Windows Secrets

Subscribers: Sign in

Enter your e-mail address to get a free subscription.
We guarantee your privacy
Skip to content
  • Home
  • Newsletter Archives
    • Current
    • LangaList Plus
    • Patch Watch
    • Wacky Web Week
    • Security Baseline
  • E-Books
  • Lounge
  • About us
    • Refunds
    • Privacy Policy
    • Advertise
  • Contact
  • Your Account
    • Upgrade
    • Preferences
    • Bonus Download
    • Unsubscribe
Home>What to do when a DLL goes missing

Windows Secrets Newsletter • Issue 89 • 2006-12-14 • Circulation: over 400,000

Table of contents 
  • LangaList Plus: What to do when a DLL goes missing
  • LangaList Plus: Fix your PC’s broken bootup behavior
  • Over the Horizon: Microsoft leaves several Word holes unfixed
  • Patch Watch: Patches leave fewer zero day vulnerabilities
 
LangaList Plus

What to do when a DLL goes missing

Fred langa By Fred Langa

There’s an easy way and a hard way to replace missing or corrupted DLLs.

As you can probably guess, I’ll show you the fast and easy way! Then I’ll discuss a free "ultra-high security password generator," continue our coverage of AOL’s antivirus tool, and more.

How to fix an AWOL Shell.dll

 Reader Rick Granlund has a problem that’s bad enough in itself, but which also could be a symptom of a deeper issue. Either way, it’s fixable:
  • “I have a problem that may be common and yet the cure eludes me. When I attempt to install software in my XP Pro SP2 machine, I get the dialog box ‘Missing SHELL.DLL.’ How do I find and reinstall the SHELL.DLL with minimum disruption to my system?”
The fix is easy, Rick, but first — it’d be best if you could find out why Shell.dll disappeared.

For example, there’s a fairly common browser hijacker that can cause this problem. You didn’t mention any other symptoms, but the hijacker usually adds "Home Search Assistant," "Shopping Wizard," and "Search Extender" to your system, and may also reset your browser’s home page so that a popup appears at every start.

If malware such as this is working on your system, then it will do no good to repair Shell.dll because the malware will simply corrupt the new copy.

I suggest you begin by using your favorite antimalware tools to make sure your system is squeaky clean and free of all malware. Major test labs currently rate Webroot’s Spy Sweeper and PC Tools’ Spyware Doctor as the best antispyware products. For more information, see the Security Baseline page at WindowsSecrets.com.

If “Home Search Assistance” and its related friends are, in fact, causing your problem, the free AboutBuster utility can remove them.

Once you’re sure your system is clean, you can download a fresh copy of Shell.dll from any number of online sources. DLL-files.com, for example, has a good Shell.dll page. Copy the DLL file into your DLLcache folder (usually found at C:WindowsSystem32DLLcache). Then re-register the DLL this way:

Step 1. Click Start, Run.

Step 2. In the Run dialog box, enter (change C:Windows to the correct location on your system):

   regsvr32 C:WindowsSystem32DLLcacheShell.dll

Step 3. Click OK.

Step 4. Reboot, and your Shell.dll problems should be fixed!

By the way, the above steps can resolve a huge number of problems with other missing/corrupted DLLs. Just use the example above as a template, downloading whatever DLL you need and substituting its name in the regsvr32 command.

A free but high-powered password generator

 You’re reading Windows Secrets, so it’s a good bet that you already know the importance of having good passwords. Or, to put it the other way around: You know that using a simple, easy-to-guess password is like leaving your spare house key under the doormat. It won’t fool anyone who wants in.

I’ve recently run across a couple of new (and free) online password services that you may find useful.

1. PassNerd. I can only give a limited thumbs up to PassNerd. Every time you load the PassNerd home page, the site generates a new password for you. You can select simple or complex passwords (complex is better) in lengths up to 64 characters (longer is better).

The site is easy to use and the passwords appear to be quite random, but other parts of the site give me pause. The Tips section, for example, recommends “alphabet math” and “keyboard transposition” as good ways to generate your own passwords.

Both these techniques are relatively low-security, because the common substitutions of numerals for letters are now built into modern cracking tools. They are emphatically not strong ways to produce passwords! (For more info, see “Looks Strong, But Don’t Be Fooled!” from the 2005-06-23 issue of the LangaList.)

