Support Alert
                         Free Edition

                 "Gizmo's top picks of the best
                  Tech resources and utilities"

                  Issue 115 - 17th November, 2004

    Support Alert is a registered online serial publication
                         ISSN 1448-7020.


"There are 10 types of people in the world:
Those who understand binary and those who don't."

- From an add on The Register web site


0. EDITORIAL: Security Sandboxes for Home Use

 - The Top 75 Network Security Tools
 - Free Computer Books
 - Make FireFox More Similar to Internet Explorer
 - Free Service Tests a Suspicious File
 - Spyware Removal Utilities That Are Actually Spyware
 - How to Speed Up FireFox (SE Edition)
 - Free Clip Art from Microsoft (SE Edition)
 - Legal BitTorrent Files You Can Download (SE Edition)
 - How to Test Your Email Security (SE Edition)
 - A Mandatory Security Utility
 - New Version of Free AVG Anti Virus
 - Sync FireFox Bookmarks with IE Favorites
 - Free Utility Defrags Individual Files
 - New Free Instant Messaging Client Impresses
 - Another Free Way to Free Up Your Desktop
 - Free Utility Loads Multiple Web Page Images (SE Edition)
 - Top Rating Apple Utility Available for Windows (SE Edition)
 - Transfer Music & Files from Your iPod to Your PC (SE Edition)
 - Free CoolWebSearch Killer Available Again (SE Edition)
 - Use Your Gmail Account for Free On-Line Storage (SE Edition)

 - MS JPEG DLL Problem Gets Serious
 - Another Serious Unpatched Internet Explorer Vulnerability
 - Flaw in Word 2000/2002
 - Phishing Exploits Easier in Tabbed Browsers

 - How to Check That Your System is Fully Secured
 - Missing That Coffee?
 - PodCasting Takes Off
 - PodCasting for the Rest of Us
 - Find That Canuk
 - Find Really Cheap Used Car Parts Quickly
 - Make Your Windows System Run Fast
 - How to Easily Remove All Traces of Software from Your
   Registry (SE Edition)
 - Easy Way to Make Your Own Holograms at Home (SE Edition)
 - How to Fix Shortcuts That Don't Work (SE Edition)
 - A Great Free Solution to Emailing Photos (SE Edition)
 - Re-Enable Non Working FireFox Extensions

 - The Best Free Anti-Trojan Scanner
 - Free Utility Improves Computer Security (SE Edition)


Well itís starting to happen folks and itís good news for all.

The first security sandbox designed for home users has arrived
and it looks to be a very promising way to protect your

A security sandbox is a computing environment that is isolated
from your normal working computing environment.

Itís a place where you can engage in risky activities like
installing unknown programs, opening tempting email attachments
or browsing to strange places on the web without putting your
normal computing environment at risk.

The simplest example of a sandbox is a separate stand-alone
computer that you use for testing. However not too many folks
can afford the luxury of a second PC.

Thatís why most sandboxes are virtual sandboxes. They use
software to create a virtual sandbox computer; a kind of
computer within your computer that is completely isolated from
your normal working environment.

I use this arrangement all the time for testing trojans.  Iím
quite happy to run a trojan or virus on my PC because I do it
within a completely isolated virtual machine that runs on my
normal everyday PC.  When I shut down the virtual machine
everything is wiped including any trojan infection.

I create this virtual machine with a professional IT product
called VMWare but with a price of $189 itís not of much interest
to average users.

But the new security sandboxes hitting the market are intended
for home use and are priced appropriately. The one thatís got me
currently excited sells for $29.95.

Itís called ShadowSurfer. It works a bit differently to VMWare.
Rather than creating a new virtual PC on which you have to
install software, it creates a virtual copy of your normal PC
with all your existing software.

You access this virtual copy by starting up ShadowSurfer and
then rebooting. After re-booting your desktop comes up looking
exactly the same as normal except the desktop background now
displays the ShadowSurfer logo.  This is to remind you that you
are not working on your real PC but on a shadow copy.

