grand stream dreams: July 2008

Keeping Claus Accountable

Yes…as evidenced by the high-volume posting today, I do have the odd-day off.

Alvis is off baby-sitting her cousins and Lavie is at work making the world a better place.

I’ve been making some good progress on whittling down my “to-blog” pile of topics, but I still have a number of more involved (read that “lots of links”) posts to kick out.

So, in an effort to hold myself accountable and not just give up posting them, here is a teaser list.

Slipstreaming XP SP3
Sysprep and XP SP3
USMT-GUI’s (that’s Graphical User Interface tools for Microsoft’s User State Migration Tool)
Super-Duper list of Windows process management utilities
Super-Duper list of Windows auto-start item management utilities
Just a Duper list of recommended third-party program launchers for Windows
A cornucopia of freeware RSS readers (standalone and browser integrated)

Oh yes. One more.

What feels like a magnum-opus worth of linkage and stuff related to multi-core CPU support and tid-bits for Windows (XP/Vista).

No promises on a time-line, but maybe much of this will get composed and posted by the end of August.

Working for you while using my earned vacation leave….it’s the Valca way!

Cheers!

--Claus

Microsoft Windows: Second Dump, Good as the First

CC Photo Credit: by Choctopus on Flickr

Here are even more recently collected links of a Microsoft Windows nature.

Lots of good stuff here.

Sorry about your sidewalk…

Sysinternals Specials

As previously mentioned, all you hard-core Windows desktop support freaks must take some time to watch this awesome TechNet video presentation: "The Case of the Unexplained..."

Hear Mark Russinovich, the master of Windows troubleshooting, walk you through step by step how he has solved seemingly unsolvable system and application problems on Windows. With real case studies, Mark will show how to apply the Microsoft Debugging Tools and his own Sysinternals tools, including Process Explorer, Process Monitor, and Accesschk, to solve system crashes, process hangs, security vulnerabilities, DLL conflicts, permissions problems, registry misconfiguration, network hangs, and file system issues. These tools are used on a daily basis by Microsoft Product Support and have been used effectively to solve a wide variety of desktop and server issues, so being familiar with their operation and application will assist you in dealing with different problems on Windows.

I thought it was well-worth the time I took to watch it.

Want more Mark Russinovich troubleshooting goodness?

The Case of the Random IE and WMP Crashes – Short look on how a video driver caused crashes in Windows Media Player.

The Case of the System Process CPU Spikes – More on Kernrate utility usage and Process Explorer helped Mark to track down a rogue network interface driver.

Pushing the Limits of Windows: Physical Memory - “Pssst. Buddy. Want to see a picture of a system running 64-cores with 2 TB of system RAM?” Then goes into discussion on Windows memory usage and just how much should be enough. Nice technical look.

Autoruns - (freeware) – has gotten some recent version updates to fix some bugs and enhance performance on 64-bit Windows systems.

Windows Mods

6 Things You should Download after Getting Vista - MakeUseOf.com – Light and pleasant selection of “to-do’s” with your new Vista system. I’ve actually done most of these already.

Reinstall Windows and outfit your system with all freeware programs - freewaregenius.com – Quite a selection (sometimes controversial) of freeware programs to add to your Windows system. I have to confess I have quite a few of them already and can vouch for the list choices in general.

Bits from Bill: Windows Update Swaps Dual Monitors – Bill gets hammered by a mis-behaving Windows update. Dual monitors don’t cooperate as expected.

How to customize the new Tools tab that is available in the System Configuration tool (Msconfig.exe) in Windows Vista – Microsoft KB954385

Useful Geek Tricks: Create a Custom System Administration Panel in Windows XP or Vista – How To Geek. Awesomely illustrated tutorial on making a custom Admin Panel in XP or Vista.

CyberNotes: Creating Advanced Desktop Shortcuts in Windows – CyberNet News – Great guide to making some “power-shortcuts” on the desktop. Many advanced Windows users will know this stuff but some progressing newbies might not and could find it helpful.

Key Microsoft File Download Locations

I’m posting these here because I can’t ever remember when to download them from Microsoft and I have a billion bookmarks already in my work machine’s browser.

Windows XP Service Pack 3 Deployment Tools – This is the Sysprep cab file for XP SP3 support.

Windows XP Service Pack 3 Network Installation - This is the download location to get the full XP SP3 installer package.

Office Update: Get additional Office updates – Click this link in IE to run the process to look for Microsoft Office updates.

DiskPart Stuff

In using ImageX to capture and apply images at work and home, part of the process involves prepping the hard-drives before I can put an image back on the system. For this I now turn to DiskPart as part of the WinPE 2.0 boot disk that I use.

Generally it simply comes down to this:

Boot your target system with your Win PE 2.0 disk.
Either partition the drive accordingly (if "naked") or format the boot partition.
Assuming you have the bare-drive ready, create an active partition. In the command-line interface start typing and press <enter> after each line (assuming you don't get any errors.

Diskpart
select disk 0
clean
create partition primary
select partition 1
active
assign letter = C
exit

What we have just done is ran the diskpart utility, selected the master drive (0), cleaned it, created a primary partition on it, selected it, set it to be the active (boot) volume, assigned letter "C" to it, and jumped out.
Now we just format the active partition that we created above. Type the following and <enter>

format C: /fs:ntfs /q /y

Now your drive is formatted with NTFS and ready to go!

However, in there, did you notice the “clean” command?

As we used it here, it simply removed the existing partition/volume formatting information from the in-focus disk by zeroing the sectors for the MBR/GPT and any hidden information on that MDR disk.

However if you use the “clean all” command every single sector on the drive is zeroed out and the data on the drive is deleted. While not quite a fully secure Disk-wiping solution, it is probably effective enough for prepping the system if kept in-house and before issued to another company employee with a new image application.

For more command-line goodness: A Description of the Diskpart Command-Line Utility – Microsoft.

Internet Explorer 8

IE8 and Reliability – IE Blog team.

Looks like IE 8 is going to have some more internal bells-and-whistles for stability control. This post goes into new features such as browser component isolation, automatic crash-recovery for the browser, and improved error reporting.

Processes started are reduced to one at initial launch, and each tab session gets it’s own process to isolate web-sites from each other.

Sounds intriguing.

--Claus

Microsoft Windows: Dump Load #1

CC Photo Credit: by Choctopus on Flickr

For better or for worse, Microsoft’s Windows systems just seem to have a wealth of details about them that most people can blissfully avoid to no loss.

However, for a few geeks and OCD tech-addicts, it can create a world of entertainment and work.

For example take the following Windows-related links I have been collecting and sitting on for the past three to four weeks.

Surely someone might find some of them as fascinating as me:

Security Briefs

Microsoft’s TechNet Magazine always has at least two or three great articles or tidbits for consumption.

For example:

Security Watch: Passwords and Credit Cards, Part 1 by Jesper Johansson.
Security Watch: Passwords and Credit Cards, Part 2 also by Jesper Johansson.

Both posts provide great insight into password and web security such as great security advice that most all users will ignore (use a different and “complex” password for each site). don’t write them down, “bad” security login designs, that image-based site validation schemes don’t really help make a site more “secure” for users, multi-factor login weaknesses, and how just because a site “looks” secure in its security presentation, it isn’t necessarily the case.

Good stuff and not too difficult to follow.

Then there is the technically useful:

Security: New Elevation PowerToys for Windows Vista – This post has some links to helpful tools to simplify the “Run As Administrator” action for Vista. A number of popular scripting tools are mentioned, along with code to work with them. In addition, the author Michael Murgolo provides a new “Run as Another User” Power Toy.

What? Stay with me! It’s clever!

Suppose you (like me) normally run your Vista system under a “administrator” rights profile (not the “Administrator” account. While that affords you more power, it still offers some protection as some actions still require use of “Run as Administrator” to operate correctly or UAC will knuckle it down.

This “Run as Another User” tool lets you execute a program, while running as an “administrator” but with the reduced rights of another user profile configured on your Vista system. Say you have to use the “administrator” profile to do some network monitoring, but you want to hop on the web why a network logging process runs. So you also have a “regular” account on Vista. Fire up your web-browser but use the “Run as Another User” to launch it under the limited-rights account.

Neat!

Not only that, Michael provides some additional hacks to add some more Power Toys to the shell that allow you to do “open-here” PowerShell prompts as “Administrator” and “System” account users, as well as similar command prompts for “Administrator” and “System.” Finally there is a Vista Sidebar Widget that can accept drag-n-drop execution rights elevations.

(Almost) All code download is available via a link at the very top of the post in the “At a Glance” section. Look for the Elevation2008_06.exe link.

ShellRunas – Sysinternals GUI rights elevator/de-elevator for XP, Vista and Server 2003/2008.
Quickpost: Restricted Tokens and UAC – Didier Stevens

Moving on we also find the following bits:

Security: Managing the Windows Vista Firewall – which covers Vista firewall rules, profiles and kicks up a considerable amount of sand with mention of “out-bound” filtering that Microsoft’s firewalls are often disparaged for a lack of attention to by default.

Finally, want to make your head spin?

Security Watch: Principles of Quantum Security – Heisenberg Uncertainty Principle and some dude’s cat-in-a-box lurk here.

Desktop Dirt from Wes

If security wasn’t enough, how about these?

The Desktop Files: Network-Booting Windows – While touching primarily on Windows Deployment Services (WDS), the article by Wes Miller does go into great detail on the Windows PXE environment which is of interest to me with my fascination in Windows PE 2.0 usage.

The Desktop Files: Dual Booting with Windows XP and Windows PE 2.0 - Yep! Even more good stuff on PE 2.0.

The Desktop Files: Shared Computing with Windows SteadyState – I’ve mentioned Windows SteadyState before and am looking to deploying it at our training and “guest-user” locations. Wes has some great details in that post.

Digging Even Deeper…

I’m not sure what got me on this track, but somehow I recently got on a web-researching expedition on the Microsoft Kernrate Viewer.

Oh yeah! I was watching Mark Russinovich put it through the paces in this The Case of the Unexplained…Live! webcast. Go watch it. Great on dealing with and approaching suspicious (malicious) processes on a Windows system.

Again, I’ve mentioned in passing here before on my blog but only recently in that video presentation did I get a better grasp on how it could be helpful.

Kernrate is a general-purpose profiling tool for tracking CPU utilization by kernel-mode and user-mode processes.

Download details: Kernrate Viewer (KrView) executable and documentation – Microsoft Download Center

Its a deep-level tool that can be used to log and capture what is going on with your processor as it is working. Good to look deeper into running processes when Process Explorer isn’t enough.

Odd's and Ends

Just some potentially useful linkage from this week. Doesn't really fall anywhere in particular.

IKEA Instructions - IKEAFANS - Lost your IKEA product construction booklet? Look no further! Spotted via Lifehacker.

Colorful Animation Expressions: Color in 101 Dalmatians: an introduction and Color in 101 Dalmatians: 1. Home Sweet Home - Oswald Iten is taking a graphic artist's look at the production design and decisions on one of my most beloved Disney "Classic" films. Expect followup posts. This looks to provide a really fascinating examination of color, staging and animation design. Spotted via Drawn!

Your laptop is lying to you - Dan's Data. How battery life and signal strength are just relative now-days and may not actually be as helpful as you wish. Sure puts the whole AT&T: More Bars in More Places' campaign in a new light....

Google LatLong: New, blue, and better than ever - Google Maps got some micro-format updates this week. Kinda like looking for Waldo to find them: Google Maps Cleans Up Its Act, and Google Maps Redesign Rolled Out.

Tweak: Fx 3 Address Bar - Firefox Extension Guru’s Blog and Understanding & Tweaking the Firefox 3 Address Bar - CyberNet News. - Great tips and tweaks on taming the newest features in Firefox 3's quirky address bar. What you don't know might indeed make you less effective.

--Claus

Filed: Here we Go Again

Remember this recent imbroglio?

Yep. How can the web-o-sphere forget?

Doh! Silly me. It's the web-o-sphere!

Symantec debuts Norton Safe Web public beta plug-in for NIS - Ars Technica

Hopefully they will avoid the mis-steps that put AVG into the ropes for a while.

It certainly appears to be a bit less intrusive while providing more information on why sites were blocked or received a warning notice.

I say, just stick with a more modern web-browser, run a HIPS type application, maybe a now-tamed anti-virus solution and ditch these "helpful" safe web searching tools for now. See the bottom of this GSD post for more Windows configuration security links and options.

At least we also get (to Symantec's credit) another URL-Link checker to add to our list.

Norton Safe Web, from Symantec

Leave it to Symantec....

Sigh.

--Claus

Welcome, Firefox Shiretoko

I've just recently covered the Mozilla Nightly release differences:

Resolving a “Nightly” Firefox Issue…

And in there mentioned the releases known as Minefield, Gran Paradiso, and Bon Echo.

I also noted these differ from the Mozilla Release Candidates (RC) alpha and beta builds.

Well guess what? Mozilla just released a RC version of Firefox called Shiretoko.

