[MikesWhatsNews] MWN #716 HackFix
- From: "Mike" <mikebike@xxxxxxxxx>
- To: mikeswhatsnews@xxxxxxxxxxxxx, mikeswhatsnews@xxxxxxxxxxxxx
- Date: Thu, 22 Jan 2004 16:46:39 -0800
MikesWhatsNews, 23, 01, 2004
in today's issue #716
W32/Bagle-mm removers
HackFix Updates
2 PhotoPlus 5.5
3 Windows XP Game Advisor
4 SpywareGuard 2.2
5 Unknown Devices
6 10 Big Myths About Copyright Explained
7 EUDCEDIT XP's Private Character Editor
8 CCC InsideCAT Lite Edition
9 Windows Explorer Shortcuts
10 OpenExpert 1.40
11 How To Recover From A Hijacking
____________________________________________________________
NOTE: Any time you see the " ++ ", it means there is more
of the article, or story, on the linked site. Mike
____________________________________________________________
There is a complete archive of past MikesWhatsNews newsletters
available to members on the Yahoo page, it is searchable by word
or issue #. Here is the address direct to the messages;
http://groups.yahoo.com/group/MikesWhatsNews/messages
and; http://www.freelists.org/archives/mikeswhatsnews/
____________________________________________________________
Please rate this Ezine at the Cumuli Ezine Finder
http://www.cumuli.com/ezines/ra20853.rate
<a href="http://www.cumuli.com/ezines/ra20853.rate";>
AOL Users</a>
___________________________________________________________
There is a new virus making the round this week,
it's Subject is " Hi " please use caution with your email.
Try to find a more descriptive keyword.
From: VirusEye@xxxxxxxxxxxxxxx
Subject: MessageLabs Intelligence virus alert: W32/Bagle-mm,
risk; HIGH LEVEL
W32/Bagle-mm spreading rapidly
During 18th and 19th January 2004, MessageLabs, the email security
company, intercepted a significant number of copies of a new virus known
as W32/Bagle-mm. The majority of intercepted copies have been sent from
Australia.
Name: W32/Bagle-mm
The worm arrives as an attachment to an email and has a random filename,
with a .exe extension.
W32/Bagle-mm searches the infected machine for email addresses and then
uses its own SMTP engine to send itself to the addresses found.
Email Characteristics
Subject: Hi
Text: Test =)
<random chars>
Detailed technical description of the worm as well as screenshots are
available
in the F-Secure Virus Description Database at
http://www.f-secure.com/v-descs/bagle.shtml
Disinfection
Special Disinfection Tool
F-Secure has developed a special disinfection tool for this worm.
The tool will detect and remove an active Bagle infection from the computer.
The Bagle removal tool can be downloaded in a ZIP file from:
http://www.f-secure.com/tools/f-bagle.zip
ftp://ftp.f-secure.com/anti-virus/tools/f-bagle.zip
From Panda;
Panda Software offers all users its free PQREMOVE application,
designed to effectively clean any computer affected by Bagle.A.
This tool can be downloaded from the following address:
** http://www.pandasoftware.com/download/utilities/ **
____________________________________________________________
HackFix updates, thanks to Christy;
staff@xxxxxxxxxxx
Http://www.hackfix.org
This weeks Virus Pattern Updates (01/22/2004)
All Software listed Alphabetically by Company name as some
companies manufacture more then one product.
Aladdin Knowledge Systems
Esafe Desktop/Gateway/Enterprise
Last Updated Jan 22/2004
To update your software
Visit: http://www.esafe.com/esafe/downloads/virusig.asp
Or
From the Esafe folder in your Start Menu select Download Updates
~~~~~
AlWil Software
Avast Antivirus
Last Updated Jan 21/2004
To update your software:
Visit: http://www.avast.com/i_kat_69.html
Or
Right click on the AVAST icon in the system tray, Select iAVS Update,
AVAST will check for updates and download the appropriate files as needed.
