|
|||
|
If you experience problems reading this issue in your email program you can read this issue online from the Supporters' Area here: http://www.techsupportalert.com/members/index.htm IN THIS PREMIUM ISSUE: 0. EDITORIAL: What to do if you Think Your PC is Infected 0.0 EDITORIAL Today let's look at what you should do if you feel you have a malware infection. I'll describe some simple practical actions you can take. Every week I get letters from subscribers who are worried that their PC may have become infected after they've downloaded and installed a program. Many of these so called "infected download" problems are due to a security scanner claiming a program is infected when in reality it is not; that is, a "false positive." While this doesn't worry experienced PC users, it certainly scares the hell out of the average Joe or Jane. These false positives have become increasingly common as security vendors employ "behavior-based" checking to augment their signature scanners. Behavior-based checking works on the principle "if it acts like malware it probably is malware." Unfortunately, and all too commonly, it isn't. Despite the fact that false positives are common, you still need to follow up on suspected problems, because malware infections are also common. So if you fail to investigate, you will never know if the problem is real or just a figment of your security program's imagination. Here's Gizmo's simple, zero-cost, three-step procedure to follow next time you feel your PC might have become infected as the result of installing a program you downloaded. (a) First, upload the installation file of the program you installed to Jotti.org [1] for a free scan. Jotti will then run it through more than a dozen malware scanners and let you know if there is a problem. If Jotti determines that your file is clean, it doesn't mean that there is no infection. It simply means that it's unlikely there is an infection, and that folks, is a very comforting finding. (b) Download and run the free Panda Rootkit detector [2]. Again, a clean scan is not a 100% guarantee of no infection, but should add greatly to your confidence. Panda doesn't run on Vista, so Vista users should use the BlackLight [3] anti-rootkit scanner instead. (c) Finally, download HijackThis from this page [4], and follow the instructions on the same page which tell you how to create a log that you can paste to web forums. There are several forums where you can post. You can find two here [5], [6] and many more by doing a Google search on "Post HiJackThis log". Tell the forum helpers you have already done a Jotti scan and a rootkit scan, and let them know what the results of these scans were. The folks in the forum will then let you know if you have a problem. If you do, they will also be able to tell you how you can get rid of it permanently. And it won't cost you a cent. Now in most cases you will find that nothing shows up with Jotti, the rootkit scan or HiJackThis. That's good news. OK, you have spent some of your time chasing a false lead, but that's a lot better than having an infected PC and doing nothing about it. [1] http://virusscan.jotti.org/ Gizmo 1.1 Gizmo's New Freeware Site Goes Live Users' reactions to the demonstration version of our new wiki style "Best-ever Freeware" site have been wildly enthusiastic. Typical comments have been "much more
comprehensive", "far easier to use" and "a wonderful
gift for all freeware users." Many thanks to all those
who visited and left comments. The new wiki site has some really big advantages for users:
Most of the popular articles and tutorials on the old site have been moved across to the new wiki site but it will take me a few weeks to move them all. So expect an occasional "404 Page not found" errors until I complete the job. Premium subscribers can access the Supporters' Area from the new site by using the Premium login link on the top right of the screen. Don't try logging in to the Premium area using the standard site login link; it won't work. That's only for folks who want to edit the site content wiki-style or want their signature to appear at the end of comments. If you want to do these things you will need to separately register at the site. It quick and its free. Come and pay us a visit, we'd love to see you. With hundreds of great freebies available, you won't go away empty handed. If you have any suggestions for the site leave them on the forums. http://www.techsupportalert.com It is estimated than more than 50 million PCs around the world are now silently controlled by spammers and criminal gangs. These "zombie" PCs as they are called, are just normal PCs owned by Moms and Pops that have been taken over by malware secretly downloaded onto the PCs using web exploits, infected emails and more. These zombies are organized in vast networks called botnets with each botnet owned and controlled remotely by different criminal groups. The most common use of botnets is sending spam. Most zombie owners don't even know their PC is under the control of