I briefly mentioned this release back in June;

Firefox 3.1 (Shiretoko) planned features draft - Mozilla Links. It is probably right around the corner when we will be seeing the final release of Firefox 3.0. So what next? New project is to be called "Shiretoko" after the Japanese national park. Planned are a visual tab-switching feature and visual thumbnail version of list all tabs. Places might get some more improvements and some code handling refinements.

So if you are interested and want to play with this build, here are some useful resources:

Firefox 3.1 Alpha 1 now available for download - Mozilla Developer News

Shiretoko / Gecko 1.9.1 Alpha 1 introduces several new features:

Web standards improvements in the Gecko layout engine
Text API for the <canvas> element
Support for using border images
Support for JavaScript query selectors
Several improvements to the Smart Location Bar
A new tab switching behavior

First step to Firefox 3.1: Alpha 1 is here - Mozilla Links

Firefox 3.1 Alpha 1 Download - CyberNet News

Firefox 3.1 Introduces More Address Bar Improvements - CyberNet News

Want to play with it but not damage your already installed "stable" version of Firefox on Windows?

Just follow the steps referenced in this GSD post under Class Two - Home Brew to make your own "custom" standalone Firefox Shiretoko build. If you want to be even quicker, go directly to this GSD post: Build your Own: Firefox 3 (alpha/beta) Portable

Piece of cake. Then go to see what the (very little) fuss is all about.

To me Shiretoko tastes a lot like a Twinkie®; looks good and is quite comforting, but otherwise mostly just sweets for now.

Don't forget; this is "Alpha" software so I don't recommend most mortals attempt to install it as a replacement for the latest stable public release of Firefox. Your Add-on extensions will likely not work either without some hacking.

--Claus

Not "Cuil" just yet

This week Cuil launched with attempts at great fanfare and relevance.

Yawn.

Cuil is yet another search engine that attempts to unseat the Google monolith which continues to beckon and confound the apes, even as it inspires them.

Want to add it to your Firefox searchbar? Drop in over at this Mycroft page for Cuil and load it up. Or just visit the Cuil website and select the drop-down arrow on your search-bar icon to add it from there.

My own use of it has seen mixed results.

It certainly does provide a different "perspective" on search results, but that's not what I'm after.

I want to put in a range of search-terms and have a bazillion choices to pick from with my own custom embedded search engine results processor doing the relevancy algorithm calculations.

See Cuil Fast Test - Relevancy Isn't A Google Killer - Search Engine Land
Cuil shows us how not to launch a search engine - Webware blog
Cuil Violating Google Webmaster Guidelines? - Google Blogoscoped

A search for Grand Stream Dreams on Cuil finds a number of blog pages along with some curiously cross-linked websites. Don't even get me started on the bizarre assignment of images to the posts (they have nothing to do with each other in many cases).

Oh, and try entering any search using more than a few words and you get nothing.

A search on Cuil for 100% CPU Throttling on Windows results in no matches. Not helpful.

The same thing on Google results in 90,300 matches. Very helpful.

Nice try guys; Cuil could really be something chill, alas for for now it's not quite.

Better get back to that optimization and relevancy work....

And ditch the silly non-associated images while you are at it..mkay?

--Claus

Chron.com Blocking AdBlock Plus Extension for Firefox? Yep.

Update:

Chron.com TechBlog editor Dwight Silverman verified that the story pages at chron.com have recently been redesigned. It is very likely that these page-code changes are what rendered the story pages un-viewable in Adblock Plus.

Wladimar posted a comment that he was not seeing any issues in his Adblock Plus build.

On that information I went to Rick752’s website for ABP and manually downloaded the latest filter subscriptions for Adblock Plus and installed them. Then I removed the custom "allow chron.com" I had applied to test the new set. That “fix” worked fine and chron.com’s story pages are now loading normally again.

I also hope the tone of the post didn’t leave readers under the impression that I felt that chron.com was intentionally blocking ABP users from seeing their story pages. While that is certainly technically possible for webmasters to do, most do not and it is not my intention to suggest that chon.com was doing so. In any event, I depend on chon.com and were I to have to view all their ads, it would be a small price for the great content they provide for free.

The particular reason I even bothered to post this micro-adventure what that I felt that if I was having issues…certainly others would be as well, and this might be helpful to them as they try to search the web for a solution.

Finally, Adblock Plus should (by default) look to download new and updated subscription lists. It looks like for some reason my Firefox/ABP combo hasn’t been doing that. That will need to be a post for another day. So for now, I will be adding periodic manual updates to my list of Firefox maintenance activities.

--Cheers! Claus V.

I have a routine I follow when I sit down at my computer browser. It’s almost as bad as a superstition-loving baseball player.

I fire up my nightly-release of Firefox (Gran Paradiso), check for new nightly updates along with any Add-ons that may have been updated and apply them, then restart the browser.

I then fire up NewsFox and get it pulling down any updated posts from the 80-110 RSS feeds or so.

While that is going on, I open another tab and check chron.com, TechBlog, and cnn.com. I comb each one carefully for any stories or posts that might be useful news as I go about my day. Then I turn to sorting through the NewsFox RSS feeds.

Only just this past week I began running into issues at chron.com.

The Symptom

I could load the main page of chron.com with no issues. I could also load and view all the chron.com blog pages with no issues.

However, any news-story that I selected a link for resulted in a completely blank page.

Nada.

No 404 error displayed, the URL was fine and the Firefox browser status bar reported the page-load was done.

Since I use Firefox nightlies I figured something was “broke” in the code causing this strange behavior. I was seeing it on all my systems with Firefox nightlies (Vista/XP Home/XP Pro).

I figured it would be fixed soon enough, but it wasn’t.

So last night in frustration of needing to see a story that was really important, I opened up my Opera browser and went to chron.com and then the story-link.

Guess what?

It loaded just fine.

Hmmmm.

Troubleshooting and Fix

So this morning I got to work looking at the issue.

I should have loaded up a packet capture tool and gone full-tilt but I was still sleepy.

I opened up Firefox to chron.com and began thinking through the issue.

Something was causing the article pages not to load. Usually that is a cookie issue. So I first confirmed that I didn’t have any cookie blocking going on. (I usually accept all cookies, then cull out the “nuisance” crumbs on a weekly basis.)

Next up was the NoScript extension, often known to cause some page loading issues. However, when I checked, NoScript had retained my settings to allow all scripts on chron.com.

So I then turned my attention to Adblock Plus. Unlike NoScript, this one usually doesn’t demand hardly any user interaction. Install it, load a “subscription” file and forget it.

So for kicks I disabled it.

Guess what?

All the article pages at chron.com now loaded.

So I re-enabled it, confirmed that the pages were not loading again, then right-clicked the icon for it in my status bar and selected the option to “Disable on www.chron.com” and the red “ABP” icon changed to green.

All my chron.com pages are loading normally again.

Fixed.

No beef with me. I really like and depend on chron.com so it's an acceptable trade-off in my book to disable AdBlock Plus for chron.com.

Just wish it would have been easier to figure out. I wonder how many other users are getting frustrated with their system/browser/chron.com webmaster because article pages suddenly are no longer loading for them....

Poking a Sleeping Dragon with a Stick….

All this reminds me of the big "to-do" that made the web-rounds last fall in regards to Firefox users and their penchant for Add-ons that block ads and other banner-media.

User of the programs (like me) generally say that we use such tools to block annoying banners, improve download speeds for content we do want, preserve or lower bandwidth consumption, and to protect our systems from hostile JavaScript code as we surf the web.

Web-masters generally complain that this results in a loss of revenue due to removal of click-through ads, un-lawful modification of their web-page design and presentation, and runs the risk of leading to the collapse of their free-content-for-ad-sponsorship business model.

At the moment, it is probably a small (but growing) number of more sophisticated web-users are using ad-blocking extensions such as this. However, these solutions are slowly creeping into the mainstream and more "non-technical" mom-and-pop users are taking notice and using them as well.

Factor in the latest upcoming round of fourth-generation web-browsers that promise more secure web-browsing functions -- such as the Opera 9.5 browser, Internet Explorer 8 Beta, and Firefox web browser 3.0 --all now provide anti-phishing/anti-threat site protection to varying degrees. Many more improvements are due in the next IE 8 beta release version. These may also impact the ad/script-based web-o-sphere.

I believe we haven't yet seen the real battle yet on this web-front.

So What I'm Saying Is...

Firefox users should continue to make their web-browsing sessions as safe and enjoyable as possible.

That means (to me) still installing the following extensions, at the minimum.

NoScript - Set for full Friday-night smackdowns.
Remove It Permanently - For sniper-precise permanent takedowns of extra web-page material.
Adblock Plus - configured for full-phasers on by adding in Rick752's three filter "subscription" lists.

For even more Firefox web-browsing security, take a look at this list with some of the above and a few extras:

8 Firefox extensions towards safer browsing - tssci security

CS Lite - cookie handler
FoxyProxy - proxy handler (I prefer and use PhProxy instead.)
LocalRodeo - DNS support watcher
RefControl - control "referring" information sent to websites
SafeCache - sandbox web-browsing cache cross-tracking
SafeHistory - sandbox web-browsing history cross-tracking
Firekeeper - IDPS and XSS protection (not FF 3.0 compatible--too bad!)

--Claus

Urban Adventuring - II

I was over at the iconFactory pulling down a cool wallpaper called Indy's Desk.

It is a great desktop that has some nice retro-feel vibes to it.

While you are there go ahead and also pop-in at their Indiana Jones home page. It is loaded with icon packs from the series. Make great stock RocketDock icon replacements.

All this adventuring got me looking for some new urban-adventuring websites.

opacity.us - Abandoned Photography and Urban Exploration has always been my hands-down favorite. I think it is due to the quality of the photography. While there haven’t been as many recent posts of late, trips into the Eastern State Penitentiary and the Worcester State Hospital are more than worth-while.
Lab-Wan also has a collection of interesting sites and photography. High-quality.
Illicitohio.com is a bit rougher in the photography scale, but more than makes up for it in the unusual locations. I’m not sure how, but somehow I ended up on this site (and this post) when I was following a link-to on Mike Tyson's former home. What seems so fascinating to me is the condition of the home and items still remaining in it, and that it was able to be breached. The exterior looks pretty cool and interesting, but the scale of the interiors just seems so cold and large. It seems to be a place to make even the biggest men seem quite small.
Dark Passage: Exercises in Forensic Archaeology – quite a collection here. I wish there were more photos-per-location, but the quality of them is very good and artistic.
abandoned places – The website is as much mystery as the locations captured. Just have fun and click around. You will get it down pretty fast.
Abandoned – lots of black and white photos of buildings and industry in Moscow. The scale of the abandoned and uncompleted structures is amazing.
Urban Exploration Database – Very well organized and photographed. I spent more hours that I care to admit looking at this site’s showcases of decay.
Modern Ruins Photographic Essays - Shaun O’Boyle – This is more of an “old-school” website, but it really accentuates the drama of the locations captured. There is a great variety of locations here, from Cape Canaveral to boatyards to mills. All good and haunting. Tip, don’t give up on the first page. Scroll to the bottom of the photo-gallery and click “next”. Often there are multiple pages per location lurking. Shaun has a great eye for detail.
out of site - Similar presentation to Shaun's site above. More color. For a good sample take a look at the southern railway freight depot gallery. I've seen more than a fair number of similar buildings here and there in small Texas towns.
Infiltration.org was/is a magazine based on covering just such locations. I believe they are currently not actively publishing, but you can still get books via Amazon.com Anyway, they provide great material and organization for more linking. For example, Infiltration: Texas has links to locations in and around Texas that are fun to explore (via the web). They also have Infiltration - North America for links to places in other states as well. Full of additional resources, tips, and ideas if you are thinking on taking more than a Web-observer's viewpoint and getting you own feet dirty in this hobby.

Wonder what our place will look like a hundred years from now....

--Claus

Sunday Linkfest…brought to you by Wordle

GSDWordle

It’s a Wordle Thing…

The above graphic was created by Wordle Logo. An amazingly fun site for word lovers of the web.

Feed it some words, text, URL or other material and away it goes!

The amount of tweaking and customization possible is crazy. Change your fonts, change your layouts, change your colors.

Like it alot? Post it to the gallery to share with others.

Very fun and addicting. Spotted via MakeUseOf.com

USB Pinouts

Wonder what those USB pin-outs mean? Daily Cup of Tech » USB Pinout brings you all the pinout madness you could want. Most folks today just buy a new cable when needed, but a few actually would hack around and make their own (or modify them).

New and Improved….

Sun announced this week that its Java SE 6u10-b28 build version is now available for download.

Minor changes only. I use this version along with the public release version of Java SE as it supposedly brings tighter integration and performance with Firefox 3.0 and Opera 9.5 builds.

AM-DeadLink - (freeware) – is used to check web browsers for dead-bookmarks as well as snatching back favicons. This new version now supports Opera 9.5 favicons and some IE favorite quirks. Alas, it still cannot handle the SQLite bookmarking files that Firefox 3.0 now uses. Too bad.

