|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
If you prefer you can
read this issue online from the Supporters' Area
here: IN THIS PREMIUM ISSUE: 0. EDITORIAL: Selecting the right anti-virus product 0.0 EDITORIAL In the last three issues I outlined my revised approach to computer security. This new approach is not idle speculation but the result of over a year of intense testing of modern malware agents as well as the latest security products. At the heart of this approach is an increased emphasis on preventing malware ever getting onto your computer as opposed to trying to detect it once it is on your PC or removing it if it manages to infect your PC. The key to prevention is the use of good personal security practices combined with the use of a sandbox for surfing, opening email attachments and installing any unknown programs. This approach is fleshed out in more detail here: http://techsupportalert.com/issues/issue141.htm#Section_0 This approach however, is not enough by itself. You still need active protection on your PC, but not as much as you would need if you adopted a less proactive approach to preventing malware from getting on your PC. If you use good security practices as well as a sandbox, you only need one, maybe two active security products running on your PC. If you don't, you'll possibly need three or four. So, if you only need one or two active security products, what are the best choices? Without a doubt the first product should be an anti-virus scanner. That's because AV scanners offer more powerful detection and protection than anti-spyware, anti-trojan and other specialized security products. Not only are they more powerful they also have the ability to detect a wider range of malware menaces than the other products. Indeed good AV products can detect trojans, keyloggers, spyware and rootkits in addition to viruses and worms. The choice of a second product is moot. Indeed it may not even be required but more of that later. Today we will look at AV scanners. Let's first consider the requirements: 1. The product must have good, broad spectrum scanning detection. It needs to be able to detect any malware you have downloaded in your sandbox before you run it. Similarly it must detect anything that you have accidentally downloaded or copied to your "real" PC. In other words, it must work well within and outside your sandbox. 2. It must have a first class memory monitor. Some malware programs are so well hidden that they can't be detected by file scanning however they can almost always be detected by a good monitor when the malware is run. 3. Email protection. Although I recommend opening email attachments in a sandbox, it's useful to know an attachment is infected before it is opened. 4. Self protection. Modern malware products routinely will try to pull down your defenses. The best security products actively defend themselves against been terminated by hostile agents. 5. Protection against new, previously unknown threats. The exploitation of previously unknown product flaws (so called zero day threats) is becoming increasingly common. That's why you need a product with good behavioral/heuristic detection in addition to signature based detection. 6. Polymorphic detection. To avoid detection by their signature, modern malware threats are commonly coded using a technique called polymorphic encryption that ensures each individual copy of the threat looks different to any other. The best scanners can still detect these rodents despite their disguise. 7. Resource usage. Protection is a good thing but you still want your PC to be run quickly. Let's see how some poplar AV scanners shape up. My main emphasis is on free products but I've included several well known commercial products as well. In the table below, I've rated the products on a scale of 1-5, with 5 being the best rating. My ratings are based on information from a wide set of sources including my own published tests, AV Comparatives and the Virus Bulletin.
As
you can see, Avira Personal and AOL AVS are on balance, the best of the free products
though neither is without problems.
