How To Subscribe and Unsubscribe is at the end of this note. Mailing List Trouble? See http://www.langa.com/help.htm
Questions about the advertisers? See the end of this note. Please also see legal notices at the end of this note. LangaList: ISSN 1533-1156

Please recommend the LangaList to a friend! (And maybe win a prize!)

An easier-to read formatted HTML version of this newsletter is available
<a href=" http://www.langa.com/newsletters/20032003-09-15.htm ">here</a>

The LangaList
Standard Edition

2003-09-15

A Free Email Newsletter from Fred Langa
That Helps You Get More From Your Hardware, 
Software, and Time Online

Please visit our sponsors and help keep the LangaList S.E. free!

1) Auto-Reply Messages May Make You Vulnerable!

Have you been getting "virus detected in your email" notices for email messages you never sent? Most of us have.

Fred: Moan begins... I'm sure that this can't be happening only to me, but I'm now getting as many messages from email administrators/postmasters as I'm getting spam, which is a considerable sum.

These new nuisance messages are presumably in response to the recent wave of viruses that 'steal' email addresses from the address book of the infected system and use these as the 'sender'. The email servers are correctly identifying that the attachment is infected, but then insists on sending a warning message to the innocent 'sender'. In addition, there are messages telling me that accounts no longer exist or are full for email addresses that are unknown to me. Don't postmasters realise that they're amplifying the effect of these viruses by sending out these messages?

I appreciate that being notified of a delivery failure can be helpful to the sender, but if I do get a legitimate one, I'll never find it amongst the host of incorrect notices.

Moan ends/praise begins: Langalist Plus!: wonderful. Steve Gibson's site: brilliant. Both a must for my students (especially the ones who allow their machines to get infected )

Thanks for 'listening' ---Mike Robertshaw, School of Science & Technology, The Open University of Hong Kong

Mike is right--- these bogus "virus detected" emails are annoying. But it turns out that misdirected auto-replies are just the tip of a proverbial iceberg of problems:

At the very least, auto-reply, "out-of-office," "I'm away from my email..." and similar messages waste time and bandwidth (and sometimes, for businesses, it's a *huge* amount of time and bandwidth). But they also can do more, actually serving to vastly increase the amount of for-real spam mail you get, and even opening the door to new viruses, worms, and other hostile attacks!

It would take more space than is available in this issue to detail all the trouble that auto-reply messages can cause, and to show you the specific how-to steps you can take to avoid these problems. So, rather than gloss over this important topic lightly, I've devoted a whole new InformationWeek.Com column to it, available now at http://www.informationweek.com/story/showArticle.jhtml?articleID=14700320

There, I'll illustrate a three-pronged "hardball" solution that essentially eliminates *all* problems caused either by sending or receiving auto-replies.

Or, if that approach is too extreme, I'll detail a couple ways you can send and get auto-replies with minimal risk to you and your contacts--- *safe* ways to auto-reply.

Please click on over to http://www.informationweek.com/story/showArticle.jhtml?articleID=14700320 and check it out!

Click to email this item to a friend
http://www.langa.com/sendit.htm

return to top of page

2) Critical Update

You probably already know this, so I'll be brief: Late last week, Microsoft released a new "Critical" update for three newly-identified problems in XP, 2K, and NT; two "buffer overrun" issues (I've lost track of how many "buffer overrun" problems Microsoft software has... sigh) and a "Denial Of Service" issue. Windows 9x/Me are not affected by these problems.

Use Windows Update, or visit http://www.microsoft.com/technet/security/bulletin/MS03-039.asp for more detail.

Microsoft also launched some consciousness-raising subsites to try to jawbone people into taking basic precautions with their PCs. It's all old-hat to long-time readers of this newsletter (keep your system patched; use a firewall; run antivirus software), but the explosive growth of the last few worms proves that many, many other people are ignoring one or more of these very basic defense measures.

If you want to see the official Microsoft packaging of the above basic info, it's available in two flavors

Home:
http://www.microsoft.com/security/protect/

Pro:
http://www.microsoft.com/technet/technet/security/tips/pcprotec.asp

The "Home" version is a little warmer and fuzzier than the "Pro," but the basic info is the same in both: Keep your system patched; use a firewall; run antivirus software.