SIV - System Information Viewer - (freeware) – now updated to version 3.32. Added more processor support, Wi-Fi reporting on XP systems, and Machine page enhancements for systemboard provided probes.

CPUID - (freeware) – also got updated. Great and mini application to get fast data about memory, CPU and other key system components and settings. This version brings more processor core sensing support. While you are there, consider grabbing their excellent benchmarking tool; PC Wizard 2008.1.85.2

Flexense - FlexTk File Management Toolkit - (freeware/$) – 4sysops recently reviewed this new “advanced file management” toolkit and I’m just not sure what to make of it. It certainly really seems to offer a number of very targeted tools and features for file-management jockeys. It’s compatible with Vista/2000/XP system. You can do file searches as well as classify and organize items. Lots of file sync features. You can move data around. Review your storage media, do advanced file copy, look for duplicate files, clean up disk-space, and even more…especially in the paid versions.

MD5 Picks

MD5’s are specialized hashes that are (practically) singular in identity. File and PC geeks generate them so that others can compare their own MD5 hash values on a file to see if the file is identical or not. It’s a good way to validate that you got the downloaded file you were expecting.

AVG Anti-Virus 8 sets an MD5 value on files you indicate and if the file is replaced, the MD5 will be different and AVG will alert you to that fact.

For daily use, I normally just use the MD5 utility built into FreeCommander. But it is a bit limited and there are times when I want a more robust and flexible MD5 tool.

Here are my choices. All are USB portable:

HashMyFiles v1.36 - (freeware) – Nirsoft does it best, as usual. Just drag-n-drop your file onto the window and away it goes. Sort on any column. Makes it very easy to visually compare multiple files/MD5’s. Tiny and perfect. Can also be enabled to run via the Windows Explorer right-click shell menu.

Hasher by Denis Kozlov - (freeware) – Another great and portable choice. This gem brings in extra power by supplying a number of additional hashing algorithms if you feel MD5 is just passé. Has the ability to compare one hash result to the next file hashed. Again very useful.

Robin Keir's Hash - (freeware) – Pretty simple interface. Just drag-n-drop onto the window, or browse for single/multiple files. Select which items you wish to generate in your report, and that’s it.

MD5 GUI for Windows - (freeware) – Tiny and nice. Select what you want to do (generate or check) and drag-n-drop the file onto the window. The action will process. If you wish to then check another, select the check option, then drag-n-drop the file for comparison. Little icons are generated to help sort out the differences if they exist.

winMd5Sum Portable - (freeware) – For plain-and-simple generation/comparison, this is pretty good. drag-n-drop or browse the file to calculate. Then if you have a published MD5 hash, you can copy/paste it in as well and hit compare and it will tell you if the file you downloaded is the same as the publisher says it should be.

--Claus

UnderT’s Do Matter!

Ever since my parochial-school days, I’ve worn a t-shirt under my outer shirts.

In junior-high through college, it was almost always a branded t.

When I got out of college and started working, I upgraded to the traditional men’s white crew-neck t-undershirt. I just don’t feel put-together or presentable without wearing one now.

Maybe it’s as much a psychological thing as it is a comfort and style thing….anyhow….

I’ve tried other styles and cuts but the v-necks and tanks always left me feeling like I was this guy.

So I’ve been wearing my Hanes crew-neck t’s every since. (And Lavie and Alvis have been stealing them for night-shirts!)

Only one winter I started wearing a mock-turtleneck short-sleeve shirt under my polo’s for a bit of added warmth. I really liked the style. Reminded me a bit of Tiger with the higher undershirt collar.

Only during the summers and then, it is just too hot with the heavier cotton.

So my options seemed a bit limited.

I could go with a the UnderArmor line as their necks are a bit higher, but paying $20 a pop or more per "undershirt" seems a bit high, especially when I would need seven or eight of them.

So I got searching the web for options, certainly there were a lot of baseball gear mock turtlenecks out there, but the colors and neck were still too high and pricey.

I did hit the jackpot though and found a curiously entertaining blog:

The Undershirt Guy Blog

Blogger Tug goes into great detail in searching out and reviewing all things men’s undershirts! Lots of links, in-depth reviews, good stuff.

After spending much of Saturday morning on his blog I did track down what looks to be a possible candidate for my undershirt search: The 5.11 Tactical Utili-T undershirt.

I’ve put in a back-channel email to Tug asking for any more leads before I pony up some money for a couple of packs. However, they do seem reasonably priced and as they are all-cotton, and should be cool and soft for the Houston climate.

The ones with Lycra or Spandex or other stretchy materials just feel a bit funny to me.

I’ll let you know how things turn out.

--Claus

Resolving a “Nightly” Firefox Issue…

While I love the Firefox web browser, I certainly am no Guru when it comes to it.

I like keeping the latest public-release version loaded on our systems, but for daily browsing and work I’ve (almost) always used the “Nightly” builds.

Basically, these “nightly” builds are the pre-alpha versions of the next releases of Firefox. They incorporate regular changes and code upgrades on the march towards the new version release of Firefox.

These are different from Release Candidates (RC) alpha and beta builds.

So the other day I realized that my home nightly version was reporting in as “Gran Paradiso” while the one on my work laptop was reporting in as “Minefield”.

I thought this was curious but figured it was just due to some branding-thing in about:config and kept going.

A Nightly Problem

So last week I read two articles about “tab-switching” being added into the nightlies for Firefox 3.1

New tab switching added for Firefox 3.1 – Mozilla Links
Firefox 3.1 Alpha Coming July 25th – CyberNet News

While I had been getting the nightlies on a regular basis, I observed the new tab-switch feature was working on my work-laptop Firefox build but wasn’t on my home systems.

So I downloaded and reinstalled the nightly via the link that Ryan offered.

No problems….except that it now reported “Minefield” instead of Gran Paradiso and I got a memory error dump every time I closed the browser. Oh yes…my “Organize Bookmarks” kept locking up my system at almost 100% CPU cycles when I clicked that link.

Grrr.

I figured it was something with my system, but lo-and-behold it happened on the Vista system, the other XP laptop, and my work system as well.

That’s a bummer!

Now, I knew I wasn’t having any issues with Firefox nightlies under the “Gran Paradiso” version…so was there a difference?

Yep!

Could I get the more stable “Gran Paradiso” build back?

Yep!

Mozilla Gran Paradiso versus Minefield Nightlies

It didn’t take me long to find out a perfect summary of the differences…and there ARE differences as Ben Basson and Nitin explain.

Trunk & Branch Builds FAQ • mozillaZine Forums

Q. What is the trunk?

A. The trunk is the central source code that is used for continuous and ongoing development. Trunk builds contain the very latest bleeding-edge changes and updates. However, the trunk can also be very unstable at times, so it's good to ask around before using trunk builds.
Latest trunk builds: ftp://ftp.mozilla.org/pub/firefox/nightly/latest-trunk/

Q. What is a branch?

A. Branches are "forks" in the code, split from the trunk and destined to become end-user releases. At conception, a branch contains everything that the trunk contains, but from that point onwards, only certain fixes or changes will be accepted. Therefore, over time, the branch becomes more stable.

Latest 1.8.1 branch builds: ftp://ftp.mozilla.org/pub/firefox/night ... ozilla1.8/
Latest 1.9.0 branch builds: ftp://ftp.mozilla.org/pub/firefox/night ... illa1.9.0/

Q. Why branch? Wouldn't it be better to have everyone working towards a release?

A. Many developers prefer to work on areas of the code which are too risky to change when approaching a release. Some of their changes may also take months to test and implement correctly. Their changes will be made to the trunk so that they don't delay the release and will be picked up in future branches.

Q. How can you distinguish between trunk and branch builds?

A. The main way you can determine if you are using a trunk or branch build is to click the "Help" menu and choose "About". You should see a string that looks something like this:

1.8.1 Branch:

Code: Select all

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15pre) Gecko/2008061720 BonEcho/2.0.0.15pre

1.9.0 Branch:

Code: Select all

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1pre) Gecko/2008061720 GranParadiso/3.0.1pre

Trunk:

Code: Select all

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1a1pre) Gecko/2008061720 Minefield/3.1a1pre

The part that you want to note is the Gecko revision number (rv) and the Firefox version string. These correspond to which build you are using. It works something like this:

rv:1.7.x and Firefox 1.0.x = Gecko 1.7 (Firefox 1.0) Branch.
rv:1.8.0.x and Firefox (or Deer Park) 1.5.0.x = Gecko 1.8.0 (Firefox 1.5) Branch.
rv:1.8.1.x and Firefox (or Bon Echo) 2.0.0.x = Gecko 1.8.1 (Firefox 2) Branch.
rv:1.9.0.x and Firefox (or Gran Paradiso) 3.0.x = Gecko 1.9.0 (Firefox 3.0) Branch.
rv:1.9.1a1pre and Firefox (or Minefield) 3.1a1pre and on = Gecko 1.9.1 Trunk (towards Firefox 3.1)

See the (somewhat outdated) roadmap diagrams below for clarification.

Q. Where can I find out the recent changes that have been made to the trunk or a branch?

A. Read the relevant nightly threads in the builds forum. An excellent unofficial changelog is maintained at The Burning Edge: http://www.squarefree.com/burningedge/releases/

<Snip>

Q: What's Bon Echo/Gran Paradiso/Minefield?

A: Bon Echo is the project codename for Firefox2
Gran Paradiso is the project codename for Firefox3
Minefield is the name given to builds from the Firefox trunk.

Summary of Firefox Nightly versions

So here it is.

Note: Nightly builds can be fraught with bugs, breaks and instability on systems and Add-on Extensions…they are not for casual Firefox users! Proceed at your own risk!

If you pine for retro Firefox 2.0.x versions but want the ongoing “nightly” updates for security work, you want Bon Echo. Get your Firefox Bon Echo nightly versions here.
If you love the latest Firefox 3.0.x builds but want the ongoing “nightly” updates for security work, bug fixes, and generally more stability and dependability, you want Gran Paradiso. Get your Firefox Gran Paradiso nightly versions here.
If you really want to be on the developmental bleeding-edges of Firefox 3.x.x versions and are willing to accept instability and compatibility issues, you want Minefield. Get your Firefox Minefield nightly versions here.

Once you have one installed, just go to “Help” and “Check for Updates” to bring down the new nightly and update your installed version. You can also set up automatic updating in the options.

See also: "Private Label" Firefox Builds where I outline how you can keep multiple versions of Firefox on your system…and then some.

Other Firefox Odd’s and Ends

Some more bits and pieces of note:

Understanding & Tweaking the Firefox 3 Address Bar – Great post by CyberNet News.

NewsFox - Firefox Add-ons – remains my favorite RSS reader for Firefox.

Version 1.0.2 has been released now. (Version notes)

Testing version 1.0.3b1 has also been released. (Version notes)

Get any of them at mozdev.org - newsfox: installation page.

Cheers!

--Claus

Dell Utility Partition Restoration

We have quite a number of Dell desktop and laptop systems deployed in our environment.

We use a number of imaging/cloning methods to manage them.

My personal favorite is Microsoft's ImageX software but Clonezilla and Novell’s ZEN Imaging are also popular.

When a Dell system leaves the factory, it contains a specialized partition that contains Dell diagnostic tools and utilities. This can be accessed via the boot menu (F12) when booting a system. These can come in handy for the sysadmin or desktop technician when trying to decide if the problem is hardware or software related.

However, if the system has been securely disk-wiped or images restored in some circumstances, that specialized Dell Utility partition can be destroyed. The restored windows partition works just fine, and the Dell diagnostics are still listed in the boot menu but they are no longer actually there.

So what options do you have?

Option One – Rebuild it from Scratch

Recreating the Dell Utility Partition - Not for the feint of heart. Partition Table editing required!

Basically you have to create a new partition, make it active, copy the Dell Diagnostic program to it, add a reboot program, make your config.sys and autoexec.bat files, change the partition type, the set your Windows partition back to be the active partition. Lots of work.

Option Two - Skip It and go with a Dell Utility Boot CD

Dell ships most all its systems with a boot-CD that can be used to bring up the system and then run the same diagnostics package elements from the CD instead. Yes you are not putting it on the system, but for most folks, this will be the easiest solution.

Getting the Dell Diagnostics Utility - Dell.com

If you look up your specific Dell system based on the Service Tag number, you will often find a number of additional downloads that will allow you to not only build your Dell Diagnostics Utility CD, but also packages to update the files on your Dell Utility partition if you so desire.

No software is know to exist in the wild (that I am aware of) to "automagically" create and restore that Dell Utility partition via point-and-click. Option One is the only way I know of to put one back in service once a system has been set up.

Option Three - For ZENWorks Imaging Fans only

Novell Doc: Novell ZENworks 7.2 Linux Management Administration Guide - Using Dell Configuration Bundles - Help for ZENworks fans.

See Also

Dell - Support - Using the Dell™ MediaDirect Repair Utility to Fix a Corrupt Master Boot Record (MBR) in Microsoft Windows XP

Inside the Dell PC Restore Partition - Dan Goodell

What About Microsoft Vista? - Things are a bit different when dealing with Vista Dell systems.