In this copy you have full access to your normal programs and
data and you can do anything you normally do including surfing
the internet.  However nothing actually get written to you hard
drive, rather the changes are saved in special ShadowSurfer file.

When you end the ShadowSurfer session you have the option of
saving these changes and making them permanent or totally
discarding them. If you choose the latter then, when you start
up your real PC, all traces of your previous ShadowSurfer
session will have vanished.

And I do mean vanished. No traces of any programs you installed,
no traces of viruses or spyware infections you may have caught
and no traces at all of where you roamed on the internet.

You can see the advantages. With ShadowSurfer you can safely try
out new software without risking that your normal PC gets messed
up by a bad installation or infected with a trojan.  It also
means that you can safely visit web sites that you would
normally avoid for fear of drive-by spyware downloads and worse.

Am I am impressed? You bet! I think this is a long overdue
security product and one that will liberate many PC users from
security worries.

And if you think this a commercial plug, think again. I donít
make anything from this. My enthusiasm is derived solely from
the fact that I think itís a really useful product. Maybe this
explains why Bill Gates is rich and Iím not;>)


See you next month.


PS Want an invite to join Google's Gmail - read below.

Support Alert relies on voluntary donations to survive.  If you
feel that you've benefited from reading this newsletter perhaps
you would like to consider donating by subscribing to the
premium "Supporters' Edition" of this newsletter.

The SE Edition contains almost twice the number of great tech
sites, free utilities, tips and other content as the standard
edition. It's also ad-free.

When you subscribe you'll also get my special report "Gizmo's
Desert Island Utilities" which outlines the software I consider
most useful, including many free products. You'll also get
immediate access to the archive of all past issues of the
Supporters' edition of the newsletter where you can catch up on
the hundreds of great utilities you missed in the standard

Last month I'm gave away six Google Gmail invitations to new
subscribers to the SE edition and this month I'm giving away six
more.  They'll be allocated at random but your chances of
scoring one are real good. So if you have been thinking of
subscribing, now's the time.


12 months subscription to the Supporters' Edition costs $10
which can be made by check or credit card using either ClickBank
or PayPal.

Click the link below to subscribe now:


The Top 75 Network Security Tools
This personal list is more extensive than selective but is a
fabulous resource for anyone wanting to know what's available.

Free Computer Books
Nice collection here of links to free techie books. Titles range
from the quite useful "Practical PHP Programming" to the
decidedly obscure "Programming in Lua".

Make FireFox More Similar to Internet Explorer
One of the complaints about FireFox I keep hearing is that it
works slightly differently than Internet Explorer. Well, that's
true but in my view that's because it works better. However, if
you are like the Hobbits and prefer everything to stay the same
then check out this site which offers a free, web-based system
for making FireFox look and feel just like IE.  I tried it out
just for fun and the result is amazing - they even swap the

Free Service Tests a Suspicious File
Got a program you'd like to run but not sure if it's kosher?
Then upload it to this site where they'll run it through ten
different virus scanners and let you know the results.

Spyware Removal Utilities That Are Actually Spyware
A few issue back I mentioned a number of bogus spyware removal
utilities, many with names deceptively similar to well known
legitimate products. This site has a more complete list with
over 100 entries. Many of the "free" apps generate large numbers
of fake "infections" to alarm users into purchase. Others are
simply spyware applications. Proof positive that scumware comes
from scums.

** Additional Items in the Premium SE Edition **

- How to Speed Up FireFox
- Free Clip Art from Microsoft
- Legal BitTorrent Files You Can Download
- How to Test Your Email Security

Got some top sites to suggest? Send them to


A Mandatory Security Utility
Consider three things: First, the growing crop of unpatched
Internet Explorer vulnerabilities. Second, Microsoft's
announcement that they will not make available to other Windows
users the major IE security enhancements implemented in XP
Service Pack 2. Third, the successful public release of the
FireFox browser V1.0. Conclusion?  FireFox is now pretty much a
mandatory computer security requirement for current IE users not
using Windows XP SP2. Simple as that. If you haven't yet made
the change, do it now. You won't regret it. To help you, I've
just updated my FireFox conversion guide to take into account
the release of FF V1.0.

