========================
                         Support Alert
                    ========================
                    www.techsupportalert.com

                 "Gizmo's top picks of the best
                  Tech resources and utilities"

                 Issue 106 - 11th February, 2004

    Support Alert is a registered online serial publication
                         ISSN 1448-7020.

                        <<<<<<<<<>>>>>>>>

Quote of the Week
=================

Tech Support 2004 Style

Conversation with support at a certain controller manufacturer:

"I can't answer that, please call your dealer."
"I am the dealer."
"Then call your distributor"
"He said for me to call you"
"Then have the customer call us"
"AAAAAGH!" <click>
 
EDITORIAL
=========

In the last issue I spoke of the clever tricks being used by the
latest generation of browser hijackers and other scumware
products.

Tricks to infect your computer just by visiting a web site and
equally cunning techniques to prevent you removing the products
once your PC has been infected.

Well, the programmers behind these thieving products have just
lifted their game and it's bad news for all.

The Spybot home page is currently carrying this warning:

"CoolWWWSearch.SmartKiller (v1 and v2) is a new, real ugly
variant of CoolWWWSearch. When running, it will close every
browser window you use to visit a large list of anti-spyware-
sites, and even will close Spybot-S&D and some other anti-
spyware applications as well."

So we are now in a new game. A game of cat and mouse between the
scumware merchants and the anti-scumware vendors like SpyBot.

A game where the scumware programmers will keep coming up with
new tricks to pull down and destroy products like SpyBot. A game
where the anti-spyware vendors will have to be continually
updating their products to protect them from being trashed by
the very scumware products they are designed to detect.

But there's even worse news: you can now get infected with
scumware just by running some anti-scumware software products.

No, not products like SpyBot and Ad-aware. They are the good
guys. The baddies are the dozens of pseudo spyware/adware
removers that are being sold or offered as "free downloads" that
actually contain scumware products or behave in a similar manner
to scumware.

Here's a list of these rogue products I got from
http://www.netrn.net/spywareblog.  Some are borderline
offenders, others quite flagrant:  Spy Wiper, AdWare Remover
Gold, BPS Spyware Remover, Online PC-Fix, SpyFerret, SpyBan,
SpyBlast, SpyGone, SpyHunter, SpyKiller, SpyKiller Pro,
SpywareNuker, TZ Spyware-Adware Remover, SpyAssault,
InternetAntiSpy, Virtual Bouncer, AdProtector, SpyFerret,
SpyGone, and SpyAssault.

Now that's nasty; getting infected by the very products you've
installed to protect yourself. Kind of like getting pregnant
BECAUSE you used a contraceptive. ;>)

So what to do?

Without doubt, the most important thing you can do is to take
all action necessary to ensure you don't get infected in the
first place. Once infected, it's going to be increasingly
difficult in the future to remove the scumware from your PC.

So passive measures like disk scans with SpyBot are now second
priority. Much more important is active prevention.

As a start you should minimize your chance of infection by
fixing Windows vulnerabilities exploited by the scumware
merchants. Stay current with all the Windows patches by visiting
the Windows Update often.  Better still, turn on automatic
update notification. And don't forget to update MS Office and
other software products on your PC. They can be exploited as
well.

Another preventative step is to ensure your browser settings are
safely configured.  In Internet Explorer, select Tools/Internet
Options/Security and make sure the slider control is set to at
least "Medium."  Then select "Custom” and set "Download signed
ActiveX controls" to Prompt, "Download unsigned ActiveX
controls" to Prompt or Disable and "Initialize and script
ActiveX controls marked as unsafe" to Disable. Hit OK and exit.

Next you check your browser's current vulnerability to known
exploits by running the security tests at these sites (Internet
Explorer and IE based browsers only):
http://browsercheck.qualys.com/
http://www.jasons-toolbox.com/BrowserSecurity/

Prevention also means using the active anti-infection measures
offered in some anti-spyware products. Spybot has its
"inoculation" option. The paid version of Ad-aware has something
similar.

One of the very best anti-infection programs is a freeware
product called SpywareBlaster. It's not a scanner like SpyBot
but rather a stand-alone inoculation routine. It provides
protection against more than 1500 products that use ActiveX
based exploits.  That's about three times as many products as
SpyBot's "inoculate."