If you have friends running unprotected, you might want to share the above with them, and also show them this info on firewalls ( http://www.informationweek.com/story/IWK20020412S0009 and http://search.atomz.com/search/?sp-q=firewall&sp-a=0008002a-sp00000000 ) and this on antivirus software ( http://search.atomz.com/search/?sp-q=antivirus&sp-a=0008002a-sp00000000 )

Plus! Edition readers may wish to see item #12, below, as well: A head-to-head comparison of antivirus tools.

Click to email this item to a friend
http://www.langa.com/sendit.htm

return to top of page

3) Fred Gets Bitten By The "Cannot Update" Bug

Over the last year or so, I've gotten lots of emails like the one below, but never had any first hand experience with the problem---- until about a week ago!

As I usually do on a pretty regular basis, I checked for Windows updates on Microsoft's site and there was a new security update.. I have Windows Me and tried to install the update - it downloads but won't install. If I try again, I get a script error message, select yes and then the accept agreement is grayed out on the update window. It just wont go on my computer. I checked the forums for security on Microsoft's site and it looks like some other people have had the same problems, and with other security downloads too (although this is the only time I have had this happen). Was wondering if you had any other questions about this or ideas on what to do. I always like to have the security updates added on my computer.---Jennifer & Keith Smith

With no first-hand knowledge of what was going on with problems like the above, I've always had to give third-hand or general advice, but then--- for no obvious reason--- one of my PCs here suddenly could no longer use Windows Update. It was puzzling because I've set up all 11 PCs here the same basic way (allowing for differences in the OSes), use them in the same basic way, and connect through the same shared internet connection. Why would just *one* PC suddenly have trouble?

I went digging through a ton of web sites, trying to find both a fix for the specific issue, and more universal information on causes and cures.

Out of all the pages I searched, the one that had the best info is the oddly-named "MrScary" page at http://members.bellatlantic.net/~mrscary/winupfaq.htm . The information is unusually organized--- the most generally-useful info is at the bottom of the page.

In fact, that's where I found my fix: Item V, deletion of the "wuhist" log file, restored my system's ability to perform updates. Apparently, a local log file of past system updates was corrupted, which caused the Update engine to stall every time it tried to process the file. Once you know what it is, it's easy to fix--- just whack the file, and let the Update engine rebuild it from scratch.

The scripting problem that "Jennifer & Keith" reported also is covered there, in a separate item. In fact, there are many other fixes at the bottom of the page: It's hard to imagine an instance that at least one of the fixes there couldn't handle.

The top of the "MrScary" page contains specific info on individual update items. If you have a problem installing one particular update, then you may well find the fix there. But if your Windows Update itself is broken, so that you can't install anything, scroll down to the bottom the page: There's a goldmine of information there!

Click to email this item to a friend
http://www.langa.com/sendit.htm

return to top of page

--- ( Your Clicks On Ad Links Help Keep The LangaList S.E. Free! ) ---

"Hi Fred, I'm very happy to have upgraded to the Plus edition of the LangaList.
In just the past couple of months, I've stored and used more
of your tips and tweaks than anything else I've ever found on the internet.
Thanks for the help! I look forward to your next newsletter,
and hope that you may dig out some tips for those of us
 with some hair left to pull!" ---Frank DC

Thanks, Frank!

The LangaList Plus! Edition is ad-free, spam-proof,
and contains even more content--- tips, tricks, advice, downloads....---
than the Standard Edition you're now reading--- for just 14 cents an issue!

Get all the details:

<a href=" http://www.langa.com/plus.htm ">Click!</a>

--------------( the above is an advertisement )--------------

4) "Searchandclick Scumware"

Hi Fred,  I've been a subscriber to your LangaList for a number of years, and have greatly appreciated your articles, tips, and tweaks. I hope my experience with this particular piece of scumware will help repay all the good your newsletter has done for me over the years.

My son is into the cheat code sites for his PS2, and the game sites on the web. These seem to be prime locations for these bottom feeders to infect a person's computer. As a regular task, I run Spybot and AdAware to clean the junk he picks up off our computer. Startpage Guard has saved a lot of time too.

A couple days ago, when I fired up the computer, and IE, the address bar was changed to look like a search page text box, with a green "Go" button. No place to type a website name, and when "Go" was clicked, it took me to search.searchandclick.com, with listings like a search engine. Clicking view, toolbars, gave me the menu with a checkmark next to a blank area. I unchecked it, and got my address bar back. Next new window opened, it was back. I couldn't find ANY contact info on their site at all, ran Spybot and AdAware with no luck, and started searching all the anti spy/scum ware sites I knew. A Google search came up with nothing.

