========================
                         Support Alert
                         Free Edition
                    ========================
                    www.techsupportalert.com

                 "Gizmo's top picks of the best
                  Tech resources and utilities"

                 Issue 114 - 20th October, 2004

    Support Alert is a registered online serial publication
                         ISSN 1448-7020.

                        <<<<<<<<<>>>>>>>>
QUOTE OF THE WEEK
=================

"The problem with troubleshooting is that trouble shoots back.”

- Anon.

IN THIS ISSUE:
==============

0. EDITORIAL: Security Software Survey – First Results

1. TOP TECH SITES
 - Excellent Free Tech Support Site
 - The Dangers of Scrap Files
 - Stop Sending Email to Yourself
 - Black Hats Get Organized
 - A Better Way to Build a Tin Can Wi-Fi Antenna
 - Free Linux Desktop Guide for Non-Linux Users
 - New Service Stops Unknown Email Viruses (SE Edition)
 - Move Your Bookmarks from One Browser to Another (SE Edition)
 - Why Linux File Systems Don't Fragment (SE Edition)
 - Learn HTML for Free (SE Edition)
 - What to do When You Get the Blue Screen of Death (SE Edition)
 
2. UTILITIES
 - Free Desktop Search from Google
 - The Best File Sharing Client?
 - Run Windows Software on a Mac
 - Free Product Zaps New and Unknown Viruses
 - How to Manage Your XP SP2 Firewall
 - The Best Free Registry Editor (SE Edition)
 - Great Free HTML Editor and PHP Editor (SE Edition)
 - How to Legally Share Music & Videos (SE Edition)

3. SECURITY PATCHES, SERVICE RELEASES AND UPDATES
 - Microsoft Dumps All Non-XP Users
 - Microsoft JPEG Flaw to be the Next Big Thing
 - Serious Unpatched Flaws in Word 2000 and ASP.NET
 - Cumulative Security Update for Internet Explorer (834707)
 - Windows Shell Bug Could Allow Remote Code Execution (841356)
 - NNTP Flaw Could Allow Remote Code Execution (883935)
 - Vulnerability in SMTP Allows Remote Code Execution (885881)
 - Zipped Folders Flaw Could Allow Remote Code Execution (873376)
 - Vulnerability in Excel Allows Remote Code Execution (886836)
 - Security Update for Microsoft Windows (840987)
 - Don't Opt Out of Spam Email
 - RealPlayer PCs Could be Exploited by Playing Movie

4. OTHER USEFUL STUFF
 - Control Your PC from 10 feet Away
 - Huge Capacity CompactFlash Memory Cards Arrive
 - Get Opinions on Everything
 - Tidy Up Those Cables
 - A Real Flight of the Imagination
 - Twenty Six Malware Products on Each PC
 - How to Improve Your Chances of Getting that Job (SE Edition)
 - Difference Between Regedit and Regedt32 (SE Edition)
 - How to Find the Cheapest Gas (SE Edition)
 - How to Speed up Your P2P Downloads (SE Edition)
 - Adware Gets Past Gizmo

5. TIP OF THE WEEK
 - Disabling Windows Messenger

6. FREEBIE OF THE WEEK
 - The Best Windows Program Launcher
 - The Best Free Anti-Trojan Scanner - revised (SE Edition)

--------------------- sponsored links -------------------------

The Best Windows Backup Software
Don't risk losing your vital data - backup often using a
reliable backup program. At this site we reviewed and rated
sixteen data backup products but only one get "editor's choice."
http://www.backup-software-reviews.com/

The Best SpyWare Detector
If you use Ad-aware or Spybot you will be surprised just how
many more additional malware products SpySweeper will detect on
our PC.  On top of that, its active protection will keep your PC
free from Adware, Spyware and other malicious products. That's
why it won the prized "Editor's Choice" award in PC Magazine's
massive March 2004 survey of anti-Spyware products. Try the free
evaluation copy and see for yourself.
http://www.webroot.com/wb/products/spysweeper/index.php?rc=1132

The Best Remote Access Software
If reliability, ease of use and freedom from firewall problems are
important to you, then one product stands out from the rest. Read
the full review here:
http://www.pcsupportadvisor.com/best_remote_access_software.htm

---------------------------------------------------------------
 
0. EDITORIAL
============

This is a “good news” editorial. Actually the good news is from
you dear readers, I'm just reporting it.

Last issue I asked readers to send in details of the security
products they use and their experiences with how these products
work together.

Well nearly 1000 folks wrote in, 974 to be precise.  I was
overwhelmed with the generosity of your response. Thank you all.