2. Perfect Passwords. By contrast, I can give an unequivocal recommendation to Steve Gibson’s Perfect Passwords. You can see why as soon as you read the background information on that page.

In particular, Steve’s use of SSL encryption to deliver the generated passwords to you helps ensure that you and you alone will see the results, and that the results will be cache-resistant. (In fact, in most systems, the pages won’t be cached at all.)

Perfect passwords
Figure 1. Perfect Passwords is one of the very best online password generators I’ve found.

By default, Steve’s page produces passwords of 63 and 64 characters. If you need a longer password, you can splice several of the 63-character passwords together. If you want a shorter password, you can copy only the number of characters you need. (While you’re on the site, check out Steve’s list of  other free tools, too.)

If you don’t need extremely long passwords that would survive weeks of brute-force attack by a supercomputer, you might prefer to use a "passphrase" technique. This allows you to create easy-to-remember passwords that are strong and as short or as long as you wish. For details, see my InformationWeek article entitled "How To Build Better Passwords.”

More on AOL’s free Active Virus Shield

My Dec. 7 article discussed Active Virus Shield, a free program AOL is offering that’s based on the Kaspersky antivirus product. This generated quite a few questions from readers. For example, consider this from Bill Sawyer:
  • “You warned of not trusting AOL. Although I agree, my question is this. If I already have an AOL/Aim Instant Messenger free account, wouldn’t you think I might as well use the free AOL antivirus program? I’m already registered with them for the Messenger and they’ve already ‘got my number,’ so to speak.”
I see your point, Bill. But the advertisers associated with Active Virus Shield may be different from those who market via AIM. Those, advertisers, in turn, may differ from those who sell their wares through AOL proper.

Each class of software attracts different users or is aimed at different interests among users. So each poduct is an opportunity for AOL to strike deals with different advertisers. Signing up for different AOL adware offerings may well get you on different and independent mailing lists and result in more spam — er, I mean, “opt-in e-mail communications from AOL’s marketing partners.”

But several other readers had an alternate suggestion that might help you sidestep the spam. C. D. Tavares writes:
  • “Use a temporary address at Spambob.com. You can read whatever setup mail AOL sends you, activate your account, and then never have to look at that mailbox again."
Reader Eric Newman had a similar thought:
  • “I read your column in the Windows Secrets newsletter about AOL Active Shield. But I think you need to hold your nose and not dismiss this one out of hand. Go to 10minutemail.com, get an e-mail address (for 10 minutes) to get the code, and install AOL Active Virus Shield."
I normally have ethical qualms about using temporary e-mail addresses for free software that requires a registration. That kind of software is offered for free in return for your e-mail address. That’s the implied contract, and using a temporary e-mail address is a kind of small lie. It’s a gray area, yes, but it makes me uncomfortable.

There are some password-workaround sites, such as BugMeNot.com, which I think are on the very darkest side of the gray area, and skirting very close to a form of fraud. Petty fraud, maybe, but fraud nonetheless.

There are cases where registration is optional, however, or — as with AOL Active Virus Shield —  when the publisher explicitly states that you don’t have to accept its mailings in order to use the software. If so, using a temporary e-mail address harms no one and is just another way of making sure you’re opting out of any mailings. I see no ethical issues at all with that use of a disposable e-mail address.

For lots more information, see Brian Livingston’s articles, “Get a disposable e-mail address” and “More ways to use disposable addresses” from the Mar. 30 and Apr. 13 issues of the Windows Secrets Newsletter.

Wait for the green light before powering on

Reader Michael Thomas offers this nice tip about powering a PC all the way off:
  • “In the Nov. 30, newsletter, Fred Langa talked about turning the PC off using the power switch in the back to ensure that the computer is fully powered off. This is definitely true, and serial ports are particularly susceptible to getting into a bad state requiring a complete power-down.

    “One important note on this: Some motherboards continue supplying power to the bus for a few seconds after the PC is turned off or unplugged. (I don’t know why this is, but I assume there are some capacitors that need time to discharge.) So turning the power off and then on again too quickly will prevent the PC from actually powering down. It will be no different than if you just powered off from the front power switch.