How to Run the Hard Drive Disk Self Test (DST) on a Dell Computer - Dell.com

Special thanks to the D-Man for hunting many of these solutions up for us!

Happy Dell Fixing!

--Claus

GSD Hurricane Tracking Links – 2008

CC attribution: Public Domain. NASA via pingnews on flickr.

Goodbye Dolly!

Hello long wait for the rest of the Hurricane season on the Gulf Coast of Texas…

I thought I would update my Hurricane Monitoring and Tracking links for the new year.

I found some great new ones.

Bookmark ‘em all!

Gulf Coast Watch List

So here are the hurricane links I am watching at home and work, to track the impending winds. Listed in order of my personal preference…

IBISEYE.com -- Your Atlantic Hurricane Season Tracking Map Source – An awesome site that mashes up tracking data on hurricanes and points of interest, along with Google Maps. Heavy on the JavaScript but makes up for it in pure visual delight. Easy enough even the “old-folks” can understand. Not only are hurricanes and projected paths displayed, but also counties are added as they fall under various storm watches and warnings. Zoom in/out for more detail.
Tropical Atlantic: NHC Model Data for Tropical Storms – Found this gem the other day. For folks who need to have more than one storm-track model presented, this is like going from riding a pony to driving cattle from North Dakota to the Fort Worth Stockyards. Look at the top of the page to select any current storms. Then when the Google Map mashup launches, you can pick from 32 “Early” models and 38 “Late” model storm track models. Plot one or plot them all! Awesome! Additional NOAA summary of storm-track models.
Hurricane and Storm Tracking - Terrapin's site remains my favorite. It is lean and simple and allows for quick location of information without lots of graphic overkill. The storm-track plots come in two flavors, a simple historical and future projection track that is static as well as a java-based animated one. Loads fast and updated as new forecasts are posted.
National Hurricane Center - This website maintained by the National Weather Service is my number two choice. Lots more linkage on the sidebar for hurricane related topics and preparations. The main page has links to a number of graphics and advisories.
(NHC's) Atlantic Graphical Tropical Weather Outlook - A "beta" sub-page of the site listed above. This is pretty cool. Any current tropical systems are overlayed on a satellite image with an icon. Hovering over the icon pulls up a quick update view. Clicking on the update popup then takes you to the system's detailed page.
Moreweather.com -- Tropical Atlantic Weather Page - T-Storm Terry Faber has created a great hurricane system page here. Not only does it have lots of links to any active systems, but it also contains links to radar and satellite images, many in great details and high resolution. The hurricane tracking maps and projections are there, of course. T-Storm Terry also provides links to other sources of information as well as historical data on previous storm systems.
Tropical Weather : Weather Underground - This is a fantastic site that has the widest range of linkages, maps, images, models, and everything. Just about the only thing it doesn't provide is winds blown into your face through the monitor. Which is why I put this at the bottom and not the top: there is just so much information it overwhelms.

Local Winds

For local Houston area facts and updates, most of the local news stations have their web-sites powered up.

Hurricane Central | Chron.com - Houston Chronicle - I generally turn to the Houston Chronicle's website for the majority of my information locally.
Harris County Homeland Security & Emergency Management - Main page links to the new Evacuation maps, Contraflow routes, etc.
Fox News 26 - Hurricane Toolbox - Lots of links and helpful tips
abc13.com: Gulf Coast Hurricane Guide - Again lots of links and preparedness tips.
Texas Hurricane News, KPRC Local 2 Click2Houston - News channel 2's public information page.
HURRICANE CENTRAL from 11 News KHOU.com - One more local news site's tropics page.

Even More Weather

I have found these additional links pretty cool:

e-WALL : PSU ELECTRONIC MAP WALL – Too Much Information! But still cool.
TROPICAL ATLANTIC e-WALL – I’m no meteorologist, but I can play one at work and home!
Projected Impact of Tropical Weather on US Gulf of Mexico Oil Production – Special Report for The Oil Drum – Graph shows how much analysts project production will be impacted when storms come in the Gulf of Mexico.

Road Kill

--Claus

Removing Apple’s MobileMe from Control Panel

Recently, Apple decided to start pushing its MobileMe that basically works as a sync service between your Mac, PC iPhone and/or iPod touch.

While the Valca homestead is filled with iPods, we have not an iPhone or any need for the MobileMe service.

So it was with mingled surprise and chagrin that I read Dwight Silverman’s post TechBlog: Guess who’s coming to dinner, Windows users? MobileMe!

Seems that when Windows users update and/or fresh-install Apple Quicktime and/or iTunes, they also get the MobileMe Preferences icon showing up in the Control Panel.

Launching it provides a method to sign in (for current members) or to “Learn More…”

I had been attempting to upgrade my XP Home's iTunes software to the latest version using the internal updater, but it kept failing. So I downloaded the full installer from Apple and ran the setup (v7.7.0.43). Lo and behold, when I got done, there was MobileMe icon in my Control Panel as well.

Nice ad placement there Apple. Not.

Simply Icky. No thanks.

So my thoughts turned to how to remove it from my system. Alas, there is no .CPL file for it that could simply be deleted.

I considered a number of approaches. First I could run one of many system change detectors and then carefully try to review the installs and pick out where it appeared from:

I could fire up Process Monitor and Process Explorer then launch the Control Panel item to see what kicked it off.

Instead I thought I would try the easy way first.

Removing “MobileMe Preferences” from XP Systems

I went to "Start" -> Control Panel -> Add or Remove Programs.

Near the top I located "Apple Mobile Device Support" and clicked "Remove". I ran the uninstaller.

When done I checked Control Panel and the MobleMe Preferences icon was gone as was the application from within the Apple Program Files folder on my system. Easy.

Didn't seem to hurt my iTunes at all.

Removing “MobileMe Preferences” from Vista Systems

To remove from Vista try this technique: Removing Apple Mobile Device Support - Tales from the Crypto blog:

...quite by chance, I found out how to remove Apple Mobile Device Support from Windows Vista.

Instead of clicking "Uninstall", click "Change". You're given the option to "Repair" or "Remove".

Click "Remove".

As counter-intuitive as it sounds, this appears to take you through a completely different uninstall procedure, which actually results in the removal of the Apple Mobile Device Support.

Also: Bits from Bill: Do I need Apple Mobile Device Service?

More Odd’s and Ends on the Windows Control Panel

Found these very helpful links while pre-researching this issue.

Control Panel tricks, Part 1 - Technofile
Information and help with the Windows control.ini file – Computer Hope
Working With Control.ini – Smart Computing
Description of Control Panel Files in Windows XP – Microsoft KB313808
Writing managed control panel items – The Moth
New Vista Syntax for Opening Control Panel Items from the Command-line - How-To Geek

Cheers.

--Claus

Extras for Windows

On my systems, I prefer to run very few third-party applications/utilities at startup.

These are in addition to the usual security applications or dual-monitor helpers that I use.

My current systems contain the following:

|MG| Motherboard Monitor 5.3.7.0 Update 2 – monitor cpu and system temperatures,

Process Lasso – keeps CPU cycles down under control,

allSnap – snaps windows to edges of screen,

MemStat XP – provides view of how much free memory the system has,

RocketDock – the best dock-launcher for Windows, ever, and

Rainlendar – a handy desktop-merged calendar.

Other than that, I rarely use any other utilities or tools at launch.

Except I re-found a new one.

Windows File/Copy/Move Alternatives

SuperCopier - (freeware) – I have posted before about this and several other great Windows file/copy managers. In the past I have just ran it on demand. (See alternative link also at SourceForge.net: Supercopier).

For most of may daily work, the default Windows copy/paste function worked great. However it is limited in some of its options and the other day I was copying several ISO files to a storage drive and the default copy-time was around seven minutes per ISO file.

Mucking around I found that if I booted a system with one of my custom WinPE 2.0 boot disks I was getting copy-times in the just over 2-minute range. I launched SuperCopier on my main laptop system at work and found it also was able to take a seven-minute file copy time down to just under three minutes. Good stuff. So I decided to flick the switch to launch it at boot on my XP systems.

That worked great but only for file/copy actions in the Windows Explorer shell. I do 90% of my file-management using FreeCommander.

Turns out SuperCopier has a configuration option so I can associate it to handle copy/paste actions in FreeCommander (or any other application) if I so choose. Nice! Now I can have it work in both worlds.

Other great Windows file copy managers:

TeraCopy - (free for personal use) – Very nice, fast and tiny.
Copy Handler - (freeware) – Dependable and fast file-copy activity. Updated periodically.
Roadkil.Net's Unstoppable Copier - (freeware) – Special-use tool to get copy files that are “damaged" like off optical media or that give other programs copy-errors.
FastCopy - (freeware) - New to me that some claim is the fastest file-copier tool out-there today.

For Consideration

Here are some additional applications and items I have come across this week. I'm still out on a final decision.

Firefly plugin turns Firefox into an advanced file manager - Download Squad - This Add-on extension for Firefox (get the Firefox 3.0 compatible version here at Firefly website) looks like it might be a helpful tool. It gives users the ability to launch a Windows Explorer-like tab in Firefox to do file-management tasks. It does allow multiple views to be used (dual-multi-pane). I couldn't figure out how to change the found style and size and on my work system it came up in a large-font Times New Roman. Ugly! Besides, a dedicated file-management tool like FreeCommander is all I really need and has loads-more features. However, it's a great and clever effort and might be worthwhile to keep an eye on.

Taskbar Shuffle - (freeware) - tiny little app that lets you drag-drop rearrange the items in your Windows taskbar. I confess there have been times when I have had like ten or fifteen items open and wanted to reorganize them. This would let me do it. The big question is, how often and is it worth installing to run on startup? Major plus points: now compatible with UltraMon multi-monitor management software. For a bit more: Taskbar Shuffle Tweaks Your Windows Taskbar - Download Squad.

Taskix - (freeware) - An alternative choice to Taskbar Shuffle. Run on demand or register DLL to run at startup. Doesn't seem to have as many options, but how many options do you really need to rearrange taskbar items?

Miscellaneous (test to see who reads down this far in a post)

AutoRuns for Windows - (freeware) - This utility was updated to version 9.3 and now "..adds support for several additional shell extension points, including copy hook, property sheet, and drag and drop handlers, fixes a bug in the Vista gadget parsing code and better handles malformed paths."

Vista, Word and Google Desktop circumvent TrueCrypt function - News - heise Security UK - For you forensics and security geeks. Turns out that even though TrueCrypt is able to afford some folks under certain configurations and usage "plausible deniability" for hidden and encrypted material, some points of attack exist to discover the presence. Security guru Bruce Schneier has co-authored a paper looking into this that is a fascinating read: Defeating Encrypted and Deniable File Systems: TrueCrypt v5.1a and the Case of the Tattling OS and Applications (PDF), paper by A. Czeskis, D. J. St. Hilaire, K. Koscher, S. D. Gribble, T. Kohno and B. Schneier.

5 Jokes That Will Get'Em Giggling | Geekdad from Wired.com - Funny and family friendly jokes for laughs. The comments are filled with more user submissions.

Goodness knows, we all need more laughter in the world!

Cheers!

--Claus

Controlling Java-Scripts in Opera

I really like the Opera browser.

It is very fast and very pretty.

I also like the Firefox web browser and it remains my daily web-browser of choice. I’m not ready yet to give up the slew of Firefox Extensions that I have come to lean on.

Widgets VS. Extensions - Opera Developer Community

Greatest of which is the NoScript extension Add-on that protects my web-surfing from malicious or bothersome web-scripts as I browse the net.

Opera does have the ability to control scripting and Java/JavaScript settings on a per-site basis (allow/disallow) but it doesn’t seem to have the granularity control of the NoScript Add-on for Firefox to control third-party scripting on a particular web-page; to block some but not all.

While fiddling around with this and looking for a “widget-based” solution I did find some posts that might be able to approximate the control of NoScript in Opera. It’s not the same, but comes very close.

Firefox’ NoScript for Opera (or all browsers) - dslreports.com

Andrew’s Security Filter(s) v5.57 (July 8, 2008)

The way it works is that you first set up your system to use Proxomitron which is a free and small local HTTP web-filtering proxy.

Done?

Next download and import Andrew’s Security Filter(s) into it as he outlines.

It’s not a perfect solution, but is a very interesting approach he has come up with using Proxomitron to work around the issue.

Thought a few Opera fans might be interested....

Windows CPU throttling techniques

At work we have an old DOS 16-bit application that is central to our customer’s daily tasks. It must be run and used by the majority of staff.

Alas, it is still being run on Windows 2000 and XP Professional systems.

This means that those (NT-based) 32-bit OS systems cannot run the application natively.

To get it going, what Microsoft does is to call to a particular environment subsystem; in this particular case, ntvdm.exe.

According to what I have found, it fires up a Virtual DOS Machine “application environment” which this particular DOS 16-bit application runs in.