It's going to take quite a while to analyze the results and in
the coming weeks I’ll write up a full report on the web site.
But even now certain things are already clear. Three things in
fact:

First, a lot of you readers have very well protected systems.

Second, those with good protection rarely, if ever, have
security problems.

Third, compatibility between different security products was not
really a major issue. However, product overlap was.

In the limited space of this editorial, I'm only going to deal
with the first finding. I'll deal with the others in the full
report on the web which I hope to have ready by next issue.

Now, it's not really too surprising that so many of you have
excellent computer security. After all, this is a technical
newsletter and you, dear subscribers, are not exactly your
average Joe in the street.  Bear in mind, too, that the folks
who responded to the survey are more likely to have good
security compared to subscribers as a whole.  That's because
they are rightly proud of how they have secured their systems
and hence more likely to respond to the survey.

But what is a well protected system? Simple: it's a system with
layered defense. That is, a system that does not rely on a
single security product but one that utilizes several different
products, each designed to carry out a specialized task.

By the far the most common configuration reported in the survey
was a three layer approach:

- A virus scanner (Usually Norton, McAfee, AVG or Avast)
- An anti-spyware product (Ad-Aware, SpyBot or SpySweeper)
- A 3rd party firewall (ZoneAlarm, Kerio, Sygate or hardware-
based)

(The products shown in brackets were the most commonly used.)

Some folks had fewer layers, many had more. Jim Kerrigan had the
most - 11 products covering seven different layers. No one is
getting into Jim's system anytime soon!

The more layers, the better protection. However, the more
layers, the greater the setup complexity, the greater the CPU
overhead, the greater the user inconvenience and the greater the
maintenance requirement.

What's the ideal number of layers?  The answer depends on your
risk level.

If you are a normal user who just uses email and does a bit of
surfing then three is probably fine.

If you use P2P networks or IM, install a lot of utilities or
like to explore the nether regions of the web then you need
additional layers. The more adventurous your activities, the
greater your need for protection. But what additional protection
layers do you need?

To start, you need a specialized Trojan scanner. AV scanners are
just not good enough at detecting modern Trojans. To underscore
the point, I'm currently reviewing anti-Trojan products over at
http://www.anti-trojan-software-reviews.com using a test set of
Trojans that were all missed by Norton AV 2004. That’s right
folks, using the trojans MISSED by Norton. Before you AVG users
get too chirpy, let me tell you AVG missed even more!

In the reader security survey, the most common anti-Trojan
applications used were TDS-3, Trojan Hunter and BoClean. The
first two are fine choices but I have reservations about
BoClean. You can find my reviews of them over at the anti-Trojan
site if you are interested. There are some passable free anti-
trojan scanners as well and I’ll cover these in the full web
report.

Another layer is active protection for your key Windows system
areas. This includes protection of the Windows startup areas,
the registry, browser helper objects and the integrity of DLLs
and running processes.

Now, some of these functions may be performed by other security
layers. Some firewalls for example optionally check process CRC
integrity while some anti-spyware products keep an eye on
startup programs and browser helper objects. No single product
does everything, however, so you need at least one, maybe two
additional products.

In the security survey, the most common additional product was
WinPatrol. Again, a good choice, though it does overlap with the
monitor in SpyBot and is not as powerful as my favorite, RegRun.

Yet another security layer you can add is active protection for
your security products themselves. Modern malware will now
routinely try and pull down your defenses.  Thankfully, security
vendors are now building better defenses into their products.
Indeed, some AV scanners and firewalls now run at kernel level
and can't be easily pulled down. Many, however, including
products like SpyBot, Ad-Aware and WinPatrol, are vulnerable to
attack and need to be defended.

According to the survey, the most common protective program used
was Process Guard. It's a great choice as it is the best product
in its class though, frankly, a beast to properly setup.

Another additional security layer you might want to consider is
generic malware protection.  This is a relatively new approach
which tries to detect malware products by their behavior rather
than by their unique individual signatures. Products in this
group are targeting a weakness in all AV scanners: the short
time gap between the time a new virus emerges and the time the
AV vendors update and distribute their signature databases.
During that time, your AV scanner is largely useless in
defending you against any new virus.

Not many folks in the survey currently use these generic defense
products. The only two mentioned were Abtrusion Protector and
Qwik-Fix Pro, two quite products that adopt quite different
approaches. The degree of effectiveness of these products is yet
to be established but certainly the promise is attractive.
Personally I find Abtrusion Protector eats up too many CPU
resources to warrant general recommendation and I’m yet to be
convinced whether Quik-Fix is worthwhile. If you use either of
these products let me know what you’ve found.