someone else. That's where this program from Trend Micro is useful: "RUBotted is a free program that monitors your computer for suspicious activities and regularly checks with an online service to identify behavior associated with Bots. Upon discovering a potential infection, RUBotted prompts you to scan and clean your computer." http://www.trendsecure.com/portal/en-US/tools/security_tools/rubotted Microsoft has announced a Beta website [1] for its grandiose Mesh Network that promises to provide online access to your desktop and files, and sync this across your PC and mobile devices. We have been promised this before by Microsoft [2] so it's nothing to get very excited about. I'm more impressed with Google's incremental approach than another grand Microsoft scheme. Since the end of March they have been progressively rolling out offline access to Google Docs word-processing [3] along with seamless on-line synchronizing using Google Gears. In plain English that means you can either write online or offline using Google Docs and it doesn't matter as the results will be automatically synchronized when you go online. It's just only works for Docs at the moment but other apps will follow. I tried it and it essentially provides all I need, and unlike Microsoft's offering, it's here now. Well, almost here. It will only be here for you when you see the "Offline" option appear in the upper right-hand toolbar when you login to Google Apps. Thanks to JW for link [2]. [1] https://www.mesh.com/Welcome/Welcome.aspx 1.8 Best Free Notes Organizer
Gets Even Better In the last two issues we have looked at both free and commercial utilities in this class. Generally the free versions have been disappointing in voice quality and ease of use. "Tolerable" is the word that comes to mind and even that might be stretching the point. The two best commercial offerings, TextAloud and Natural Reader, use custom "voices" rather the robotic-sounding free voices from Microsoft, and they sound great. In fact, their voice quality exceeded my expectations. Both are also vastly more convenient to use than the freebies. Subscriber Paul Harke recently wrote summarizing his experience with these products and I agree with him totally. On this note we will now put this subject to bed. "I own and have extensive experience
with both NaturalReader and TextAloud. I also have many
additional quality voices, from vendors including
AT&T Natural Voices (not associated with
NaturalReader), NeoSpeech, acapela, and
Realspeak. As both use the same voices, the
sound is fundamentally the same between the two. The
short comparison is: TextAloud does everything NaturalReader does, and a tremendous amount more. It is neither as aesthetically pleasing nor as intuitive as NaturalReader. It has the blocky, unrefined look that I associate with applications written in Delphi. (Though I don't know what the actual development environment is.) I consider TextAloud to be the "power tool" of Text-To-Speech (TTS). I am not going to try to list all the features, but to me TextAloud is to NaturalReader, what UltraEdit is to Windows Notepad. Unlike NaturalReader, it is suitable for drafting and creation of custom TTS voice productions. For example I use it with both German and English voices to create educational MP3s. It includes a small scripting language and Regular Expression based text manipulation." [1] http://www.naturalreaders.com/ Shareware
from $39.50, Windows 98-Vista, application 9.2MB,
voices 200MB+ Last month I looked at free PDF to DOC options. At the end of that article I asked subscribers with commercial products to download my test PDF file and send the converted DOC files to me so I could compare the commercial product performance with the freebies. I received over 30 files covering seven different commercial products. Many thanks to all those who participated. The results were fascinating: First, no product did a perfect job on the conversion. Second, the products varied markedly in what they did well and what they did poorly - there was no single area wherein all products consistently performed well or poorly. Third, the most expensive product, Adobe Acrobat Pro, produced one the worst results. (To be fair, Acrobat Pro does a lot more than convert PDFs to DOC) Finally, and most importantly, Zamzar, the free web conversion service I mentioned last month, produced one of the best results. I'd rate it overall second best out of the eight products I looked at. Given that even the best product was imperfect, I think the answer is clear. Most users who have only a casual need to convert PDFs to DOC should save their pennies and use ZamZar rather than buy a commercial product. However, if you have an ongoing need for such conversions, the convenience of being able to do this offline on your own PC may be a factor you need to consider. So if you want to buy a product, what do I recommend? That's a tough ask because I haven't used any of these programs, I've only looked at the converted test files. Furthermore, some of the products have more recent versions than those used for the conversions that were sent to me. The DOC file produced by Able2Extract [1] was the only one with all the layout right, even though the text font size was a bit too small. You could fix this manually, so overall I gave it the top ranking. Of all the converted files, I thought the one produced by Nuance [3] looked the best but, unfortunately, it messed up the footers. That blooper aside, it produced some of the best results, which is all the more impressive when you take into account that it was the cheapest commercial product. Based on conversion quality alone,