After two nights searching with no luck, I was getting just a bit . . . upset . . . I tried a search with their website name on my computer, figuring the code for this thing would have that in it . . . no luck. Just reference to the recent NeoTrace I ran on it.

I searched again, this time using "searchandclick" (one word) and . . . YES . . . found the little bugger. On my W2K machine, it was hidden in the system32 folder, in the dllcache folder as an .xml file, stlbdist.xml. I deleted it, and got my address bar back . . . or so I thought. The next day (today) when I fired up the computer, I did have my addy bar back, but it was greyed out . . . couldn't use it.

I remembered Spybot does have a tool that shows all the BHOs. It listed one, buried back in the system32 folder again, as stlbdist.dll . I toggled it off, tried IE, and FINALLY, got my address bar back for good.

I really hope this will help anyone who gets hit with this bottom feeding, scum sucker's little game. Sites that pull this kind of garbage should have no recourse for anything anyone does to their site to get even.

Again, thanks for the years of great information, and am looking forward to the next LangaList in my Inbox. ---Brian

This actually raises a couple issues:

First, I agree it's bad--- bordering on malicious--- when a tool installs with no reasonable uninstall mechanism. It's also beyond the pale when a tool aggressively installs itself without abundant prior warnings, or with the warnings buried in a fine-print or small-print notice to make things technically legal. (I don't know if that's the case here; but it's a too-common practice.)

But the other main issue is the danger in using Admin-level accounts for routine web surfing--- especially surfing of potentially dangerous sites. XP, Win2K, and NT all allow easy creation of restricted accounts. These accounts can be limited so that it's difficult or impossible for someone using that account to make system-wide changes. Things like an unwanted toolbar that tries to install itself system-wide either won't work at all--- the install will fail--- or it'll install only on the limited account. Either way, the system as a whole remains safe! 

Click to email this item to a friend
http://www.langa.com/sendit.htm

return to top of page

5) Free Virtual PC

Click to email this item to a friend
http://www.langa.com/sendit.htm

return to top of page

6) Don't Make Me Beg! :-)

If you think the LangaList is a worthwhile read, maybe a friend would find it useful too! Just use the following link to recommend the LangaList---your friend may find a new source of useful information and you just may win one of three FREE ONE YEAR SUBSCRIPTIONS to the LangaList Plus! edition given each month. (If your name is drawn and you're already a Plus! subscriber, your current subscription will be extended by a full year.)

Check out the details at http://www.langa.com/recommend.htm . Thanks for recommending the LangaList--- and good luck!

Click to email this item to a friend
http://www.langa.com/sendit.htm

return to top of page

7) "Only For Gurus" (Not Really!)

Frequent writer Eran Rosenmann suggests this:

Click to email this item to a friend
http://www.langa.com/sendit.htm

return to top of page

8) Code Load Success Story

Code-loader Norm Laramee writes:

Fred, About 7pm I began to get all kinds of alarm messages from my website tracking service. At first I thought I was getting attacked and for the life of me could not figure out why all of a sudden my hits were through the roof.... As of this moment they just keep coming. I didn't really figure it out until late this morning when I realized that I had received your news letter at the very same time. I had not yet looked at it but when I did, and I saw my site listed in the Loaded the Code section, that's when I realized what was going on. I'm sure you get this all the time, but for me, this is unbelievable. Just wanted to let you know that I am thrilled to get the traffic. Thank you and thank all of your subscribers. Attached is a copy of my stats report. It looks like a !*#@%$# explosion! Thanks, Norm Laramee http://foodthatkeeps.com

Do you have a home page or website? (It doesn't matter what size.) Please click over to http://www.langa.com/code.htm , and maybe you can join the thousands of LangaList readers who have "Loaded the Code!" (If you've already "Loaded The Code" and are wondering if your site will appear here or on the Langa.Com web site, please see http://www.langa.com/link.txt )

Speaking of which: Here's another eclectic sample of reader sites--- some professional, some very personal:

View A Randomly-Chosen Reader Site
http://www.langa.com/randomlink.htm

Manually Browse All Posted-to-Date Sites Starting At
http://www.langa.com/readersites.htm