The ability to minimize a program to an icon in the system tray is a useful feature that saves valuable space on your task bar. Some programs have this feature built in but many don't. It is possible however, to minimize any program to a tray icon by using a third party utility. My top recommendation has long been TrayIt! [1] but subscriber Matt Hall recently wrote "Gizmo, a good alternative to TrayIt! is PowerMenu. It works slightly differently: first it gives the option to minimize to system tray on a context menu rather than by using the Ctrl key. Second it has additional options to keep the window always on top and also set priority and transparency. Like Trayit!, it doesn't need to be installed." Good suggestion Matt. Both programs work well, though TrayIt! seems to be an active project while PowerMenu hasn't been updated for some time. Also, some of the additional PowerMenu features only work for Windows NT and later. [1] http://www.teamcti.com/trayit/trayit.htm Freeware, all Windows version, 66KB [2] http://www.veridicus.com/tummy/programming/powermenu/ Freeware, all Windows , 49KB 2.6 Nifty Free Tray Clock Solves Calendar Problem You know the problem: you want to quickly look at a calendar so you double click the tray clock to bring up the Windows Date and Calendar Applet. You then have to flick forward a couple of months to the date you want. Then you have to flick back to ensure that you don't accidentally change the system date. It's all so tedious. LClock is a tray clock replacement that solves this by popping up its own calendar with a single click on the tray clock. And it's not just a static calendar: you can use it for reminders and to-dos. It all works marvelously well and as a bonus you get a clock display that looks like the one in Vista. LClock is based on TClock lite that I featured in Issue #139. It's highly customizable but unfortunately unlike TClock Lite, LClock doesn't allow a simultaneous time and date display. Ah, perfection is so elusive ;>) Many thanks to subscriber Fred Hayes for the suggestion. Freeware, Windows XP, XP64, 2003, 186KB. http://fileforum.betanews.com/detail/1092761816/1 ** Additional Items in this Premium SE Edition ** 2.7 Convert Normal Programs to Portable Software Any program that can be run from a standard .exe file without the need for installation can be run perfectly well from a USB stick. However, quite a lot of .exe files are actually installer files or special archives containing multiple files. Universal Extractor is a free utility designed to extract the individual files from many different kinds of archives including msi, .cab and a wide range of .exe installer packages. Once you have extracted the files, it may be possible to find a stand-alone executable for use on your USB stick, though it's more likely that you will also need the supporting dlls. Be aware that many programs absolutely require installation and simply wont work as portable apps. It is surprising though, just how many you can get to work. Another trick worth trying is to install the application on your normal PC and then copy the whole installation directory to your USB drive. This often works fine though note that your newly created "portable app" may write to the registry of the host PC. Universal Extractor is a free, open source program. It works on all Windows versions and is a 4.59MB download. http://www.legroom.net/software/uniextract 2.8 The Best Free Hex Editor If you have ever accidentally opened an .exe program file in a text editor such as Notepad you will have been confronted with a mass of unintelligible garbage on your screen. Worse still if you wrote the .exe file back to disk the program file would almost certainly be corrupted and would not work. That's because text editors are designed only to work with text files such as .txt, .bat, .prg and .html. To view and safely change binary files such as .exe, .com and .dll files you need a hex editor, sometimes called a binary editor. Whatever, most average PC users have no need for such a program but techies and gamers find them indispensable. There are some excellent free hex editors available that range from the small and simple to some advanced products that are the equal of any commercial product. In total I looked at seven products: HexEdit [1], Cygnus Free [2], Hxd [3], Hexplorer [4] HHD Free [5], FrHed [6] and XVI32 [7]. Hex editors (like programming editors) are a software category where personal needs and preferences are so important that it is meaningless to pick a "best" product. Instead I encourage all potential users to test several or all of the products and choose what suits them best. That of course doesn't stop me stating what I like. For my needs, Hxd is a clear winner. Its first virtue is that it doesn't need installing. Second, it has a great interface. Third, it handles huge files without slowing down. Then add in unlimited undo, great searching and search/replace capabilities, full support for ANSI, DOS/IBM-ASCII and EBCDIC character plus a dozen other features and you can see why I like it. But it doesn't stop there. Hxd also works as a RAW disk editor and a full read/write RAM editor. It's three utilities rolled into one. This power makes it a dangerous tool in the hands of beginners. It may also give your security software apoplexy, but users skilled