[MikesWhatsNews] MWN #717 HackFix
- From: "Mike" <mikebike@xxxxxxxxx>
- To: mikeswhatsnews@xxxxxxxxxxxxx
- Date: Thu, 29 Jan 2004 16:49:57 -0800
MikesWhatsNews, 30, 01, 2004
in today's issue #717
Virus Alert MyDoom/Novarg
HackFix Updates
2 UserFriendly.org
3 pdf995 suite
4 The Number Jack game
5 PureText
6 ShareWatch
7 Linda's Screensaver
8 CCC Winamp Pilot
9 Removing The Marks When Forwarding OE6
10 Bazooka Adware and Spyware Scanner
11 How to Repair Windows XP
____________________________________________________________
NOTE: Any time you see the " ++ ", it means there is more
of the article, or story, on the linked site. Mike
____________________________________________________________
There is a complete archive of past MikesWhatsNews newsletters
available to members on the Yahoo page, it is searchable by word
or issue #. Here is the address direct to the messages;
http://groups.yahoo.com/group/MikesWhatsNews/messages
and; http://www.freelists.org/archives/mikeswhatsnews/
____________________________________________________________
Please rate this Ezine at the Cumuli Ezine Finder
http://www.cumuli.com/ezines/ra20853.rate
<a href="http://www.cumuli.com/ezines/ra20853.rate";>
AOL Users</a>
___________________________________________________________
I-Worm.Mydoom.b
From; Kaspersky http://www.viruslist.com/eng/viruslist.html?id=850737
Mydoom.b is a modification of Mydoom.a that spreads via the Internet in the
form of files attached to infected messages and via the Kazaa file-sharing
network. The worm itself is a Windows PE EXE file of 29184 bytes, compressed
using UPX and PE-Patch. The decompressed file is approximately 49KB in size.
The worm is activated only if the user opens the archive and launches the
infected file by double-clicking on the attachment. The worm then installs
itself in the system and starts the replication process.
The worm contains a backdoor function, and is also programmed to carry out
DoS attacks on the sites www.sco.com and www.microsoft.com.
Part of the body of the worm is encrypted.
The unpacked file contains the following text:
(sync-1.01; andy; I'm just doing my job, nothing personal, sorry)
++ There is more on the web site.
Kaspersky's CLRAV remover;
CLRAV scans the computer memory and hard drive of the infected machine,
neutralizes the worm and restores the original configuration of the Windows
system registry.
Additionally, this removal tool copes effectively with other malicious
programs, including Klez, Lentin, Opasoft, Tanatos, Welchia, Sobif, Dumaru
and Swen. Given the current outbreak, CLRAV is most useful for users, who
have installed anti-virus protection that does not detect and delete Mydoom
correctly.
Kaspersky Labs recommends that users close all active applications before
launching CLRAV.
Once the utility is installed, the machine must be restarted. Finally, it is
best to launch an anti-virus scanner to perform a comprehensive virus check.
You can download CLRAV from ftp://ftp.kaspersky.com/utils/clrav.zip
__________________________
For more information see;
http://www3.telus.net/mikebike/MyDoom-B%20worm.html
Sophos: http://www.sophos.com/virusinfo/analyses/w32mydoomb.html
Computer Associates; http://www3.ca.com/virusinfo/virus.aspx?ID=38114
Symantec:
http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.b@xxxxxxx
Network Associates free on line scan can detect and remvoe MyDoom.B
http://vil.nai.com/vil/stinger/
Zone Alarm can "Lock host file" to prevent changes there;
http://download.zonelabs.com/bin/free/securityAlert/6.html
_____________________________________
Virus ALERT My Doom/Novarg
Aliases: Novarg, W32.Novarg.A@mm, Win32/Shimg, WORM_MIMAIL.R
Detailed technical description of the worm as well as screenshots are
available in the F-Secure Virus Description Database at
http://www.f-secure.com/v-descs/novarg.shtml
Mydoom.A. is designed to attack and saturate networks of any size.
It also creates a backdoor in the in infected computers which could allow
hackers to steal or compromise key corporate data.
Bitdefender;
http://www.bitdefender.com/bd/site/virusinfo.php?menu_id=1&v_id=185
remover download at the bottom of the page
McAfee
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100983
From PANDA
http://www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?lst=sol&id
virus=44140
For this reason, in order to stop Mydoom.A from continuing to spread through
computers without adequate antivirus protection installed, Panda Software
offers all users its free PQremove tool, which detects and eliminates
Mydoom.A from infected computers and restores any changes this worm has made
to the system configuration.
http://www.pandasoftware.com/download/utilities
Users can also detect this and other malicious code using the free, online
antivirus, Panda ActiveScan, which is available on the company's website at
http://www.pandasoftware.com/
From Symantec/Norton
http://www.symantec.com/techsupp/vURL.cgi/nav120
Download the FxNovarg.exe file from:
http://securityresponse.symantec.com/avcenter/FxNovarg.exe.
