VIRUS AND OTHER STINKY STUFF TECHNICALLY SPEAKING INTERESTING SITES
VIRUS AND OTHER STINKY STUFF Here we go again. Latest Bagle succeeds by sheer numbers By Robert Lemos Staff Writer, CNET News July 15, 2004 Unknown online vandals with an apparent connection to spam e-mail have created a new version of the Bagle computer worm that has spread somewhat successfully in the past 24 hours, antivirus companies said Thursday. The mass-mailing computer virus, dubbed Bagle.AF or Beagle.AB by different security firms, opens a path for intruders to relay bulk e-mail messages through the infected computer and attempts to contact one of almost 150 compromised German Web sites to let the attackers know of their latest conquest.
"It certainly is successful," said Oliver Friedrichs, senior manager for antivirus firm Symantec's security response center. "It is definitely comparable to threats that we saw earlier this year such as MyDoom."
Symantec raised the virus to a threat rating of three on its five-point scale, while rival antivirus firm McAfee--formerly Network Associates--gave the program a medium danger rating.
The latest incarnation of the Bagle virus is largely a copy of previous versions of the program, Friedrichs said. first worm in the Bagle line started infecting computers in January.
Bagle.AF arrives in e-mail as an attached file and infects computers running the Windows operating system if the user opens the file. The program attempts to halt more than 250 security applications from running on the computer, mails itself to any e-mail address it can find on the computer, and contacts one of 141 German Web sites, twice the number that a previous version of the virus contacted. The diverse Web sites have likely been compromised by online vandals, leaving behind software to record which computers have been infected by the Bagle worm.
With that information, the vandals can use the compromised computers to spread spam, or sell the information to spammers, Friedrichs said. The virus leaves open a backdoor specifically for that purpose.
Increasingly, computer viruses are used to spread software that surreptitiously converts computers to an attacker's purpose. Such "bot" software can be used by spammers and more dangerous online denizens to disrupt access to Web sites or collect personal financial information.
And while the latest Bagle worm uses an old method of spreading itself, it's still effective. "I think what we are seeing is that these threats will continue to be successful because people are continuing to trust attachments and continuing to click on them," he said. "Really, the human factor is the weakest link that is allowing these worms to be so successful."
ZAFI-B WORM STILL SPREADING WIDELY and calls for death penalty, says Sophos. One month after Sophos first warned computer users about the fast-spreading Zafi-B worm, it is still managing to clog up unprotected email inboxes worldwide. From Experts at Sophos have warned computer users about an increase in the number of reports of the W32/Zafi-B worm. The Zafi-B worm, which first appeared on Friday 11 June, spreads itself by peer-to-peer filesharing systems and email using a wide variety of different languages. The Zafi-B worm can display a message box on screen containing the following Hungarian text: A hajlektalanok elhelyezeset, a bunteto torvenyek szigoritasat, es a HALALBUNTETES MEGSZAVAZASAT koveteljuk a kormanytol, a novekvo bunozes ellen! 2004, jun, Pécs,(SNAF Team). The English translation is: We demand that the government accomodates the homeless, tightens up the penal code and VOTES FOR THE DEATH PENALTY to cut down the increasing crime. Jun. 2004, Pécs (SNAF Team) "The Zafi-B worm has accounted for over 60 per cent of the reports to Sophos's global network of monitoring stations over the last 24 hours, making it the most widespread email worm at the moment," said Graham Cluley, senior technology consultant for Sophos. "All computer users should ensure their defences are in place against the latest viruses. That not only includes regular anti-virus updates to protect against emerging threats, but also running a policy at your email gateway to block unwanted executable code from entering your business." The Zafi-B worm is believed to have been written in Hungary, but can send itself via email using a variety of languages. Its predecessor, W32/Zafi-A, displayed a message calling for Hungarian patriotism.
Friday, July 09--Friday, July 16 According to Sophos, a leader in Anti Virus Software development, 21 new/improved viruses which required Anti Virus upgrades were released into cyberspace via email. This is a great increase over last week. & KCnet's antivirus program caught and "defanged" 2,536 email viruses in addition torefusing 31,102 spam messages. The spam and viruses are still coming in by the big buckets.