enough to use this product will understand this not a concern. Is it perfect? Of course not. To start, it lacks binary file comparison capability and the ability to extract text strings and a built in disassembler would also be nice. There are also a few bugs. However what it does offer is so impressive that it's hard to believe this fine product is free. [1] http://www.physics.ohio-state.edu/~prewett/hexedit/ [2] http://www.softcircuits.com/cygnus/fe/ [3] http://www.mh-nexus.de/hxd/ [4] https://sourceforge.net/projects/hexplorer/ [5] http://www.hhdsoftware.com/Family/hex-editor.html [6] http://www.kibria.de/frhed.html [7] http://www.chmaas.handshake.de/delphi/freeware/xvi32/xvi32.htm 2.9 Free Program Makes XP Reduced User Privileges Workable Sudo for Windows is a program that provides on-the-spot escalation of privileges for users running Windows reduced privilege accounts. It works in a similar way to the well known and widely used Linux "sudo" command. I've never clearly understood exactly how sudo differed from the Windows Run-as command until I read this excellent article [1]. The article also explains why the Vista user access model is deficient. Essential reading for sysadmins and those with an interest in security. If anyone is running Sudo for Windows [2], I'd like to hear about your experiences with the product. [1] http://www.sans.org/reading_room/whitepapers/bestprac/1726.php [2] http://sudowin.sourceforge.net Got some favorite utilities to suggest? Send them to supporters@techsupportalert.com 3.0 SECURITY PATCHES, SERVICE RELEASES AND UPDATES 3.1 Microsoft Security News During the month exploits utilizing a number of serious flaws in the way Windows handles animated cursors started circulating on the Internet. The flaws affect all Windows versions from Win2k onwards including Vista. The problem was serious, to quote Microsoft: "an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights." The increasingly wide circulation of exploits forced Microsoft to issue a special patch [1] outside of its normal monthly security update cycle. Unfortunately the patch caused problems for some users notably those who like me, have the Realtek HD Audio Control Panel installed. More details here [2]. Thankfully Microsoft fixed the problem with a patch that was included with the monthly "Patch Tuesday" release. Patch Tuesday the 10th of April saw the release of five patches, including four Windows patches rated "critical." One of the critical patches that involves a flaw in CSRSS, affects Vista as well all other Windows versions after Win2K. Other critical rated patches cover flaws in Microsoft Agent, Universal Plug and Play and the Microsoft Content Management Server. Surprisingly none of the patches covered known flaws in Microsoft Office, active exploits for which have been in circulation for some time. Worse still three new serious flaws in Office were revealed just the day before Patch Tuesday. Until all these flaws are fixed any unknown Office files must be considered as potentially dangerous and only opened in a sandbox or other safe environment. Further details of the April updates can be found here [3] while a discussion of implementation issues can be found on this Microsoft blog [4]. All the updates are distributed automatically via the Microsoft Update Service. Dial-up users in particular need to be aware that these updates are large files and you will need a considerable period of time, online, for them to download successfully. If you have any doubts whether you have received the updates, then visit the Microsoft Update Service [5] now. [1] http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx [2] http://support.microsoft.com/kb/925902 [3] http://www.microsoft.com/technet/security/bulletin/ms07-apr.mspx [4] http://searchsecurity.techtarget.com/columnItem/0,294698,sid14_gci1243642,00.html [5] http://update.microsoft.com (Requires IE5 or later) 3.2 Comodo to Offer Top memory Monitor for Free Comodo has acquired Privacy Software Corporation maker BoClean, a highly regarded commercial anti-malware real time monitor. The good news is that "during April", Comodo will release BoClean as a free product. This is a most interesting development. BoClean is simply a memory monitor (it has no file scanner) but it is a first class memory monitor. The fact that it is available for free means a new option for users of free security software. When it's released, I'll put it to the test. I must admit I'm excited about this development. http://www.comodo.com/news/press_releases/02_04_07.html 3.3 Vista Woes Continue I'm now getting at least one email every day from disgruntled Vista users. For the most part their complaint is the same: some of their software and/or hardware simply won't work with Vista. I'm in the same boat. I had to remove Vista from the one PC in my office that passed the Windows Vista Upgrade Advisor [1] test. Vista worked just fine, but about a third of the utilities I tried out on this test bed PC didn't work. I've now re-installed XP from a drive image and moved Vista to a Virtual PC running under VMWare Workstation 6 beta. [1] http://tinyurl.com/3b27j6 (microsoft.com) 3.4 Vista Upgrade Problems Subscriber Larry Woldt recently wrote "Gizmo I bought my wife a new Dell last December that was 'Vista ready'. I then paid ten bucks for the Vista upgrade