No problem, except in our case, that ntvdm.exe session gobbles up 98% of the CPU cycles almost full time. This renders other 32-bit applications such as Outlook, Word, IE, or other applications the user is also likely to have open and running almost useless as they stutter and “hang” waiting for CPU cycles to be released. Task-switching is a nightmare.

Because that DOS application is network-based (makes calls and database updates to local servers), it can not be suspended while in the background, else the network connection might drop and the application crash horribly.

In the past we have thought it was a memory issue with DOS grabbing it all up. That is not the case. Extensive monitoring of the systems with it running using Process Explorer made it clear it is a CPU thing.

Changing the priority the process ran under wasn’t effective as a solution. No matter what it was set on, the CPU % utilization stayed pegged at 98%.

So, what now?

CPU Utilization Control #1 – Process Throttling

Now having some idea what we were dealing with, I wondered if there would be a way to restrict the ntvdm.exe process so it throttled back to a more system-friendly utilization rate.

Additional searching on the web (now that I new what I was looking for) turned up a number of third-party applications that looked like they might help.

Thread Master - (free for personal and corporate use) – This application runs as a Windows service when “installed". There is no GUI interface. Nothing to see that it is working. It is completely transparent to the user. Tweaks and configurations are handled in the registry keys the program makes. Download the files to the system, run the install.cmd and you are good to go. To uninstall download the uninst.cmd script and it will clean it up. The program page says it is for Windows 2000 and Server 2003 but my tests on XP Pro seem to show it works just fine.

BES, Battle Encoder Shirase 1.3.7-beta - (freeware) – Download and run the bes.exe file. You will get a management window. Click “Target” and select the (already running) process you wish to throttle back. Then click “Limit”. It will control that (and any other selected processes) as long as it is resident. If you wish to throttle a process the next time it launches, select the limit/watch so it re-controls it on relaunch. You can watch/throttle up to three processes but only “watch” for one. If you want to watch just one, you could make a startup script that calls BES from a command-line. This might make it “invisible” to users. Launching in this mode invokes the watch/limit mode for the process listed.

Process Lasso - (free for personal use/ $ for business use) – A really top-notch process control application. By default, it has been set up to monitor and lower the priorities of processes that use too many CPU cycles. Works on both single/dual core processors. Highly customizable and can be launched in a non-GUI format so it is “invisible” to end users. Runs under Windows 2000, XP, 2003, Vista, and 2008 in both x32 and x64 bit flavors. Wow! This could be one of the most—if not the best—fine-tuned and polished applications of this sort out there currently. It can also be invoked from highly optioned command-line arguments and application processes can be added to “exclude” lists to bypass throttling if needed. I like it so much I am using it on my home systems.

ProcessTamer - (free, registration recommended) – Tiny application that monitors CPU usage of processes. It will throttle back the CPU process depending on set threshold limits. You can toggle the application on/off as needed (optical media burning, perhaps), as well as set very detailed rules for process exclusions and priority adjustments. Certainly a nice little tool as well.

Priority Master 2008 - (demo/$) – Application that not only will control running processes but will also allow uses to permanently set the priority value for an application, as well as terminate any program you specify should not be allowed to run. Great with dealing with malware processes. This looks to be a very extensively designed utility tool.

Prio - Priority Saver - (free for personal use) – Adds some extra tabs to Windows Task Manager as well as keeps a record of your priority setting changes and when the process is relaunched (with Prio running) will open it under the preferred priority setting.

To figure out which one might work best for our ntvdm.exe control needs I fired up a benchmarking application (PassMark’s PerformanceTest) with the system not running the application, with the application running, then with it running under each of the first-four listed CPU managers.

In the end I found very close positive stats for both Thread Master and Process Lasso.

Because Thread Master was free for corporate use I went with this application. I did have to spend much additional work in the registry along with Process Explorer to get it tweaked just right. If I set the CPU throttling too low, then the DOS application would hang or appear to lock-up. If I set it too high, no benefit was seen. It looks like the sweet-spot between functionality and throttling control is around the 75% to 85% range. Because it runs as a service and has no GUI interface, it is 100% transparent to end-users so they can’t get in to it and muck up the settings. That is a nice feature. It did seem to improve responsiveness of the Win 32-bit applications running at the same time as ntvdm.exe with our particular DOS 16-bit application.

Now I am going to have to find a few production machines to test it out in real-world DOS-16 bit application utilization loads. Still got a lot of work to do before we can bless it officially as a “solution” and push it out but it looks like we might be on the right track.

CPU Utilization Control #2 – Processor Affinity

Turns out that we have a blend of systems in our desktop computing environment. Not that I didn’t know that but I never really appreciated the nuances until now. We have at least four different models that are single-core processors. Our newest desktop systems are now dual-core systems.

Believe it or not, that makes a world of difference.

When I went to see if the ntvdm.exe DOS-16 application impact was as severe on our dual-core systems I found it was not the case. 32-bit applications didn’t lock up when the DOS-16 application was running. In fact, it was almost like there was no impact alone.

Additional monitoring with Process Explorer set to show muti-core loads found that the ntvdm.exe process was being load-balanced across both cores. This resulted in the CPU utilization being more manageable for other applications, also sharing across cores.

So in the end it appears that we might only need to deal with CPU throttling solutions on single-core systems. Nice.

There are a number of ways you can actually control the cpu processor affinity for an application on a dual-core system.

Quick and Easy: If you want to make a temporary change, just open Windows Task Manager. Find the running process you want to control, right-click and select “Set Affinity” from the menu options. For a dual-core assign it to either CPU 0 (the first one) or CPU 1 (the second one). Done.
Quick and Detailed: If you want to make a temporary change, just download and run Process Explorer. Find the running process, right-click and select “affinity” from the menu options. For a dual-core assign it to either CPU 0 (the first one) or CPU 1 (the second one). Done.
Free and Convenient: Use the freeware application THG Task Assignment Manager. Tom’s Hardware Guide provides this free utility to help you quickly manage processor affinity settings on the fly with their light and handy tool. For full read and download link; Getting More Bang Out of Your Dual Processing Buck – Tom’s Hardware

You can also change an application to run exclusively under a single CPU on a dual/multi-core processor, but it takes a bit more work.

In my case it specifically addressed the ntdvm.exe file tweaking that I was looking at, but could apply to almost any process.

Troubleshooting an MS-DOS application which hangs the NTVDM subsystem in Windows XP and Windows Server 2003 - markwilson.it

Read the post but it comes down to using a Microsoft Windows 2000 Resource kit tool, imagecfg.exe with some detailed command-line arguments.

Rants on seeing…

I have the day off today. Rare that it is.

Only the house is now filled with girls. Alvis’s BFF spent the night and is here during the day. Lavie is sick and called in sick today. And her niece has driven in to stay through the weekend. She will be getting married in the Fall and Alvis gets to play maid-of-honor. So there will be some pre-dress looking this weekend.

I’m heading out-of-doors to cut the lawn, whack down the hibiscus (again) that must have been cross-bred with Kudzu. Get man-sweat stinky…and the like.

Two quick rants.

Oh Noes, My Eye!

I finally got an appointment with my primary-care physician. Ever since the ophthalmologist visit the aches and pain in my left-eye area have been growing a bit more stronger. Don’t know if it is because I know there is a problem now or if it is something else. I’ve spent my whole life protecting and caring for my eyesight and now with something “wrong” it is kinda freaking me out a bit.

The ophthalmologist’s preliminary diagnosis is that I could have a condition called Keratoconus. After seeing the test results he was able to get during my last visit I can agree I think that is a strong possibility. Now that it has been pointed out to me I can tell a very slight double-vision thing going on in that eye. Tends to be more pronounced when driving and focusing on distant objects. Roadway signs are the best to test on as the reflective and bright colors make the ghost-image easier to pick out. Anyway, he doesn’t have the tools to make a definite clinical evaluation, hence the need for a second opinion by the specialist with the advanced “eye toys” as he put it.

The thinking is that my left eye is constantly trying to correct/refocus the images causing it to work overtime and causing the eye-strain that hurts so bad. My usual remedies of Alieve or Tylenol don’t seem to be helping. I’m very pain tolerant but this soreness is waking me up at night. No good.

So I will be off to the family PCP to get a referral to a specialist in the Houston Med center who I’m told is the best in this field.

Looking back I may have been dealing with this all my life and just not really realized it.

When I was attending Catholic middle school, we went to mass two times a week. I swore for the longest time at that age I had the gift of Auric Sight. When I would be sitting in the pews I could look at the altar and swear I saw it “glowing”. Made my Catholic years growing up kinda freaky. Most of the other alter-boys would mess around with the candle-wax and other stuff after services, but I was sure to do so would mean some kind of “Raiders of the Lost Ark” retribution instantly! That probably now was the double-vision thing, unrealized.

Despite this, I wasn’t diagnosed as having any vision issues (needing glasses) until I was a senior in high school. While I was going through the selection process to be chosen for the U.S. Air Force Academy I had to endure a battery of physical tests and assessments at a military doctor facility. It was only then during the vision portion (important for hopeful military pilots) that I was diagnosed with less than 20/20 vision. That and a few other factors led to my nixing that life-course.

I’m not sure why it was only since April that I have been noticing this vision issue and pain. While my vision has needed correction from time to time, I had never experience this issue before. Turns out I blogged about it without realizing what it was.

I suspect I might not get off the hook with a simple referral from our PCP. I bet she is going to probably want a CAT-scan or something as well of my head to rule out any other issues.

Oh bother.

Saturn and the High Price of Seeing Backwards

Saturn Ion owners (and others likely) take note!

For the past week when I got into my Ion, I’ve been having to readjust my rear-view mirror. I haven’t thought anything of it.

Only when I was in the field Monday and went to grab some lunch in Pasadena, I found I was looking at my back seat.

I adjusted the mirror, and it drooped back down.

That afternoon I had to drive back home without the help of my rear-view mirror. I adjusted my wing-mirrors to cover as best I could but driving on Houston freeways blind to what’s going on behind you is freaky.

At home I was able to inspect the issue much more closely.

Turns out the design of this mirror (the one with the temperature sensor and compass) connects to the ball-joint with a series of little plastic fingerlets. Tension is applied to these by a metal ring. The resulting tension holds the mirror in place as adjusted. Only in my case, about 1/3 of the tiny plastic fingers had broken off, thereby causing the tension ring to not be able to apply enough pressure to ball-joint, thus the droopy mirror.

So Tuesday off Alvis and I went to the Saturn dealership. Rear-view mirror, right? How hard or expensive can that be to fix?

Turns out if you have the one I do, $400 to replace.

Ouch.

I declined.

The price is due to all the electronics jammed into it. That’s the cost of having “optional features” on your car.

It just kills me to think about dropping that load of cash to replace some bits of broken plastic on an otherwise fully functional rear-view mirror.

For now I’ve got it held in place with some skillful masking tape work that supports the mirror and prevents it from drooping. Works great and is pretty unobtrusive.

I have a couple of options at the moment.

I can nix the whole electronic thing and just replace it with a basic rear-view mirror for under $35 at the local auto-parts store. That would be the easiest thing. (Except for removing the current mounting bracket fastened to the windshield which is always tough.) I’ve replaced one before on my old S-10 pickup truck. Worked like a charm. I’d probably be able to increase my forward viewable space out the windscreen as well as this fancy rear-view mirror is much bulkier and does obstruct a lot more than you would think.

I can look for a used/salvage one on EBay. I’ve found some under $50 but I’m always worried about getting scammed. Might be as good as the one I have now.

Or I can buy an after-market replacement. They seem to run in the just under $200 range.

Again, it kills me to spend that much on something that otherwise just isn’t broken or not working. I wouldn’t hesitate if the electronics in it were burned out and/or the mirror was cracked, but my grief is due to a few tiny plastic fingerlets.

Then again…a roll of masking tape is about, what, $1.00?

If just enough of the fingerlets exist, I might be able to get a very thin plastic "zip-tie” around them and apply enough tension when tightened to make it work. That would be much more flexible than the metal expansion ring previously in service and might be able work, despite the missing plastic pieces. That would make it more adjustable as right now Lavie says she won’t drive it if she has to redo my masking-tape-mod to drive it. Being as she is shorter than me my mirror adjustments don’t work for her.

Oh well. I guess that’s the breaks…

--Claus

Wide-Open Linkfest

Just got back from a mid-day shopping run.

That’s the Breaks

Somehow I managed to break the clip off my Blackberry 8830 holster. The clip is kinda “cheap” so a standard glue-fix wouldn’t work. The break happened right at a stress point. I may still try to over-fix it by pinning in in place with some well-placed drill holes and a few super-tiny nail-shanks However, I don’t think it will be worth the effort as the plastic is very thin and even if I was able to drill pinning holes aligned perfectly in the top/bottom halves, the remaining plastic on the sides would be micro thin.

In the meantime I picked up a Blackberry Curve holster. It is a tad-bit smaller than the 8830 holster, but the device does fit securely in it with not too much pressure. And the top-flap does close. So for now I’m covered.

Somehow I’m disappointed. I bet John Wayne never broke one of his holsters….