~~~~~
Authentium Software Systems
Command antivirus
Last Updated Jan 21/2004
To update your software
Visit http://www.authentium.com/support/downloads/index.cfm
~~~~~
Center for Antivirus Technologies (CAT)
Quickheal
Last Updated Jan 22/2004
To update your software
Visit: http://www.quickheal.com/winupg.htm
Or
Open Quickheal select Utility from the top toolbar and liveupdate.
Follow the onscreen prompts.
Alternately you can select Liveupdate directly from the
QuickHeal program menu on the startmenu.
~~~~~
Frisk Software Systems
Fprot
Last Updated Jan 21/2004
To update your software
Visit: http://www.f-prot.com/download/home_user/
~~~~~
Computer Associates
E-Trust
Last updated Jan 22/2004
To update your software
http://support.cai.com/Download/virussig.html
Or
From the Respective folder in your Start Menu select Autodownload
For Vet Anti virus
http://www.vet.com.au/html/software/update.html
Be sure to have your Customer ID and your registered email address
handy for verification.
**Note**
We knew this time would come eventually, that Computer Associates would
not continue to support/update the older program
https://www2.my-etrust.com/services/ipe_support??
~~~~~~
GeCad Software
Rav (Reliable AntiVirus)
Last Updated: Jan 22/2004
To update your software:
Visit: http://www.ravantivirus.com/pages/dldupdate.php?type=Daily
Or
Open Rav and select Rav Update from the toolbar
~~~~~
Grisoft Inc.
AVG
Last updated Jan 22/2004
To update your software
Visit: http://www.grisoft.com/us/us_index.php
Or
Open AVG and click Virus Database to check for updates
Or
Open AVG control centre and click Update Manager/update now
**Note: To help speed up AVG updates you can set your program to use
an alternate download site.
Open AVG control centre->update manager->download from server. The
drop downbox should have listed www.grisoft.com (default) and
www.grisoft.cz. (be sure to select "apply" when done to save the changes)
The default site is most often used so can at times become temporarily
unavailable. By using the secondary site (www.grisoft.cz) helps to ease
the server and makes your update go quicker as most don't use it!
~~~~~
H+Bedv
AntiVir
Last updated Jan 22/2004
To update your software
Visit: http://www.free-av.com/antivirus/allinonen.html
Or
Open AntiVir, from the top toolbar select Tools->
start internet update and follow the on screen prompts.
Vexira
Last updated Jan 22/2004
To update your software
Visit: http://www.centralcommand.com/updates.html
Or
Open Vexira, from the top toolbar select Tools->
start internet update and follow the on screen prompts.
Vexira Antivirus is marketed by Central Command however it is the
same program as Antivir with only a different name.
~~~~~
Kaspersky
Kaspersky Anti-Virus (formerly AVP)
Last updated Jan 16/2004
To update your software
Visit: http://www.kasperskylabs.com/updates.asp
Or
Open AVP from the top toolbar click Tools-> Update virus definition
Or
From the Kaspersky folder in your Start Menu select AVP updater
*Note* Avp now has available a cumulative update and a
daily update with the daily being any important items they
feel shouldn't wait till the next cumulative update. Our
dates here are based on the most recent Major update.
**Note: Improved update accessiblity. To ease the update web traffic
Kaspersky labs has additional servers for autoupdating. The program
defaults to use one server but can be altered to check a variety of
servers. Select Kaspersky updater, select update via the internet to
open the drop down box(es) select "location" Check the box labeled
"Use alternate locations from the list" select next and next to update.
This option should stay selected after the first time. This helps
Kaspersky lighten the load for updates and helps you obtain updates
easier.
~~~~~
Network Associates
Mcafee
Last updated Jan 21/2004
To update your software
For Mcafee Visit
http://www.networkassociates.com/us/downloads/updates/superdat.asp
(for Virus and Engine updates)
Drsolomn (Product no longer available for new users however
updates still available for current users): Go to the following
Internet site: http://download.mcafee.com/updates/4x.asp
IMPORTANT: When you get to this site you may notice that it refers
to VirusScan. This update is not only for VirusScan. It also works
with Dr.Solomon's.