CD when it became available. There was one slight problem, there was no Vista product key. So, I call up Dell support and they tell me that they can't give me a key, that I have to call an outfit named Zomax to get the product key. By now I figure that Dell didn't send out any product keys with the Vista upgrade; either that or they hired Zomax just to get me my key which I thought was kind of doubtful. It is now three weeks into to this and Zomax has told me 1) it would be five working days or, 2) two working days or 3) four to seven weeks before I would receive my Vista product key. My wife's Dell will stay with Windows XP and I will never buy another Dell in my life." Sad tale Larry but in a way you are lucky. If you had upgraded your XP to Vista you may not have been able to go back to XP as your XP license may well have been invalidated when you installed Vista. See here [1] for more details. The moral: if you are just trying Vista, don't activate before you decide. http://www.tomcoyote.org/tech/vista-upgrade-invalidates-your-xp-key/74/ 3.5 Firefox Updated to V2.0.0.3 Another month, another Firefox security update. Not sure whether to feel worried about all these flaws or comforted that Mozilla is fixing them. Whatever, on the 20th of March Mozilla issued an update for Firefox 2 that fixes "a minor FTP PASV port-scanning vulnerability" as well as providing stability improvements. Also released were the corresponding updates for the older Firefox V1.5 and the SeaMonkey Suite. To my knowledge there are no current exploits in circulation that utilize this flaw however, it is essential that you update, as the malware developers routinely reverse engineer security updates to identify flaws to exploit in unpatched machines. Users with automatic updates enabled should have had the new version automatically delivered and installed. You can check by selecting Help / About from within Firefox. If your version number is less than V2.0.0.3, then update manually from here [1]: http://www.mozilla.com/firefox/ 3.6 Support for Firefox V1.5 Ending If you haven't yet upgraded your Firefox V1.5 to version 2, now is the time as Mozilla is ending support for V1.5 on April 24. Just do it folks. You can upgrade from here: http://www.mozilla.com/en-US/firefox/all-older.html 3.7 GriSoft Releases Free AVG Anti Rootkit Scanner Rootkit scanners tend to fall into one of two groups: highly technical or easy-to-use. Unfortunately the most powerful products such as DarkSpy, RootkitRevealer and GMER fall into the first category which puts them out of the reach of most average users. That's not to say that products in the second category are useless; quite the opposite. Rather they ultimately just not as powerful as their technical counterparts. GriSoft's new AVG Anti Rootkit scanner [1] is very much in the easy-to-use category. In fact usage involves no more than clicking a button to start the scan. In many ways it reminds me of F-Secure's excellent BlackLight Rootkit Eliminator [2] except that it scans even faster. Is it the ultimate rootkit detector? No way, but it's a handy addition to your security toolkit. I'd use it in addition to BlackLight rather than instead. [1] http://free.grisoft.com/doc/39798/lng/us/tpl/v5 [2] http://www.f-secure.com/blacklight/ 4.0 OTHER USEFUL STUFF 4.1 Kaspersky AV 6 for $19.95 Subscriber Joseph A. Kane writes "Gizmo, I found Kaspersky Anti-Virus 6.0 for $19.95 at this site [1]. They also have Kaspersky Internet Security Suite for $21.95." Nice find Joseph. These are really sharp prices for a premium product like this. I notice the same site has ZoneAlarm Internet Security Suite 2007[2] for $25.95 which is the lowest I've seen though at the time I checked they were out of stock. [1] http://software-blowouts.stores.yahoo.net/kaan60oem.html [2] http://software-blowouts.stores.yahoo.net/kainse60.html 4.2 Texture Generator Creates Wallpaper and More When it comes to scouting out useful graphics utilities, regular contributor Tony Bennett has no peer. This suggestion is typical: it's a special graphics editor that allows you to generate seamless textures using inbuilt patterns or using your own images. Great for making your own wallpaper or in general graphics design work. Don't dismiss it lightly; it's more powerful and flexible that this short description can convey. Freeware, Windows 98 and later, 5.9MB. http://www.imagelys.com/index.htm#Features 4.3 Free Editor Scrolls Text Like a Teleprompter Here's a neat idea: BPM Notepad is a scrolling text editor that automatically scrolls long documents at a fixed rate. It can easily be paused or restarted. Just the thing for musicians or anyone reading written notes. Free, open source, Windows XP or Linux, 761KB http://tinyurl.com/2fshbb (linkerror.com) 4.4 Stream Your Home Media Files to a Remote PC Regular contributor Joe Souza writes " Gizmo, here is some stuff that I did a while back when setting up my media server that your readers might be interested in. It's a way of easy music streaming and quite separately running one central BitTorrent client for an entire network. I posted a thread on it here [1]." Nice bit of work Joe ... with rings on his fingers and bells on his toes Joe shall have music wherever he goes ;>) http://www.hak5.org/forums/viewtopic.php?t=3466 4.5 Forty Two Uses for RSS/Atom Feeds Including