___________________________________________________________
HackFix updates, thanks to Christy;
staff@xxxxxxxxxxx
Http://www.hackfix.org
This weeks Virus Pattern Updates (01/29/2004)
All Software listed Alphabetically by Company name as some
companies manufacture more then one product.
Aladdin Knowledge Systems
Esafe Desktop/Gateway/Enterprise
Last Updated Jan 29/2004
To update your software
Visit: http://www.esafe.com/esafe/downloads/virusig.asp
Or
From the Esafe folder in your Start Menu select Download Updates
~~~~~
AlWil Software
Avast Antivirus
Last Updated Jan 29/2004
To update your software:
Visit: http://www.avast.com/i_kat_69.html
Or
Right click on the AVAST icon in the system tray, Select iAVS Update,
AVAST will check for updates and download the appropriate files as needed.
~~~~~
Authentium Software Systems
Command antivirus
Last Updated Jan 29/2004
To update your software
Visit http://www.authentium.com/support/downloads/index.cfm
~~~~~
Center for Antivirus Technologies (CAT)
Quickheal
Last Updated Jan 29/2004
To update your software
Visit: http://www.quickheal.com/winupg.htm
Or
Open Quickheal select Utility from the top toolbar and liveupdate.
Follow the onscreen prompts.
Alternately you can select Liveupdate directly from the
QuickHeal program menu on the startmenu.
~~~~~
Frisk Software Systems
Fprot
Last Updated Jan 29/2004
To update your software
Visit: http://www.f-prot.com/download/home_user/
~~~~~
Computer Associates
E-Trust
Last updated Jan 29/2004
To update your software
http://support.cai.com/Download/virussig.html
Or
From the Respective folder in your Start Menu select Autodownload
For Vet Anti virus
http://www.vet.com.au/html/software/update.html
Be sure to have your Customer ID and your registered email address
handy for verification.
**Note**
We knew this time would come eventually, that Computer Associates
would not continue to support/update the older program
https://www2.my-etrust.com/services/ipe_support??
~~~~~~
GeCad Software
Rav (Reliable AntiVirus)
Last Updated: Jan 29/2004
To update your software:
Visit:
http://www.ravantivirus.com/pages/dldupdate.php?type=Daily
Or
Open Rav and select Rav Update from the toolbar
~~~~~
Grisoft Inc.
AVG
Last updated Jan 29/2004
To update your software
Visit: http://www.grisoft.com/us/us_index.php
Or
Open AVG and click Virus Database to check for updates
Or
Open AVG control centre and click Update Manager/update now
**Note: To help speed up AVG updates you can set your program to use
an alternate download site.
Open AVG control centre->update manager->download from server. The
drop downbox should have listed www.grisoft.com (default) and
www.grisoft.cz. (be sure to select "apply" when done to save the changes)
The default site is most often used so can at times become temporarily
unavailable. By using the secondary site (www.grisoft.cz) helps to ease
the server and makes your update go quicker as most don't use it!
~~~~~
H+Bedv
AntiVir
Last updated Jan 28/2004
To update your software
Visit: http://www.free-av.com/antivirus/allinonen.html
Or
Open AntiVir, from the top toolbar select Tools->
start internet update and follow the on screen prompts.
Vexira
Last updated Jan 28/2004
To update your software
Visit: http://www.centralcommand.com/updates.html
Or
Open Vexira, from the top toolbar select Tools->
start internet update and follow the on screen prompts.
Vexira Antivirus is marketed by Central Command however it is the same
program as Antivir with only a different name.
~~~~~
Kaspersky
Kaspersky Anti-Virus (formerly AVP)
Last updated Jan 23/2004
To update your software
Visit: http://www.kasperskylabs.com/updates.asp
Or
Open AVP from the top toolbar click Tools-> Update virus definition
Or
From the Kaspersky folder in your Start Menu select AVP updater
*Note* Avp now has available a cumulative update and a
daily update with the daily being any important items they
feel shouldn't wait till the next cumulative update. Our
dates here are based on the most recent Major update.
**Note: Improved update accessiblity. To ease the update web traffic
Kaspersky labs has additional servers for autoupdating. The program
defaults to use one server but can be altered to check a variety of
servers. Select Kaspersky updater, select update via the internet to
open the drop down box(es) select "location" Check the box labeled
"Use alternate locations from the list" select next and next to update.
