMTP account> account now! < Attachment: (Randomly selected from any of the following) I am For u.doc.exe Britney spears nude.exe.txt.exe joke.pif DSL Modem Uncapper.rar.exe Industry Giant II.exe StarWars2 - CloneAttack.rm.scr dreamweaver MX (crack).exe Shakira.zip.exe SETUP.EXE Macromedia Flash.scr How to Crack all gamez.exe Me_nude.AVI.pif s3msong.MP3.pif Deutsch BloodPatch!.exe Sex in Office.rm.scr the hardcore game-.pif This worm also gathers target email addresses from HTML files that it finds in the current, Windows, and My Documents folders and sends an email message with itself as attachment to all the said email addresses. The email message it sends out may be any of the following: Subject: Reply to this! Message Body: For further assistance, please contact! Attachment: About_Me.txt.pif
Subject: Let's Laugh Message Body: Copy of your message, including all the headers is attached. Attachment: driver.exe
Subject: Last Update Message Body: This is the last cumulative update. Attachment: Doom3 Preview!!!.exe
Subject: for you Message Body: Tiger Woods had two eagles Friday during his victory over Stephen Leaney. (AP Photo/Denis Poroy) Attachment: enjoy.exe
Subject: Great Message Body: Send reply if you want to be official beta tester. Attachment: YOU_are_FAT!.TXT.pif
Subject: Help Message Body: This message was created automatically by mail delivery software (Exim). Attachment: Source.exe
Subject: Attached one Gift for u.. Message Body: It's the long-awaited film version of the Broadway hit. Set in the roaring 20's, this is the story of Chicago chorus girl Roxie Hart (Zellweger), who shoots her unfaithful lover (West). Attachment: Interesting.exe
Subject: Hi Message Body: Adult content!!! Use with parental advisory. Attachment: README.TXT.pif
Subject: Hi Dear Message Body: Patrick Ewing will give Knick fans something to cheer about Friday night. Attachment: images.pif Subject: See the attachement Message Body: Send me your comments... Attachment: Pics.ZIP.scr The worm also has backdoor functions, opening ports, obtaining information about the system, and enabling the remote user to execute commands on the compromised system. This Aspack-compressed worm runs on Windows NT, 2000, and XP.
IF YOU SUSPECT THAT YOU HAVE A VIRUS OR IF YOU HAVE NOT SUCCESSFULLY SCANNED YOUR DRIVES FOR VIRUSES LATELY... THEN THE NEXT SUGGESTION IS FOR YOU. Free Virus scan. Trend Micro, more commonly referred to as Housecall, offers free virus scans and in most cases can fix damage down by a virus or worm that your computer may have contacted. The program works well. The first time one uses the free program it is necessary to download a small program. Trend Micro walks you through the process. Then the virus scans are quite simple for each return. You should disable any anti virus program that you have running. If you do not have a virus program I recommend that you use this program first and then download one of the free programs listed above of install any anti virus program you have purchased. Go to http://housecall.antivirus.com/ then choose the link "Scan without registering". Follow the directions.