some you would never have thought of. Many thanks to prolific contributor Andreas Büsing for this one. http://inelegant.org/rss-atom-feeds/ 4.6 Useless Waste of Time Department This harmless diversion came from subscriber Kevin Jones who wrote "Gizmo I saw this in the Wired Geek's April fool section. There's something odd about this photo [1]- see if you can find out what it is." OK Kevin, you got me. Will Kevin get you? This second item [2], a Google video suggested by subscriber Rick Hamrick is simply weird. [1] http://www.martectx.de/whatswrong.swf [2] http://video.stumbleupon.com/#p=io1ofa7ra9 ** Additional Items in this Premium SE Edition ** 4.7 A Top Media Player for Your USB Flash Drive I recently received this from subscriber Brian Treusch "Gizmo, I came across this freeware media player called "The KMPlayer" that can either be run from a thumb drive or installed. It supports numerous formats even DVD playback. After using it for a while, it has become my favorite player. Goodbye Windows Media 11!" I'd never heard of this Korean player Brian, but boy am I impressed. It comes with a whole batch of inbuilt codecs and support for external codecs as well. In the audio area it supports AC3, DTS, LPCM, MP2, MP3, Vorbis, AAC, WMA, ALAC, AMR, QDM2, FLAC, TTA, IMA ADPCM, QCELP, EVRC, RealAudio and more while with video you can play DivX, XviD, Theora, WMV, MPEG-1, MPEG-2, MPEG-4, VP3, VP5, VP6, H263(+), H.264(AVC1), CYUY, ASV1/2, SVQ1/3, MSVIDC, Cinepak, MS MPEG4 V1/2/3, FFV1, VCR1, FLV1, MSRLE, QTRLE Huffyuv, Digital Video, Indeo3, MJPEG, SNOW, TSCC, Dirac, VC-1, RealVideo. It will also play HTTP and MMS streamed content but not RTSP. It is also skinable. I can sure see why you have ditched Windows MP11. To have these features available on a thumb drive is quite extraordinary. http://www.kmplayer.com/forums/index.php http://www.kmplayer.com/forums/showthread.php?t=4704 <= Link to download 4.8 Google Earth Maps Without the Big Downloads "Hey Gizmo! I don't remember ever seeing this mentioned in your newsletter. I have been using Flash Earth instead of Google Earth lately. The big plus is that there isn't a large download. Of course, it doesn't have some of the features of Google Earth, like saving locations. But it seems to be a good alternative to Google Earth if downloading and installing programs is an issue." - Rick Ingram. Nice find Rick, by keeping the maps on the server and only transmitting the screen images, they certainly save a lot of bandwidth. Another nice feature is the option of using Yahoo! Maps, Microsoft, Ask or even NASA Terra images. http://www.flashearth.com/ 4.9 Make Free Internet Phone Calls Using Dial-up Lines VoIP systems like Skype work great over broadband connections but the voice quality can be terrible over dial-up lines. CQPhone [1] is a system that claims to work with excellent voice quality over low speed lines. I've known about this product for a while and must admit to not believing the advertising but after receiving nearly half a dozen letters from subscribers telling me how happy they are with the system, I figure it must be worth trying. Jonathan Brown's comment is typical: "Gizmo, I expect you know about CQPhone if not, it's absolutely fantastic. It's simple to use and has a friendly interface. The biggest benefit to me is the fact that I am cursed with dial-up and using Win98SE but the quality of voice received over CQPhone is unbeatable. I can't recommend it highly enough." I'm yet to test it myself but please let me know what you think. [1] http://www.cqphone.com/ 5.0 TIP OF THE MONTH 5.1 How to Add Notes to Your Files and Folders The average PC contains so many files it's pretty easy to forget what a particular file contains or what it does. Most users try and get around this by using descriptive file names. So rather than call a file something like "list.doc" they might call it "thanksgiving acceptances 2007.doc" In principle this should work pretty well as Windows will accept file names up to 255 characters in length. However in practice, lists of very long file names are difficult to quickly scan and are often truncated by Windows Explorer. And there are other problems. The maximum file name length in the Joliet system commonly used to burn CDs is 128 characters. Worse still, the maximum Joliet path length (including file name) is only 160 characters. This means that many really long file names will be lost when you burn your data to CD. But there is another way of documenting files using an inbuilt but little-used Windows feature. This involves the use of the "Comments" field. It's an attribute of all files and folders in Windows just like name, size and date created. Most users don't know about this field as the Comments field is by default not displayed in Windows Explorer in XP. Turning it on is easy. Open any folder in Windows Explorer and right click on a blank space in the field title bar. That's the grayed out area that says "Name Size Type" etc. When you right click you will see a list of fields displayed with some checked. To display the Comments field, simply check that field. Once checked you now see that field on the right hand side of your Explorer window, though you may have to scroll to the right to see it. The Comments field will be blank, as we haven't added any comments. I'll get to that later but first