The final way to add additional protection is to duplicate an
existing protective layer. Quite a few users who responded to
the survey do this. Examples would include running a hardware
and software firewall, using two spyware scanners not just one
and using a second anti-virus product as an on-demand scanner.

I think this is a great way to go, particularly if you can use
free products. However it’s also the area most liable to product
conflict. In my full web article I’ll be giving specific product
recommendations how to duplicate your protection without product
conflict.

The number of layers of protection you use is ultimately a
personal choice. Like all security systems, greater security
means greater inconvenience in return for improved protection.

At the very least you need three layers: an AV scanner, a
firewall and an anti-spyware product. After that it's your call.

By next issue I should have the full report up on the web. It
will deal with the question of choosing the right products for
each layer, product combination and product interaction. It’s a
complex issue but one I’m sure you’ll find most interesting.

Thanks again to those who responded to the survey. It really is
appreciated - we can all learn from each others’ experience.

See you next issue.
Gizmo
Editor@techsupportalert.com

PS Want an invite to join Google's Gmail - read below.

Support Alert relies on voluntary donations to survive.  If you
feel that you've benefited from reading this newsletter perhaps
you would like to consider donating by subscribing to the
special enhanced "Supporters' Edition" of this newsletter.

The SE Edition contains almost twice the number of
great tech sites and free utilities as the standard edition.
It's also ad-free.

When you subscribe you'll also get my special report "Gizmo's
Desert Island Utilities" which outlines the software I consider
most useful, including many free products. You'll also get
immediate access to the archive of all past issues of the
Supporters' edition of the newsletter where you can catch up on
the hundreds of great utilities you missed in the standard
edition.

This month I'm giving away six Google Gmail invitations to new
subscribers to the SE edition.  They'll be allocated at random
but your chances of scoring one are real good. So if you have
been thinking of subscribing, now's the time.

HOW TO SUBSCRIBE TO THE SE EDITION
==================================

12 months subscription to the Supporters' Edition costs $10
which can be made by check or credit card using either ClickBank
or PayPal.

Click the link below to subscribe now:
http://www.techsupportalert.com/se-edition.htm
 

1. TOP TECH SITES
=================

Excellent Free Tech Support Site
Subscriber Ted Green writes: "Thanks a million Gizmo for telling
me about the Tek-Tips forums. With the help of the forum members
I solved a Windows shutdown problem that was driving me nuts."
Note, though, that Tek-Tips is geared toward  experienced users.
Beginners may get better results from the TechSupportGuy forums.
Both are free and well worth trying.
http://www.tek-tips.com/
http://forums.techguy.org/

The Dangers of Scrap Files
Almost no-one has heard of Windows scrap files, a strange file
type that's a by-product of the Windows OLE system. The problem
is that because of icon similarity, they can easily be mistaken
for text files, and simply opening one may lead to you being
infected by a Trojan.  I suggest all PC users read this useful
article which not only explains the concept but also lets you
know what to look out for.
http://www.trojanhunter.com/papers/scrapfiles/

Stop Sending Email to Yourself
A lot of folks regularly email information from one mail account
to another. Most commonly this is from a work account to a home
account and vice versa.  This site offers a free service that
allows you to post notes to yourself on the site which you can
then access from any web browser. Kind of like post-it notes
that you can read from anywhere. No-one else can read the notes
as they encrypted with your password.  A neat free service.
http://www.chimenote.com/

Black Hats Get Organized
Metasploit Framework is a site guaranteed to scare a little
common sense into those complacent about computer security. It
offers "an advanced open-source platform for developing,
testing, and using exploit code." In other words, an easy-to-use
modular system for script kiddies and other ill-intentioned
individuals to put together their own exploits.
http://www.metasploit.com/projects/Framework/
 
A Better Way to Build a Tin Can Wi-Fi Antenna
Surprisingly, these things actually work. I've mentioned a
construction guide in a previous issue but this one from
ExtremeTech is both clearer and more precise.
http://www.extremetech.com/article2/0,1558,1643394,00.asp

Free Linux Desktop Guide for Non-Linux Users
This really is a splendid piece of work. It's complete, it's
well written, it's downloadable and it's free. Starting at
basics, it works its way through file management, using email
and the internet and on to using Open Office. It's offered under
the Creative Common license and is available in both OpenOffice
Writer and PDF formats.
http://www.iosn.net/training/end-user-manual/