    “To be sure the PC has completely powered down, wait at least 10 seconds before turning it back on. If you’re too impatient for that, watch the Ethernet port. As soon as the light on the Ethernet port turns off, the PC is truly powered off.”
You’re right, Michael. Many newer systems also have an LED mounted right on the motherboard so you can see when the residual power has dissipated after a total shutdown. Thus you know when it’s safe to start working inside the case or on the motherboard. This LED likewise goes out after a typical delay of 5-10 seconds or so.

You may be able to see the motherboard LED in some PCs that have side vents. In others, Michael’s trick of watching the Ethernet port’s “link” or “ready” light wink out is an excellent idea.

Fred Langa is editor of Windows Secrets & LangaList. He edited the LangaList e-mail newsletter from 1997 to 2006, when it merged with Windows Secrets. Prior to that, he was editor of Byte Magazine and editorial director of CMP Media, overseeing Windows Magazine and others.
 
LangaList Plus

Fix your PC’s broken bootup behavior

By Mark Joseph Edwards

Frustrated with a broken Windows boot sequence? Before you give your PC the heave-ho, try some alternative methods of recovering a PC that won’t boot up.

This week, we present two more ways to deal with particular Windows boot issues. One tip helps you correct potentially bad data on your disk. The other helps you build an alternative boot device, just in case your Windows installation CD isn’t available.

How to recover an ‘unbootable’ system

Sometimes a system simply refuses to boot. You might think it has a missing or damaged NTLDR or Hal.dll file (as Fred Langa discussed in the Dec. 7 issue) or possibly some corrupt Registry information. Steve Freeman writes to tell us his solution, which works to restore a system in some cases:

  • “I ran into an instance when I thought I needed to try the bootcfg /rebuild command [as described by Fred]. I received an error during startup about a missing/corrupt system file (or the Windows Registry).

    “I decided that I would first try using chkdsk /p /r because of its past benefits fixing blue-screen errors. It worked!

    “Is there any reason not to first run this command in a situation similar [to last week's]?”

First of all, you should use config /r in this situation, not config /p /r. The /p switch tells chkdsk to look for bad sectors and recoverable data — but it doesn’t take any recovery action. On the other hand, the /r switch instructs the utility to take recovery action.

Using both switches apparently gave precedence to /r in your case, but I wouldn’t rely on it. (Note: some versions of chkdsk don’t include a /p option.)

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

 
Over the Horizon

Microsoft leaves several Word holes unfixed

Chris mosby By Chris Mosby

Well, here we are, another monthly patch day has come and gone this week.

After the smoke clears, as usual, we have to figure out what holes are left that weren’t patched this time around.

Who decides which Word/Windows holes to fix?

One of these days, I really hope that I have the opportunity to hold a discussion with some of the people over at Microsoft. I’d like to find out how they decide what gets patched and what doesn’t.

In the meantime, we’ll just have to wonder — and try to clean up this month’s list of known holes that didn’t get closed. This time around, Microsoft Word is the big concern.

Infected .doc files can get you via Word

A vulnerability in Microsoft Works 2004-2006, Word 2003 Viewer, and all versions of Microsoft Word except 2007, was recently reported in Microsoft security advisory 929433. The advisory was issued after Microsoft began investigating reports of “limited” attacks that are already exploiting the hole.

This flaw is due to an unidentified error in how Word handles documents. The error can cause memory corruption and allow infected code to run with the same rights as the user. A hacker trying to compromise computers would, of course, have to get a user to open an infected document in order to take of advantage of this exploit.

What to do: Microsoft, as usual, gives you the old chestnut, “Don’t open Word files that you receive from untrusted sources or that are received unexpectedly from trusted sources.” Now, this is good advice, no matter what you get in e-mail — but it doesn’t fix the problem. To do that, you could go out and buy Office 2007, which isn’t vulnerable to the hack, or simply hope Microsoft releases a patch for older versions of Word soon.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

 
Patch Watch

Patches leave fewer zero day vulnerabilities

Susan bradley By Susan Bradley

The last batch of official patches for 2006 leaves us with a few unpatched vulnerabilities, as Chris Mosby explains, above. But we’re rid of a few "zero day" headaches.

Microsoft’s December patch batch also includes a number of confusing, nonsecurity patches, but I hope to make everything clear for you.

(929120 and 928388)
Daylight Saving Time patches are here

As children we learned the adage, "spring forward, fall back," to keep straight which way we should change our clocks in the spring and fall. For computers, however, the saying should be, "patch now, not later."