we have to tell Windows to now add the Comments field to every window. To do that select Tools / Folder options / View from the window where you just added the Comments field. Then press the "Apply to all folders" button. NOTE: If you have customized folder views for different folders you may want to skip this step as it will give all your folders the same view. Now here's how you add comments: Just right click a file, select "Properties" then click the "Summary" tab. You can then enter your comments directly in the Comments box at the bottom of the Windows. Whatever you enter will then be displayed in the Comments field in Windows Explorer. Neat eh? But here are a few additional tips that make the comments field even more useful: When searching for a particular file you have commented, remember, you can sort on the Comments field in Internet Explorer by clicking on the title, just like any other field. Sorting will group all your annotated files together, which makes them easier to scan when looking for a particular file. Sorted comments are also in alphabetical order, so try to annotate systematically using meaningful keywords at the start of your comments. Many desktop search programs index the Comments field. That makes searching your comments even easier. Finally, you can comment your files even more quickly by using the free HobComment Explorer Extension utility that makes the Comments field available directly off the context menu when you right click a file. You can get HobComment from here: http://www.dr-hoiby.com/CommentExt/index.php (14KB) http://www.dr-hoiby.com/CommentExtXP/ (12KB) <= XP users may need this as well 6.0 FREEBIE OF THE MONTH 6.1 A Free Utility That Stops Programs From Hogging Your PC It was driving me mad. My laptop would sporadically run at 100% CPU utilization and lock up. It defied all attempts at analysis as the PC was seized and I couldn't do anything. Only a hard reboot was possible, but on rebooting the problem was gone. Eventually I solved it with a superb little utility called Process Tamer, written by "Mouser" over at Donation Coder. Process Tamer is a monitor that watches the CPU utilization of all running processes. Once the usage of a single process gets above a certain level (by default 70%) Process Tamer reduces the usage by lowering the process priority. It's a simple idea and Process Tamer implements it immaculately. With Process Tamer installed, the next time the problem occurred on my laptop it didn't totally lock up but rather just ran very slowly. This allowed me to do a quick diagnosis. The problem turned out to be simple but non-obvious. Two programs, Diskeeper and X1, had been accidentally scheduled to start at the same time and were getting into an embrace of death. It was unexpected, as these two normally peacefully co-exist. Simply re-scheduling the programs to start at different times solved the problem. I couldn't have solved the problem as easily without Process Tamer. However Process Tamer has much broader application than just this kind of problem. It's a great tool for preventing any one program from hogging your processor. Every user has experienced the situation where their PC has been slowed down to the point of being unusable, by a background program such as a desktop search program, that starts and takes all the resources. Process Tamer will stop that from ever happening again. For the same reason it can also help speed up your Windows Startup. Make sure though, that you enable Process Tamer to start automatically with Windows. By default it does not, but it's easily changed from within the program's options. Yet another use for Process Tamer is intra-server load balancing. It's near ideal for this task. If you actually want a program to able to use all available resources, such as a digital editing program, you can set the program to be excluded from Process Tamer's watchful eye. I was so impressed with Process Tamer that I've permanently installed it on my laptop. It takes only around 6MB of memory space and its own CPU usage is so low I could barely measure it. Process Tamer is available for free from the Donation Coder site. They use a novel licensing system: you have to register to get a free license key which allows you to download any number of programs on the site. This key lasts six months after which you must return to the site to download another free license key. After a year you are given a permanent license. Alternatively, you can make a once-up donation of any size and get a permanent key straight away. It's a clever and ethical way to encourage users to recognize the work done by freeware authors and I support it fully. I donated generously and I hope you do too. Donationware, Windows 2K, XP, 2.23MB http://www.donationcoder.com/Software/Mouser/proctamer/index.html ** Bonus Freebie for Premium Edition subscribers ** 6.2 How to Tell Whether Your Hard Drive is about to Fail An unexpected hard drive failure is one of the worst things that can happen to your PC. You may not only lose your disk drive, but permanently lose all the data on the drive. For many users this can be totally disastrous. Some hard drive crashes are random but most are predictable. That's because almost all modern drives implement a monitoring technology called S.M.A.R.T (Self Monitoring Analysis and Reporting