Stop Popup Ads For Free
 
   
WindowsReinstall.com Newsletter (Winrag) - ( 14th August 2003 )
 

Issue 4

 (c) www.Windowsreinstall.com, Mark Walmsley 2003

Subscribe/Unsubscribe link is at the bottom of this page, click here.

Sponsor - Check out www.tipsdr.com for great Tips and Tricks

This newsletter is now available in the member area.  Click here for more information

 

Welcome

 

Welcome to issue 4. This issue has been rushed through due to the 2 weeks break I had during the month. But hopefully you will enjoy it as much as the others. Please note the security warning if you are using Windows NT, 2000, 2003 or XP. You must patch before August 15th.

The newsletter has now been extended covering more subjects, but this edition is for the www.windowsreinstall.com members area, located at http://member.windowsreinstall.com. If you are already a member then go to that link. If you wish to become a member then Click here for more information

The signups for the newsletter have now exceeded over 3500. The growth rate of the newsletter has been remarkable since our launch on the 14th May 2003.

If this is your first newsletter then feel free to read previous issues. Click here to go to the main index page.

Remember at anytime you can unsubscribe. The subscribe/unsubscribe link is at the bottom of this page, click here.

Anyway, we hope you enjoy this issue, if you wish to have a subject covered, wish to send feedback or have an article of your own you want featured then mail newsletter@windowsreinstall.com

Members Area

 

The members area for WindowsReinstall.com the mother of this Newsletter WinRag can be previewed from the following page. 

http://www.windowsreinstall.com/ebook/members.htm

The members area has troubleshooting guides, install guides, free downloads, 3rd party e-books, games, etc plus now an extended version of this newsletter.

Access to the area is only $35 for first year then $5 a year afterwards, you can signup from the below link The area is continually being updated, with many new plans in the pipeline.

http://www.windowsreinstall.com/ebook.htm 

 

2 Useful Links

Due to time constraints I was unable to do a site of the month review this issue, but shall return next month. Instead some useful links.

Learn How to remove a virus from the following link 

http://www.windowsreinstall.com/install/virusremoval/index.htm 

Learn about CD-Rom support from the following link

http://www.windowsreinstall.com/install/cdromsupport.htm 

Download a CD-Rom boot disk from this link

http://www.mybootdisks.com/ 

Get free software from this link

http://www.windowsreinstall.com/software.htm 

 

Site of the month will return next issue

 

  

 

3  Important Security Warning

IMPORTANT

Over a week ago MS released a critical patch for a security issue in RPC, All NT based Windows editions are affected Windows NT4, Windows 2000, Windows XP and Windows Server 2003.

This worm is setting up all computers infected to start a denial of service attack on www.WindowsUpdate.com starting August 15th.  All computers infected will start sending requests to that site at once on August 15th clogging the server and flooding the internet with useless requests. 

DOWNLOAD THE PATCH BELOW TO PROTECT YOUR SYSTEM:

Windows XP Users - Click Here

Windows 2000 Users - Click Here

Windows NT Users - Click Here

Other Versions of this patch and more info - Click Here

Already Infected? 

Download this patch to remove the worm - Click Here

Below is a copy of the Security Bulletin:

PSS Security Response Team Alert - New Virus: W32.Blaster.worm

SEVERITY: CRITICAL DATE: August 11, 2003

PRODUCTS AFFECTED: Windows XP, Windows 2000, Windows Server 2003, Windows NT 4.0, NT 4.0 Terminal Services Edition

WHAT IS IT?

The Microsoft Product Support Services Security Team is issuing this alert to inform customers about a new worm named W32.Blaster.Worm which is spreading in the wild. This virus is also known as: W32/Lovsan.worm (McAfee), WORM_MSBLAST.A (Trendmicro), Win32.Posa.Worm (Computer Associates). Best practices, such as applying security patch MS03-026 should prevent infection from this worm.

Customers that have previously applied the security patch MS03-026 before today are protected and no further action is required.

IMPACT OF ATTACK: Spread through open RPC ports. Customer's machine gets re-booted or has mblast.exe exists on customer's system.

TECHNICAL DETAILS: This worm scans a random IP range to look for vulnerable systems on TCP port 135. The worm attempts to exploit the DCOM RPC vulnerability patched by MS03-026.

Once the Exploit code is sent to a system, it downloads and executes the file MSBLAST.EXE from a remote system via TFTP. Once run, the worm creates the registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "windows auto update" = msblast.exe I just want to say LOVE YOU SAN!! bill

Symptoms of the virus: Some customer may not notice any symptoms at all. A typical symptom is the system is rebooting every few minutes without user input. Customers may also see:

- Presence of unusual TFTP* files

- Presence of the file msblast.exe in the WINDOWS SYSTEM32 directory

To detect this virus, search for msblast.exe in the WINDOWS SYSTEM32 directory or download the latest anti-virus software signature from your anti-virus vendor and scan your machine.