New Version of Free AVG Anti Virus
GriSoft has announced the release of version 7 of their highly
popular free AVG anti-virus program.  Improvements include an
improved scanning engine, better email scanning, an enhanced
interface, a userís support forum and more. Users of the current
version 6 will need to upgrade to the new version as signature
updates to the old version will cease on the 31st of December.
The new free version can be installed over the old version.

Sync FireFox Bookmarks with IE Favorites
Last issue I asked whether anyone knew of a utility that can
locally hot sync bookmarks between the two browsers.  Lots of
partial solutions were suggested but the most useful was from
subscriber ďMr BennĒ who suggested this FireFox extension that
will automatically update IE favorites when you close FireFox.
It's good solution for those who use FF as their main browser
but want to keep their IE Favorites up-to-date. Works well with
FF V1.0.  Recommended.

Free Utility Defrags Individual Files
FragExt is a little utility that allows you to view the level of
fragmentation of an individual file and to defrag it if
necessary. Operation is simplicity itself: just select a file
and right-click to see the options in the context menu. Ideal
for gamers looking for optimum performance and good, too, for
media files that skip due to disk fragmentation.  FragExt is
free but, as the author says, "it is a work in progress," so
remember to back up important files before using.  Freeware,

New Free Instant Messaging Client Impresses
I don't use IM but I know many of my readers do so I'll pass on
this suggestion from regular contributor Jeff Partridge. "Hi
Gizmo, I wanted to clue you and the rest of your readers in on
an IM service that has the potential to be something special.
Itís already got a good head start. The service is called Qnext.
Itís a universal IM client, but much more than that. It has
capabilities the established Big Five (MSN, Yahoo, AIM, ICQ, and
Trillian) havenít gotten close to including voice over IP,
unlimited file sharing and GotoMyPC-style remote access. The
entire service is free and will remain so, according to the
people who run it.  Itís very easy to set up the whole thing and
there are none of the annoyances of using things like Trillianís
free client. Donít believe me, see for yourself - head over to
their website and grab a copy of the client. You wonít be sorry!"
Freeware, Windows, Mac and Linux, 21.8MB.

Another Free Way to Free Up Your Desktop
Subscriber Pat Gibney writes: "Gizmo, here is a free program
launcher I've used for years and itís great!  Hides all your
program icons with re-locatable sidebars and takes only one
click to launch the program." Nice one, Pat. I particularly
liked the way the launch bars are invisible until you move the
curser off a screen edge. Makes for a nice clean look.  Free,

** Additional Items in the Premium SE Edition **

- A free utility that simultaneously loads all the images on a
  web page
- Top Rating Apple Utility now Available for Windows
- How to Transfer Music & Files from your iPod to your PC
- Free CoolWebSearch Killer Available Again
- How to Use Your 1GB Gmail Account for Free On-Line Storage

Got some top utilities to suggest? Send them to


MS JPEG DLL Problem Gets Serious
The predicted onslaught of trojans that exploit the infamous
Microsoft JPEG flaw has arrived. Users on vulnerable PCs may get
infected just by opening a hostile JPEG image. This extremely
serious flaw is so widespread in Microsoft and other vendorsí
products that you cannot rely on Windows Update alone to fix the

However, the highly reputable SANS institute is now offering a
free utility called GDIScan that will scan your entire PC for
any vulnerable version of the file called gdiplus.dll.

I ran GDIScan on my XP SP1 notebook which was totally up to date
with Windows and Office update patches and was shocked that it
found eight vulnerable copies of gdiplus.dll! This included some
unexpected locations such as the installation directory of my
FTP client WS_FTP Pro.

GDIScan works best with Win2K and later but will work with
earlier Windows versions if you are prepared to put up with some
occasional garbled output lines.

GDIScan does not fix gdiplus.dll, however.  It merely identifies
vulnerable copies. To fix the vulnerable files you need to
download the fixed version of gdiplus.dll from Microsoft and
manually copy over the vulnerable versions. As there are various
versions of gdiplus.dll you may want to check with product
vendors before replacing the file in a specific application. A
pain, I know, but it sure beats the alternative.