I'd rate the other products roughly in the order listed
below. 2.7 Get Fix-It Utilities V7
for Free As far back as I can remember, Windows has had an inbuilt program that allowed users to send and receive faxes. It wasn't the fanciest program, and in later versions of Windows it had to be installed manually. But it was there. However, with Vista, fax has been
dropped from all versions other than Vista Office and
Ultimate. The situation was made worse by the fact that when Vista was released, many commercial fax programs wouldn't work with Vista and a number still won't. The bad news is that I am not aware of any free fax program that works with Vista. As I see it you have two options: First, use a free web based fax service. K7 [1] runs an impressive inbound fax service wherein faxes received at your personally dedicated phone number are forwarded automatically to your email address. EFax offers a similar service, though they will send you a fair amount of promotional material as well. For outbound, try faxZERO; it's free for up to 2 faxes per day to the US or Canada. Your other option is to buy a commercial fax program that is known to work with Vista. I know from personal experience that Snappy Fax V4 works ($30) and I'm sure there are others Before you outlay anything on software, make sure your modem supports fax and works with Vista. And also ask your telecom company whether or not your phone line supports fax; some modern digital lines don't. [1] http://www.k7.net 3.1 Microsoft Security
News One of the critical-rated patches addressed problems in the Microsoft Jet Database Engine for Windows 2000, XP and Server 2003. This is a long overdue fix as exploits for this Windows component flaw have been in active circulation for months. The three other critical-rated patches are for Microsoft Office. Virtually every version of Office is affected as well as related products such as the Word Viewer. This yet again reinforces what I have said previously: that reading Office files with Microsoft viewers does not necessarily provide you with protection against a malware infected file. If you simply "must" open an Office file from an unknown source, such as that funny Powerpoint slide show you got in an email, then open the file in a sandbox. More details here [2]. All of the updates are distributed automatically via the Microsoft Update Service. Dial-up users in particular need to be aware that these updates are large files and will require a considerable period of time online to be successfully downloaded. If you are not certain that you have received the updates then visit the Microsoft Update Service [3] now. [1] http://www.microsoft.com/technet/security/bulletin/ms08-may.mspx In late February AVG Technologies announced AVG V8, the latest incarnation of their popular anti-virus scanner. Version 8 includes fully integrated spyware protection, rootkit protection and web link checking of search engine results. It is yet another example of a former anti-virus scanner transforming into an anti-malware scanner, a trend I noted in last month's editorial column. On April 24 the free version of AVG V8 was released, and was promptly met with howls of derision. The free version excluded the anti-spyware scanner, rootkit scanner and most of the other goodies added to the commercial V8 product. It also dropped active email protection. Worse still, AVG announced that they would discontinue (at the end of May) the virus updates for the current V7.5 free version as well as their free anti-spyware and rootkit detection products. I can fully understand user's disappointment with these announcements, but this is a perfectly normal commercial decision. AVG is, after all, a commercial organization, not a charity. Their move does, however, present users of AVG's free software with a problem. Before the release of the V8, many AVG users employed an excellent security setup that combined the free version of AVG AV 7.5 with AVG's free anti-spyware scanner. With both these products being phased out, users are faced with a dilemma. There are a couple of options: Based on the evidence available as of today, I think the best route for free software users who want maximum protection is to switch to the free Avira AV [3] scanner and optionally, bolster this with the free Spyware Terminator program [4] or, less desirably, Windows Defender [5]. I say this because the free Avira