Free Virus programs to download Quite a few KCnet members use these programs and like them. Be careful if you download a virus program and you already have one installed on your computer. You need to at least disable the program already installed. http://www.grisoft.com/us/us_dwnl_free.php Another good free program to take a look at is: http://www.free-av.com/
10 Most Prevalent Viruses Surveyed by Trend Micro US for October 31 - November 6. 1. WORM_LOVGATE.G 2. WORM_MSBLAST.A 3. WORM_SWEN.A 4. WORM_MSBLAST.C 5. PE_NIMDA.A 6. WORM_KLEZ.H 7. WORM_NACHI.A 8. TROJ_DASMIN.B 9. WORM_ANTINNY.A 10. JAVA_BYTVERIFY.A
Tried and Untrue Viruses Believe it or not, the amount of harm done by sending false computer virus alarms to your thousand closest friends can be just as damaging as the alleged virus (if it even exists!); if you remember the story of the boy who cried wolf, you understand why. If you think you've got the scoop on the latest new devastating virus, check it out at the Web sites below before taking it on yourself to alert the world. If the virus is as terrible as you think it is, odds are the virus fighters already know about it and -- good news here! -- your antivirus software provider probably knows about it too and already has an update for it. Here are a few sites of many that can help you determine if an email is a hoax or real. http://www.snopes.com/ http://www.urbanlegends.com/ulz/ http://hoaxbusters.ciac.org/HBHoaxIndex.html http://vil.nai.com/VIL/hoaxes.asp http://kumite.com/myths/ http://www.symantec.com/avcenter/hoax.html http://www.scambusters.org/VirusHoaxes.html http://www.sophos.com/virusinfo/hoaxes/ http://www.truthorfiction.com/
TECHNICALLY SPEAKING: The Coolest Home PCs First Looks: Let PCMag help with your Christmas shopping. They have rated the top 35 computers in various categories and give ratings based on customer satisfaction. I was shocked at the number one "Editors Choice" for value desktops, you will be likewise surprised. (MLF) It's officially prime time for buying a new home PC and the choices are strong and nearly endless. We pulled together the top 35 selections from desktop systems and desktop replacement notebooks so you can make your buying decision before the holidays. If you're into image and video manipulation as well as gaming, one of these 12 beauties (you've got to see the cases on these things) could be right for you. We pick the top one. On a tighter budget? One of these seven value desktops should fit the sweet spot between price and performance. Just one step before notebooks, these five all-in-one PCs not only save space but are good-looking enough to be conversation pieces, too. They're perfect for the tight kitchen countertop. We help you pick the all-in-one that's all you want. Not interested in a case, CRT, or standalone LCD display? Then you'll want to consider one of the 11 desktop replacement notebooks we tested. They're as powerful as most full-size desktops and include components, like CD-R drives, that were once thought to be strictly for desktop machines. Plus, these systems are portable! But what about Apple? We've got performance tests that pit the latest G5 against the most powerful desktops. Find out where Apple sits in the performance chain.
Find Stuff This one from Worldstart and Mike. It is especially for Wayne Smith our resident Keyboard Shortcut and Hot Key lover. Has this ever happened to you? You're looking for something on a long web page with Internet Explorer. You think it's there, but you're faced with seemingly insurmountable number of paragraphs, sentences, and words to hunt though. Well, next time this happens to you, hit the Edit menu, Find (or CTRL-F for you shortcut lovers). You'll get a handy little "find" box that lets you type in a specific word. After you type in your search term, hit the Find Next button and Explorer will look for that word on the page. If it's successful, you'll be zapped right to it.
Oh, if you're still using Netscape, you can do the CTRL-F thing too. Works with both browsers. Or Netscape, any version 3.x through 7.x users should click on "Edit" and choose "Find in this Page".
More for all Windows Users As if that wasn't cool enough, you can also use a variation of this tip in Windows Explorer. Next time you're looking for a file in explorer, hit CRTL-F and you'll get a Find or Search box (depending on what flavor of Windows you're using). If you are already in the area of your hard drive where you think the file is (say, My Documents), hit CTRL-F and your search will be set to look in the My Documents folder.
More from the ADAware saga. This one from a reader to Langalist and then Bob Langa's response. I published some information about Lavasoft's AdAware program a few months ago and again last week. I was not putting their product very high on the reliable scale and reposted views from others that supported that issue. Well here are some more thoughts pertaining to AdAware. Cautious Thumbs-Up For AdAware This note parallels several I've gotten over the last few months: Hi Fred. As a longtime subscriber to your excellent newsletter, and a PLUS subscriber since its inception, I'd like to share some good news with you and your readers with regards to LavaSoft's Ad-Aware (ver.6.0) PRO edition. Some months ago you noted that this company's website had been down for some time, leaving their customers (including me!) with no access for product updates, tech support, etc. They are back with a bang. I just d/loaded their PRO version of Ad-Aware and am extremely satisfied with it. It's a far cry from earlier versions, and is a complete rewrite. The program is far easier to navigate, with an excellent, user-friendly setup procedure. It's also 100% compatible with all versions of Windows OS's, which earlier versions were not.... Don Naphen Thanks, Don, and all who've written in. Version 6 has been out for a long time, and as before, there are free and paid versions. There were some undeniable speedbumps and upgrade problems when it first came out, and for a few months thereafter. Those problems, plus the long period last year when LavaSoft's suffered repeated site outages and then went through a deliberate "no updates of any kind" policy for several months prior to the release of version 6, are what caused me to pull my recommendation for AdAware. It simply wasn't reliable enough to be a first-tier tool. I've been using it regularly so I could see if or when LavaSoft resumed stable, reliable, *long term* operation. It's been several months now since I've had any problems at all with the version 6 software or the LavaSoft site, so I'm ready to give it a cautious thumbs up again, and to re-recommend it: http://www.lavasoftusa.com/ LavaSoft is still somewhat strange as a company--- paranoid about criticism and hyperbolic in their claims about AdAware. For example, they rhetorically ask on their site--- on an anti-Langa page they posted when they freaked out over some criticisms I made of AdAware in the past--- why you'd need "two applications to perform the same task that AdAware can handle alone?" But on my systems here, other tools still routinely find problems that AdAware misses, and AdAware also finds things that other tools miss. I've never found *any* single tool that reliably finds all types and flavors of malware, all the time. But don't take either my or LavaSoft's word on it--- grab a copy and test it for yourself. On some days, run AdAware before running other tools like Spybot or PestPatrol; other days, reverse the order. See what problems each tool finds and corrects on your system, and what each misses. Then you'll know what works on *your* system and setup, and that's really all that matters. I think you'll find, as I have, that using two or three tools serially can get your system cleaner than any single tool can. Despite their silly anti-Langa rant, it's good to be able to add AdAware back to the list of recommended tools.