IF YOU SUSPECT THAT YOU HAVE A VIRUS OR IF YOU HAVE NOT SUCCESSFULLY SCANNED YOUR DRIVES FOR VIRUSES LATELY... THIS NEXT SITE IS FOR YOU. Free Virus scans. Trend Micro, more commonly referred to as Housecall, offers free virus scans and in most cases can fix damage down by a virus or worm that your computer may have contacted. The program works well. The first time one uses the free program it is necessary to download a small program. Trend Micro walks you through the process. Then the virus scans are quite simple for each return. You should disable any anti virus program that you have running. If you do not have a virus program I recommend that you use this program first and then download one of the free programs listed above of install any anti virus program you have purchased. Go to http://housecall.antivirus.com/ then choose the link "Scan without registering". Follow the directions.
Computer Associates, another reputable and reliable anti virus developer introduced a new free program which allows anyone to do a virus scan without downloading any software or registering for an anti virus program. You must use Internet Explorer for access to Computer Associates and to perform the scan. This is a good one and very simple to operate The address is http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Free Virus programs to download Quite a few KCnet members use these programs and like them. Be careful if you download a virus program and you already have one installed on your computer. You need to at least disable the program already installed. http://www.grisoft.com/us/us_dwnl_free.php Another good free program to take a look at is: http://www.free-av.com/
This list from Trend Micro represents the top 10 reported threats July 02, 2004 to July 08, 2004) 1. PE_ZAFI.B 2. WORM_NETSKY.P 3. TROJ_AGENT.AC 4. HTML_NETSKY.P 5. WORM_NETSKY.D 6. WORM_NETSKY.B 7. WORM_NETSKY.A 8. WORM_NETSKY.C 9. WORM_NETSKY.Q 10. WORM_NETSKY.DAM
True Viruses and Warning Letters of Impending Doom. Believe it or not, the amount of harm done by sending false computer virus alarms and letters of impending doom to your thousand closest friends can be just as damaging as the alleged virus (if it even exists!); if you remember the story of the boy who cried wolf, you understand why. If you think you've got the scoop on the latest new devastating virus or latest doom warning, check it out at the Web sites below before taking it on yourself to alert the world. If the virus is as terrible as you think it is, odds are the virus fighters already know about it and -- good news here! -- your antivirus software provider probably knows about it too and already has an update for it. Sophos supplies this current information about actual hoaxes. Look at them. Read about them. If you are sent one of them, delete it.
Here are a few sites of many that can help you determine if an email is a hoax or real. http://www.quatloos.com/ http://www.snopes.com/ http://www.urbanlegends.com/ulz/ http://hoaxbusters.ciac.org/HBHoaxIndex.html http://vil.nai.com/VIL/hoaxes.asp http://kumite.com/myths/ http://www.symantec.com/avcenter/hoax.html http://www.scambusters.org/VirusHoaxes.html http://www.sophos.com/virusinfo/hoaxes/ http://www.truthorfiction.com/
TECHNICALLY SPEAKING: Spam grows as spammers mature By Will Sturgeon, Silicon.com July 15, 2004 It's been 12 months since spam really burst into the public consciousness. Before then it had certainly been a well-publicized problem, but often only with the more tech-savvy while the wider public had far more questions than answers about strange mail appearing in their inbox. Then last summer the level of spam passed the important watershed of the 50 percent mark--meaning more e-mail traffic was unsolicited than not. For every 100 e-mails the average user was receiving more than 50 that were offering everything from pornographic content to college diplomas. Since shattering that 50 percent mark the level of global spam e-mail has continued to skyrocket. By most measures that figure is now somewhere around 75 percent. But perhaps the biggest change in the spam world has been in the types of e-mails users are seeing. According to the latest figures from Clearswift, the traditional mainstays of the inbox menace--namely pornography and more frivolous offers--are being replaced by financial services, scams and pharmaceuticals which despite the best advice of the 'don't buy from spammers' lobby still seem to have some traction in the marketplace. According to Alyn Hockey, product director at Clearswift, one reason for this is that such products will always appeal to those who can't face getting hold of such products through the proper channels. "The marketers behind these spam campaigns are trading on people's embarrassment," said Hockey. "The thing about the internet is that it guarantees anonymity and a lot of people would rather try to buy their Viagra like that than go and see their family GP and discuss very personal problems," he said. Financial offers and pharmaceuticals now make up 69.6 percent of spam between them, compared to 39.2 percent 12 months ago. 'Pump and dump' share tipping--spamming out 'buy' recommendations to grow share prices with a view to a quick sale--have also become commonplace according to Clearswift--marking a move away from scattergun marketing of 'any old rubbish' to more shrewd ways of making money from spam. Similarly 'phishing' scams have also reached epidemic levels. Clearswift attributes these trends to an increasing involvement in spam activities by organized crime groups. Other evolutions over the past 12 months have seen growing deviousness in the methods of spammers, who are even installing spyware on users' computers to harvest more personal information and tailor subject lines in an attempt to get more recipients clicking on their e-mails.