product includes rootkit and phishing protection, while the free AVG does not. Furthermore, Avira has better overall protection than AVG. Check out the AV Comparatives results [6] and you will see what I mean. On the downside, Avira has limited active email protection, will nag you more than AVG free and the interface is somewhat more crude. But the overall level of protection is excellent. Another option which offers a tad less protection but greater convenience is to switch to the free Avast! scanner. The latest version of Avast! is a major improvement on what was already an impressive product. And the free version includes anti-spyware, anti-rootkit and email protection, so you don't need to use it in concert with another product. On the downside Avast! is resource hungry. Subscriber Basil Irwin pointed out that "not counting pseudo-drivers, Avast! consumes around 70MB of memory compared to 8MB for AntiVir. I didn't do any formal testing of CPU consumption or timing of various common operations, but there was no doubt in my mind that Avast! noticeably slowed several common operations, like program loading and file copying." For average users with modern PCs I suggest the low hassle Avast! Option, while higher risk users may be better off going with Avira. You could, of course, just stick with
AVG 8 Free, and bolster your defenses with a free
spyware scanner like Spyware Terminator or Windows
Defender. However, there have been too many V8 "bug"
reports to suggest this is an attractive option
at this point in
time. Subscriber Ian Luck writes: "Gizmo, I
just wanted to make a comment about tinySpell that you
recommend as the Best Free Spell-Checker. In order to
function correctly, tinySpell necessarily works as a
simple keylogger - you do not have to be typing in an
application window for it to be checking spelling. As
such, it easily picks up encrypted fields, such as
passwords in forms, and uses these as part of its
spell-checking and spelling suggestions. It certainly
comes as a shock to be typing away and see your
password pop up in front of you! That's an interesting observation, Ian, yet another trap to add to a long list involving programs that remember things. The classic example is the auto form-fill feature that is the default setting in most browsers. Reservations aside, TinySpell is a great freebie that has my full endorsement. Just make sure you configure it to fit your personal security needs. http://tinyspell.m6.net/ A last minute bug delayed the final release of the long awaited Windows XP Service Pack 3. It can now be downloaded from the Windows Update Service [1] or the Microsoft's download site [2]. The bug involved a conflict between SP3 and Microsoft's Dynamics Retail Management System program. The conflict has not been resolved, that will be handled in a separate fix released later. The current fix is SP3 will not download from Windows Update to systems in which the Retail Management System is installed. The same problem also affected the distribution of Vista SP1, and a similar solution has been adopted. So what does SP3 offer the average user? In truth, lot a lot. However organizations will benefit: First, it incorporates all the Windows monthly updates distributed since August 2004 when XP SP2 was released. That's a lot of updates, so SP3 will prove to be a blessing to anyone who has to re-install XP. For example, disgruntled Vista users :>) However, for most users who have regularly downloaded the monthly updates, this consolidation of patches is of no importance. Other changes are a tad more significant. SP3 incorporates into XP a number of features that first appeared in Vista. One is Network Access Protection. This is a technique that prevents a PC from accessing a network if the PC is infected with malware. Another Vista feature in XP SP3 is that product keys no longer have to be entered each time XP is installed. You have up to 30 days to enter them. There are quite a lot of other changes, most of which are minor, and you can read about them here [3]. And what about the now fabled 10% performance improvement reported by some SP3 beta users? In my view it is a fable; I certainly haven't experienced it. If there is an improvement, it's not large enough for me to notice. It all sounds unexciting, doesn't it? That's because it is. In fact, most average users won't notice any difference at all when XP SP3 is installed. So should you install it? Well, if you have a fully updated XP SP2 machine the case is hardly compelling. Additionally, with an update of this size there is always the potential for things going wrong. Indeed, there have already been many reports of installation problems, so if you want to install SP3 I recommend you image your system drive before you install. At the moment, if you want SP3 you will have to take the initiative by either visiting the Windows Update Service or downloading the full service pack. According to Microsoft, automatic distribution via Windows updates will start soon. You can find the system prerequisites here [4]. And if you run into problems, Microsoft is providing free help - full details here [5]. Am I getting jaded or are all recent