** Additional Items in the SE Edition **

- A New Service that Stops Unknown Email Viruses
- How to Move Your Bookmarks from One Browser to Another
- An Explanation Why Linux File Systems Don't Fragment Like
  Windows
- An Excellent Way to Learn HTML for Free

Got some top sites to suggest? Send them to
mailto:editor@techsupportalert.com

2. UTILITIES
=============

Free Desktop Search from Google
Well the long-awaited Google desktop search has finally arrived
(at least in beta form) and it's looking awesome. Like other
desktop search programs, it indexes the content of your local
files such as email, Office documents and web pages.  The full
list of file types indexed at the moment is: TXT, HTML, DOC,
XLS, PPT, Outlook 2000+, Outlook Express 5+, AOL 7+ and AOL
Instant Messenger 5+, with more types to be added in later
versions.  The feature that really grabbed my attention, though,
is the indexing of all web pages that you visit as well as pages
you have visited in the past. It works brilliantly and will
really help with the standard problem of finding information you
remember seeing on some now-forgotten web site. (Before you get
worried about security issues, Google provides an option of
turning off indexing for secure html pages.) Also nice is the
ability to search email and view the results in conversational
threads. Yet another neat feature is the integration of desktop
and web search into a single function with the presentation of
all search results in familiar Google format. I only have two
beefs: first the display format is not ideal for quickly finding
email. Second, it only works with Internet Explorer which is a
bit of a bummer for we FireFox users. Let's hope for a Mozilla
version soon. Initial impression?  It's still only a beta but
this will be one to beat. Once it matures, I can't imagine any
PC being without it. Freeware, 446KB.
http://desktop.google.com/about.html
 

The Best File Sharing Client?
Regular readers of this newsletter know that I regard public
file sharing networks to be malware distribution systems. That
said, I know a lot folks use them so I'll pass on this comment
from subscriber Jenny Ho. "Gizmo, you've mentioned KaZaa lite a
couple of times as the best P2P client. It is a good program but
all my friends have now moved on to Shareaza. It's a public
domain program, doesn’t contain any adware and spyware, and it
connects all the major P2P networks. It's also fast and really
easy to use." Well, I can confirm Jenny's comments about ease of
use - Shareaza has the best interface of any P2P client I've
seen. On speed I found Shareaza's downloads to be faster only
for larger files. I know because I used both clients to download
over 1,000 executable files to create a test data set for my
most recent series of reviews of anti-Trojan programs.
(Incidentally, over 300 were infected with malware.) MP3
swappers would be advised to read the Shareaza FAQ which tells
you how to set up block lists to keep the RIAA at bay. Freeware,
3.15MB.
http://www.shareaza.com

Run Windows Software on a Mac
Microsoft has released version 7 of Virtual PC for Mac, a
Windows OS emulation package that runs on the Mac as a host
operating system. Early reports suggest that you need at least a
G5 to get decent performance but, that caveat aside, it's a
great way to run a piece of essential Windows software on a Mac
yet retain full Mac OS functionality. Prices start at $129.
http://www.microsoft.com/mac/products/virtualpc/virtualpc.aspx?pid=virtualpc

Free Product Zaps New and Unknown Viruses
Even users with well protected PCs are vulnerable to new viruses
and worms during the critical time slot between the first
appearance of the virus and the time it takes for AV vendors to
update their signature database. A number of companies offer
claimed solutions: one is PivX who markets a product called Qwik-
Fix Pro. This works by providing a degree of generic protection
combined with defenses against potential exploits the company
has identified from its own research. I have no way of testing
such a product but the idea is sound - just think of all those
known but yet unpatched Internet Explorer bugs. Others clearly
agree - the company certainly has some heavyweight customers.
The good news is that a home PC edition is available and it's
free until the end of October. Registration required, 1.26MB.
http://www.pivx.com/qwikfix.asp

How to Manage Your XP SP2 Firewall
Ok.  You've taken the plunge and installed SP2. Wouldn't it be
nice to be able to control your enhanced firewall, check current
activity or inspect the logs? Well you can do all that with
FirePanel XP, a $10 shareware product. The download is only
170KB but you need to have the Microsoft .NET framework
installed on your PC.
http://www.router19.org/

** Additional Items in the SE Edition **

- The Best Free Registry Editor
- Great Free HTML Editor and PHP Editor
- How to Legally Share Music and Videos with your Friends

Got some top utilities to suggest? Send them to
mailto:editor@techsupportalert.com
 

3. SECURITY PATCHES, SERVICE RELEASES AND UPDATES
=================================================

Another bad month for Microsoft.  First, lots of negative
publicity about the company dumping non-XP users. Second, the
ominous appearance of several different examples of malicious
programs that utilize a JPEG vulnerability that affects dozens
of MS products. Third, independent researchers revealed serious
unpatched flaws in important MS products. Finally, Microsoft
itself released a massive batch of 10 new security advisories,
seven of which are rated 'Critical."