This option should stay selected after the first time. This helps
Kaspersky lighten the load for updates and helps you obtain updates
easier.
~~~~~
Network Associates
Mcafee
Last updated Jan 28/2004
To update your software
For Mcafee Visit
http://www.networkassociates.com/us/downloads/updates/superdat.asp
(for Virus and Engine updates)
Drsolomn (Product no longer available for new users however
updates still available for current users): Go to the following
Internet site: http://download.mcafee.com/updates/4x.asp
IMPORTANT: When you get to this site you may notice that it refers
to VirusScan. This update is not only for VirusScan. It also works
with Dr.Solomon's.
Or
Open your respective software virus scan scheduler, double click
Auto update, click Run Now to do a manual live update, or click
Schedule to set up a timed live update.
~~~~~
Norman Data Defence
Norman Virus Control
Last updated Jan 29/2004
To update your software
Visit:
http://www.norman.com/downloads.shtml#definition_files_updates
Be sure to have your Valid Username and password handy for verification.
Or
From the Norman folder in your Start Menu select Internet Update
**Note Norman Virus Control web updates are only for version prior to
5.0. Norman 5.0 can only be updated via the update in the program itself.
Thunderbyte Anti Virus
Current Version: This product is no longer being supported.
http://www.norman.com/tbav.shtml
~~~~~
Softwin
BitDefender (Previously known as AVX - AntiVirus eXpert as of Nov 06/01)
Last Updated Jan 23/2004
To update your software
Visit:
http://www.bitdefender.com/bd/site/downloads.php?menu_id=19&s_id=3
Or
Open BitDefender select Protection Options->live upgrade
Or
From the BitDefender folder in your Start Menu select Bitdefender Live
Press Release on the software change
http://www.bitdefender.com/press/ref1.php
~~~~~
Sophos
Sophos Anti Virus
Last IDE available Jan 29/2004
To obtain the latest IDE files
Visit: http://www.sophos.com/downloads/ide/
**Note: Sophos does not update as other products do. They update
the Engine/software once a month (or so) to include all the previous
IDE files. New IDE files are available with new virus threats and must
be downloaded individually until the next software update is available.
Our update dates reflect the most recent available IDE file.
~~~~~
Symantec
Nortons AntiVirus
Last updated Jan 29/2004
To update your software
Visit:
http://www.symantec.com/avcenter/defs.download.html select
your language -> product from the list
Or
Open Nortons software and click the "live update" button
Or
From the Nortons folder in your Start Menu select LiveUpdate -
Norton Antivirus
~~~~~
Trend Micro
PcCillin
Last updated Jan 28/2004
To update your software
Visit: http://www.antivirus.com/download/pattern.asp
Be sure to have your Registration number handy for verification
Or
Open PcCillin click Update then click Update Now (or Update later
to Schedule a timed update)
~~~~~~~~~
If there is an Anti Virus program that is Not listed here that
you would like to see added to the weekly updates list Please
feel free to let us know.
Remember Your anti virus software is only as good as the user...
If you don't keep it updated it won't provide you with maximum
protection.
This weekly Update will be sent every Thursday on or after
6pm (eastern) to keep you up to date on virus pattern updates
available. Virus patterns are checked for most recent update
date as of 6pm Thursdays.
~~~~
~ Hackfix Project Staff
staff@xxxxxxxxxxx
Http://www.hackfix.org
____________________________________________________________
2
UserFriendly.org
http://www.userfriendly.org
Real life tech stories humorous
____________________________________________________________
3
The pdf995 suite of products - free
http://www.pdf995.com/
Windows 95, 98, 2000 and ME, NT 4.0 and XP
Pdf995, PdfEdit995, and Signature995 - is a complete solution for your
document publishing needs.
It provides ease of use, flexibility in format, and industry-standard
security- and all at no cost to you.
Pdf995 makes it easy and affordable to create professional-quality documents
in the popular PDF file format. Its easy-to-use interface helps you to
create PDF files by simply selecting the "print" command from any
application, creating documents which can be viewed on any computer with a
PDF viewer. Pdf995 supports network file saving, fast user switching on XP,
Citrix/Terminal Server, custom page sizes and large format printing. Pdf995
is a printer driver that works with any Postscript to PDF converter. The
pdf995 printer driver and a free Converter are available for easy download.
http://www.pdf995.com/download.html
PdfEdit995 offers a wealth of additional functionality, such as: combining
documents into a single PDF; automatic link insertion;
hierarchical bookmark insertion; PDF conversion to HTML or DOC (text only);
integration with Word toolbar with automatic table of contents and link
generation; autoattach to email; stationery and stamping.