Windows Messenger Spam by Kim Komando - 8/18/2003 This article is for Windows 2000 and Windows XP Users. Other versions of Windows will not be affected by this type of spam. Recently, I received an almost-desperate e-mail from a friend. He was being blitzed by pop-up ads. My friend didn't even have his browser open; he was working in Word. He wasn't imagining this problem. Spam artists have found a new way into computers. They use an obscure utility called Messenger Service that is part of Windows XP and 2000. Messenger Service is used by administrators to send notices to network computers. If, for example, an emergency arises and the network has to be shut down, an administrator can use Messenger Service to warn people on the system that they should save their work. Messenger Service should not be confused with Windows Messenger, an instant messaging system included in XP. Disabling your instant messaging service will have no effect on this problem. This problem hit the radar screen less than a year ago. It continues to grow. Victims, like my friend, are swamped with ads. Most have no idea what hit them. Several companies are selling software to facilitate these attacks. Spammers use it to sniff hundreds of thousands of computers. When it finds a computer with an open Messenger Service communications port, the software requests the computer's name. It then sends the spam to the computer, and the machine displays it. One spam my friend received was a solicitation for software that would block the spam. That's right; he was being spammed for a product to block the spam. But the truth is, the spam is easy to block with settings in Windows. You don't need to buy software. One way to block the spam is to turn off Messenger Service. To do that: --In Windows XP, click Start>>Control Panel --In Windows 2000, click Start>>Settings>>Control Panel In both versions: --Double click Administrative Tools --Double click Services --Double click Messenger --Under Service Status, click Stop --In the box next to Startup Type, select Disabled --Click Apply>>OK Alternatively, you can download a small program that will disable Messenger Service. Called Shoot The Messenger, it's available at http://grc.com/stm/shootthemessenger.htm. Problem is, you could conceivably need Messenger Service. Some anti-virus programs use it to send warnings, for instance. So rather than turn it off, I recommend that you use a firewall. Firewall programs block access to communications ports. You then configure the firewall to accept the programs you want to use. My favorite firewall is ZoneAlarm (http://www.zonelabs.com). Just download and install it. ZoneAlarm is free for personal use; Zone Labs charges $40 for business use. Windows XP also includes a firewall that will stop Messenger Service spam. I don't usually recommend the Windows firewall because it does not stop outgoing messages. That's a serious shortcoming. Intruders today will try to plant programs on your system that send messages back to the Internet. They can be used to steal your passwords and other sensitive data. However, the XP firewall, called Internet Connection Firewall, will stop Messenger spam. It can be configured with a few clicks. Here's how: --Go to Control Panel --Double click Network Connections --Right-click the connection you want to protect --Click Properties and select the Advanced tab --Check the box under Internet Connection Firewall --Click OK According to Microsoft, you must have Service Pack 1 installed in XP to make this work. To check for Service Pack 1: --Click Start and right-click My Computer --Click Properties --On the System tab, check the Windows XP information. If Service Pack 1 is not listed there, it is available on the Microsoft site (http://www.microsoft.com). It is a free 30-megabyte download. It is also available on CD for $9.95. You should be running a firewall regardless of the spam problem. There are a lot of dangers on the Internet. A good firewall will protect you from many of them. Microsoft does not view Messenger spam as a security threat. So it is unlikely to change the default configuration of XP to block it. It is up to you to take care of this problem.