Two new patches, currently down in the optional software updates section, 928388 and 929120, reflect several changes in the dates on which various countries observe Daylight Savings Time in 2007 and late 2006. You may recall that there’s a checkbox in the Time Zone tab of your Date and Time control panel that says Automatically adjust clock for daylight saving changes. These two patches impact when that setting kicks in.

Most people in the U.S. will be impacted in 2007 by changes to the dates when Daylight Saving Time begins and ends. Congress moved the start of DST back three weeks earlier than usual, to the 2nd Sunday in March. The end of DST was pushed back a week, to the 1st Sunday in November.

In addition to installing 928388, you should look at 926666. This describes a related DST patch that’s needed for Exchange and Outlook Web Access. No reboots are needed after you install these Windows patches.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

YOUR SUBSCRIPTION

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets is a continuation of four merged publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Publisher: WindowsSecrets.com, 1218 Third Ave., Suite 1515, Seattle, WA 98101 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editor in chief: Tracey Capen. Senior editors: Fred Langa, Woody Leonhard. Copyeditor: Roberta Scholz. Program director: Tony Johnston. Contributing editors: Yardena Arar, Susan Bradley, Scott Dunn, Michael Lasky, Scott Mace, Ryan Russell, Lincoln Spector, Robert Vamosi, Becky Waring. Product manager: Andy Boyd. Advertising director: Eric Gilley.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com. All other marks are the trademarks or service marks of their respective owners.

 HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.

WE GUARANTEE YOUR PRIVACY:

1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
3. All unsubscribe requests are honored immediately, period.  Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter,
  • Visit our Unsubscribe page.
Copyright © 2012 by WindowsSecrets.com. All rights reserved.

Table of contents

Top-scoring articles in the past 12 months
  • Leaving long cookie trails throughout the Web 5.00
  • Windows-like security for Android devices 5.00
  • Win7′s no-reformat, nondestructive reinstall 4.53
  • The sorry tale of the (un)Secure Sockets Layer 4.42
  • RPV: Win7′s least-known data-protection system 4.33
  • Recovery: the last step in total data security 4.30
  • Time for a .NET update we can’t ignore 4.30
  • Getting the most from Windows Search — Part 1 4.25
  • Revising printing habits saves money and trees 4.25
  • Upgrades end in erratic, partial hangs 4.25
  • Pros and cons of a ‘keyfile’ password 4.21
  • Beating back Duku and a plethora of other threats 4.20
  • Office 2007 gets its final service pack 4.19
  • Putting Registry-/system-cleanup apps to the test 4.19
  • One year and 99 security bulletins later 4.18
  • 1.8TB external drive goes down hard 4.17
  • Don’t pay for software you don’t need — Part 3 4.16
  • Internet Explorer gets another round of patches 4.15
  • Is your free AV tool a ‘resource pig?’ 4.15
  • Vacation’s over; it’s a big round of patches 4.15
  • Remote access leads to remote attacks 4.15
  • Keeping you up to date: say no to .NET — again 4.14
  • Take control of Google’s privacy policy settings 4.14
  • Office File Validation patch leads to problems 4.14
  • The advanced system-recover toolkit 4.13
  • New “419″ scam involves PayPal and Western Union 4.12
  • Readers’ best personal-privacy tips 4.11
  • Getting the most from Windows Search — Part 2 4.11
  • Re-examining Dropbox and its alternatives 4.10
  • Easily edit Windows’ right-click context menus 4.09
Connect with us Follow us on Twitter Connect with us on Facebook View our RSS Feeds
  • Home|
  • Newsletter|
  • About Windows Secrets|
  • Advertise with us|
  • Unsubscribe|
  • Sitemap|
  • Affiliates|
Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of iNET Interactive. All other marks are the trademarks or service marks of their respective owners.
iNET Interactive Copyright © 2011 iNET Interactive.
All rights reserved.
Terms of Use  |  Privacy Policy
Internet Services
  • Web Hosting Talk
  • HostingCon
  • Hosting Catalog
  • Host Voice
Web Development
  • Hot Scripts
  • DB Forums
Digital Marketing
  • ABestWeb
  • Search Marketing Standard
  • PayPerClickUniverse
  • SEMCompare
Consumer Tech
  • Windows Secrets
  • Overclockers
  • Mac Forums

Learn more about
advertising opportunities across the iNET Interactive Network.

LiquidWeb