The fixed version of gdiplus.dll is distributed by Microsoft as
a small executable archive called the "Platform SDK
Redistributable: GDI+" and is available from the second link
below. Download the archive and unzip to an empty folder; there
you'll find the fixed version.
http://isc.sans.org/gdiscan.php  (7KB)
http://www.urltrim.com/ct/t.php?l=68 <= Short version of link above

Another Serious Unpatched Internet Explorer Vulnerability
Surprise, surprise, another buffer over-run flaw in IE. US-Cert
has warned of this particular flaw that could allow a userís PC
to be compromised simply by opening a specially crafted html
email or visiting a hostile web site. Fully patched Windows 2000
and XP SP1 systems running IE6 are known to be vulnerable and
others may be affected as well. IE with XP SP2 does not have the
problem. Anti-virus companies have reported three new MyDoom
worm variants and two Bofra worm variants exploiting this
vulnerability. US-Cert say there is no complete solution.
Security firm Secunia suggests "use another product." (Sic)

Flaw in Word 2000/2002
Secunia has issued an advisory reporting vulnerability in
Microsoft Word, which can be exploited by malicious people to
cause a DoS (Denial of Service) and potentially compromise a
user's system. The vulnerability is caused by an input
validation error within the parsing of document files and may
lead to a stack-based buffer overflow. This can be exploited to
crash the process when the user opens a specially crafted
document. However, due to the nature of the problem, execution
of arbitrary code may potentially also be possible, though it
has not been proven. The vulnerability has been confirmed in
Microsoft Word 2000, but has also been reported in Microsoft
Word 2002."  Until the problem is fixed Secunia suggests users
only open trusted Word documents particularly on the Web where
documents "can be opened automatically in the browser, unless
the security level for the ĎInternetí security zone is set to
ĎHighí or the ĎFile downloadí setting has been disabled."

Phishing Exploits Easier in Tabbed Browsers
This article from The Register is a must read for all users. It
covers a number of important Phishing issues but for me the most
interesting is the way Phishers can open a Dialog Box from a
tabbed web session in another tab session. So imagine you are
doing your online banking while you have another tabbed session
open. The second session may be able to flash up a box in your
banking session asking you to re-enter your password.  Most
folks would fall for this. The problem has been fixed in
Konqeror and FireFox, but not Netscape, Avant and others. The
moral is clear: make a practice of only ever having one tab open
when using your browser for online banking or other high
security tasks.

--------------------- sponsored links -------------------------

The Best Windows Backup Software
Don't risk losing your vital data - backup often using a
reliable backup program. At this site we reviewed and rated
sixteen data backup products but only one get "editor's choice."

The Best SpyWare Detector
If you use Ad-aware or Spybot you will be surprised just how
many more additional malware products SpySweeper will detect on
our PC.  On top of that, its active protection will keep your PC
free from Adware, Spyware and other malicious products. That's
why it won the prized "Editor's Choice" award in PC Magazine's
massive March 2004 survey of anti-Spyware products. Try the free
evaluation copy and see for yourself.

The Best Remote Access Software
If reliability, ease of use and freedom from firewall problems are
important to you, then one product stands out from the rest. Read
the full review here:



How to Check That Your System is Fully Secured
Microsoft Baseline Security Analyzer (MBSA) is a free tool that
will scan your PC to identify any missing security updates as
well as some common security exposures. Originally designed for
corporate use, it works just fine on any Windows 2000 or XP home
machine.  Well worth downloading. 1.6MB

Missing That Coffee?
According to researchers at John Hopkins University, more than
50% of people can experience headaches, fatigue, depression,
nausea and worse if they don't get their regular caffeine fix.
In fact, the researchers are trying to get official recognition
to something we all have experienced; "caffeine withdrawal

PodCasting Takes Off
One of the things I really love about the internet is the total
inability of so-called experts to predict whatís going to
happen.  PodCasting is the perfect example. The idea: aggregate
audio with RSS from a variety of sources and store the results
on userís iPod style device. The result: a radio station that is
customized to your needs.  Simple, neat and kind of obvious but
who predicted it? More here:

PodCasting for the Rest of Us
I get a lot of the benefits of PodCasting by a far simpler
means. What I do is schedule my PC to regularly record, TiVo
style, a number of programs streamed over internet radio. The
material I record is mainly PBS style informative programs like
"All Things Considered" and geek stuff as well. The software I
use is a shareware product called Replay Radio which I selected
as the best of five similar products I tried. It comes with a
pick list of thousands of internet radio programs and stations.
All you have to do is click the programs you want, set the
record schedule and the MP3 record quality and then everything
else takes place automatically. You can then periodically
download all the recorded material to your MP3 player or replay
directly from your PC. Shareware, $29.95, 3.7MB.

Find That Canuk
Looking for someone in Canada? Go to this web site and type in a
name. If you are lucky, the address and contact details will
immediately come up.

Find Really Cheap Used Car Parts Quickly
Don't know a Canuk? Then find a spare auto part instead.

Make Your Windows System Run Fast
This site is a goldmine of practical information on how to keep
your Windows system running fast and problem-free. There are
separate sections for Windows 98 and XP with on-site hints and
tutorials and hundreds of links to other web resources. A lot of
material here to digest but you will be well rewarded.

** Additional Items in the Premium SE Edition **

- How to Easily Remove All Traces of Software from Your Registry
- How to Make Your Own Holograms at Home
- How to Fix Shortcuts That Don't Work
- A Great Free Solution to Emailing Large Digital Photos


How to Re-enable Non-Working FireFox Extensions

I've encountered this problem each time a new version of FireFox
is released. What happens is that some of my installed
extensions won't work with the new version. I've been told that
this will not be much of an issue now that version 1.0 has been
officially released but who knows. What I do know is that quite
a few extensions that worked with V0.9x or V1.0PR don't now work
with V1.00.

Of course, waiting for an update to the extension is the easiest
option but sometimes that can be slow in coming, particularly if
the developer gets caught up in some other project. Thankfully,
there are a couple of workarounds you could try.

The fact that an extension doesn't run under a new version of
FireFox doesn't mean it won't work.  Rather, it means it has yet
to be certified to work. That's a big difference. Many, in fact,
will work. All you have to do is fool FireFox into thinking they
are OK.

You can do this two ways. First, you can manually edit the setup
file for the extension to indicate that it works with the
current version of FireFox. The second way is to change the
version number in FireFox itself back to an earlier number. Note
that in this latter case we are not actually changing the
version, just what FireFox thinks is the version.

The first method is the probably safer of the two. Here's what
you do:

1. Open with a text editor the file extensions.rdf that's
located in the extensions folder within your profile folder. On
my computer that's located at:

C:\Documents and Settings\Ian\Application

2. Browse through the file until you locate the extension, then
find a line that reads something like em:maxVersion="0.9".

3. Use your text editor to change 0.9 or whatever value to the
current version of FireFox i.e. em:maxVersion="1.0".

4. If there is an entry which says  em:disabled="true" then
either delete the line or change the value "true" to "false".

5. Save the file.

6. Open FireFox and re-enable the extension.

The second method is a little simpler:

1. From within FireFox type "about:config" in the address line
and hit Enter.

2. Locate the line that starts "app.extensions.version". You'll
see the FireFox version number at the end of that line.

3. Change the version number from 1.0 to 0.9 or whatever was the
last version under which the extension worked.

4. Exit FireFox then restart and re-enable the extension(s).

Mostly you will find that your extensions will now work fine.
If not, just disenable them or reverse the above procedure.

Oh, one last hint. Check this site out as a source for the
latest versions of your favorite extensions:



The Best Free Anti-Trojan Scanner

In the last issue of the premium SE Edition of this newsletter I
mentioned that I had at last found a free anti-Trojan scanner
that was worth recommending. Well, I've decided that this
essential security product was too important not to mention to
my free edition readers.