A companion program to SpywareBlaster is SpywareGuard. Again,
this is not a file scanner like SpyBot. It is a protective
program that works like an anti-virus suite by checking programs
before they are executed.

Both SpywareBlaster and SpywareGuard are quality freeware, are
regularly updated and have active support forums.  They should
be on every PC. If you haven't got them, I strongly recommend
you download and install them at the first opportunity.  Get
them here: http://www.javacoolsoftware.com/spywareblaster.html

The next preventative step is to keep all your defenses current.
In this cat and mouse game you are already at a disadvantage
because the bad guys have the initiative.  Spybot, Ad-aware,
SpywareBlaster and SpywareGuard all have features that make
updating easy.  Make sure you use them.
 
Finally, only use reputable anti-spyware software products like
the ones mentioned in the preceding paragraph. Do some research
before installing any new product. Just how embarrassing would
it be to get infected by a product you installed to protect
yourself!

Gizmo
Editor@techsupportalert.com 

Support Alert relies on voluntary donations to survive.  If you
feel that you've benefited from reading this newsletter perhaps
you would like to consider donating by subscribing to the
special enhanced "Supporters' Edition" of this newsletter.

The Supporters' Edition contains almost twice the number of
great tech sites and free utilities as the standard edition.
It's also ad-free,

When you subscribe you'll also get my special report "Gizmo's
Desert Island Utilities" which outlines the software I consider
most useful, including many free products. You'll also get immediate
access to the archive of all past issues of the Supporters' edition
of the newsletter where you can catch up on the hundreds of great
utilities you missed in the standard edition.

This month one lucky person who subscribes will also win a free
copy of the top anti-trojan program TDS-3, rated as the best in
class over at www.anti-trojan-software-reviews.com. Valued at
49.00 it's a great prize.
 

HOW TO SUBSCRIBE
================

12 months subscription to the Supporters' Edition costs $10
which can be made by check, postal order or credit card using
either ClickBank or PayPal.

Click the link below to subscribe now:
http://www.techsupportalert.com/se-edition.htm

IN THIS ISSUE:
==============

1. TOP TECH SITES
 - Is Your Browser Infected With Scumware?
 - Upgrading to Windows XP
 - Popup Stopper Wars
 - Fonts Galore
 - Free Modem Help
 - How to Run an Application as a Service (SE Edition)
 - Free HTML Tutorials (SE Edition)
 - 50 Free Support Guides (SE Edition)
 - Free Windows Networking Help (SE Edition)
 
2. UTILITIES
 - Free Anti Spam Utility
 - New WinZip V9 Beta
 - Free Offline Browser Leaps to Top of Class
 - Remove Hidden Data from Office Documents
 - Free Font Manager with In-built Text Graphics Editor
 - Share Outlook Contacts and Appointments (SE Edition)
 - New Free Network Inventory Tool (SE Edition)
 - The Best Boilerplate Text Manager (SE Edition)

3. SECURITY PATCHES, SERVICE RELEASES AND UPDATES
 - Multiple Vulnerabilities in RealOne Player and RealPlayer
 - ASN.1 Vulnerability Could Allow Code Execution (828028)
 - Cumulative Security Update for Internet Explorer (832894)
 - File Spoofing Vulnerability in Internet Explorer

4. OTHER USEFUL STUFF
 - Directly Print CD Labels on CDs
 - Multi Layer Password Protection Utility
 - With PCs, Small is Good, Tiny is Better
 - Death to the Penguin
 - The Top Windows XP Tips
 - Make a Ti-Vo for $140 (SE Edition)
 - Life Discovered on Mars (SE Edition)
 - The Mother of All Conversion Calculators (SE Edition)
 - How to Walk on Water (SE Edition)
 - Free Tool That Thoroughly Cleans Your System (SE Edition)
 
5. TIP OF THE WEEK
 - Copying Text to the Command Prompt

6. FREEBIE OF THE WEEK
 - Best Free Startup Manager (Part 2)
 - The Free Encryption Utility That I Use (SE Edition)

1. TOP TECH SITES
=================

1. TOP TECH SITES
=================

Is Your Browser Infected With Scumware? In the editorial above,
I mentioned a site where you can test your browser for
vulnerabilities. At this site, you can get a quick check for
actual infection. The test doesn't cover all known products but
it's well worth visiting.
http://www.doxdesk.com/parasite/