Security freak-out This was a July 15 note in the Buzz Report from CNet a leader in providing downloads for the computer public. The Internet Explorer onslaught continued unabated last week, and the message seems to be getting through to you. Maybe it's all our nagging--or maybe it's the constant reports of vulnerabilities, culminating in last week's news about pop-up ads that can actually harvest passwords and other data from bank Web sites. Either way, searches for "browsers," Mozilla, and Firefox dominated our network, giving us reason to hope that you've seen the light. More Buzz Report: http://www.cnet.com/4520-6022-5142681.html?tag=txt
Windows update will be late, Microsoft says By Mike Ricciuti Staff Writer, CNET News.com July 12, 2004 (This is an excerpt) Microsoft said Monday that the long-awaited update of Windows XP will be sent to manufacturing in August, a month later than expected. The product should be in customers' hands later that month. Windows XP Service Pack 2, or SP2, will contain a number of new features. Most of the improvements deal with security. One new feature, for example, is a Security Center that provides a view of a PC's key protection settings. An improved firewall and other tweaks are also planned. This is the second time that Microsoft has delayed SP2, which was originally expected in June. Earlier this year, Microsoft said that the update would be delayed until July. The company gave no reasons for new delay. Last month, a number of Windows enthusiast Web sites reported that Microsoft had run into compatibility problems between SP2 and other software. Microsoft representatives were unavailable for comment. (No Kidding -- check out the third feature this page -- "Spoolsv" Eats 99% Of CPU Time) In June, the company issued a second test version, or release candidate, of SP2. The company says it plans to distribute SP2 using a new version of its Windows Update service, its online software distribution tool. If the above piques your interest then you gotta read the next two Langalist features.
Work on Service Pack 2 has consumed a far greater amount of resources than the software maker originally intended. Company executives have said that work on SP2 required the company to pull engineers off of Longhorn, the next major release of Windows, which is expected in 2006. The Promise--- And Problems--- Of The New Windows Update From a recent Langalist Newsletter A new version of Windows Update is about to debut. It first appeared as part of the prerelease versions of Service Pack 2 for XP, still in beta as of this writing. But the Update software was separately released on its own in a free public beta ( http://langa.com/u/5i.htm ) about two weeks ago. The new Update process (comprising both the new Update site and a new software applet that resides on your PC) has different defaults and behaves differently from the Update you're probably used to: I suggest you read all the way through this coverage before deciding whether or not to try the beta on your system. But beta or not, one way or another, you're going to have to deal with these changes to Windows Update. In the next weeks or months, the final form of this software will be offered to you either as a normal Windows Update for XP and Windows 2000 or as part of the final, released SP2 for XP. Once the software is complete and out of beta, Microsoft will work hard to get you to use it, so it's worth the time to learn about it now. Take a look: The new article at http://www.informationweek.com/story/showArticle.jhtml?articleID=22104207 walks you through the whole new Update process, and includes screen-shots so you can see exactly what's coming. I'll lay out the benefits and drawback of using the new site now, in beta; and also show you what you'll get when the new site is released for real. Again, one way or another, we're going to have to deal with these changes, so you might as well get ready now! Click on over to http://www.informationweek.com/story/showArticle.jhtml?articleID=22104207 and see what's in store!