Technology) that continuously passes readings on the hard drive condition to the computer's BIOS. Up to 30 drive parameters can be monitored by SMART including read and write error rates, seek error rate, spin up time, temperature and more. To analyze this mass of data you need a special hard disk health monitoring program. Such programs can give you valuable advance warning that your hard drive is about to fail. This should give you time to backup your critical data and start looking for a replacement drive. Most of these monitoring programs are commercial products with some selling for up to $199, however there are several capable free programs available. PassMark DiskCheckup [1] is a commercial product but is free for personal use. One of its strong points is the ability to monitor changes in each SMART parameter over time and use this to predict the TEC (Threshold Exceed Condition). That is, the time when the parameter being measured will drop to below the acceptable level. As well as predicting a future failure date DiskCheckup can also alert the user via popup or email when this has actually occurred. It all sounds very nice but such predictions are quite fuzzy, so they are at best a guide. Also, predictions can only be made if a trend is measured. Most drives have no such orderly trend. That's why DiskCheckup almost always indicates "N.A" for the TEC. Besides, to measure a trend the product needs to be always running and not all users want that. There is another reservation: it doesn't recognize USB drives. To my knowledge SMART analysis is not available for USB drives but DiskCheckup doesn't even recognize your USB drives. HDD Health [2] is another utility that is worth looking at. It has the immediate advantage of being pure freeware and it does recognize USB drives, though as noted, it cannot provide SMART analysis for such drives. It takes a simpler and probably more meaningful approach to predicting drive failure. It doesn't focus on predicting a failure date, but instead warns you when individual parameters are deteriorating. I quite like it, a case of how sometimes less is more. There is an Open Source Project called "S.M.A.R.T. Monitoring Tools" [3] that offers two programs to control and monitor storage systems using SMART. This was originally a Linux project but there is a Windows version. This one is really for sysadmins, not end-users. A final possibility is HD Tune [4]. Like the other two utilities it reads SMART parameters and gives you a report on your drive health. However it is designed to give a snapshot report rather than act as a monitor. HD Tune does a lot more than report your hard drive health: it also benchmarks your hard drive performance. The way it does this is quite neat. It scans your disk, then reports random access time and data transfer rates across your whole drive; that is from the outermost to innermost cylinders. It will also scan your drive for sector errors and report drive temperature as well. It may not be the slickest hard drive health monitor but it is a very capable general hard disk utility to have in your toolkit. If you want to continuously monitor your disk drive condition "HDD Health" would be my top recommendation. Many users however, would be happy with spot checks. For that application HD Tune should be considered. It will do the job perfectly well and you'll get a competent drive benchmarking utility as well. [1] http://www.passmark.com/products/diskcheckup.htm Free for personal use, Windows 98-XP, 404KB [2] http://www.panterasoft.com/ Freeware, Windows 95-XP, 901KB [3] http://sourceforge.net/projects/smartmontools/ [3] http://www.hdtune.com/ Freeware, Windows 2K-Vista, 626KB 7.0 MANAGE YOUR SUBSCRIPTION The best way to manage your Premium
Edition subscription is from the Supporters' Area of
the Support Alert website. There you'll
also find all individual back issues, a downloadable
back issue archive, an extensive FAQ plus a growing
list of resources exclusively available to
Supporters. The Supporters' Area is protected. To log-in, use the security information sent to you when you first subscribed or as notified subsequently. If you no longer wish to receive this newsletter, send me an email at supporters@techsupportalert.com. Remember to state the email address at which you are currently subscribed. Receiving duplicate issues? If you are receiving an
unwanted copy of the free edition of this newsletter,
you can cancel that subscription by going to the
following link:
http://www.webelists.com/cgi/lyris.pl?enter=support.alerth Note that the free and paid editions are totally different publications so you can unsubscribe to the free edition without any chance of impacting your paid subscription. The 46 Best-ever Freeware Utilities The Extended List of the Latest
Freebies For lots more free IT
newsletters see Thanks to subscriber Neal Dwire for proofreading this issue at short notice. You can contact this newsletter
by snail mail at: Support Alert is a registered online serial publication ISSN 1448-7020. Content of this newsletter is (c) Copyright TechSupportAlert.com, 2007 See you next issue. Next month's issue will be published a week later than normal on the 24th of May as I'll be taking a break. I will be out of email contact from roughly April 20 - April 30. All email will be answered when I return. Gizmo |