Microsoft Dumps All Non-XP Users
During the month, the folks at Redmond have spelled out loud and
clear that the security enhancements to Internet Explorer
offered in Windows XP SP2 will not be made available for any
Windows operating system prior to XP.  The intent is evident:
they want everyone to upgrade to Windows XP. If you don't want
to upgrade then you really should abandon using Internet
Explorer right now as hackers will be emboldened by the
announcement to target IE on non-XP PCs. FireFox is a great
alternative browser, a superior product in fact, so why wait?
Read my IE to FireFox migration guide here:
http://www.techsupportalert.com/firefox.htm

Microsoft JPEG Flaw to be the Next Big Thing
When Microsoft announced last month a widespread JPEG flaw in
its products, experts predicted it was only a question of time
before a massive web-wide attack occurred utilizing the bug.
The first exploits in fact appeared within a week of the MS
revelations, though they were more demonstration examples than
active threats. Later examples have proved more threatening,
though none has yet to include an effective propagation system.
It looks increasingly likely though, that the threatened big one
will happen. To prevent your system being attacked you have to
do more than rely on Windows Update. You also have to visit the
Office Update site and do additional checks for other vulnerable
products as well. Full instructions here:
http://www.microsoft.com/security/bulletins/200409_jpeg.mspx

Serious Unpatched Flaws in Word 2000 and ASP.NET
Security company Secunia has issued an advisory covering a
“highly critical" buffer overrun problem in Word 2000 and
possibly Word 2002 as well. Secunia has advised users not to
open untrusted Word documents especially those that are hosted
on web sites. Microsoft is investigating the claim.  They have,
however, conceded another flaw, this one covering the widely
used ASP.net server product. The flaw could allow an attacker to
gain access to a password protected area of a web site simply by
a simple character substitution in the URL. No patch is
available but MS has published a workaround.
http://secunia.com/advisories/12758/
http://support.microsoft.com/?kbid=887459

Cumulative Security Update for Internet Explorer (834707)
Severity: Critical
Systems Affected: Internet Explorer V5 and V6
Problem:  This major update addresses seven new IE
vulnerabilities including three rated as critical. All users
should apply this update immediately through Windows Update.
http://www.microsoft.com/technet/security/bulletin/ms04-038.mspx

Windows Shell Bug Could Allow Remote Code Execution (841356)
Severity: Critical
Systems Affected: Most versions of Windows other than XP SP2
Problem:  This patch covers two flaws, only one of which is
rated critical. The critical flaw "exists in the way that the
Windows Shell starts applications. An attacker could exploit the
vulnerability if a user visited a malicious Web site. If a user
is logged on with administrative privileges, an attacker who
successfully exploited this vulnerability could take complete
control of an affected system."
http://www.microsoft.com/technet/security/bulletin/ms04-037.mspx

NNTP Flaw Could Allow Remote Code Execution (883935)
Severity: Critical
Systems Affected: Specific versions of NT/2000/2003 server as
well as Exchange server
Problem:  "A remote code execution vulnerability exists within
the Network News Transfer Protocol (NNTP) component of the
affected operating systems. This vulnerability could potentially
affect systems that do not use NNTP. This is because some
programs that are listed in the affected software section
require that the NNTP component be enabled before you can
install them. An attacker could exploit the vulnerability by
constructing a malicious request that could potentially allow
remote code execution. An attacker who successfully exploited
this vulnerability could take complete control of an affected
system."
http://www.microsoft.com/technet/security/bulletin/ms04-036.mspx

Vulnerability in SMTP Could Allow Remote Code Execution (885881)
Severity: Critical
Systems Affected: Server 2003 plus some Exchange server 2003
configurations
Problem:  "A remote code execution vulnerability exists in the
Windows Server 2003 SMTP component because of the way that it
handles Domain Name System (DNS) lookups. An attacker could
exploit the vulnerability by causing the server to process a
particular DNS response that could potentially allow remote code
execution. An attacker who successfully exploited this
vulnerability could take complete control of an affected system.
The vulnerability also exists in the Microsoft Exchange Server
2003 Routing Engine component when installed on Microsoft
Windows 2000 Service Pack 3 or on Microsoft Windows 2000 Service
Pack 4."
http://www.microsoft.com/technet/security/bulletin/ms04-035.mspx

