E-Musings Mon Immorata

Sober Up Or Fall Victim New Sober.j virus strain's another annoyance but good spyware like Spybot and Ad-Aware help control bandwidth misuse. Plus a site dedicaed to spyware and an excellent resource about software, organized by genre. There's sobering news if you'll pardon my intended pun. There's a new Sober.j (W32/Sober-I, Sober.I, W32/Sober.j@mm, W32.Sober.I@MM) epidemic in the making. Over the weekend came reports that the virus was in the wild in North America and Europe. And its spread to Asia is probably happening as I write these words (and as you read them). This worm, first reported in October 2003 (and last mentioned by me in mid-March 2004) pretended to be a Microsoft system upgrade supposedly targeting the rival MyDoom virus. Although the new version too attempts to download software from a remote location the feature times out from lack of response. This email-borne virus arrives as an executable mail attachment. The infected message body reads

*-*-* Mail_Scanner: No Virus
*-*-* - Anti_Virus Service
*-*-* http://www.

and on execution generates a fake error message while secretly dropping 2 files into the Windows folder. The worm harvests your hard drive for email addresses then sends copies of itself to them using the built-in SMTP engine. Trend Micro has a very neat Virus Behavior flow chart detailing the attack. Sober is an annoyance and in the current strain, its difficult to manually remove the virus files. Which are loaded into (protected) system memory. Deleting one file causes it to be recreated by the other one! Luckily the worm can be removed by antivirus programs. If you have a firewall configured, I recommend limiting SMTP (Port 25) access to your default email client only. While on user security, I hope you use spyware scanners and update their signatures regularly. Also don't trust all-in-one solutions which aren't as efficacious as their developers would have consumers believe! I use SpyBot Search & Destroy as well as Ad-Aware SE Personal. Why two indeed? That's because I find that one alone is insufficient protection. However I consider Spybot the more effective solution as its more efficient at detecting and deleting real spyware instead of waste (my) time locating tracking cookies. One repetitive annoyance about Ad-Aware SE is the version is being perpetually upgraded (latest: November 25, 2004) along with the reference file (latest: November 25, 2004). Howevr the application's version numbering doesn't reflect changes. And the version updated October 27, 2004, for some reason includes a spyware definitions file that (on November 28, 2004) was 76 days old! I also use CCleaner that manages to go where Windows own clean-out processes don't venture. And is a hyper-efficient system cleaner. Its recently been updated to v1.15.078. And now includes custom folder cleaning. As well as improved Firefox, Opera cache, Office 2003, Real Player, Quicktime, Windows Management Console and Remote Desktop MRU cleaning for all Windows variants. There's also Recycle Bin cleaning for Windows 95/NT. Computer Associates Spyware Information Center, originally launched as a tie-in with its eTrust PestPatrol Anti-Spyware, an informative anti-spyware site. According to CA, Kazaa P2P (peer-to-peer) is at the top of a long list of application that degrade network performance, consuming vast amounts of storage and creating security issues. Other threats include Ezula TopText reference tool (desktop ads), Adopt.Hotbar.com (tracks Web usage), GameSpy Arcade (installs adware) and Download Accelerator Plus (changes browser settings, displays pop-under ads and shares usage information silently with developer site without a user's explicit permission). There's bad news for Winamp lovers. Winamp 5.06 and older versions experience a critical vulnerability in the IN_CDDA.dll file. This allows attackers to execute arbitrary code using a malformed .M3U play list that will be auto-downloaded and opened without user interaction. The first you'd realize something was amiss is when files suddenly began vanishing. As it's unlikely a patch will be made available since there's no product development team at AOL. The last developer left a couple of ago. I advise those (still) wedded to this software to look for a (safer) alternate. And if you must continue, do consider permanently disabling the built-in browser. There's also a marginally updated version of Copernic Desktop Search. This brings performance optimizations, new customization options, interface improvements and bug fixes. It indexes Outlook/Outlook Express mail and file attachments as also the Windows Address Book. And can display the contents of email attachments (limited file types). Although out-of-the-box, this doesn't index the Thunderbird Address Book, you can custom-add the folder (%Application Settings%\Thunderbird\Profile). Although Copernic Desktop Search is a great utility, it hijacks your browser's role as a Web search tool. Something I'm not entirely comfortable with. At work I use Lookout Software (now acquired by Microsoft) Lookout Outlook plug-in. That indexes not only mail folders and My Documents (default), but other folders added to the index list. As well as mapped network folders, and more. And while it lacks a message attachment search, you can find the message. However, Lookout does choke on specific file attachment types including .EML and .MSG. Of course you don't need a desktop search application if you organize your computer data storage. I typically have an entire drive devoted to documents. Another to downloads. A third to music. And so on. And within each there are descriptive sub-folders (after all from Windows 2000 onwards 254-character file name support is integrated). That in turn, as needed, have calendar-specific sub-folders using a YYMM naming convention. All you (and I) need to ensure is not to use too many levels. And finally, here's a peek at The Great Software List that claims to advocate the great, ignores the mediocre. Actually I've been meaning to showcase this all-in-one resource that groups software by genre (e.g. Word Processing; Text Editing; Database, Spreadsheet; Email, Chat; File Utilities; Printing, Fonts; Outlining, PIM, Calendar; Image Viewers/Editors, etc). The home page also features the latest additions and the last update date. Each individual category lists software with a brief write up, screen shot, rating and a download link. And while not all tools listed are free they are the best of their type. Click Here to Email Me