Microsoft initiatives just boring? It's all rather
reminiscent of the days when IBM had a near monopoly of
the computer world. Let's face it; monopolies just have
no need to innovate. [1] http://www.update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us 4.6 Encrypted USB Drive Works on Limited Rights PCs If you carry around sensitive information on your USB flash drive then you had better make sure that your data is securely encrypted because one day you are going to lose your drive, that's for certain. Unfortunately, most data encryption programs don't work well on USB drives because they require administrator rights on the host PC in order to work, and this is not commonly the case. Indeed, if you work with sensitive data then almost certainly any PC you use, apart from your own, will not give you admin rights. The IronKey is a physically toughened USB drive that uses hardware encryption to protect your data, yet allows you to use the drive on any PC, even one without admin rights. This flash drive in no toy. It has been designed from scratch with security in mind and has passed an impressive range of certification tests. The drive has a strong metal case and a fully epoxy filled interior that is tamperproof. Key storage areas are according to the vendor "protected with thin-film metal shielding. The chip itself defends against power attacks and other invasive attacks such as using an electron microscope to scan the onboard memory." It even has a self-destruct feature! It also comes with Firefox set up with a speed accelerated version of the Tor anonymizing network. This thing isn't cheap - a 4GB version costs $149, but if you have data that you simply must protect, it's a good investment. And to put things in perspective, that's the price you would have paid a year ago for an unprotected, plastic drive. Thanks to subscriber John Bingham for letting me know about this product. http://www.ironkey.com When it comes to chasing up deals on security products, subscriber Rick Farrow is the champ. Here are his latest finds: "Gizmo, I've got three great free offers which you may be interested in: The first is a 6-month license to Kaspersky Internet Security [1]. The key is the same for everyone and is T6B6K-8YK22-VBQH7-ZUZJG . Some people are just downloading directly from Kaspersky and inserting the key with success. The second is for a six-month free license to Avira Premium [2]. Unlike Avira's 30 day trial, this is a fully functional program. The last is for WinRar promo and it's a bit trickier. The license has to be requested from this German site here [3]. Once the email is received the second link should be clicked. After the program is downloaded I believe you have the choice to use the English version. I don't use WinRar myself, but apparently the deal is genuine." [1] http://www.kaspersky.com/de/20814_72814_329.html?campaign=ubs_english 5.1 The Quick Way to Safely Remove USB Drives Before you unplug a USB device such as a flash drive or external hard disk, you really should use the Windows "Safely Remove Hardware" feature to ensure that Windows has written everything to the device. That's because Windows, to improve performance, uses a technique called "deferred writes" wherein Windows doesn't always immediately write everything to your external drive each time you use it. Rather, it consolidates lots of small writes into one big write by holding the data in memory. It's just like washing the dishes; it's far more efficient to do one dishwasher load per day than do a load each time you use a single cup or plate. But the downside is that some of the data you think you transferred to your USB drive may actually still be in your computer's memory. That's why you shouldn't just pull the drive out but first use the Safely Remove Hardware icon to force Windows to write to the drive anything it is holding in memory. That's easy enough to say, but the Windows "Safely Remove Hardware" feature is confusing to use, particularly if you have several USB devices. Worse still, the icon often goes missing from the system tray. "USB Disk Ejector" is a small utility that does the same thing as the Windows "Safely Remove Device" applet, except that it does it quicker and better. It's a small free program that doesn't require installation. Just double click the .exe file and the program flashes up a simple screen that allows you to select the device to eject. One click and you are done. Being portable, the best place for "USB Disk Ejector" is on your USB drive. Just put it in the root directory or, better still, if you have a menu system on your USB drive, put it there. Freeware, Windows 2000 ->Vista, 466KB. Thanks to subscriber Gerard Ozorio for this excellent suggestion. http://quick.mixnmojo.com/usb-disk-ejector 6.1 Another Way to Share Files with Friends Web services like FolderShare are an attractive option for sharing and