Zipped Folders Flaw Could Allow Remote Code Execution (873376)
Severity: Critical
Systems Affected: Windows XP/XP SP1 and Server 2003
Problem:  "A remote code execution vulnerability exists in
compressed (zipped) folders because of an unchecked buffer in
the way that it handles specially crafted compressed files. An
attacker could exploit the vulnerability by constructing a
malicious compressed file that could potentially allow remote
code execution if a user visited a malicious Web site. An
attacker who successfully exploited this vulnerability could
take complete control of an affected system. However, user
interaction is required to exploit this vulnerability."
http://www.microsoft.com/technet/security/bulletin/ms04-034.mspx

Vulnerability in Excel Could Allow Remote Code Execution (886836)
Severity: Critical
Systems Affected: Excel 2000/2002/2003 plus Mac versions. Note
Office XP Service Pack 3 systems are NOT vulnerable.
Problem:  "A remote code execution vulnerability exists in
Excel. If a user is logged on with administrative privileges, an
attacker who successfully exploited this vulnerability could
take complete control of the affected system."
http://www.microsoft.com/technet/security/bulletin/ms04-033.mspx

Security Update for Microsoft Windows (840987)
Severity: Critical
Systems Affected: Win2k SP3/SP4, Windows XP/XP SP1, Server 2003
Problem:  "This fix covers four flaws, one of which, a bug in
the graphics rendering system, is rated critical. A remote code
execution vulnerability in the rendering of Windows Metafile
(WMF) and Enhanced Metafile (EMF) image formats that could allow
remote code execution on an affected system. Any program that
renders WMF or EMF images on the affected systems could be
vulnerable to this attack. An attacker who successfully
exploited this vulnerability could take complete control of an
affected system."
http://www.microsoft.com/technet/security/bulletin/ms04-032.mspx

Don't Opt Out of Spam Email
Experienced users have long known not to click opt-out links in
spam mail. That's because clicking these links can tell the
spammer that they have scored a live email address. As a result,
you'll get more spam not less.  But now there's another reason
not to click these links. Security firm MessageLabs claim they
have identified a number of spam messages that use JavaScript to
redirect anyone who clicks an opt-out link to a hostile website.
That site then attempts to download an executable file that
would allow the spammer to take control of the user's PC. The
moral of the story: totally ignore all spam.
http://www.messagelabs.com/news/virusnews/detail/default.asp?contentItemId=1177&region=

RealPlayer PCs Could be Exploited by Playing Movie
RealNetworks has announced a critical vulnerability in numerous
versions of RealPlayer that could allow an attacker to run a
Trojan program. The flaw can be exploited by simply tempting a
user to run a specially encoded movie file. A fix is available
and can be accessed by using the update feature within
Realplayer.
http://service.real.com/help/faq/security/040928_player/EN/
 

4. OTHER USEFUL STUFF
=====================

Control Your PC from 10 Feet Away
Here's something to consider if you play music or watch TV from
your PC but don't want to pay for Windows Media Center Edition.
SnapStream Firefly is a remote control/software bundle designed
to allow you to operate your PC at a distance. It works by
displaying options on your PC using a large screen font. You can
then select between options using the wireless remote.  It works
with 80 or so multi-media applications and offers a degree of
customization.  The 30-foot range remote is a plus though,
unfortunately, it's not a universal unit with learning
capability. Oh well, one more remote to add to the pile. Street
price is around $45.
http://www.snapstream.com/Products/firefly/default.asp

Huge Capacity CompactFlash Memory Cards Arrive
Feeling the need for a little more storage in your digital
camera? Perhaps these new 8GB CF cards from Sandisk will give
you what you want.  Mind you at $965 they are not exactly cheap.
A more modest 2GB CF card has a street price of around $240.
http://www.tomshardware.com/hardnews/20040930_171542.html

Get Opinions on Everything
This amusing tool uses Google to search the web to discover what
people think about a particular person or topic.
http://www.googlism.com/