Or
Open your respective software virus scan scheduler, double click
Auto update, click Run Now to do a manual live update, or click
Schedule to set up a timed live update.
~~~~~
Norman Data Defence
Norman Virus Control
Last updated Jan 22/2004
To update your software
Visit:
http://www.norman.com/downloads.shtml#definition_files_updates
Be sure to have your Valid Username and password handy for verification.
Or
From the Norman folder in your Start Menu select Internet Update
**Note Norman Virus Control web updates are only for version prior to
5.0. Norman 5.0 can only be updated via the update in the program itself.
Thunderbyte Anti Virus
Current Version: This product is no longer being supported.
http://www.norman.com/tbav.shtml
~~~~~
Softwin
BitDefender (Previously known as AVX - AntiVirus eXpert as of Nov 06/01)
Last Updated Jan 16/2004
To update your software
Visit:
http://www.bitdefender.com/bd/site/downloads.php?menu_id=19&s_id=3
Or
Open BitDefender select Protection Options->live upgrade
Or
From the BitDefender folder in your Start Menu select Bitdefender Live
Press Release on the software change
http://www.bitdefender.com/press/ref1.php
~~~~~
Sophos
Sophos Anti Virus
Last IDE available Jan 20/2004
To obtain the latest IDE files
Visit: http://www.sophos.com/downloads/ide/
**Note: Sophos does not update as other products do. They update
the Engine/software once a month (or so) to include all the previous
IDE files. New IDE files are available with new virus threats and must
be downloaded individually until the next software update is available.
Our update dates reflect the most recent available IDE file.
~~~~~
Symantec
Nortons AntiVirus
Last updated Jan 22/2004
To update your software
Visit: http://www.symantec.com/avcenter/defs.download.html
select your language -> product from the list
Or
Open Nortons software and click the "live update" button
Or
From the Nortons folder in your Start Menu select LiveUpdate -
Norton Antivirus
~~~~~
Trend Micro
PcCillin
Last updated Jan 20/2004
To update your software
Visit: http://www.antivirus.com/download/pattern.asp
Be sure to have your Registration number handy for verification
Or
Open PcCillin click Update then click Update Now (or Update later
to Schedule a timed update)
~~~~~~~~~
If there is an Anti Virus program that is Not listed here that
you would like to see added to the weekly updates list Please
feel free to let us know.
Remember Your anti virus software is only as good as the user...
If you don't keep it updated it won't provide you with maximum
protection.
This weekly Update will be sent every Thursday on or after
6pm (eastern) to keep you up to date on virus pattern updates
available. Virus patterns are checked for most recent update
date as of 6pm Thursdays.
~~~~
~ Hackfix Project Staff
staff@xxxxxxxxxxx
Http://www.hackfix.org
____________________________________________________________
2
PhotoPlus 5.5
http://www.freeserifsoftware.com/serif/ph/ph5/index.asp?ref=&SP=
PhotoPlus 5.5 has the features you'll need... from importing or creating
pictures and animations, through manipulating colors and effects all the way
to final export. Built in support for TWAIN scanners and cameras makes it
easy to bring in your own photos, while comprehensive import filters let you
open just about any standard bitmap image.
Once you've got your image into PhotoPlus 5.5, you can enhance and alter its
on screen appearance with a diverse toolkit of functions and effects. A full
range of export options (with special attention to Web graphics), plus
powerful optimization capabilities, round out this high performing package.
++
____________________________________________________________
3
Windows XP Game Advisor
http://www.microsoft.com/windowsxp/games/gameadvisor/default.asp
Want to find out more about the cool new games coming out?
Want to make sure those games will work on your Windows computer?
With the Windows XP Game Advisor, you select the type of game you're
interested in and the age range of the person who'll be playing, and you get
a list of games you'll love?or gift ideas that will leave your favorite
gamer breathless with anticipation of high scores to come.