How do I record over a CD-RW? I tried to record over it, but that didn't work it says to make it a blank CD first. Jon and Joan were discussing this very subject during break in the Users Class a couple of Wednesdays ago. Here is some more info from Worldstart. We all know the difference between a CD-R and a CD-RW right? Once you fill up a CD-R, that's it, but a CD-RW allows you to re-write data and use the disk over and over again. Keep in mind, though, that unlike a floppy or Zip disk, you cannot erase just one file from a CD-RW, but must reformat the entire disk to re-use it. The disk makers claim you can do this up to 1000 times (like any of us are gonna try it ;-) The process for reformatting varies according to your CD burning software, but most programs will have an "Erase Disk" button somewhere. In addition, as we often mention, Windows XP has built-in CD burning. If you put in a CD-RW that you want erased, double-click the CD recording drive, then under "CD Writing Tasks", click "Erase this CD-RW". The CD Writing Wizard will walk you through an easy 2-step process giving you a blank CD-RW to use. REMEMBER: This will delete all files from the CD-RW, you cannot erase single files. There are, however, products like InCD that make your CD-RW's act like really big floppies. CD backup programs, like Drive Image and NTI Backup have and erase feature so you can reformat the CD-RW before you burn. Backing up a hard drive is when CD-RW's really come in handy because you can reuse them, unlike CD-R's. All this said—since CD-R's are so cheap (less than $1 each when on sale), and we live in a disposable society, the more expensive CD-RW's don't get reformatted as much. But, for those of us who do, keep on burnin' and re-burnin'!
CD Burning 101 More Worldstart Most CD writers come with some kind of CD writing software. Since this varies from manufacturer to manufacturer, this is going to be a VERY basic lesson. It should help get you started though. Not sure where your CD burning program is? It should be lurking somewhere under the Start menu, Programs (it's not necessarily on your desktop or quick launch toolbar). If for some reason, you don't have a CD writing program on your computer, we do sell them at: http://www.worldstart.com/store/cdburning.htm OK, assuming that you've discovered the location of your CD burning program, here's how it typically works: 1. First, if you get an option for either writing manually or via a wizard, pick the wizard (you can get fancier later on). 2. OK, now you are probably going to be asked what kind of CD you want to write, either audio or data. If you're saving files, choose data. If you're pirating music, oops, I mean making a music CD for your own use from your own CDs, choose music. Note that for music CDs and for stuff you want to archive, a CD-R is your best choice. If you have a CD-RW, use that for data that you may or may not want to save (they don't always work so hot for music, at least from the standpoint that many CD players refuse to play CD-RWs). 3. OK, the next step is probably choosing files. Most of the time you'll get a "Windows Explorer" type interface that lets you either choose files manually or just drag & drop. 4. That should be about it. At this point, you should have an option for writing the CD. Note that most programs will let you "test" before you write the CD. The first couple times you use the CD burner, this may not be a bad idea. If you find you have no problems, this is probably a step you can safely skip from then on. During the actual CD writing process, it's best not to mess with your computer. Just stand 4-6 feet away and let it write the CD. Why? Most CD recorders record "on the fly". If the computer is busy and can't get the info to the CD burner fast enough, you'll get a buffer underrun error, and your CD will be useless (well, you could make a modernistic coaster out of it I suppose). BONUS TIP for Windows XP users: Guess what? XP has a built in CD burning program! Open your CD drive. Drag and drop the files you want burned into the window. You will see a message "Files ready to be written to the CD". When you are ready to burn, click "Write these files to the CD" in the menu to the left. It's that easy! You can also send files to CD purgatory by choosing a file in any window then selecting "Copy this file" from the menu to the left. When you open the CD player, all of your files will be ready to burn.