More details at www.pdfedit995.com .
Signature995 offers state-of-the-art security and encryption to protect your
documents and add digital signatures.
More details at www.signature995.com .
The Pdf995 Suite offers the following features, all at no cost:
Automatic insertion of embedded links
Hierarchical Bookmarks
Support for Digital Signatures
Support for Triple DES encryption
Append and Delete PDF Pages
Batch Print from Microsoft Office
Asian and Cyrillic fonts
Integration with Microsoft Word toolbar
PDF Stationery
Combining multiple PDF's into a single PDF
Three auto-name options to bypass Save As dialog
Imposition of Draft/Confidential stamps
Support for large format architectural printing
Convert PDF to JPEG, TIFF, BMP, PCX formats
Convert PDF to HTML and Word DOC conversion
Convert PDF to text
Automatic Table of Contents generation
Support for XP Fast User Switching and multiple user sessions
Standard PDF Encryption (restricted printing, modifying, copying text and
images)
Support for Optimized PDF
Support for custom page sizes
Option to attach PDFs to email after creation
Automatic text summarization of PDF documents
Easy integration with document management and Workflow systems
n-Up printing
Automatic page numbering
Simple Programmers Interface
Option to automatically display PDFs after creation
Custom resizing of PDF output
Configurable Font embedding
Support for Citrix/Terminal Server
Support for Windows 2003 Server
Easy PS to PDF processing
Specify PDF document properties
Control PDF opening mode
Can be configured to add functionality to Acrobat Distiller
Free: Creates PDFs without annoying watermarks
Free: Fully functional, not a trial and does not expire
Over 5 million satisfied customers
Over 1000 Enterprise customers worldwide
++
____________________________________________________________
4
The Number Jack Game
http://www.mywirelesskit.com/games-dec192003.html
The number jack is a great game to juggle round the numbers to get them in
order.
There are 8 levels in the game. Starting from 3 to 10.
As the level goes on increasing so do the number of columns and rows....
This is a game which you can spend whole night playing and wont get bored
of.
++
____________________________________________________________
5
PureText 2.0
http://stevemiller.net/PureText/ free
Have you ever copied some text from a web page, a word document, help, etc.,
and wanted to paste it as simple text into another application without
getting all the formatting from the original source?
PureText makes this simple. Just copy/cut whatever you want to the
clipboard, click on the PureText tray icon, and then paste to any
application. Better yet, you can configure a Hot-Key to convert and paste
the text for you. The pasted text will be pure and free from all
formatting.
____________________________________________________________
6
ShareWatch 1.0
http://stevemiller.net/sharewatch/
ShareWatch allows you to see who is connected to a computer and what files
they are accessing. Have you ever wondered why your hard drive or modem is
active, but you aren't doing anything to cause it to be active? It is
possible a remote user is accessing your computer. Have you ever had a file
locked but you don't know why? ShareWatch can tell you if a network user is
using the file and allows you to disconnect them so that you can edit/delete
the file. Have you ever wanted to shutdown a computer, but don't want to
drop people using the computer. ShareWatch will show you all resources in
use by remote users.
++
____________________________________________________________
7
Linda's Screensaver free
OK...since there has been so much talk about screensavers on the net and how
they include spyware and trojans, I decided to kill two birds with one
stone...so I made a screensaver that shows what could happen if you don't
protect your computer LOL
You can see a demo here (tho the actual screensaver is better)....go to this
page and click on the button that says "Album" to run the demo:
http://personal-computer-tutor.com/scr/pow.html
If you like it, you can download it free here:
This one has music (which you can turn off in the settings, if you don't
wanna hear Patsy), so this one is a bigger download:
http://personal-computer-tutor.com/scr/IFallToPieces.zip
This one is silent, so it's smaller:
http://personal-computer-tutor.com/scr/kapow.zip
Just download the zip file and extract the exe file to a location of your
choice, then double click the exe to install it.
Let me know what you think....I PROMISE you these have NO spyware!!!
Linda F. Johnson, M.A., MOS
Linda's Computer Stop
http://personal-computer-tutor.com
Free e-Books, Newsletter, and tutorials
____________________________________________________________
8
'Christy's Computer Corner'
thanks to Christy;
http://www.1stpick.org
Winamp Pilot Freeware
http://www.stars.benchmark.pl/winamp/
Everyone likes to listen to music while they work.
Having Winamp playing your favorite tunes while you type a letter or play
FreeCell is always nice, but it's a pain in the neck to bring Winamp to the
front in order to cycle through the playlist.
Why click?