Upgrading to Windows XP
With Win98 approaching the end of its life, many users are now
faced with upgrading to XP.  ZDNet is offering a free 11-step
guide to upgrading, written at a level comprehensible to the
average user.
http://reviews-zdnet.com.com/4520-3000_16-5117047-1.html

Popup Stopper Wars
How well does your popup stopper rate? Find out by running the
tests at this site. The site also rates a range of freeware and
commercial popup stoppers. The top performing free product was
EMS Free Surfer, a product I'd never heard of.
http://www.popuptest.com
http://www.kolumbus.fi/eero.muhonen/FS/  <= EMS Free Surfer

Fonts Galore
I never thought I'd live to see it - a free font site without
ads. What's more, the site's multi-dimensional font
classification system makes it easy to find and select which of
the 3700+ fonts you want. Thanks to subscriber Richard Steinitz
for letting me know about this one.
http://www.dafont.com/en/

Free Modem Help
Reader Alex Goode says "This site is my first port of call when
I run into modem problems or when I'm looking for modem info."
I've checked it out and it is as goode as Alex says. ;>)
http://www.modemhelp.net

** Bonus Items for Supporters **

- A great site that offers free help for Outlook users
- An excellent collection of free XP tweaks
- A gaggle of free HTML Tutorials
- 50 Free Support Guides
- Free Windows Networking Help

Got some top sites to suggest? Send them to
mailto:editor@techsupportalert.com

2. UTILITIES
=============

Free Anti Spam Utility
XTerminator operates in a very similar way to MailWasher, long
one of my favorite anti-spam utilities.  These products are both
email previewers and work by trying to identify and delete spam
mail on your email server before you download it to your PC.
This saves bandwidth and is usually faster. Looking at these two
similar products, Mailwasher has the better interface and offers
more ways to detect and filter spam, but the freeware version is
limited to one email account. xTerminator, however, allows
multiple accounts and has more configurable filters. I use both;
when away from the office, I use Mailwasher for deleting obvious
spam before downloading email to my laptop. However, I use
xTerminator at work for automatically deleting from my mail
server specific types of unwanted mail such as easily identified
spam and viruses. Freeware, 1.87MB
http://www.artplus.hr/adapps/eng/xterminator.htm

New WinZip V9 Beta
There's a new beta version of WinZip out that features improved
compression and encryption, the ability to create archives of
"virtually unlimited size" and an improved interface. After
using it for a few days I'd have to say it's really just more of
the same. I'd trade any of the new features for RAR, ACE and
BZIP archive support. The integration with Windows, though,
remains the best of any archiver and this, combined with
WinZip's stability and reliability, will keep it as first choice
for most users. Free beta, 2.2MB
http://www.winzip.com/betawz.cgi#DOWNLOAD

Free Offline Browser Leaps to Top of Class
Thanks to subscriber R.A. for letting me know about HTTrack,
a free GPL license web ripper. This is one impressive product: it's easy to use, has an excellent user interface, offers every feature you could want,
is blindingly fast and free of any adware as well.  If you like
to download web sites so that you can browse them offline, this
is the product to get. In fact, it goes straight to my Top 46
Freeware list, bumping out Web Reaper in the process.  Freeware,
3.23MB. http://www.httrack.com/

Remove Hidden Data from Office Documents Microsoft Word, Excel
and PowerPoint all retain recent changes to documents even
though these changes are no longer visible. Unfortunately, this
information can be easily recovered with a simple text editor.
This presents a real security threat and potential legal
problems as well. Microsoft has released a free Office XP/2003
add-in that removes this hidden information.  This is an
essential download for all Office XP/2003 users.  Free, 280KB
http://www.microsoft.com/downloads/details.aspx?FamilyID=144e54ed-d43e-42ca-bc7b-5446d34e5360&displaylang=en

http://www.urltrim.com/ct/t.php?l=61 <-- Alternative short link

Free Font Manager with In-built Text Graphics Editor When I
first looked at X-Fonter V4.1 I though that this was just
another font manager. I was wrong on two grounds. First, as a
font manager, X-Fonter is top flight and right up there with the
best. Second, it has a built-in graphics editor that allows you
to easily create many enhanced text effects and save the
resulting graphics file for the web or email use.  The editor is
surprisingly effective and produced, within its limited range,
effects as good as I can manage with Photoshop. There isn't much
documentation showing how to use the graphics editor but it's
pretty easy to figure out through experimentation. Freeware,
886KB. http://users.pandora.be/eclypse/