Now don't hurry off to download the Beta SP2 until you read this next selection from the Langalist. "Alas, it's just one more example of why you should never try beta software on a PC you depend on. Beta software has bugs--- that's why it's still beta!" "Spoolsv" Eats 99% Of CPU Time Hi Fred, Thank you for maintaining your list. I eagerly read new issues and have learned amazing things about my PC from you and your subscribers. I'm having a problem I hope you can help with. I'm running win 2k on an AMD 2000+ system with 768 meg ram. The spoolsv.exe program is running at 99% cpu usage, bringing my computer to its knees. I can turn off spoolsv in the services manager and my computer runs ok, except that printing is not available. The last three actions before the reboot that resulted in this problem were; download a new virus list file from McAfee, run a Microsoft update, and attempt to create an acrobat file from Word using Acrobat 6. I have backed out these updates and uninstalled acrobat to no avail. Have you or your subscribers encountered this problem and have a fix? My next step is wipe and reformat which I would like to avoid. Thanks for your help. ---Bob Newton A lot of people are having this problem Bob: It appears to be related to printer services in the beta Service Pack 2 for XP. Alas, it's just one more example of why you should never try beta software on a PC you depend on. Beta software has bugs--- that's why it's still beta! So, if SP2 was the last update you tried, that could explain the whole problem right there. Also, SP2 isn't uninstallable, so really can't undo it in the normal way: Instead, you either have to roll the system back to a pre-SP2 state (eg by restoring a previous drive image); or by a reformat/reinstall of the original OS. It may be possible--- not likely, but possible--- to find a workaround by getting new drivers from your printer manufacturer; or by adjusting the existing drivers to print directly to the printer, instead of spooling the print job (saving it to disk) first. You usually can do this in the Control Panel printer applet, and/or the printer properties dialog. By bypassing the spool services, you may --- may--- also bypass the Spoolsv problem. Lots more good info: http://www.computing.net/windowsxp/wwwboard/forum/89990.html http://www.google.com/search?q=spoolsv%2Eexe+cpu
Season over for 'phishing'? By Declan McCullagh, Staff Writer, CNET News July 15, 2004, 9:05 AM PDT The latest innovation in identity fraud typically begins with an unexpected e-mail message from a financial institution proclaiming something like: "Your account information needs to be updated due to inactive members, frauds and spoof reports." President Bush has signed into law a bill that mandates minimum sentences for perpetrators of identity fraud, including "phishers," who fake e-mails and Web sites to steal bank account information and other potentially valuable data. Bottom line: Some say that by putting the matter into federal hands, the new legislation will solve the problem of inadequate enforcement on the part of state agencies. Others, though, say it's not likely that a minimum five year sentence, for example, will deter someone intent on committing a crime that can, under current law, already lead to a punishment as harsh as 15 years of jail time. Anyone who clicks on the included hyperlink and types in their personal details is unwittingly connecting not to their own bank, but to a scam artist engaged in the sport of "phishing" for illegally obtained credit card numbers, bank account information, and Social Security numbers. President Bush on Thursday signed into law a bill that boosts criminal penalties against phishing and many other forms of identity fraud, also called identity theft. Known as the Identity Theft Penalty Enhancement Act, or ITPEA, the measure sets up punishment guidelines for anyone who possesses someone else's identification-related information with intent to commit a crime. "Identity theft undermines the basic trust on which our economy depends," Bush said before signing the legislation. "When a person takes out an insurance policy, or makes an online purchase, or opens a savings account, he or she must have confidence that personal financial information will be protected and treated with care. Identity theft harms not only its direct victims, but also many businesses and customers whose confidence is shaken." Though solid numbers are hard to come by, identity fraud has been called the fastest-growing crime in the United States, affecting millions of Americans at a cost of billions of dollars a year. The Federal Trade Commission estimates that 10 million Americans become victims of identity fraud a year, while researcher Gartner places the annual number at around 7 million. It's a problem that appears to be growing quickly. The Social Security Administration says reports of misuse of Social Security numbers have leaped from about 11,000 in 1998 to 65,000 in the 2001 fiscal year. Bank fraud is also on the rise, according to the FBI, which warns that terrorists have relied on false identification documents. Read more: http://news.com.com/Season+over+for+%27phishing%27%3F/2100-1028-5270077.html?part=dht&tag=ntop
The next two from Worldstart and a little extra from Mike. I'll bet you say, "I'll know that," and not read them. Mistake! I'll just bet you didn't know all of the explanation. (Mike) Why does my monitor go black after about 15 minutes of not using the computer? Windows has a Power Management setting that will shut your monitor off after a specified amount of time. If you don't like when it's shutting the monitor off, you can change it by doing the following: 1. Hit the Start button, Settings, Control Panel (XP users: hit the Start button, Control Panel, then go to Performance and Maintenance link). Then, open the Power Management icon. 2. Look for the "Turn off monitor" drop box. Select the amount of time you want the computer to wait before shutting off the monitor, or tell it not to shut the monitor off at all.