This add-on hides in the upper right-hand corner of your screen and gives
you access to Play, Stop, Skip, and Pause buttons.
~~~~~~~~
9
Removing The Marks When Forwarding Outlook Express 6 E-mail
When you forward e-mail, you may not want the recipient to get all those <
marks that are used to indent an original message. You don't have to use
these marks in Outlook Express 6.
Just choose Tools|Options.
When the Options dialog opens, click the Send tab.
Now, under "Mail Sending Format" click Plain Text Settings.
Deselect the check box labeled "Indent the original text with < when
replying or forwarding" and then click OK.
Back in Options, click OK to close the dialog box and save your new
selection.
Was this forwarded to you ?
Get your own subscription here:
<1stpickPCtips-request@xxxxxxxxxxxxx?Subject=subscribe>
____________________________________________________________
10
Bazooka Adware and Spyware Scanner Free MWN #717
http://www.kephyr.com/spywarescanner/index.html
Bazooka Adware and Spyware Scanner detects a multitude of spyware, adware,
trojan, keylogger and trackware components; sources of irritation that
antivirus software does not deal with. The scanning process will only take a
fraction of a second and tell you how to uninstall the invasive spyware or
put you in contact with the spyware developer for the most up-to-date and
safe uninstall instructions.
Spyware and adware is often bundled with software such as Kazaa, Morpheus,
Grokster, Imesh, Xolox, Gnutella and a myriad of other programs, and in many
cases installed without your knowledge. Some send information about your
surfing habits to ad companies, which target you with popup ads that fit
your preferences.
Bazooka Adware and Spyware Scanner search for Gator, GAIN, Bargain Buddy,
CommonName, FlashTrack, IPInsight, n-CASE, NetRatings, NewDotNet, SaveNow,
Wurldmedia, etc. The complete list is available here. To stay up-to-date
with the latest spyware and adware software Bazooka downloads the threat
definitions from the web.
freeware and Windows 95/98/ME/NT/2000/XP compatible.
____________________________________________________________
11
How to Repair Windows XP by Installing Over top of Existing Setup
http://www.webtree.ca/windowsxp/repair_xp.htm
Otherwise:
1.. Boot the computer using the XP CD.
You may need to change the boot order in the system bios.
Check your system documentation for how to access
the bios and change the boot order.
2.. When you see the Welcome To Setup screen, do not choose to repair your
installation using the Recovery Console.
3.. Press Enter to start the Windows Setup program.
4.. Accept the License Agreement and Windows will search for existing
Windows installations.
5.. Select the XP installation you want to repair from the list and press
R to start the repair.
6.. Setup will continue as if it were doing a clean install, but your
applications and setting will remain intact.
7.. Reapply any updates that were applied since initial Windows XP setup.
____________________________________________________________
If you wish to unsubscribe from our list send an email to
mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=unsubscribe
Antivirus software is a good choice to scan your system for possible viruses,
however no virus scanner is 100% effective as manufactures cannot keep up with
the rapid change of viruses that happens daily.
Be sure to update yours regularly.
http://www.hackfix.org/software/antivirus.html
______________________________________________________________________
Please feel free, to offer constructive criticism, as that will help me keep it
interesting.
I also welcome any submissions about new products, web pages, or articles of
interest.
All submissions posted in MWN will be given proper credit.
"MikesWhatsNews" believes in giving credit where credit is due but at times
deadlines and information that is very important to readers we accidentally
misspost an item.
If you believe something to be miscredited, or you know the author of one of
the articles which we have posted as 'unknown', please do let us know so we can
correct the information where applicable.
Many times in a article you may see a click here for more information, or to go
to a link, these often will not work, as the original information, was taken
from a page with HTML links. This is when you will want to go to the webpage
indicated in the article, ++ ,for 'the rest of the story'
***MfM*** indicates that I am adding my own information to a particular
article.
`~*~*~*~*~*~`
Mike ~It's a good day if I learned something new.
You can read a sample of my newsletter on my web page http://www.mwn.ca
My virus pages ~ http://virusinfo.hackfix.org
mytech@xxxxxxxxxxx
~*~*~*~*~
Was this forwarded to you? Want to subscribe? Send an email
to mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe.
For a complete list of email commands for our list send an email
to ecartis@xxxxxxxxxxxxx with a subject line of "info mikeswhatsnews" without
the quotes.
If you wish to unsubscribe from our list send an email to
mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=unsubscribe
To contact the list moderators send an email to
mikeswhatsnews-moderators@xxxxxxxxxxxxx
~*~*~*~*~
Other related posts:
- » [MikesWhatsNews] MWN #717 HackFix