Archive for February, 2009

Check out Technibble’s Computer Repair Utility Kit

Monday, February 16th, 2009

Here's a toolkit that should be installed on every PC geek's USB flash drive - Technibble's Computer Repair Utility Kit!

Loads of amazing tools all contained in a single download!

File Management

  • CCleaner - Cleans up Windows systems. Clears temporary internet files, cookies, history etc..
  • JkDefragGUI - An advanced defragging tool far superior to the built in Windows one
  • DriveimageXML - Hard drive imaging tool. Allows you to get a single file out of a whole image too
  • Explore2fs - Allows you to explore hard drives with Linux file systems
  • Double Killer - Finds duplicate files and deletes them
  • Deep Burner - CD/DVD Burning software
  • 7-Zip Portable - Archive creating and extraction tool. Can handle most compression formats
  • PC-Decrapifier - Cleans out the crap that comes installed on new brand name computers (Norton trials, toolbars etc.)

Information

  • Process Explorer - Allows you to view system processes
  • System Information - View lots of information about a system (specs, passwords, temperatures etc.)
  • ProduKey - View software cdkeys and serials
  • Autoruns - Autostart program viewer
  • HWMonitor - View hardware information
  • GPU-Z - Show video card information (chipset, bios version, shaders, memory size etc.)
  • Wireless Key View - Shows saved wireless network keys
  • TreeSize Free - Show how much space each folder on a system uses
  • Game Key Revealer - View CDKeys and Serials for popular games
  • USBDView - Allows you to list and manage USB devices (including devices that arent currently plugged in)
  • TrID - Identifies file types for extension-less files
  • Codec Installer - Finds and analyzes video codecs
  • Unknown Devices - Tells you what a “Unknown Device” in system properties actually is
  • GSpot - Video analyizer

Repair Tools

  • Norton Removal Tool - Removes Symantec products
  • McAfee Removal Tool - Removes McAfee products
  • LSPFix - Fixes broken Winsock entries
  • Dial-a-Fix - Repair Windows files and registries

Recovery

  • Recuva - Recovers deleted files
  • Restoration - Recovers deleted files
  • Photorec - Recover deleted/damaged files from Flash memory (like digital cameras)
  • DBXTract - Recover emails from damaged DBX files (like Outlook Express)

Network Tools

  • Wireshark - View network packets
  • Network Scanner - Scans the network for devices
  • Putty - SSH/Telnet/RLogin client
  • Network Stumbler - Wireless Network Scanner

Virus and Malware Removal Tools

  • Clamwin Antivirus - Virus scanner/remover
  • Rootkit Revealer - Detects rootkits on a system
  • Combofix - Malware finder and remover
  • SmitFraudFix - Malware finder and remover
  • RogueFix - Malware finder and remover
  • Hijack This! - Malware remover
  • SUPERAntiSpyware - Malware scanner and remover
  • Malwarebytes - Malware scanner and remover

Misc

  • Mozilla Firefox - Web browser
  • JavaRa - Find and remove old Java versions
  • Monitor Tester - Test monitors from problems
  • Dead Pixel Tester - Finds and fixes dead pixels on LCDs
  • ChkFlsh - Check flash drives for errors or test their real size (as fake ones appear on eBay)
  • Double Driver - Driver backup tool
  • SumatraPDF - Lightweight PDF viewer
  • Revo Uninstaller - Advanced application uninstaller

Tweaks

  • TweakUI - Windows XP tweaking tool
  • VistaTweaker - Vista tweaking tool

Scripts

  • Quickly Make a System Restore Point - Makes restore point
  • Reset Network - Releases/Renews IP and flushes DNS
  • Clear Printer Spooler - Clears stuck print jobs from spooler
  • Stop Automatic Updates - Stops “Windows has installed updates, restart now” dialog temporarily
  • Start Automatic Updates - Switches it back on

(via TechBlog)

Cat-vertizing F.E.A.R. 2

Friday, February 13th, 2009

One of the oddest things I've seen in a long time:

Shamelessly branded a ‘cat-vertising campaign’, the scheme will see the specially trained black moggies sporting F.E.A.R. 2 cat clothing, and then roaming the streets of London. The idea, according to Warner Bros, is that the creepy kitties will ‘capture the attention of superstitious passers-by,’ as Friday 13 is famous for its supposed bad luck and a black cat crossing your path was listed at number 5 in a recent survey of Britain’s superstitions and signs of bad luck. Friday 13 was listed at number 3, while breaking a mirror was listed as the number 1.