Ewido is the best of a new crop of anti-Trojan programs. On my
recent tests over at www.anti-trojan-software-reviews.com, it
emerged as one of the few products that could reliably detect
polymorphic and process injecting Trojans that were totally
missed by anti-virus products like Norton and AVG.  No, it's not
as good as TDS-3 or Trojan Hunter but you get what you pay for.
You see, the free version of Ewido doesnít have a memory monitor
but the on-demand scanner is so good that you'll have no

The free version download is actually the same as the paid
version but after 14 days the memory monitor becomes non-
functional. I recommend all readers download the product and
scan their PCs weekly. I suspect you may be surprised at what
you will find. I've also included a link to my full Ewido review
for those who want to know more about the product prior to
http://www.ewido.net/en/  (2.2MB)

** Bonus Freebie for Premium SE Edition Subscribers **

A Free Utility that will Really Improve Your Computer Security

Most users are not aware that their PCs may be vulnerable to
infection even if they have anti-virus software and spyware
scanners installed. Thatís because these products are only
effective at protecting you from viruses, worms and trojans
already listed in their signature databases but offer little
protection to new malware products whose signatures are unknown.

The best way to detect these brand new threats (called zero day
exploits) is to use intrusion detection software (IDS).  This is
a special class of security product that detects malware trying
to get into your PC by its behavior rather than by looking for a
characteristic signature of fingerprint.  Any of you who use
WinPatrol are actually using a simple version of IDS.

These products are usually pretty pricey but unbelievably one of
the best is free for home user. Once installed on your PC it
keeps a watch out for any suspicious behavior such as programs
trying to modify your registry or add themselves to the windows
startup group.  It actually checks dozens of different behaviors
so many in fact that itís hard to see how an intruder could slip
past its eagle eye. Certainly it makes existing products such as
WinPatrol seem rather feeble.

There is cost though to this enhanced protection. IDS software
is noisy. It throws up lots of warning messages many of which
are related to the legitimate activities of genuine programs.

The latest version of this utility has some clever learning
functions built in that allow you to teach it the legitimate
activities on your PC. Although it starts out very chatty the
number of warning messages dies down over time.

If you are prepared to tolerate these warning messages then I
strongly suggest you install this impressive utility. It will
really enhance the security of your PC against hostile attack.
I have no idea how they manage to provide a software product of
this quality for free. I just suggest you download it while you

... full details in the Premium SE Edition of this newsletter.



Stop missing out on all this extra information! Subscribe now to
the premium "SE" Edition of this newsletter and immediately
receive the current issue containing nearly double the
information contained in this free edition. Get twice as many
great web sites, get twice as many top utilities and great
freebies. Get it now!

Use this link to subscribe online now:

Subscribe now and you'll not only get 12 monthly issues of the
premium "SE" Edition, you'll also get "Gizmo's Desert Island
Utilities" report outlining the very best software utilities on
the market, including many free products.

You'll also get immediate access to the current issue plus the
archive of all past issues of the SE edition of the newsletter
where you can catch up on the hundreds of great freebies you
missed in the free edition.

This month I'm giving away six Google Gmail invitations to new
subscribers to the SE edition.  They'll be allocated at random
but your chances of scoring one are real good. So if you have
been thinking of subscribing, now's the time.

Use this link to subscribe online now.


Support Alert is a free newsletter. If you liked this issue why
not email it to a friend.  Anyone can subscribe by signing up
online at http://www.techsupportalert.com/al_subscribe.htm.

Back Issues
A searchable library of back issues is available at:

If you no longer wish to receive this newsletter just go to
http://www.webelists.com/cgi/lyris.pl?enter=support.alert. Enter
your email address. No password is needed. You can then cancel

To change your delivery email address go to
http://www.webelists.com/cgi/lyris.pl?enter=support.alert. Enter
your old email address. No password is needed. You can then
change your subscription email address directly.

For lots more free IT newsletters see

Thanks too to A. Belile for proofreading this issue.

You can contact this newsletter by snail mail at: Support Alert
PO Box 243
Comstock Park, MI  49321-0243 USA

Content of this newsletter is (c) Copyright
TechSupportAlert.com, 2004

See you next issue

Ian Richards