** Bonus Items for Supporters **

- How to run any Windows application as a service
- A free web service allows users to share Outlook contacts and
  appointments
- Get this new network inventory tool while it's still free
- The best boilerplate text manager

Got some top utilities to suggest? Send them to
mailto:editor@techsupportalert.com

3. SECURITY PATCHES, SERVICE RELEASES AND UPDATES
=================================================

Multiple Vulnerabilities in RealOne Player and RealPlayer If you
have RealPlayer V8/V10 or RealOne Player V1/V2, you had better
hit the "Check for Update" button located in the product to
patch a gaggle of recently discovered vulnerabilities, the most
serious of which could completely compromise your system.
http://www.service.real.com/help/faq/security/040123_player/

ASN.1 Vulnerability Could Allow Code Execution (828028)
Severity: Critical
Systems affected: Windows NT 4/2000/XP and Server 2003 Problem:
Abstract Syntax Notation 1 (ASN.1) is a data standard that is
used by many applications and devices in the technology
industry.  A buffer over-run flaw in the Microsoft
implementation of ASN.1 could allow an attacker to execute code
with full privileges on an affected system. The vulnerability is
more easily exploited in servers than workstations but all are
vulnerable so end users as well as administrators should apply
the patch immediately
http://www.microsoft.com/technet/security/bulletin/MS04-007.asp

Cumulative Security Update for Internet Explorer (832894)
Severity: Critical
Systems affected: All versions of Internet Explorer Problem:
This is the latest in the continuing series of IE cumulative
updates. It patches many known and new vulnerabilities including
the notorious address bar spoofing vulnerability. While fixing a
number of problems, the patch may actually cause problems for
some users and websites as it removes support within IE for HTTP
URL's that make use of the username:password@ format in the
userinfo field. FTP is not affected. It's unlikely you'll
encounter this problem but you should be aware that it exists.
That caveat aside, this is a mandatory update, if you haven't
already installed it, go to the Windows Update site and do so
now. More details here:
http://www.microsoft.com/technet/security/bulletin/MS04-004.asp

File Spoofing Vulnerability in Internet Explorer Yet another
spoofing vulnerability in IE, this one allowing malicious web
sites to fake the file extension of downloadable files.  So, you
could download what you think is an MP3 when it is really an
executable file. This is not in itself all that dangerous but
users who habitually click "Open" after a download could be in
for a nasty surprise.  Click "Save" instead and check the
extension on the saved file. It has been verified for IE6 though
other versions could be affected. Check your vulnerability here:
http://secunia.com/internet_explorer_file_download_spoof/
 

4. OTHER USEFUL STUFF
=====================

Directly Print CD Labels on CDs If you are sick of fiddling with
messy stick-on labels for your CD-Rs then you might want to
check out these printers that print labels directly on CD media.
http://www6.tomshardware.com/howto/20040127/index.html

Multi Layer Password Protection Utility Ever wonder if one day
you might be forced to reveal your computer password under
duress?  The Phonebook project uses a technology called
*Deniable Encryption to provide multiple layers of information
encryption. One password reveals a layer of "semi-secret"
information while another reveals the real goodies. Disclosure
of the first password will get you out of a fix but there's no
way your coercers can know about the existence of the second.
http://www.freenet.org.nz/python/phonebook/

With PCs, Small is Good, Tiny is Better Small Form Factor (SFF)
PCs are super hot. To get street cred in this game your SFF PC
must be really small, unusually housed or just plain cool. For
examples of the first two categories check out the first link
below. For some really cool acrylic cases for Shuttle XPCs,
check out the second link.
http://www.mini-itx.com
http://www.outsideloop.com/company/clearview.html

Death to the Penguin
Help Bill out by swatting the penguin as far as possible.
http://www.casper.ru/temp/pingu3/?namn=422

The Top Windows XP Tips
Here you'll find the most popular XP tips in each of the
following three categories: for XP Users, for XP Administrators
and XP Registry tips. Quite a few gems here amongst the usual
dross. http://is-it-true.org/nt/xp/hottips.shtml
 

** Bonus Items for Supporters **

- How to make a Ti-Vo for $140
- Life discovered on Mars
- The mother of all conversion calculators
- How to walk on water
- A free tool that thoroughly cleans your system

5. TIP OF THE WEEK
==================

Copying Text to the Command Prompt A subscriber recently asked
me why he can't paste text copied in Windows into the command
prompt box.  Well, it's true that you can't use Control-V to
paste the text but you can right click from within the command
box and select the "Paste" option. Simple as that.