For additional details on this worm from anti-virus software vendors participating in the Microsoft Virus Information Alliance (VIA) please visit the following links:

Network Associates: http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100547

Trend Micro: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MSBLAST.A

Symantec: http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

Computer Associates: http://www3.ca.com/virusinfo/virus.aspx?ID=36265

For more information on Microsoft’s Virus Information Alliance please visit this link: http://www.microsoft.com/technet/security/virus/via.asp


PREVENTION: Turn on Internet Connection Firewall (Windows XP or Windows Server 2003) or use a third party firewall to block TCP ports 135, 139, 445 and 593; TCP ports 135, 139, 445 and 593; also UDP 69 (TFTP) for zombie bits download and TCP 4444 for remote command shell. To enable the Internet Connection Firewall in Windows: http://support.microsoft.com/?id=283673

1. In Control Panel, double-click Networking and Internet Connections, and then click Network Connections.

2. Right-click the connection on which you would like to enable ICF, and then click Properties.

3. On the Advanced tab, click the box to select the option to Protect my computer or network.

This worm utilizes a previously-announced vulnerability as part of its infection method. Because of this, customers must ensure that their computers are patched for the vulnerability that is identified in Microsoft Security Bulletin MS03-026. http://www.microsoft.com/technet/security/bulletin/MS03-026.asp. Install the patch MS03-026 from Windows Update http://windowsupdate.microsoft.com

As always, please make sure to use the latest Anti-Virus detection from your Anti-Virus vendor to detect new viruses and their variants.

RECOVERY: Security best practices suggest that previously compromised machine be wiped and rebuilt to eliminate any undiscovered exploits that can lead to a future compromise. See Cert Advisory:

Steps for Recovering from a UNIX or NT System Compromise. http://www.cert.org/tech_tips/win-UNIX-system_compromise.html

For additional information on recovering from this attack please contact your preferred anti-virus vendor.

RELATED MICROSOFT SECURITY BULLETINS: http://www.microsoft.com/technet/security/bulletin/MS03-026.asp

RELATED KB ARTICLES: http://support.microsoft.com/?kbid=826955

RELATED LINKS: http://www.microsoft.com/security/incident/blast.asp

As always please make sure to use the latest Anti-Virus detection from your Anti-Virus vendor to detect new viruses and their variants

 

4 Virus Alert

 

Courtesy of Symantics Norton Antivirus (click on the link below). 

** VIRUS ALERT **

Tip : From www.sarc.com, click on "Check for Security Risks" and you can do an online virus check. This will not remove any viruses but it will alert you to their presence and then you can go about removing them. Always check out how to do it. A virus checker is a prevention, not a cure. By simply deleting an infected file can cause a lot of problems. You may need to replace files, and/or delete registry settings. If there is a removal tool, then download it and use it, as it will remove your registry setting and the virus for you.

   

 

5 Making the Most of Internet Explorer Part 3

 

Security on the internet is very important, also covering your tracks on a computer that you may share is also important. So this month we are going to show you some useful ways to keep your computer and what you do away from prying eyes.

The first section is about AutoComplete. This part of IE remembers previous searches, forms you filled in, web addresses and username and passwords that you have used. A very useful little tool, but as you can already guess potentially very dangerous. By default this option is active, but luckily enough you can clear the settings, passwords and forms, you can also tell IE to stop recording settings of your choosing.

To access the settings simply open Internet Explorer and click on "TOOLS" then "INTERNET OPTIONS", next select "CONTENT" then click on "AUTOCOMPLETE", the above menu will appear. Clear and configure as necessary. So if you put a password in by mistake, or don't want your husband or wife to see that you bought something online for them, then use this to clear your tracks.

Next to cover your tracks even more you will wish to get rid of the history, cookies left by sites and your temporary internet files. All these can be used to track your steps. Luckily enough this is quite easy to do as well.

 

To access the settings simply open Internet Explorer and click on "TOOLS" then "INTERNET OPTIONS". From here you can Delete Cookies by clicking on the button of the same name. Clear your temporary files by clicking on "DELETE FILES" and guess which one you click to clear your history, yep "CLEAR HISTORY".

But people may get suspicious of you when they notice that the History is being completely erased all the time. For example you don't want your other half knowing that you have been reading this newsletter, simple, click the "HISTORY" button from IE,    or "CTRL" and "H" keys on your keyboard to bring up the History Pane.