Site Not Found Almost all the reasons could be ranked the number one cause. (Mike) "404- Not Found - The page you were trying to look at was not found on the server." Doesn't this message annoy you? There are several reasons why you would get this message. 1.The web page you were going to has been removed or re-named. Try scaling down the URL. For example, if it's: www.worldstart.com/tips/nopage.htm you may want to try: www.worldstart.com/tips or www.worldstart.com Keep going backwards in the URL and you'll usually come up with the site you're after. Then you can look for the lost page from there. 2. Your Internet connection has gone dead, so try re-logging on. 3. Net congestion during peak hours (especially common with dial-up ISPs) can also prevent pages from loading. If it takes too long for a page to be found, the browser might just give up. Try the page again later (or hit the "Refresh" button). 4. The page you want is getting a lot of traffic so the server is bogged down (this happens to our cool sites all the time). Try again later.
Iconoid is a FREE utility. Well... sort of... It is SillyWare. There is no AdWare, no SpyWare, no Nag screens. You get the source with it -- check for yourself! You are free to use Iconoid. No payment of any kind is required or expected... But if you like it, it would be nice if you would send the authorsomething silly and completely devoid of value. That's what SillyWare is all about! How does it work? Iconoid runs either either as a system tray icon, or completelyhidden. It watches where your cursor moves and looks for changes to thedesktop. When the cursor moves off of the desktop, Iconoid might hide thedesktop icons so that you can see the wallpaper better. When you move the mouse back to the desktop, the icons reappear. Iconoid also looks for changes to the wallpaper (file size or name) and if it sees that the wallpaper has changed, it forces the icon colors back to your specifications (color or transparent). Who might want Iconoid? * Anyone who wants transparent icon backgrounds. * Anyone who changes wallpaper frequently. * Anyone who wants a very fast method of hiding screens. * Anyone who changes screen resolutions and wants to preserve icon positions (gamers, for example).
Sree, Channel 7 ABC New York's computer guru and Tech commentator does a take on three ways to improve your PC. Now we all knew these steps. It is just that we fail to implement them on a regular basis--right folks? (Mike) REMOVE SPYWARE: The best free service to remove software that spies on you and your work is from Ad-Aware from LavasoftUSA.com. (Hey Sree don't forget about the free Spybot, Search & Destroy.)
FIGHT VIRUSES: The best free software to protect yourself from viruses is AVG from Grisoft.com (thanks to viewer Jim Wright for the tip).