GameTime on a Budget

We (Alvis and I) stopped by the local GameStop store to see if we could find any used bargain PS2 titles.

As proof that a good review on the Web translates into marketing power, I was sufficiently intrigued by Wired’s GeekDad recent post You Let Your Kids Play What? Shadow of the Colossus PS2 game that I picked up a copy for about $10. I also grabbed Disney Golf for family multiplayer fun sessions. Alvis—in a surprising mood—selected both ATV Offroad Fury and Hard Hitter Tennis. Finally, not wanting to leave Lavie out of the gaming, we grabbed Pinball Hall of Fame: The Williams Collection.

Walkout price for the five titles was about $60. Not bad considering that would be the price of two new PS2 game disks.

I’ll try putting in some game reviews for kicks after we have gotten some play-time in.

Linkfest

Truecrypt Updates to v6, Hides Your Subversive Plots Even Better! - Download Squad – Yep. The most fantastic (and free) tool to manage and secure data on your HDD or USB memory device just got better. Miscellaneous fixes are rolled up in this version. TrueCrypt really rocks…including the ability to actually use TrueCrypt to encrypt an entire partition or drive on the fly. A fantastic solution for laptop users.

I also discovered two great posts that take slightly different techniques for automating use off a USB stick. Check them out as well:

heise Online releases the heise SSL Guardian – Heise Security provides yet another tool for web-citizens to use to inspect the overall security of SLL keys. Supports IE and Outlook Express. Not compatible for Firefox or Opera…oh bother. Download Heise SSL Guardian from heise Security UK, freeware.

Secunia Personal Software Inspector RC3 0.9.0.4 – Works great and adds in a few more bug-fixes. You have to uninstall older versions first, though rest assured your configuration settings will be retained after uninstall/reinstall. For an overview on why all Windows users MUST have this on their system check out this post of mine; Secunia Personal Software Inspector RC-1: Wowzers!

NOTEPAD++ – freeware – just got a version bump to 5.0. Mostly behind the scenes fixes but still, certainly one of the best “advanced” notepad/code-editors there is today. While not the only one I keep handy, it is the one I use the most. For a short-list of alternatives, see my Notepad Replacements post.

Track Gmail Activity And Remotely Sign Out – CyberNet News – Google has now added a security feature that allows you to quickly see if someone else has been accessing your Gmail account, or maybe you left yourself logged in by mistake over at your brother’s pad. It’s not easy to spot on the your main Gmail inbox page. Look at the bottom right below the storage-report line and you will see the IP address of where you are logged in at and when that was. If you click the “Details” link, you will get a list of recent session activity with date/time/IP’s. You can also “sign out of other sessions” to kill those remote Gmail logins you (hopefully) forgot about. For more details see this Gmail Blog post: Remote sign out and info to help you protect your Gmail account.

Sunbelt Personal Firewall - (free/$) – This newly released version brings some under-the-hood performance gains, packet filtering, hardening against leak-attacks, and most importantly, is now fully Vista compatible. I used Sunbelt Personal Firewall for a long time on my XP systems before making the jump to Comodo Firewall Pro. See Sunbelt Blog’s post New version of Sunbelt Personal Firewall posted for more details as well as CyberNet News’s post Sunbelt Personal Firewall for Vista for their perspective. Certainly still recommended as a good firewall alternative to Vista’s default firewall. For other free Vista firewalls see this older post of mine: Free Vista Firewalls: And then there were five.

Windows Incident Response: Deleted Keys in the Registry – Harlan does a very awesome post that should be a must-read for any Windows technician. Turns out that, like Access, when you delete a registry key, you don’t visually see it any longer, but tracks still remain which can, in theory and practice, be recovered. I wondered to Harlan if a registry defragger would kill the ability to recover the key and it seems that in initial tests, that is indeed the case. This is really cool stuff.

Foxmarks Introduces Sync Profiles – While I am awaiting my Firefox 3.0 bookmark syncing solution of Mozilla Weave 0.2 there is a large fan following of the add-on known as Foxmarks. It is quite polished and looks to be up to the task for those who can’t wait or (like me) are currently copying an exported bookmarks JSON file between systems manually. For more see Foxmarks Introduces Sync Profiles over at CyberNet News.

Partition Find and Mount – freeware – looks to be a very handy solution for damaged (but not nuked) hard-drives and partitioning issues. One of our network analysts was playing with an ImageX image for a desktop system and following my in-house guide. Worked like a charm. Almost. Only the system couldn’t boot. Turns out that while he followed the steps perfectly, the drive had been securely wiped, so even though he was able to use Win PE 2.0 disk to format the drive, there were no active partitions set so the files copied but it couldn’t be booted. A quick round of DiskPart commands from the Win PE 2.0 disk and all was well. While Find and Mount won’t repair the problem partition, it will allow you to snag data off it once mounted. Almost good enough. This is a must-keep toolbox item for sysadmins. Go ahead and also snag Parted Magic, Ultimate Boot CD, and GParted. I understand BootIt Next Generation ($) is also a standout tool.

Java Version 6 Update 7 – Just released this week. Get the latest version of Java on your system pronto. While you are at it, be sure to delete the older version via Add/Remove programs. If you really want to be on the cutting edge of Java, and are a Firefox 3.0/Opera 9.5, then try out the Java Platform, Standard Edition 6u10 Binary Snapshot Releases – Build 27. These are bleeding edge Java versions with some extra features that those browsers can take full advantage of. I’ve been running both versions (Version 6 builds and the Version 6u10 builds) at the same time on my XP Pro, XP Home, and Vista Home Premium systems with no ill-effects.

ColorfulTabs :: Firefox Add-ons – just got this one installed and lovin’ it. It colorifies your tabs in Firefox. Pretty and a bit easier to pick out when that tab-bar is crowded with opened tabs. Firefox 3.0.x compatible.

Now….off for some PS2’in game fun bonding with daughter-unit!

--Claus

More Room to Remember

Longtime Grand Stream Dreams followers may recall that our primary desktop system is a Shuttle SK41G small form factor (SSF) system.

At the time of home-build, it was the replacement for an aging Gateway 333 MHz cpu system that had a whopping 256 MB RAM and a 10 GB HD running Windows 98 in an expanded (2-foot) tower unit that had room for like eight device bays.

I had not to long before just successfully made the jump from a social-services job into the IT department, and one of the things that seemed to be needed was to build a rig worthy of the envy of my new team-mates.

So after much consideration, I opted for the SFF of the Shuttle. It seemed pretty fast, had decent specs, and should be pretty quiet.

I loaded it out with an AMD Athlon XP 2400+ processor (2 GHz), 512 MB RAM, and a 120 GB HDD with XP Home. I also sprung for a dedicated AGP graphics card having previously always used just the on-board video. That was back in 2003.

It ran great for a few weeks before it died (PSU) and I was forced to RMA it for a new barebones unit.

That one did better.

In August of 2006 I upped the RAM to a full GB.

In November of 2006, the stock PSU finally gave up the ghost, having finally succumbed to the dreaded Shuttle PSU Capacitors of Death problem. No matter, a beefier custom PSU was located and with case-modifications, was crammed into the shoe-box of the SFF.

The 1 GB of RAM has been great. But lately I’ve been doing much more work in Virtual PC and granting just 256-512 MB of RAM to the virtual XP machines just hasn’t quite worked out. At the low end they work, barely. At the high end the virtual machines work great, but the “real” system bogs down.

In July of 2007 the hard-drive started acting up, so I swapped it out to a 500 GB monster.

As the max RAM on this rig is just 2 GB, I figured it was time to max it out, before I couldn’t find RAM for it any longer.

The Shuttle takes DDR PC2700/3200 RAM. Crucial.com had a PC3200 combo for about $75. Unfortunately, despite being know for my patience, I decided to pick some up locally for instant gratification. Only kind I could find was PC2700 for just under $100.

I’m telling myself that really wouldn’t have made a lot of difference with performance had I ordered the PC3200 instead on-line. The front-side bus speed on this Shuttle is a paltry 266 MHz so I don’t think I would have seen a remarkable difference.

Overall the extra RAM has really made an improvement, especially when I have been working with virtual machines so it really is the best way to go.

And the Shuttle, despite its age, is still humming along very well. The upgraded PSU has been rock-solid. While still a single-core, the AMD CPU’s 2 GHz processor is still more than up to the daily tasks we throw at it.

Probably in another year I will have to see about buttering Lavie up and going with a dual/quad-core rig with 4 GB RAM, and a dual-head video card for both my monitors. My current drive is an ATA model and all new systems are SATA.

I would probably drop a 10 GB drive spare I have kickin-around into the Shuttle, get an ATA to SATA adapter to load the 500 GB drive into the new one, and then reload the Shuttle with PCLinuxOS for Alvis to use. Then I can continue to run the XP Home system as a virtual machine a bit longer. I still need to get back up to Tyler to get Dad’s virtual XP system I had recovered back on his his Vista machine.

Further Reading:

bit-tech.net | Review - Is More Memory Better?

Really great and readable tech testing-review on just how much system-memory you should get. For most Vista 32-bit OS versions, the answer is around 3-4 GB, depending slightly on the RAM in your graphics card. Me? I’d probably go with 4 GB and then spring for a 256 MB graphics card, not being a gamer.

If you sprang for a Vista 64-bit OS version, well, you have a few more options, being able to go up to just over 16 TB of system RAM…assuming you can find a system-board and RAM modules big-enough.

Wowzers! I’m getting giddy just thinking about that…..More RAM than hard-drive storage….

--Claus

Rapid-Fire Linkpost #3 – Purely Windows Dressing

CC Photo Credit: by Choctopus on Flickr

Great dirt for Microsoft Windows fans:

Where did I put my shovel?

10 top Vista tweaks, part 2 - Ed Bott’s Microsoft Report | ZDNet.com. Thought I posted this before but darned if I can find it. Good Vista tweaks that shouldn’t damage your system or your sanity.

Nothing stealthy about this Windows Update update - Ed Bott’s Microsoft Report | ZDNet.com. Yep. Time for Windows Updates to get updated again. Based on Ed’s comments it looks like it might actually be useful and improved. Anything that makes it faster on XP systems will be appreciated by me.

Microsoft Malware Protection Center - Top Detections – Stumbled across this Microsoft page a while back. Shows Redmond’s list of their top detected desktop, MSRT, and malware threats. For security-minded geek entertainment…check out their threat analysis links.

Microsoft® Malware Protection Center blog got some updates and a new home not too long ago. Welcome to the New Look Microsoft Malware Protection Center Blog. Certainly not the first site to provide information on malware threats and feedback, but the posts are pretty easy to follow and they are working hard to stay up with the times and present a useful public face.

IEBlog : IE8 Security Part III: SmartScreen® Filter – Awesome and detailed post by the IEBlog team on IE 8 elements for anti-phishing and malware-tainted website protection while surfing.

IEBlog : IE8 Security Part IV: The XSS Filter – More details on how IE 8 may address cross-site scripting attacks as a threat vector for browsing the web.

IEBlog : IE8 Security Part V: Comprehensive Protection – Very detailed and layered explanation of all the security changes being poured into the IE 8 release for our web-surfing safety.

I need to go back and do a more in-depth review of these IE 8 features as well as those in Firefox 3.0 and Opera 9.5. Those browsers already are now including built-in browser protection against phishing and malware-laced sites. IE 8 is joining their direction and, seems hell-bent on surpassing them. I really like what I have read so far on the IE 8 changes. I hope this leads to a new level of browser-arms race! We all win this way, regardless of your favorite browser flavor!

Looking for a “Reader’s Digest” version of IE8 security features? Try this: Microsoft to ratchet IE8 security another notch in Beta 2 via Ed Bott’s Microsoft Report | ZDNet.com

Kaspersky Lab releases instructions on how to recover files attacked by the Gpcode.ak virus – OK, not really a Microsoft direct related post, but good news for folks who got key documents locked down. I advise all sysadmins to read this so they can be prepared in advance, of ever encountering this. The key? Act fast so you can recover deleted files before they are overwritten. You can’t use them directly, but they are key to the recovery process. You will also need some freeware tools/utilities linked from that source. Download them to a USB stick in advance (and not to the impacted hard-drive)!

Security Database Tools Watch - Pass-The-Hash Toolkit v.1.4 – freeware – Add it to your USB toolbox ladies and gents in the sysadmin field.

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes

Windows SteadyState – I’m longing to find a way to apply this free feature for XP/Vista to our training-room PC’s as well as a few other choice deployments at work. I just need to come up with a plan. Might apply this to systems in our laptop checkout pool. Could save us a lot of time reimaging the systems upon bring-back.

Basically, Windows SteadyState is an application you can install on target pc’s. With it you can lock down the user interface to prevent system changes by users, as well as revert to a previous saved state after the user has finished simply by rebooting the system. Learn more about Windows SteadyState

Windows Steady State Bulletproofs Your System - Download Squad. More information and comments.

SteadyState - Mess up, Reboot & Everything Is Fixed! - MakeUseOf.com. Yet another SteadyState Review.