Now find the website (In our example the newsletter website Winrag), right click on the site and left click on the Delete option that appears. Problem solved. History is still there just minus the site that your other half or boss may not want you to visit. 

More Next Month.....

 

6 Fixes and Tips of the Month

 

Windows 2000 Converting FAT disks/partitions to NTFS

  1. Windows 2000 prefers NTFS.  If you have a Windows 2000 system with FAT drives, and have decided you'd rather be on NTFS, here's how you change it.

  2. Click on "Start/Run"

  3. Type "convert c: /fs:ntfs"

  4. If it is the "d:" drive type "convert d: /fs:ntfs"

  5. etc etc for different drives

Windows XP How to Change Screen Saver

1. From your Desktop, right in the center of the screen and select properties.

2. From display properties select "SCREEN SAVER"

3. Now under "SCREEN SAVER" select the down arrow and select your preferred Screen Saver, you can also add a password to the screen saver and also increase the length of time you have to wait for it to appear. 

4. Click apply and then OK to exit.

More Next Month

 

 

7  Online Gaming Part 3

 

So what is online gaming ? Online gaming is playing a game on your computer with one or more real people using the internet to share the experience. The biggest problem with online gaming is its addictiveness, in today's busy lifestyle we find it hard to go out and enjoy an evening of socializing, so we now indulge in online gaming, sometimes fulfilling our fantasies, and our need to meet people at the same time. Below is a another game we have tried and reviewed.

YAHOO GAMES

If you have not been to http://games.yahoo.com then we would advise you to go now. The service is completely free and has a large selection of games for you to play, with others. 

You have personal game stats on how you play and game areas for beginners. This site is highly addictive, which is shown by the 147,000 people that are logged in at the time of writing this article.

So if you like arcade games, pool games, word games, fantasy, sports, or tile and board games, then go to http://games.yahoo.com where you can sign up for free and playing within a few minutes.

Warning !!!! Don't blame me if you become addicted to this site, if you don't want to waste time playing games then avoid like the plague, once you start it will be hard to stop.

 

More in the next issue.....

  

8  Guide to the Underground - Part 3

 

INTRODUCTION

WindowsReinstall.com hopes to show you, why to avoid the underground of the Internet. You may have heard of serialz (serials or serial numbers), crackz (cracks or software crackz), warez (wares or war-ez (illegal software)), hackz (hacks), viruses and other key words used by these places. People involved in such trades call themselves pirates or hackers. 

 

The temptation of getting something for free can be great, but remember it is theft, and most of the time you are leaving yourself open to attack by those who participate in the trade.

 

Bittorrent or Torrents

 

A form of file sharing used mainly to distribute large files, like movies, TV shows, full albums, and software. 

 

BitTorrent client is an application used for downloading torrents -- specific files or directories shared by Internet users. This client alone cannot be used for sharing your own files. It's intended for opening and downloading so called .torrent files.

 

This form of file sharing is used widely, yet still remains underground, unlike the likes of kazza and bearshare. 

 

Beware of using this as it will steal your bandwidth, as you download people will upload from you at the same time. You may also find that the files are infected with viruses or hacks to allow ruthless individuals access to your computer.

 

So to round up, remember you are stealing if you download commercial programs, movies, music or software. You may also find yourself getting stole from if you install a backdoor virus, or with serious infections on your computer. So avoid, and a big thumbs down from us.... 

 

 

  More in the next issue.....

 

9 Conclusion

 

Well hope you have enjoyed our fourth issue of this newsletter as much as I have enjoyed writing it. The newsletter has now been officially named WinRag, and a direct link to the site is www.WinRag.com.

Remember you can view issue 1 from here :

http://www.winrag/issue1.htm 

issue 2 from here :

http://www.winrag/issue2.htm 

and issue 3 from here :

http://www.winrag/issue3.htm 

 

Best Regards

Mark 

webmaster@windowsreinstall.com

Recommend this website and you could win $10,000 

  

Subscribe/Unsubscribe

Fill in the form below and click "GO". You will then receive the www.WindowsReinstall.com newsletter which will be published on a monthly basis, featuring Windows tips, tricks, and how to's, plus much much more. Sign up now, its FREE, and you will receive the next newsletter. Remember you can CANCEL at anytime. 

Your email address will NOT be passed on to anyone or anything else. 

 

First name

E-mail address 

Plain text HTML (The format the email will be in)

Subscribe Unsubscribe

 
  

Privacy policy - Link Exchange - links page - Contact Info

By using this website you are agreeing to this Disclaimer & Legal statement