A little less obvious is the way you copy and paste within a
command box line. Here are the Microsoft instructions: "Select a
phrase by moving the mouse over it while you hold down the left
mouse button. Then right-click twice to paste the selection at
the cursor's position."
 

6. FREEBIE OF THE WEEK
======================

Best Free Startup Manager (Part2) Last issue I mentioned Mike
Lin's Startup Control Panel.  If you find his minimalist
approach too daunting, you might like to try another free
utility called Windows Startup Inspector.  This offers a number
of advantages for the less experienced users: it displays all
startup programs in a single unified list, it gives you details
about each startup application from a 3500+ online database, and
it gives advice on whether the product is needed or not. Works
well. Freeware, 779KB.
http://www.windowsstartup.com/
http://www.mlin.net/StartupCPL.shtml <= Mike Lin's SCP

** Bonus Freebie for Supporters **

The Free Encryption Utility That I Use This utility is an
AES/Rijndael file encryption software with multi-file, drag-and-
drop operations. It features optimal implementation, performance
and safety measures. The program uses an advanced encryption
algorithm and offers unique options for enhanced security. To
that, add the fact that it's tiny, easy to use, has open code,
employs proven techniques that are essentially unbreakable and
comes from a highly reputable source.  In summary, it offers the
average user everything they want in a secure encryption program
and it's free. That's why I use it myself. (25KB)

Stop missing out on all this good stuff! Become a Supporter
today and receive the SE Edition immediately
 

HOW TO GET THE ENHANCED SE EDITION OF THIS NEWSLETTER NOW
=========================================================

This is the free edition of Support Alert newsletter. If you
like this version, you'll be blown away by the enhanced edition
that our supporters get.

Subscribe now and you'll not only get 12 monthly issues of the
enhanced "Supporters' Edition", you'll also get "Gizmo's Desert
Island Utilities" report outlining the very best software
utilities on the market, including many free products.

You'll also get immediate access to the archive of all past issues of the Supporters' edition of the newsletter where you can catch up on the hundreds of great utilities you missed in the standard edition.

http://www.techsupportalert.com/se-edition.htm

Subscribe by check, Postal Order or credit card using ClickBank
or PayPal.

<<<<<<<<<>>>>>>>>>>

MANAGE YOUR SUBSCRIPTION
========================

Support Alert is a free newsletter. If you liked this issue why
not email it to a friend.  To subscribe, send a totally blank
email to: supportalert-subscribe@webelists.com or sign up online
at http://www.techsupportalert.com/al_subscribe.htm.

Back Issues
A searchable library of back issues is available at:
http://www.techsupportalert.com/issues/back_issues.htm

If you no longer wish to receive this newsletter just go to
http://www.webelists.com/cgi/lyris.pl?enter=supportalert. Enter
your email address. No password is needed. You can then cancel
on-line.

To change your delivery email address go to
http://www.webelists.com/cgi/lyris.pl?enter=supportalert. Enter
your old email address. No password is needed. You can then
change your subscription email address directly.

For lots more free IT newsletters see
http://www.freetechmail.org/infobase.asp?TPubId=79

ACKNOWLEDGEMENTS
================
Thanks to the following volunteer reviewers for their efforts:

Daniel Rose (D.R.)
Annie Scrimshaw (A.S.) aka Annmarie at www.cybertechhelp.com
Jeff Partridge (J.P.)
Sheila Foss (S.F) aka PippieT

Reviews written by Annie, Daniel, Jeff and Sheila are indicated
by their initials at the end of the review.

Thanks too to A. Belile for proofreading this issue.

You can contact this newsletter by snail mail at: Support Alert
PO Box 243
Comstock Park, MI  49321-0243 UNITED STATES

Content of this newsletter is (c) Copyright
TechSupportAlert.com, 2004

See you next issue

Gizmo
editor@techsupportalert.com