Security Now! Transcript of Episode #129 – Leo Laporte and Steve Gibson discuss SteadyState. Also available as a podcast format.

Now the daughter-unit return watch begins…..!

--Claus

Rapid-Fire Linkpost #2 – New Finds and Updated Favs.

Now boarding…new and improved software/freeware finds!

Hot diggity-dog!

SocketSniff - Windows Sockets (WinSock) Sniffer - freeware – Nirsoft tool that “…allows you to watch the Windows Sockets (WinSock) activity of the selected process. For each created socket, the following information is displayed: socket handle, socket type, local and remote addresses, local and remote ports, total number of send/receive bytes, and more. You can also watch the content of each send or receive call, in Ascii mode or as Hex Dump.”

Seems like a useful think to keep handy, you sysadmins.

Wireshark 1.0.1 – freeware – Available in both Installer and “Portable” versions. For a complete list of changes, please refer to the 1.0.1 release notes. Mostly bug fixes, some minor new features, and updated protocol support. If you use this (and all sysadmins should) you might want to go update your version.

Windows Incident Response: Process-to-port Mapping – not software – Nice post by Harlan on process-to-port mapping considerations. Consider also the Nirsoft Freeware CurrPorts. For more possible tools with these feature, see these older posts: New Network Utility Freeware Finds and Free Network Utility Nuggets. Both from Grand Stream Dreams blog.

Flexense – FlexTk “Express” File Management Toolkit – freeware – advanced file management “toolkit” allows some handy utility work on your files and folders, as well as analysis of all the stuff you’ve got crammed in there. Spotted on post FlexTK Makes File Management Easy - Download Squad. Other advanced builds are for $.

USB Image Tool – freeware – Alex’s coding playground. Nice simple to use tool allows you to create and restore an “image” of any USB storage device you can get your Windows system to recognize and mount. Sure there are other ways to do that, but this is a very clever “all-in-one” solution. Requires .NET 2.0. Might be useful for sysadmins and others who have several packages of USB tool collections but want to shuffle through them on their dinky USB stick with insufficient space to keep everything. Spotted on post Backup your flash drives with USB Image Tool - Download Squad.

~~Spybot-S&D 1.6, RC1~~ ~~releas~~ed. Oops too slow!

Spybot-S&D 1.6, RC2 released. Brings with it ability to now scan Firefox 3.0 and Opera 9.5 data stores. (I read in the comments that Firefox 3 must not be running, however, before scanning.)

Related: Announcing another new 1.6 feature: OpenSBI - Safer Networking Forums

At the moment the Spybot forums are down. Links should open up in a while again for the curious.

Also all versions (including RC’s) are now available for speedy download via FileHippo.com for frequent traveler’s.

No bag-search required and all oversize baggage fees have been waived for your satisfaction.

--Claus

Rapid-Fire Linkpost #1 – Mostly Firefox

Got to make one last push on the link pile

Alvis has been gone on an out-of-state church-camp for the past week.

Lavie and I have been miserable.

She is due back in the next few hours so I have a range of things still do to.

More on Mozilla Weave.

Weave is basically Mozilla’s answer to provide unified “web-cloud based” synchronization of key Firefox components; history, bookmarks, cookies, and maybe even extension Add-ons.

Looks to be some neat stuff when released in the final form.

Here are some great other-blog posts on the details and progress so far.

Screenshot Tour: Mozilla Weave Synchronizes Your Browsing Experience – Lifehacker

Firefox Weave 0.2: Sync Bookmarks, Tabs, History, Passwords, and More – CyberNet News

First look: Mozilla Weave 0.2 puts Firefox in the cloud – ARS Technica

I haven’t had the time yet to get a test-system configured to give it a whirl. As soon as I do you can count on a post!

Removing bad about:config entries

If you have spent any time around this blog, you will know that from time to time I make recommendations of certain Firefox tweaks via the about:config settings.

What happens when you make a custom entry that you regret? How to you remove it?

In Firefox 3.0 it’s simple:

In about:config, right click on the mistyped value and choose "Reset." Then, restart Firefox. The value will be deleted. Simple!

There you go!

NewsFox Next release

NewsFox – via Firefox Add-ons – is in my mind, simply the best RSS feed reader for Firefox integration there is.

Period.

New beta version has been released: NewsFox 1.0.2b3

This is clearly a beta version, so use only if you must be on the cutting edge. I have and the only issue with NewsFox 1.0.2b2 that I found was that the feeds didn’t auto-update upon NewsFox launch even though that is how the preference was set. Worked fine once I manually kicked off the feed check.

If you want a stable version, get it via the Add-ons page at the first link.

Now a word from Opera

Opera is got to be the fastest, slickest, sexiest web browser out there for Windows. Even over Firefox.

Late last week the Opera Desktop Team announced that they have released the final version of Opera 9.51.

It’s very nice.

(Opera 9.51 for Windows Changelog)

No, I’m not giving up Firefox…but I do reach for this when I need a rocket-fast web-surfing session for specific tasks (checking radar, looking up an unplanned Google search, etc.).

Good stuff!

--Claus

AVG Free v8 versus the Competition (Speed to Scan only)

OK. I’m going to brave some dangerous waters here.

One of the major complaints (of many) raised with AVG Anti-Virus Free Version 8 is that it is just very, very slow and takes a very, very long time to scan a system. Especially compared against AVG Free version 7.5 builds.

For this reason (and others) many users have been jumping ship to alternative freeware anti-virus software.

Some of which I have mentioned in the AVG saga included: AntiVir PersonalEdition, Avast! 4 Home Edition, BitDefender 10 Free Edition, ClamWin Free Antivirus, Comodo Antivirus 2 (beta), PC Tools AntiVirus Free Edition, and Dr.Web CureIt!Æ Utility Version 4.44.

So, aside from any discussions otherwise such as virus-detection accuracy rates, I decided I really needed to do a controlled comparison to see just how slow AVG Free version 8 had become when stacked up against these other contenders.

The Method to my Madness

I decided to run the tests using a Virtual PC session using the IE Developer’s VHD for XP Pro – IE7 offered by Microsoft. This was installed on my Gateway laptop running Vista Home Premium with 2 GB RAM. No other activity was done while each test session was running.

What I measured was the time to default-scan the entire system, the number of objects scanned, and the number of threats/warnings found. I used the information for each of these elements as reported post-scan by each application.

From these elements I divided the number of objects scanned by the the time to scan (converted into seconds) to arrive at what I coined the “Scan Speed Ratio” for each build.

Seemed like a fairly good place to start.

Each time I did a default installation of the program under examination and ran any internal update process offered to ensure the program/signature files were as current as possible. No changes otherwise were made to each installation. Once completed, I uninstalled the application, rebooted and installed the next one.

It ended up taking the better part of a day to complete.

The Results

AVG 7.5.524
Time to Scan whole system 12m 38s
Objects scanned 20,278
Threats 0
Note: AVG Free 7.5 does not include scanning for malware files.

Scan Speed ratio: 20,278 / 758 = 27.38 f/s

AVG 8.0.101
Time to Scan whole system 25m 45s
Objects scanned 266,565
Threats 0
Warnings 12 (cookies)

Scan Speed ratio: 266,565 / 1545 = 172.53 f/s

AVG 8.0.138
Time to Scan whole system 24m 36s
Objects scanned 265,906
Threats 0
Warnings 12 (cookies)

Scan Speed ratio: 265,906 / 1476 = 180.15 f/s

Avira AntiVir Free 8.1.00.295
Time to Scan whole system 8m 8s
Objects scanned 56,256
Threats 0
Warnings 1 (pagefile.sys access error)

Scan Speed ratio: 56,256 / 488 = 115.27 f/s

Avast 4.8 Free 8.1.00.295
Time to Scan whole system 8m 2s
Objects scanned 16,804
Threats 0
Warnings 0

Scan Speed ratio: 16,804 / 482 = 34.86 f/s

Bitdefender Free 10 build 247
Time to Scan whole system 7m 32s
Objects scanned 10,164
Threats 0
Warnings 0

Scan Speed ratio: 10,164 / 452 = 22.48 f/s

ClamWin .93.1
Time to Scan whole system 33m 4s
Objects scanned 15,419
Threats 0
Warnings 0

Scan Speed ratio: 15,419 / 1984 = 7.77 f/s

Dr.Web Scanner v4.44
Time to Scan whole system 30m 15s
Objects scanned 52,650
Threats 0
Warnings 0
Note: Complete scan run

Scan Speed ratio: 52,650 / 1815 = 29.00 f/s

Comodo AntiVirus Beta2
Time to Scan whole system 17m 34s
Objects scanned 27,476
Threats 0
Warnings 0

Scan Speed ratio: 27,476 / 1054 = 26.06 f/s

PC Tools AntiVirus 2008 (4.0.0.26)
Time to Scan whole system 10m 49s
Objects scanned 12,819
Threats 0
Warnings 0

Scan Speed ratio: 12,819 / 649 = 19.75 f/s

Cutting through the muck

Based on my personal tests, it seems that AVG Free Version 8 builds actually scan more objects, multitudes of time faster than any other freeware anti-virus product listed here currently.

By default, AVG Free v8 appears scans for the following filetypes (and in compressed files): 386; ASP; BAT; BIN; BMP; BOO; CHM; CLA; CLAS*; CMD; CNM; COM; CPL; DEV; DLL; DO*; DRV; EML; EXE; GIF; HLP; HT*; INI; JPEG*; JPG; JS*; LNK; MD*; MSG; NWS; OCX; OV*; PCX; PDF; PGM; PHP*; PIF; PL*; PNG; POT; PP*; SCR; SHS; SMM; SYS; TIF; VBE; VBS; VBX; VXD; XL* ;XML; ZL*

It scans (like some other applications listed) for both virus, malware file, and tracking cookies.

Do scans take longer (much, much, longer)? Yes. Without a doubt.

Do the scans manage to encompass a much more wide scope than (currently) any of the others tested. Yes. Clearly.

Do the scans occur at a rate much faster (currently) than any of the others tested. Yes. In my tests.

Granted, your results may vary depending on your particular system, what is going on while the scan is running, and any configuration changes made to the default settings.

I suppose if you want AVG Free Version 8 to scan faster, you could disable malware-scanning. That would speed it up time-wise to complete a scan. Worth considering.

Of course, you would then likey have to run a 2nd scan using a third-party anti-malware product; which might negate any gains in scan-time you achieved. I’ve personally left AVG to scan both anti-virus files as well as anti-malware and then every week or two run a few other anti-malware scans using Spybot-S&D 1.6, Release Candidate 2, Malwarebytes' Anti-Malware, and Spyware Terminator for good measure.

What about accuracy in finding viruses?

Consider AV-Comparatives rankings. While they have not posted comparisons of freeware anti-virus results, the last version tested of AVG 7.5 achieved in May 2008 an “Advanced” rating. Certainly respectable.

And when I consider the latest reports from SRI International’s Most Effective Antivirus Tools Against New Malware Binaries, AnitVir is almost always rated at the top of the list (currently at 96% detects) but AVG comes in at over 90% as well (currently at 91 %). Many others achieve lower detection rates.

I don’t realistically ever expect to find a freeware anti-virus product that rates 100% success at detection tests.

What I do want is a full-featured A/V product that provides both real-time, on-demand, and scheduled scanning of my system against virus/malware threats. I want an easy-to use interface that I can configure in much greater detail if desired. Scans should be very thorough and fast in terms of the ratio of items scanned to time to scan them.

Oh yes. Free is very good.

I sincerely believe that while AVG Free version 8 is not a perfect product, it provides a significant level of protection, features and performance in comparison to other free products in its class.

Were I to recommend an alternative product based on speed of scan and detection accuracy, I must hands-down recommend AntiVir PersonalEdition without hesitation.

Everything else seems not quite up to grade.

Final Thoughts

I don’t demand perfection because it is a free product…and in all fairness…you have some very good options, but you do get what you pay for end the end. For the very best in detection rates and features, you have to pony up the $$ and put it on the counter.

However, I believe in a layered Windows threat-mitigation model;

I have a hardware based firewall/router to start things off. Properly configured this should prevent intrusion into your home network. Mine sits right-behind my broadband cable modem.
Behind that are my computers.
I work very hard to keep all my systems updated and patched (Windows Updates). I also recommend using The Secunia Software Inspector (online) or their Personal (PSI) tool installed locally to look for vulnerable applications.
Next I currently run the free Comodo Firewall Software set up for both inbound and outbound "leak" protection. (I do have the Defense+ element turned off.)
Then, AVG Anti-Virus Free Edition (without LinkScanner) to provide real-time and scan protection for virus/trojan/malware threats.
I then follow that layer up with ThreatFire AntiVirus - Behavioral Virus and Spyware Protection which is freeware software that provides heuristic and behavior-based malware protection (for threats that don't have a signature yet).
Finally I recommend using a next-generation build web-browser.