++
____________________________________________________________
4
SpywareGuard 2.2 free
http://www.wilderssecurity.net/spywareguard.html
SpywareGuard is compatible with: Windows 98, ME, 2000, XP
SpywareGuard provides a real-time protection solution against spyware that
is a great addition to SpywareBlaster's protection method.
An anti-virus program scans files before you open them and prevents
execution if a virus is detected - SpywareGuard does the same thing, but for
spyware! And you can easily have an anti-virus program running alongside
SpywareGuard.
SpywareGuard now also features Download Protection and Browser Hijacking
Protection!
____________________________________________________________
5
Unknown Devices
http://www.halfdone.com/unknowndevices
Description
Program supports Win95, 98, 98se, Me, 2k, XP and 2003 but not NT
Unknown Devices helps you find what those unknown devices in Device Manager
really are.
By checking Device Manager for unknown devices and extracting information
from it, this program attempts to figure out what the device is. You might
not have to open your case or look up random numbers off of PCI cards to
figure out what they are.
It runs fine from a CD or floppy. It's free for per personal and
(especially) business use.
If you want to add it to a cd collection or magazine that is fine, just drop
me an email.
You can also access this webpage using the shorter urls
http://halfdone.com/ukd
____________________________________________________________
6
10 Big Myths About Copyright Explained
http://www.templetons.com/brad/copymyths.html
An attempt to answer common myths about copyright seen on the net and cover
issues related to copyright and USENET/Internet publication.
- by Brad Templeton
Note that this is an essay about copyright myths. It assumes you know at
least what copyright is -- basically the legal exclusive right of the author
of a creative work to control the copying of that work. If you didn't know
that, check out my own brief introduction to copyright for more information.
Feel free to link to this document, no need to ask me. Really, NO need to
ask.
++
____________________________________________________________
7
EUDCEDIT XP's Private Character Editor
http://www.travishamilton.us/winxp_tips.asp
Create your own TrueType fonts, Microsoft has included an undocumented font
editing tool in WinXP (and Win2K SP6/IE6).
The program is called EUDCEDIT, also known as the Private Character Editor.
Truth be told, it is not so much for creating fonts from scratch as it is a
way to "personalize" existing fonts. By starting with characters from an
existing font, you use a grid layout to edit the character, which can then
be saved to one font or even all the fonts in your system. Up to 6,384
characters can be created and edited -- everything from Unicode location
E000 and up to F8FF.
____________________________________________________________
8
'Christy's Computer Corner'
thanks to Christy;
http://www.1stpick.org
InsideCAT Lite Edition Freeware
http://www.insidecat.com/english/index.htm
It is a disc-cataloguing program. It can find any file or folder inside a
group of PC discs. Mostly CD-ROM and DVD-ROM, although it can also work
with any other type of disc. Before starting the searching from inside any
disc, this must be previously catalogued. After this process which is fast
and automatic, we can see (browse) or search the files and folders of the
disc without any need to have it inserted. Anyone who may ever have
searched for any file from a group of CDs may appreciate the utility of this
program.
~~~~~~~~
9
Windows Explorer Shortcuts
When you open up Windows Explorer, either from the Start Menu or by using
the Windows Key + E hotkey, it always opens up the same.
There are some shortcuts that you can make that will change that though.
explorer.exe /n
Opens Windows Explorer in single-pane view, which is similar to the view you
see when you open My Computer.
explorer.exe /e
Opens Windows Explorer in multipane view, which is the view used when you
open Windows Explorer from the default Windows Explorer shortcut on the
Start menu.
explorer.exe /root, c:\
Specifies the folder that you want Windows Explorer to use as the root for
the view. You can change the part that has c:\ to
anything you want.
explorer.exe /select, c:\command.com
Makes Windows Explorer select the file or folder specified.
You can also combine several of these and separate them with a comma ",".
For instance, if you wanted to open up Windows Explorer in multipane view,
with a root of c:\windows and you wanted your cookies folder highlighted,
you would use the following command:
explorer.exe /e, /root, c:\windows, /select, c:\windows\cookies
Was this forwarded to you ?
