Tales from the Terminal Room

November 1999 Issue No. 4

Archives

.

Tales from the Terminal Room (TFTTR) is a monthly newsletter, with the exception of July and August, which are published as a single issue. TFTTR includes reviews and comparisons of information sources and search tools; updates to the RBA Web site Business Sources and other useful resources; dealing with technical and access problems on the Net; and news of RBA's training courses and publications.

If you are looking for information on "Absolutely Bogus WPS Printer Driver", an updated version of the November TFTTR article is available at http://www.rba.co.uk/tfttr/abbogus.htm

A much shorter issue of TFTTR this month due to pressures of work. As Chair of the UK Online User Group (UKOLUG) I am currently involved in various discussions on the merger of the Library Association with the Institute of Information Scientists (IIS), and am representing the Special Interest Groups on the Implementation Planning Group. And then we have Online 99 at Olympia in London - the online event of the year for us in the UK - which starts on December 7th. UKOLUG runs the help desk and this year we have two to organise and staff.

And, to cap it all, I ended up wasting a whole day trying to sort out an "Absolutely Bogus Printer Driver" on my laptop! (More of this later). So it has been a frenetic month.

December's issue will be given over to a review of Online, but we will be back to the usual format in January.

Karen Blakeman

In this issue:

• Quote of the Month
• These things are sent to try us!
  • Absolutely Bogus Printer Driver
• Gizmo of the Month
  • ADfilter
• Publications

Quote of the Month

"The idea of the Web was not just that it should be a big browsing medium. The idea was that everybody would be putting their ideas in as well as taking them out. This is not supposed to be a glorified television channel....The personal home page is not a private expression, it's a public billboard. People call it a home page but it's more like the gnome in somebody's front yard rather than the home itself"

Tim Berners-Lee, The Englishman abroad who put the www. into our lives.
@Demon, Release 1.0 Autumn 1999, p 64

These things are sent to try us!

Absolutely Bogus Printer Driver

There I was, tapping away at my computer and minding my own business. Well, OK - I suppose that strictly speaking I wasn't minding my own business because I was looking at some new Web sites, but I wasn't doing anything out of the ordinary. I logged off, closed down Netscape and decided to go through my morning's downloaded email. That is when "it" happened - and all by itself without any prompting from me. Up popped a box with the message "Updating registry settings" and before I could say "What the &^$"*** do you think you are doing?!", it was done. Exactly what had been done I wasn't sure, but I had a suspicion that I was not going to like it whatever it was.

There was nothing obviously wrong with my major programs but I was soon verging on the paranoid. Had a Web site zapped me with a rogue JavaScript? Was this a virus that my new anti-virus software had failed to detect? (I was seriously contemplating making an irate phone call to the suppliers there and then.) After a couple of hours of careful scrutiny, I could not find anything seriously amiss on my laptop. Panic set in, though, when I attempted to print out a Word document and up popped an error message telling me that it could not find the default printer files. When I looked at the printer dialog box there it was: a printer called "Absolutely Bogus WPS Printer Driver". Aaaaaaghhhhh!!!!! Definitely a virus!

McAfee had failed to identify it and I even reloaded Dr Solomon's, which had until a month ago been my standard virus checker, in an attempt to identify and purge the beastie from my machine. Dr Solomon's also failed to pick up the virus. A picture of me having to reformat my hard disk to remove the infection flashed through my mind but that would have to wait. I needed to print out two documents urgently so my immediate concern was to get my original printer drivers back. No problem. All I had to do was go to the Control Panel, select Printers and re-select my HPL 5 as the default printer....but it wouldn't let me. The default was permanently stuck at Absolutely Bogus WPS Printer Driver and underneath that I saw a second "new" driver called Absolutely Bogus WPS Printer Dr.

After I had called the perpetrator every name under the sun and frightened the cat by screaming very loudly, I sat down and tried to think it through logically. Everything had been hunky dory the day before. I had not installed any new programs since then but something had changed my registry settings that morning. The most obvious suspect was one of the Web sites that I had been viewing. But first to sort out the printer driver. Off I went to nose around the Registry using REGEDIT and the Find option, and there they were ensconced in the Print Drivers section. I deleted the entries, saved the Registry and rebooted my PC. The bogus drivers had been removed but I still had problems with my HPL 5 printer. I re-installed the printer software. At last, everything was back to normal.

Now to find out how it had happened in the first place. I was not about to go back to the suspect Web sites that I had visited earlier in the day without first finding out what I was up against. I checked the McAfee web site to see what I could find out about this "virus". Result: Absolutely Nothing! So I did a search using Metacrawler and.....Bingo! Half a dozen references to the Bogus driver.