transferring files and photos between family and friends, but sometimes you want more flexibility and better performance than these services offer. P2P sharing and IMS are other viable options, but many users are wary of these services because of perceived security risks. But there is another option. Running your own web server certainly gives you complete flexibility and, with a fast internet connection, sizzling performance. However, setting up a web server is normally a task beyond the capabilities of the average user. Until now, that is. HFS HTTP File Server is an outstanding product. It allows you to set up your own web server just by clicking the HFS program. There is no installation; it runs directly from the tiny 551KB .exe file. Setup is equally simple; there is none. Usage simply involves dropping and dragging any files you want to share into the HFS window. To share your files just give your friends the address of your webpage that appears at the top of the HFS window. When they enter this in their browser they can see and download the files you have chosen to share. They can't see or access any of your other files. If you wish, you can set access permission for specific files or can enable access only from visitors with specific IPs. It's all under your control. So what's the downside? If your PC is behind a router you may need to set up port forwarding. That's not difficult - just consult your router manual. Ideally, you need a fixed IP address from your ISP, but HFS HTTP File Server will still work with a dynamically allocated IP, it's just less convenient. Finally, there are potential security issues. I know some people have HFS HTTP File Server running all the time. Some even use it for their own personal website [2]. This may be fine, but personally I think you should only have a personal web server like this running when you need it. That's the safest option. More HFS security tips here [3] Those reservations aside, HFS HTTP File Server is a most impressive product. Hey, how could a fully functioning web server that's only 551KB and runs from a USB stick without configuration be anything else. This product was suggested by Peter Herbert, one of the volunteer category editors from the new freeware wiki site HFS HTTP File Server: Freeware, Windows 98-2003, 551KB [1] http://www.rejetto.com/ 6.2 Zero Effort Way to Shrink Photos for Emailing We all know the problem. You want to
email your photos to your friends but the image files
are too large. ShrinkPic [2] is a program that works in the background and detects when you are sending large photos. It then automatically resizes these photos based on settings you have pre-selected. You don't do anything; it just does everything automatically. ShrinkPic works with a wide variety of email clients, including Outlook OE and Thunderbird, as well as with popular webmail services such as Gmail, Hotmail and Yahoo. I don't send photos often enough to make the overhead of running this utility worthwhile, but if you do, it could be just what you have been looking for. It's one of those rare products that solves a problem completely; you will never have to think about resizing again. Freeware, Windows 2000->Vista, 1,1MB [1] http://www.xemico.com/photogadget/freeware.html To change your email delivery address, username or password login to your Premium Edition Subscription Control Panel. Here you can also renew your subscription or check your expiry date. To log-in, use your username and password. If you have not yet chosen a username and password then login using your subscription email address for both username and password. Your subscription email address can be found at the very end of this newsletter. From you control panel you can also access the Premium Supporters' Area. There you'll also find all individual back issues, a downloadable back issue archive, an extensive FAQ plus a growing list of resources exclusively available to Supporters. If you no longer wish to receive this newsletter, send me an email at supporters@techsupportalert.com. Remember to state the email address at which you are currently subscribed. Receiving duplicate issues? If you are receiving an
unwanted copy of the free edition of this newsletter,
you can cancel that subscription by going to the
following link:
http://www.webelists.com/cgi/lyris.pl?enter=support.alerth Note that the free and paid editions are totally different publications so you can unsubscribe to the free edition without any chance of impacting your paid subscription. The 46 Best-ever
Freeware Utilities The Extended List of the Latest
Freebies For lots more free IT
newsletters see Thanks to subscriber Roger Keeny for copy-editing this issue. If you have a need for such services, contact Roger at liddlebigboy@gmail.com. For
convenience North American subscribers
can
contact this newsletter by snail mail at: Support Alert is a registered online serial publication ISSN 1448-7020. Content of this newsletter is (c) Copyright Support Alert Ltd, 2008. See you next issue. Gizmo |