Get your own subscription here:
<1stpickPCtips-request@xxxxxxxxxxxxx?Subject=subscribe>
____________________________________________________________
10
OpenExpert 1.40 free
http://www.baxbex.com/openexpert.html
Windows 95/98/ME/NT/2000/XP
Open With submenu for Explorer's menu
Simply install our freeware OpenExpert and you will be able to configure
every single existing filetype with its own "open with..." submenu
extension.
Now you can quickly and simply choose which application you want to open
that particular file.
Right click the mouse and select the program to open the file. That's all
there is to it!
++
____________________________________________________________
11
How To Recover From A Hijacking
Homepage hijackers are not difficult to solve.
Ok, first thing. don't get paranoid about downloading from the internet.
Media hype and friends will make things out to be what they are not.
None of us were computer literate to begin with.
Groups like this one will help you learn.
So, lets take a look at the whole download process and items that you
NEED to have on your computer for its proper safety and management.
What do you need to have on your computer.
1. an anti virus program--free ones are AVG, Anti Vir or Avast
2. a Firewall--free ones are Sygate, Kerio, Outpost, ZoneAlarm
3. anti spyware programs and these will relate to homepage hijacking--
again, all are freeware--all are necessary also--
AdAware, SpyBot Search & Destroy, Spyware Blaster and Win Patrol
4. Windows updates--do this now and continue to check weekly for any
new Critical Updates (not necessary to be concerned about the others)
______________
Other important things to do are
1. clean your temporary Internet files
From the IE6 browser Tools> Options or from Control Panel
(I do a send to>desktop for this too so that it is easier to locate)
or also, Right click C drive and click Properties> Disk Cleanup
2. compact OE folders (file>folder>compact all folders)
3. learn to do Backups (again for another day).
These will include Backing up Data/Images/Favorites (MyDocuments),
data/images from programs not available in My Docs but part of
the program in
C:\Program Files, Email, Registry (ERunt for XP), .dll's, drivers.
5. learn to do chkdsk and defrag (necessary when doing installs etc)
(again for another day.)
______________
So how do we begin this process
I'm going to assume you are using XP as you say you are new to computers.
However, no real difference with W98.
First thing needed on the computer after the O/S is a good AntiVirus
program and we will install the free version of AVG
Open My Documents from Explorer or My Computer
(maybe you even have a keyboard that has a button for it)
Create a new folder;
(XP--click on open space in the MyDoc window and look to the upper
left and click on new folder or R mouse and click New>Folder)
Name the folder My Downloads and open it. Do the same thing again
and call the new folder "Installed Files".
To be safe, set a restore point and call it "before installing AVG"
Start>allprograms>accessories>system tools>system restore
Now, because you will use this alot, R click on the system restore
and then click sendto>desktop (create shortcut).
Now you won't have to poke thru start menu each time you want
to set a restore point.
To be on the safe side, you can set a restore point each time you
install a program. I don't each time but if installing a bunch, I do
after about 3 so if there is a problem it is not too difficult to isolate
and get back to a good system and not have too much to redo.
______________
Download and install an Anti Virus program.
I could post the url but it is useful to learn how to use www.google.com
click on that and in the search field, put AVG and click Enter
A listing of items comes up. Find AVG anti virus and click on it.
The Grisoft homepage will come up. Look on the left for "free edition"
Now, do the download.
Click on Save and the Save In dialogue box will open.
Browse to My Download folder and now click the New Folder icon
on this Save In window.
Name the Folder AVG 6.0, click open, click save. When the d/l is
complete, open the folder.
Drag the url of the home page of AVG into this folder.
Close open programs and double click the ".exe" or if the file comes in
a ".zip" (I can't recall) and you have XP, Right click the file and click
"Extract all" and let the wizard lead you to extracting the files.
When that is done, double click the setup file and click "next"
etc to proceed until Finish.
Drag the AVG folder into the Installed Folder for safekeeping and
available if you ever have to do a reinstall. The url is there too if
you want to look up or get to AVG quickly for info or a newer version.
This is available from Help also but nice to have options.