Tidy Up Those Cables
Here's a simple idea that will help you organize your computer
cabling. Cable markers are little numbered clips that attach to
either end of your cables. I asked regular contributor Jeff
Partridge to have a look at them and here's what he found:
"These clips are fairly sturdy little things about 5/16” across,
made of white plastic. They’re made to provide a secure marking
system for Cat3, 5, or 6 cables, but I’ve found that any cable
or bundle of wires of the same size works as well. There’s
enough spring in these small plastic clips to provide some
leeway in cable size. The number on each cable marker is
engraved into it and colored by a black paint. I found that with
a tiny bit of effort (necessary to overcome my less-than-
perfectly-organized ways) these markers can save an amazing
amount of time. The longer the cable runs, the more time they
save. I now have a small text file saved with the cable numbers
and routing info of each network cable in my setup. This is a
product that really works!"  $9.95 per bag of 400 which is
enough to label a 96 port wiring closet. Larger sizes are
available.  Order direct from the aaa web site.
http://www.aaa-communications.com/cable_id.htm

A Real Flight of the Imagination
Are you a keen MS Flight Simulator fan? If so, check out some of
these setups. Thanks to subscriber Lex Davidson for the link.
http://www.wideview.it/pictures.htm

Twenty Six Malware Products on Each PC
A few issues ago I mentioned that most PCs I've seen belonging
to average users are infected with Spyware and worse. Well,
security company (are we missing a word here? :)) has just
released some scary statistics from their free on-line spyware
scanning service called Spy Audit. Some 3.2 million scans
uncovered 83.4 million instances of adware and worse. 65 million
were just relatively harmless adware cookies but 17.5 million
were full-on adware and spyware programs. Worse still, there
were 1.3 million instances of keyloggers and Trojans.  That's
more than 1 in 3 PCs infected. Scary stuff.
http://www.webroot.com/services/spyaudit_03.htm  <= Free Scan
http://www.webroot.com/company/pressreleases/20041004-spywarereport/ <= Press release
 

** Additional Items in the SE Edition **

- How to Improve Your Chances of Getting That Job
- The Difference Between Regedit and Regedt32
- How to Find the Cheapest Gas
- How to Speed up Your P2P Downloads

5. TIP OF THE WEEK
==================

Disabling Windows Messenger

First, let's clarify what "messenger" we are talking about.
Windows actually has three "messengers." First there's MSN
Messenger and then there's Windows Messenger and finally there's
the Windows Messaging service.

MSN Messenger is Microsoft's end-user oriented instant messaging
(IM) service.

Windows Messenger is also an IM service but its intended use is
within corporations. It's only available for Windows XP and some
versions of Win2k. Unlike MSN Messenger, Windows Messenger is
quite tightly integrated into key Microsoft products like
Outlook, Exchange and Windows XP itself.

Both share the same icon in Windows. Both make use of the same
.NET contacts and are, in a general sense, interchangeable.
That's the way I'm going to treat them here.

Then there's Windows Messenger Service. Unfortunately, some
folks incorrectly refer to this as "Windows Messenger" which
just adds to the confusion.  In fact, Windows Messenger Service
is not an IM product at all.  It's a network messaging product
that was introduced with Win2K.  Its intended use was to provide
popup information windows in a network environment. For example,
when Tech Support wants to broadcast a message to all users like
"the system is going down in 10 minutes."

Unfortunately, the Windows Messenger Service has been exploited
by spammers who used it to pop up their nasty little ads. For
this reason most folks have got rid of it from their PCs.
Zapping it is easy; just download Steve Gibson's "Shoot the
Messenger" program from here:
http://www.grc.com/stm/shootthemessenger.htm

"OK," you say, "I can understand why I should get rid of Windows
Messenger Service, but why should I get rid of Windows
Messenger?"

Well, if you are one of the many folks who don't use IM or you
use a non-Microsoft IM product, Windows Messenger is an unwanted
annoyance. It's responsible for those pesky “sign up for a
Microsoft Passport account" messages. Worse still, Windows
Messenger is wasting your CPU cycles. It may also present a
security risk.

Alas, removing it is not easy. First there's no uninstall
option. Simply exiting Messenger doesn't work either as it re-
starts the next time you re-start Windows. Hacking the registry
to stop Windows Messenger starting doesn't work as Outlook and
some other programs just reinstate it.

Microsoft has a KB article that tells you what to do but their
method doesn't seem to work reliably for all machines.
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q302089

The approach that seems to work best is to run the following
command from the command window.