INTERESTING SITES:
Weather and Road Conditions Thanks to Dummies Daily ETip Ants and mosquitoes can ruin a good picnic, but that's nothing compared to what a vigorous storm can do to a weekend at the beach. Before you leave, check out these Web sites to see whether the roads are passable and what kind of weather you will encounter. * AccuTraffic: From here, you can get the latest report about road conditions on American highways. Simply click Traffic, click a state, and then click Weather-Related Road Conditions. Weather reports are also available from this site. Weather and Road Conditions http://www.accuweather.com/www/accutraffic/index.html * USA Today Online Weather Almanac: For travel planning, this site offers monthly climate data for cities the world over. Go here to find out what the average monthly high and low temperatures, rainfall, and snowfall are in a vacation spot that you're eyeing. http://www.usatoday.com/weather/walm0.htm * The Weather Channel: While you're deciding whether to pack a sweater or umbrella, pay a visit to the Weather Channel. By entering a city or zip code, you can find out what meteorologists think the weather will be for the coming week at your destination. Do you remember what Mark Twain said about the weather? He said, "Everybody talks about meteorology, but nobody does anything about it." http://www.weather.com/
Our Pennsylvania Tax Dollars at work! Pennsylvania Department of Transportation Road Weather Information System (RWIS) Click an area of the PA map to see a closer view of the county, roads and sensor locations. This is a service of Pennsylvania's Department of Transportation. It is interactive and allows a viewer to actually get current weather readings from a number of strategically placed weather sensor stations on Pennsylvania's portions of the Interstates and other major State Highways. Many sites give a recent live video shot of the road at that station. You will not believe the number stations. By the way the Site Meteorological Data Reported at 11/10/2003 - 08:01 AM - Mile marker 192 - Interstate 80 - Clinton County was: Air Temperature 19.1F° Dew Point 17F° Humidity 90 Precipitation None Visibility 1.1 mi. Wind Direction NE Wind Speed 0 mph The video snapshot was awesome. Travelers should save this one to Favorites/Bookmark . http://65.246.225.166/site/site.nsf/mainpage
FEMA For Kids Hey, good site here from Amanda. Says its for kids but I learned a bunch. By the way, just in case, you are "Acronymically Challenged", FEMA = Federal Emergency Management Agency. (MLF) Why don't you and your child join Herman the Spokescrab at this site? A site that is all about teaching your child, and children everywhere, how to be prepared for disasters and how to prevent disaster damage. Your child can also become a "Disaster Action Kid", with a certificate and everything. A Disaster Action Kid knows how to protect themselves and their pets in a disaster as well as what is needed in a disaster kit. And all they need to do is read this site and test their knowledge. If you check out the "What's Happening Now" section it will inform your child state by state what kind of natural disaster is possible there. So say you and your child lived in Ohio they clicked the state, then the possible disaster types would be shown in a pop up window. Ohio comes up with: Tornadoes, Flooding, Severe Storms, and High Winds; Severe Storms and Flooding; Severe Winter Storms. You can then click on each type of disaster and it will take you to a site that gives you more news and what to expect from that type of disaster. The "What's Happening Now" section will also explain: how they might feel in a disaster, today in disaster history, NOAA weather radio, disaster connection kids to kids, and citizen corps, and more. Back to the main page and the other link options there includes a Games and Quizzes section where there are 25 games and quizzes that you and your child can play. And if you check out the "Disaster Area" section, your child can learn about each type of disaster individually. http://www.fema.gov/kids/
Acronym Find out what those acronyms and abbreviations stand for...Acronym Finder: the web's largest searchable database of acronyms and abbreviations-- over 320000 definitions!. How 'bout SCUBA, Self Contained Underwater Breathing Apparatus. http://www.acronymfinder.com/
Anacronym noun. An acronym where few people remember what each letter stands for (anachronistic + acronym). "Words such as radar and laser began life as acronyms, but now they're 'anacronyms' because few people can recall what their letters originally represented." Here is a dictionary for anacronyms. http://www.wordspy.com/words/anacronym.asp
Plants Database Another good site from Amanda. First of all there are some very nifty tools on this site like the Crop Nutrient Tool, and the Erosion Prediction tool. Very handy and helpful—check out the other tools while you're here. You can search a plant, read about alternative crops, view fact sheets, and read about endangered plants or invasive ones. All in all, if you need to know it you can probably find it here. I think my favorite section is the "Plant of the Week" section. While I was there it was the White Fir. Click on the photo and you get not only a larger picture of the plant to view but also information on that particular plant. Plant information will include where they grow, the different species of the plant, a pdf file of plant facts, classification and much, much more. Check this one out. It could help you with planting your garden next spring. http://plants.usda.gov/