Now you have AVG installed.
Open the program from the Notification tray and Run it.
If your computer is clean, setup the times for it to run daily and the
# of days (keep it to no more than 2) for AVG to update.
Read the Help file.
AVG will now run resident in your computer and watch for all viruses
that may attack your computer via email etc.
______________
Set a new restore point.
Next is a Firewall--I use Sygate but others are good (see those mentioned
above) and the new Kerio also has a popup killer as part of it.
Again do a "Google" and follow everything done previously up to the point
of when you open the folder.
Now Right click the newly d/l'd file and click on Scan with AVG.
This will not take long but remember, no matter what file you get,
scan it.
Generally, ".jpgs" are fine but problems can exist if a virus creator puts a
secondary extension such as ".exe" after the ".jpg".
This is why you need to show "hidden files" and show all file extensions
by selecting or deslecting those items in XP under the menu bar of an open
folder.
Tools> Options> View> Files and Folders and scroll to the appropriate boxes.
Because you have the folder open this should be easily accomplised.
Some programs will ask you to reboot your computer but others don't.
I like to reboot after every few installs.
Also, the more installing or removing of programs the user does,
the more often a defrag is required.
Proceed with downloading and installing anti spyware programs mentioned
above.
Run Adaware as it comes but there is a configuration site that you may find
useful for tweaking the program.
http://www.geocities.com/hescominsoon/adaware.htm
If these don't solve the hijacking, there are a couple of programs
available that will solve including CWShredder or HiJack This.
Your computer will then be reasonably secure and safe depending upon how
you handle email etc that comes to you. If you don't know absolutely what
something is, don't proceed but come to the forum and ask or do a Google.
So don't be afraid to download and install from the net. If you want to
ask a Q about something, you are in a good forum. Don't d/l and install
everything but you can learn a lot from newsletters like Linda and Mike
provide, the Langa list, Lockergnome.
Hope this is of value and have fun with your computer.
Enjoy the internet but do it safely.
Murray White one of the moderators
http://groups.yahoo.com/group/Computer_Help_and_Discussion/
You can talk to MurrayW on PC Tech www.paltalk.com under computer groups
____________________________________________________________
If you wish to unsubscribe from our list send an email to
mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=unsubscribe
Antivirus software is a good choice to scan your system for possible viruses,
however no virus scanner is 100% effective as manufactures cannot keep up with
the rapid change of viruses that happens daily.
Be sure to update yours regularly.
http://www.hackfix.org/software/antivirus.html
______________________________________________________________________
Please feel free, to offer constructive criticism, as that will help me keep it
interesting.
I also welcome any submissions about new products, web pages, or articles of
interest.
All submissions posted in MWN will be given proper credit.
"MikesWhatsNews" believes in giving credit where credit is due but at times
deadlines and information that is very important to readers we accidentally
misspost an item.
If you believe something to be miscredited, or you know the author of one of
the articles which we have posted as 'unknown', please do let us know so we can
correct the information where applicable.
Many times in a article you may see a click here for more information, or to go
to a link, these often will not work, as the original information, was taken
from a page with HTML links. This is when you will want to go to the webpage
indicated in the article, ++ ,for 'the rest of the story'
***MfM*** indicates that I am adding my own information to a particular
article.
`~*~*~*~*~*~`
Mike ~It's a good day if I learned something new.
You can read a sample of my newsletter on my web page http://www.mwn.ca
My virus pages ~ http://virusinfo.hackfix.org
mytech@xxxxxxxxxxx
~*~*~*~*~
Was this forwarded to you? Want to subscribe? Send an email
to mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe.
For a complete list of email commands for our list send an email
to ecartis@xxxxxxxxxxxxx with a subject line of "info mikeswhatsnews" without
the quotes.
If you wish to unsubscribe from our list send an email to
mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=unsubscribe
To contact the list moderators send an email to
mikeswhatsnews-moderators@xxxxxxxxxxxxx
~*~*~*~*~
Other related posts:
- » [MikesWhatsNews] MWN #716 HackFix