RunDll32 advpack.dll,LaunchINFSection windir%\inf\msmsgs.inf,BLC.Remove

I think you'll find this will do the job. If not, try this web
site. There you'll find two other ways of getting rid of this
stubborn pest.
http://www.druid628.com/techtips/windows/msmsgs/uninstall_msn.htm
 

6. FREEBIE OF THE WEEK
======================

The Best Windows Program Launcher
A while back I received this suggestion from subscriber Graham
Keellings: "Gizmo, I have been looking for months (maybe years)
for a good program launcher, preferably one that doesn't write
to the registry, so that I can run it from a USB flash drive.
Well, I’ve found it and it's called Windows Power Pro. It was
originally shareware but has now reverted to freeware. It's not
only a great program launcher but it also does a myriad of other
things and is incredibly customizable." Graham is quite right;
this is an excellent product and the ideal tool for those who
find their Windows desktop becoming cluttered with program
icons. With Windows Power Pro you can get rid of the lot and
still be able to launch any programs with a single mouse click.
Additional functions include a hotkey and keyboard macro
facility, the capability to easily schedule program execution,
to control window attributes (including the ability to minimize
any program to a tray icon), and even the creation of virtual
desktops.  Quite a box of tricks and therein lies the problem.
Windows Power Pro takes a fair amount of time to learn and
configure. Those prepared to make that initial time investment
will be well rewarded. Freeware, 2.6MB.
http://powerpro.webeddie.com/index.html

** Bonus Freebie for SE Edition Subscribers **

The Best Free Anti-Trojan Scanner (continued)
Last issue I mentioned that I had at last found a free anti-
Trojan scanner that was worth recommending. Well, when it rains
it pours. I've found another and I'm recommending it as well.
This product is a terrific anti-Trojan, maybe even better than
my last recommendation. It has an advanced design, a huge and
well-maintained signature database and an excellent interface.
On my tests it was one of the few products that could reliably
detect polymorphic and process injecting Trojans. No, it's not
as good as TDS-3 or Trojan Hunter but you get what you pay for.
No, it doesn’t have a memory monitor but the on-demand scanner
is so good you'll have no complaints. If you installed my last
recommendation, leave it installed and install this as well and
scan your hard drive with both products. They will happily work
together and the two scanners will give you way better detection
than either one alone. This week I've used these two products to
scan five PCs belonging to friends and relatives and in each
case I've found malware products and in one case multiple
products. Both scanners are free, so you have nothing to lose by
trying them. You may be surprised what they find on your PC.

... full details in the SE Edition of this newsletter.

-----------------------------------------------------------

GET THE SE EDITION NOW
======================

Stop missing out on all this good information! Subscribe now to
the enhanced SE Edition of this newsletter and immediately
receive the current issue containing nearly double the
information contained in this free edition. Get twice as many
great web sites, get twice as many top utilities and great
freebies. Get it now!

Use this link to subscribe online now:
http://www.techsupportalert.com/se-edition.htm

Subscribe now and you'll not only get 12 monthly issues of the
enhanced "SE Edition", you'll also get "Gizmo's Desert Island
Utilities" report outlining the very best software utilities on
the market, including many free products.

You'll also get immediate access to the current issue plus the
archive of all past issues of the SE edition of the newsletter
where you can catch up on the hundreds of great freebies you
missed in the free edition.

This month I'm giving away six Google Gmail invitations to new
subscribers to the SE edition.  They'll be allocated at random
but your chances of scoring one are real good. So if you have
been thinking of subscribing, now's the time.

Use this link to subscribe online now.
http://www.techsupportalert.com/se-edition.htm
 

MANAGE YOUR SUBSCRIPTION
========================

Support Alert is a free newsletter. If you liked this issue why
not email it to a friend.  Anyone can subscribe by signing up
online at http://www.techsupportalert.com/al_subscribe.htm.

Back Issues
A searchable library of back issues is available at:
http://www.techsupportalert.com/issues/back_issues.htm

If you no longer wish to receive this newsletter just go to
http://www.webelists.com/cgi/lyris.pl?enter=support.alert. Enter
your email address. No password is needed. You can then cancel
on-line.

To change your delivery email address go to
http://www.webelists.com/cgi/lyris.pl?enter=support.alert. Enter
your old email address. No password is needed. You can then
change your subscription email address directly.

For lots more free IT newsletters see
http://www.freetechmail.org/infobase.asp?TPubId=79

Thanks too to A. Belile for proofreading this issue.

You can contact this newsletter by snail mail at: Support Alert
PO Box 243
Comstock Park, MI  49321-0243 USA

Content of this newsletter is (c) Copyright
TechSupportAlert.com, 2004

See you next issue

Gizmo
Ian Richards
editor@techsupportalert.com

PS Never respond to this newsletter by hitting the “reply”
button on your email client as your message will end up in a
graveyard mail account along with thousands of “out of office”
messages. Instead, send all mail to my personal email address
above.