It turns out that it was not a virus at all. To quote TechNote WIN4-05 on the Genicom Web site (http://www.genicom.com/techsupp/TI/TI-WIN4-05.htm):

"This appears to be an 'Easter Egg' included in the file WPSFIX32.DLL. An Easter Egg is a hidden feature placed by programmers into software applications."

[Well, thanks a lot guys! I wouldn't call this a "feature".]

"The Bogus Driver is not a virus, and should have no adverse effects on the host system."

[I am sorry, but I would definitely call hijacking your printer and disrupting your work for a whole day an "adverse effect".]

"The Bogus Driver code is located in the file WPSFIX32.DLL. This file is provided by Microsoft as part of the Microsoft Windows Printing System (WPS). The Bogus Driver code can also be found in versions of WPS for the Canon BJC-610 and LBP-460, and the HP LaserJet 5L".

By far the most useful reference as far as removing the offending item is at: http://www.magmacom.com/~russrite/Canon_Drivers/KB/1998/kb98005.htm

As well as describing the problem, it takes you through the whole procedure for deleting the driver from your registry.

What still puzzled me, though, was what had kicked the code into action? I carried out a search on http://www.deja.com/ to see if there had been any discussions in Usenet. There had indeed, but no information on trigger factors. Which leaves me wondering - are there any more "Easter Eggs" hidden in programs and waiting to be cracked open? Suddenly, I am seriously worried about Y2K. Our systems have been checked and given the all clear but you can never be completely sure. I think that a large brandy, placed by each of our PCs in the New Year, is definitely in order - for emergencies only of course!

Karen Blakeman

Gizmo of the Month

ADfilter

If you are fed up with banner advertisements clogging up your screen and slowing down access to Web sites, give ADfilter a whirl. It is available free for a two week trial period after which you have to register if you wish to continue to use it. Registration costs USD 24.95 (GBP 15.60).

I am very impressed by it and although it is not 100 per cent effective - the company encourages you to send in examples of ads that slip through - it does significantly speed up access to some sites, for example ft.com. You can also choose to block pop-up windows, although I decided against this as many sites and some search engines use these to display help files.

Other features include a Privacy option that blocks referrer information (details of previously visited sites) normally passed on to each site you visit, and an "Adult filter".

The program can be downloaded from http://www.adfilter.com/

Publications

UKOLUG Quick Guide to Effective Use of the Internet by Karen Blakeman, Published by UKOLUG, ISBN 1 870254 12 0

Contents include:

• customising your browser
• printing and saving web pages
• managing bookmarks and favourites
• electronic mail and discussion lists
• Usenet newsgroups
• transferring files, FTP and Archie
• Telnet
• searching the Web
• locating bottlenecks and speeding up access
• monitoring changes to Web pages
• privacy and confidentiality

The UKOLUG Quick Guide to Effective Use of the Internet costs GBP 20.00 if you are a UKOLUG member; GBP 25.00 if you are a non-member within the UK/EU and GBP 30.00 for orders from the rest of the world.

Order from:

Christine Baker, UKOLUG
The Old Chapel
Walden, West Burton
LEYBURN
North Yorkshire DL8 4LE
Telephone/fax: +44 1969 663749

TFTTR Contact Information

Karen Blakeman, RBA Information Services
UK Tel: 0118 947 2256, Int. Tel: +44 118 947 2256
UK Fax: 020 8020 0253, Int. Fax: +44 20 8020 0253
Address: 88 Star Road, Caversham, Berks RG4 5BE, UK

Archives

TFTTR archives: http://www.rba.co.uk/tfttr/archives/index.shtml

Subscribe and Unsubscribe

To subscribe to the newsletter fill in the online registration form at http://www.rba.co.uk/tfttr/index.shtml

To unsubscribe, use the registration form at http://www.rba.co.uk/tfttr/index.shtml and check the unsubscribe radio button.

Privacy Statement

Subscribers' details are used only to enable distribution of the newsletter Tales from the Terminal Room. The subscriber list is not used for any other purpose, nor will it be disclosed by RBA or made available in any form to any other individual, organisation or company.

This work is licensed under a Creative Commons Attribution 2.5 License.

• to Share - to copy, distribute, display, and perform the work
• to Remix - to make derivative works

• Attribution. You must attribute the work to Karen Blakeman, and cite Tales from the Terminal Room as the source and include the year and month of publication.
• For any reuse or distribution, you must make clear to others the license terms of this work.
• Any of these conditions can be waived if you get permission from the copyright holder.