I'm not sure which is scariest ... the idea of trying to put one of those suits on my cat (I really don't fancy it since I only have two eyes and replacements are pretty hard to come by) or the idea that a bunch of ad folks sitting in some smoke-filled room somewhere giving this idea the go ahead ...

That said, I couldn't resist adding a caption to one of the images:

FEAR 2 cat ad

🙂

February’s Patch Tuesday

Thursday, February 12th, 2009

Some important patches from Microsoft for this month.

Critical:

  • Cumulative Security Update for Internet Explorer (961260)This security update resolves two privately reported vulnerabilities. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
    This security update resolves two privately reported vulnerabilities in Microsoft Exchange Server. The first vulnerability could allow remote code execution if a specially crafted TNEF message is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could take complete control of the affected system with Exchange Server service account privileges. The second vulnerability could allow denial of service if a specially crafted MAPI command is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could cause the Microsoft Exchange System Attendant service and other services that use the EMSMDB32 provider to stop responding.

Important:

  • Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420)
    This security update resolves a privately reported vulnerability in Microsoft SQL Server. The vulnerability could allow remote code execution if untrusted users access an affected system or if a SQL injection attack occurs to an affected system. Systems with SQL Server 7.0 Service Pack 4, SQL Server 2005 Service Pack 3, and SQL Server 2008 are not affected by this issue.
  • Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634)
    This security update resolves three privately reported vulnerabilities in Microsoft Office Visio that could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Everything you wanted to know about Conficker worm …

Saturday, February 7th, 2009

... but were afraid to ask!

Microsoft has put together two pages all about the Conficker worm. One page aimed at home users and another for IT pros.

Here are the highlights:

Protection

  1. Apply the security update associated with MS08-067. View the security bulletin for more information about the vulnerability, affected software, detection and deployment tools and guidance, and security update deployment information.
  2. Make sure you are running up-to-date antivirus software from a trusted vendor, such as Microsoft's Forefront Client Security or Windows Live OneCare. Antivirus software may also be obtained from trusted third-parties such as the members of the Virus Information Alliance.
  3. Isolate "unpatched" or legacy systems using the methods outlined in the Microsoft Windows NT 4.0 and Windows 98 Threat Mitigation Guide.
  4. Implement strong passwords as outlined in the Creating a Strong Password Policy whitepaper.
  5. Disable the AutoPlay feature through the registry or using Group Policies as discussed in Microsoft Knowledge Base Article 953252.
    NOTE: Windows 2000, Windows XP, and Windows Server 2003 customers must deploy the update associated with Microsoft Knowledge Base Article 953252 to be able to successfully disable the AutoRun feature. Windows Vista and Windows Server 2008 customers must deploy the security update associated with Microsoft Security Bulletin MS08-038 to be able to successfully disable the AutoRun feature.

Removal - automatic

  • Manually download MSRT on to uninfected PCs and deploy to infected PCs to automatically clean infected systems.

Removal - manual

This seems like a lot of work to me but if you're really stuck this might be your only hope.

Beware of rogue game mods

Saturday, February 7th, 2009

One of the perks of playing PC games as opposed to gaming on a console is that you can extend the life of your game through the use of mod packs and add-ons. Games such as Crysis have had their lifespan extended dramatically thanks to a large and well-organized modding community. However, be aware that not all modders are filled with good intentions!

Take for example a modder that went by the name of Xpro132 on the Stream forum. This person was claiming to have tools that gave players access to cool new content in the game Left 4 Dead, but what the people installing these tools got instead was nasty malware.

Fortunately, malware attacks life this are both rare and short-lived since it's not long before forum members become wise to what's going on, but by then quite a bit of damage has been done.

My tips for safer game mod downloads are as follows:

  • Download mods from reputable sites and forums only - these are generally well policed by moderators and do-badders are usually shown the door quickly.
  • Spend time getting to know the modding community before downloading. Find out the people who are known for previously making good mods.
  • Be cautious of newbies making extravagant promises!
  • Let other people download mods first and provide feedback ... I hate to say it but good security sometimes involved finding a greater fool willing to take a risk.
  • Scan everything with a good antivirus scanner. Additionally, send a copy of the file to Virustotal for a thorough scan.
  • If in doubt, don't download and install a mod.