THREE TECHNICAL ITEMS: Defrag & Cleanup & Choose Your Startup Files Defragmenting your hard disk makes all the relevant files easier (and therefore faster) to access. Go to the START button, then choose PROGRAMS (if you use XP, it's ALL PROGRAMS), then choose ACCESSORIES, SYSTEM TOOLS and then DISK DEFRAGMENTER. Another problem is too many programs think you want them running automatically and so start every time you boot up. For those you need to do the following. Go to the START button, then choose RUN, then type "msconfig" (without the quotes) and then hit ENTER. You will see a STARTUP tab - just deselect any programs you know for you don't want to launch all the time. You may need to experiment with this feature to make sure you aren't missing something you do actually want. You can clean up the unwanted files in your system by removing files you don't need. But it's hard to tell what you don't need. So do this: Go to the START button, then choose PROGRAMS (if you use XP, it's ALL PROGRAMS), then choose ACCESSORIES, SYSTEM TOOLS and then DISK CLEANUP. You will be told how much space you'd save. Just last week, I saved 10 MB in useless files. Mike says, "By the way there is a recommended order to doing these steps to rejuvenate your PC. You should do them often. Don't wait for the blue screen of death. Get a jump on having to do System Restores to get out of trouble." The order is" 1- Disk Cleanup 2- Scan Disk or Error Checking for XP 3- Defrag INTERESTING SITE: Campaign Search More than 75 percent of Americans rely on broadcast news sources for information about the presidential campaign. Voters have had few ways to search these audio/video outlets for news and topics that are critical to them — until now. CampaignSearch.com has gathered campaign-related video and audio files from a number of Web sites: George Bush's and John Kerry's campaign Web sites, C-SPAN, PBS, NPR and more. CampaignSearch.com uses complex spoken-language-analysis software created by StreamSage to automatically identify the sections of audio/video news and speeches that are relevant to a voter's interests. Similar to Google's ability to search web pages, StreamSage's system allows voters to search audio/video content for specific keywords. The StreamSage software automatically segments content into contextually relevant clips where those keywords are being discussed, other key topics discussed in these sections, and the relative degree of importance of each topic. http://www.campaignsearch.com/
Super informative portal page This one is a Langalist suggestion. You will like these, gar-on-teed. (Mike) This site features current news and information in addition to sceenteeny useful website links posted in logical categories. This has to be one of the nicest portals I've visited. You'll like it too. It and the following Barchart site are on my Personal Toolbar -- just a click away. http://www.webstrider.com/ Clever Barchart page. This page has a Java Script operated ticker scroller that has three distinct lines displaying recent numbers for investors. It takes awhile to load the first time. Put the cursor on a scrolling item and it will slow for study. It is one of the nicest tickers I've seen. Having created some webpages I was interested in the actual java script. It is extensive and available free for webpage use if the user agrees to simple understandable terms. Everything you could need to know, save, research, spend, sell, trade, study... about finances is linked on this page. http://www.webstrider.com/money/
Windows to the Universe Amanda found another educational site with great graphics. Learn about our planet, the solar system we live in, astronomy and the universe. You also learn about Space Weather, Space Missions, Myths, Art-Books-Film, History & People, Geology, Life, Physics, and Images & Multimedia about Space. Sounds like a lot doesn't it? Well let me break it down some for you! Our Planet — Learn all about Earth, the planet we live on from the surface to the atmosphere. Our Solar System — Learn all about the other planets that make up our solar system from Mercury to Pluto. Moving on to "The Universe" you'll learn the same kinds of facts about planets and galaxies all over the Universe. Learn all about the field of Astronomy as well, like what is star dust? What are the constellations? Space Weather is all about the weather in space. What things make storms in space? How do these things occur? Here is a small dose of what you'll learn from the space weather section: "Explosions on the Sun create storms of radiation, fluctuating magnetic fields, and swarms of energetic particles. These phenomena travel outward through the Solar System with the solar wind. Upon arrival at Earth, they interact in complex ways with Earth's magnetic field, creating Earth's radiation belts and the Aurora. Some space weather storms can damage satellites, disable electric power grids, and disrupt cell phone communications systems." This site is full of cool facts and neat pictures with so much information that there is no way I could give you little bits of all of it. Check this one out, it's worth book marking! http://www.windows.ucar.edu/
Upcoming Events!! Some have been ongoing this year. If you were a teener in the 50's or 60's you will be interested in the next two sites. That is unless you're a male with a bit of a jealous streak. Elvis sure did light the fire in most female teeners.