PC Help Mobile
http://www.ralphcaddell.com/pchelp/

Sunfire Barbie
http://www.angelfire.com/me/rondog/debra/sunfirebarbie.html

Youth hockey site
http://www.scspartans.org/home.html

Pops Page
http://members.tripod.com/pops_page/index.htm

Kid's Cedar Adirondack Rocker
http://hometown.aol.com/sse4mt/KIDR.html

DHK Bookmarks
http://dhkbookmarks.home.comcast.net/index.htm

Raymond Dale
http://www.raymonddale.net/1004doc.htm

eBooks and More
http://abenitez-ebooksandmore.com/

AnRon
http://www.anronproductions.terrashare.com/

Duggin's World
http://www.duggin.net/

Click to email this item to a friend
http://www.langa.com/sendit.htm

return to top of page

9) Weird (But Free!) Monitor Fix

Click to email this item to a friend
http://www.langa.com/sendit.htm

return to top of page

10) Just For Grins

This week, two related items:

1) Reader Bill Webb sent this along:

Fred, Check this link. It may tell a lot about your problems with spam filters. ---Bill
http://lists.debian.org/debian-cd/2002/debian-cd-200206/msg00025.html

Yikes! It's a variant of the ancient "Nigerian Scam" email, but this time from one "Col. Frank Langa" in the Congo. We're not related, honest! <g>

The classic Nigerian scam goes back 20 years or more: It was originally circulated by fax. But even the first versions were much like the current ones: Someone claims to be a member of the ruling family or a government official in a small country, usually in Africa; they've somehow ended up with a ton of money that they need to move offshore immediately; and they'll pay you--- a total stranger--- some large percentage of the fortune to let them move their cash through your bank. All they need, of course, are the details on how to access your bank accounts electronically....

The scam is old and shopworn, but it must still work because it's still circulating. That leads to item #2:

2) Reader Henk Frijters sent along this link http://j-walk.com/other/conf/index.htm to an absolutely wonderful spoof page announcing "The 3rd Annual Nigerian EMail Conference: Write better emails. Make more moneys."

The agenda includes a debate between Lady Mariam Abacha and Mr. Godwin Oyathelem on "The effectiveness of using all UPPERCASE characters;" and a Tech Session where Mrs. M Sese-Seko reveals valuable secrets about "Those Pesky Email Headers."

The page is a marvel. Check it out!

Click to email this item to a friend
http://www.langa.com/sendit.htm

return to top of page

11) Plus! Edition Highlights:

• Free Downloadable Dictionary/Thesaurus
     (142,000+ words!)

• Head-To-Head AntiVirus Comparison
     (how does yours fare?)

• Make Your Own Custom Linux Distro
     (make an OS that's exactly the way you want!)

The Plus! edition is only pennies per issue, and comes with a MONEY BACK
GUARANTEE from Fred. How can you lose? Check out the details:
http://www.langa.com/plus.htm

Click to email this item to a friend
http://www.langa.com/sendit.htm

return to top of page

(Want to give a gift subscription to the LangaList Plus edition?
Click <a href= " http://www.langa.com/plus_gift.htm ">here</a>)

See you next issue!

Best,

Fred
( Editor@Langa.Com )

Please recommend the LangaList to a friend! (And maybe win a prize!)

An easier-to read formatted HTML version is available in the "Current Issue" section of http://www.langa.com.  (The HTML version of each issue normally is available by 9AM EST [UT-5] of the issue date.) All past LangaList issues are also available at the Langa.Com site.

return to top of page

Administrivia:

UNSUBSCRIBE: From the same email account you used to sign up with), send an email to
unsubscribe-langalist@lyris.dundee.net

SUBSCRIBE (it's free!): Create and send a new email to
subscribe-langalist@lyris.dundee.net

CHANGE ADDRESS? LIST TROUBLE? HAVE QUESTIONS? OTHER PROBLEM? NEED HELP? See http://www.langa.com/help.htm

This newsletter is SPAM PROOF and requires two levels of subscriber confirmation before delivery begins: See http://www.langa.com/info.htm

About the advertisers: http://www.langa.com/privacy.htm#ads

Disclaimer: http://www.langa.com/legal.htm  In brief: All information herein is offered as-is and without warranty of any kind. Neither Langa Consulting LLC, nor its employees nor contributors are responsible for any loss, injury, or damage, direct or consequential, resulting from your choosing to use any information presented here.

This newsletter is a service of Langa Consulting LLC and is Copyright © 2003 Fred Langa / Langa Consulting LLC. All worldwide rights reserved. LangaList: ISSN 1533-1156

return to top of page