The Opera 9.5 browser, Internet Explorer 8 Beta, and Firefox web browser 3.0 all now provide anti-phishing/anti-threat site protection to varying degrees. Many more improvements are due in the next IE 8 beta release version!
While not perfect, they do operate in an efficient manner to provide web-surfing protection from malicious sites.
I prefer Firefox 3.0 coupled with the NoScript - JavaScript/Java/Flash blocker Add-on. This keeps most all malicious software activity from running via the Firefox browser, but allows you to enable Java/Flash on sites you trust (banking/commerce/etc.).

AVG Free version 8 does have a lot more going for it that folks (including me) have given it credit for.

It’s a darn-good product and worth giving a fair shake.

I’m just saying….

--Claus

AVG Free Version 8 (post-SP1) – Definitely Different!

So, it looks like the Grand Stream Dreams AVG Watch is nearing the end of its current drama run.

On July 2nd, AVG posted notice that AVG 8.0 FREE EDITION (8.0.135 - SP1) was released.

On July 4th, AVG posted notice that AVG 8.0 FREE EDITION (8.0.138) was released.

The SP1 version build took care of a number of issues, most obvious to users probably were the following:

Display of the system tray icon representing running scan (that can be paused or stopped from the context menu).
Added option to ignore the status of a component via context menu in the AVG main interface: the system tray icon then reports OK status even if a component is in error status.
New design of the system tray pop-up window, and more information provided.
Improved statistics of detected objects in Email Scanner and resident Shield.
Added option of deleting the Resident Shield and Email Scanner history.
Improved stability and design of GUI.
Fixed problem with inactive components after update.

The 138 build added one more important bug-fix

Also it should reduce traffic when LinkScanner is active.

So, what thinks Claus now?

De-selection of LinkScanner component – B-

As the image capture below shows, if you choose to do a “custom" AVG installation, you can rid yourself of LinkScanner.

In AVG Free 8 build 101 (pre SP1) you had the option to uninstall just the AVG Search-Shield component.

In AVG Free 8 build 138 (post SP1) you now have a degree more of granularity. By this you can clearly see you can choose to just not install the Search-Shield component, or you can also opt to not install both the LinkScanner component and the Search-Shield component.

This would have given AVG 8 SP1 better marks, however you still have to know in advance that you don’t want these components and be brave enough to select the “customized” installation from the setup wizard. Something that most home users won’t do and something AVG doesn’t advise them of in the setup process.

Component Reporting Improvements - A

The GUI changes are appreciated and finally bring a consistent feel to the application and its components.

As the image below shows, when you choose to install AVG under a “custom” installation method to not load the LinkScanner component (and/or the email component), you no longer are offered that component item in the Advanced setting component tree. Certainly nice.

In addition, you now have the ability to “Ignore faulty conditions” for each of the installed components. This finally allows you to disable a component but not have the system-tray icon for AVG be gray-ed out with a red-exclamation mark. Nice.

System Tray Icon Enhancements – A

To be honest, it isn’t exactly fair to compare the system-tray icon for AVG 7.5 to that in AVG 8.

AVG 7.5 had two separate component areas to access; the AVG Free Control Center and the AVG Test Center. Also included were a link to the AVG Online Services, the ability to close the Control Center window, and a check for updates.

AVG 8 unifies all the features in a single window view. So users of the earlier version will indeed be shocked to see the right-click context list very sparse now by comparison. Options remain the same from earlier version 8 choices; open User Interface, Update now, and exit.

It feels like you are getting less than in 7.5 but that really isn’t the case. If anything, the only thing I guess I would like to see added here is a link to quick-launch the Advanced AVG Settings window. That’s it for me.

2008-07-06_085424

AVG Free 8 (SP1) does now add a 2nd system-tray icon to show scanning state. This is appreciated as it will key users in to the fact that a scan is running on their system. It also adds some scan-function controls to the right-click context menu allowing easy pausing / resuming / canceling of scans.

These are all helpful improvements.

LinkScanner Improvements – A

I have to begrudgingly hand it to AVG. They seem to have remarkably improved the local client-side impact and performance of LinkScanner in the post-SP1 builds of AVG Free version 8.

That doesn’t say anything about the impact it still might be having on web-masters, nor that it still generates much more network traffic with it installed than without.

However, it has clearly been improved.

When I last looked at the traffic generated by AVG’s original deployment of LinkScanner, I was really shocked to see the toll it took on a local system in terms of network requests and data moved. (Playing in AVG Free Traffic... – Updated). I did find some errors in my first post, so if you have read it before, go back and find the changes. Here is a summary:

Again, for side-by side comparisons with/without Search Shield on each set of links:
Set #1 (Google, --> Searches only on following words: TechBlog, Grand Stream Dreams, Starbucks)

a. Total of 131 TCP/IP conversations were captured resulting in a total of 5,391 packets and total size of 3,615,873 Bytes.
c. Total of 37 TCP/IP conversations were captured resulting in a total of 699 packets and total size of 229,908 Bytes.
Difference of 97 extra TCP/IP conversations, 4,692 packets, and total size of 3,385,965 Bytes transmitted just by using the LinkScanner Safe Search component.
Set #2 (Google, --> search and click-through to Grand Steam Dreams)

b. Total of 44 TCP/IP conversations were captured resulting in a total of 1,152 packets and total size of 784,731 Bytes.
d. Total of 11 TCP/IP conversations were captured resulting in a total of 182 packets and total size of 68,054 Bytes.
That's a difference of 33 extra TCP/IP conversations, 970 packets, and total size of 716,677 Bytes transmitted just by using the LinkScanner Safe Search component to load a single blog main-page.
It is simply amazing. And this was just a very quick browsing exercise. Those totals will accrue over a long web-surfing exercise.

So I went back and repeated the experiment to see what had changed and what had improved.

Note: totals will be different as test-pages used have changed content slightly since last testing.

This time I used a Virtual PC session using the IE Developer’s VHD for XP Pro – IE7 offered by Microsoft. I first ran a capture with no AVG installed, then with AVG Free 8 (build 101) with a default (Linkscanner) installation, then a capture with AVG Free 8 (build 138) with a default (Linkscanner) installation. I deleted all the browsing elements (history, cache, cookies, etc.) between each capture. Network data captured using Nir Sofer's freeware packet-sniffer SmartSniff as I did last time.

For the first test session (3-Searches Test) I ran Internet Explorer 7 and browsed to Google, then did three searches: TechBlog, Grand Stream Dreams, and Starbucks.

For second test session (GSD Load Test) I closed out IE. Reopened it, and again browsed to Google, ran a search for Grand Stream Dreams, then clicked the link to fully load my main blog page.

No Linkscanner at all

a. 3-Searches Test: According to SmartSniff, I captured a total of 18 TCP/IP conversations resulting in a total of 127 packets and total size of 92,668 Bytes.
b. GSD Load Test: According to SmartSniff, I captured a total of 50 TCP/IP conversations resulting in a total of 312 packets and total size of 297,257 Bytes.

Linkscanner performance AVG Free 8 – pre SP1 build 101

c. 3-Searches Test: According to SmartSniff, I captured a total of 145 TCP/IP conversations resulting in a total of 3,387 packets and total size of 3,964,779 Bytes.
d. GSD Load Test: According to SmartSniff, I captured a total of 116 TCP/IP conversations resulting in a total of 1579 packets and total size of 1,753,862 Bytes.

Linkscanner performance AVG Free 8 – post SP1 build 138

e. 3-Searches Test: According to SmartSniff, I captured a total of 20 TCP/IP conversations resulting in a total of 192 packets and total size of 94,916 Bytes.
f. GSD Load Test: According to SmartSniff, I captured a total of 49 TCP/IP conversations resulting in a total of 450 packets and total size of 507,275 Bytes.

It shows a remarkable performance improvement.

Test Comparison	Conversations Difference	Packets Difference	Total Data Size Difference (Bytes)
c - a	127	3,260	3,872,111
e - a	2	65	2,248
d - b	66	1,267	1,649,627
f - b	-1	138	210,018

The totals in purple show the differences measured between surfing with the old LinkScanner version and surfing with no LinkScanner installed.

The totals in blue show the differences measured between surfing with the post SP1 LinkScanner version and surfing with no Link Scanner installed.

Granted there still is an impact on network traffic generated in using LinkScanner, but it is much, much, much improved over the older version.

In fact, it is so significant, I would now likely leave it installed on family and friend’s systems if they are not very Web-threat sophisticated.

I still personally am leaving it off my own systems. But that is now a much more difficult position to support in terms of local network traffic impact.

Granted, these tests were done in a very controlled environment and may not be fully representative of “real-world” usage or performance on other systems.

Still, it is very striking and suggests that AVG has taken the criticisms of its AVG LinkScanner technology and implementation to heart.

Scanning Performance - A+

Finally, one last charge lodged against AVG Free version 8 is that the scans are much slower and take much longer to complete than in AVG Free version 7.5.

Again, using a Virtual PC session using the IE Developer’s VHD for XP Pro – IE7 offered by Microsoft, ran three tests using first a default installation of AVG Free 7.5 (build 524), a default install of AVG Free 8 (build 101) with a default installation, then a default installation of AVG Free 8 (build 138) with a default installation.

What I measured was the time to default-scan the entire system, the number of objects scanned, and the number of threats/warnings found.

From this I divided the number of objects scanned by the the time to scan (converted into seconds) to arrive at what I coined the “Scan Speed Ratio” for each build.

Results below

AVG 7.5.524
Time to Scan whole system 12m 38s
Objects scanned 20,278
Threats 0
Note: AVG Free 7.5 does not include scanning for malware files.

Scan Speed ratio: 20,278 / 758 = 27.38 f/s

AVG 8.0.101
Time to Scan whole system 25m 45s
Objects scanned 266,565
Threats 0
Warnings 12 (cookies)

Scan Speed ratio: 266,565 / 1545 = 172.53 f/s

AVG 8.0.135
Time to Scan whole system 24m 36s
Objects scanned 265,906
Threats 0
Warnings 12 (cookies)

Scan Speed ratio: 265,906 / 1476 = 180.15 f/s

In these tests on my particular platform, AVG 8’s “Scan Speed” ratio performance is out-of bounds above that of AVG 7.5. And the post SP1 build is a bit faster than the pre SP1 build version.

Notice also the number of objects scanned. Remarkable. Clearly this is due to the inclusion of the malware signatures in Version 8 builds that were not a component of AVG 7.5.

Also worth noting is that while the time to scan a system doubled between version 7.5 and version 8, the number of items covered in the scan went up by over 13 times! Wow.

So there is some truth to the fact that scans now take almost twice as long to run in the Version 8 builds, but the file-scan coverage is much deeper and expansive.

Final Thoughts

Upon a deeper look at AVG Free 8, I must say that version 8 is clearly superior to version 7.5 both in terms of features offered and performance. The recent release of AVG Free version 8 (SP1) builds also brings remedy to the weight of LinkScanner protection.

In my current mind, AVG Free version 8 provides enhanced, improved, and unexpected gains over its younger brother.

There are some places that still need work, but over-all, it is a strong contender in the ranks of free anti-virus software for Windows users.

It isn’t perfect and depending on each user’s individual system and needs subjective and objective performance may vary from those I observed in these tests.

For kicks I compared the scan results in my own Vista system logs and found that while AVG Free version 8 took almost three hours (Yikes) to do a scan, the average “Scan Speed Ratio” I attained was still a very respectable 150’sh files/second.

In my next post, I will even submit, that AVG Free Version 8 (post SP1 builds) might be the best in that class.

AVG Anti-Virus Free Version 8 (Post SP1 builds) – now Recommended for most users.

--Claus

Bonus Material:

More links on the LinkScanner Saga from a Web-master headache perspective:

AVG Watch – The latest dirt.
AVG LinkScanner Bot Executes JavaScript?!? - Judah Phillips at Web Analytics Demystified
Update on AVG LinkScanner - Judah Phillips at Web Analytics Demystified
AVG LinkScanner Obfuscates User Agent! - Judah Phillips at Web Analytics Demystified

I want in there to see that!

I was at my ophthalmologist's office this week getting a followup visit to the ongoing eye issues I've been dealing with after my recent glasses upgrade.

Got some possibly bad news. Never a good thing to hear when you are dealing with your eyesight.

Maybe I'll post about it in a while. I want to stay safely in denial for a while. At least until I see the specialist to whom I was referred.

Anyway....

While sitting in the waiting area by myself, happily watching a Hannah Montana rerun on the television, I noticed the following sign posted on a door in their suite:

WARNING

DO NOT ENTER

PREGNANT LASER IN USE

I wanted to go in and see that pregnant laser soooo bad!

Really would have been a sight for sore eyes.

At least I got to laugh a bit.

--Claus

For Hard-Core MS Techies Only....

Just some quick notes for reference while at work.

Only worth reading if you are a hard-core techie and do Windows system building for imaging and/or play with Virtual PC images.

It's a Zen Thing

Howto: Fix Zenworks imaging problems with Dell Optiplex 755 - the back room tech

This is a pretty obscure situation. If you use Zenworks 7.0.1 and try to image a Dell Optiplex 755 platform, you will likely see some images.

Back room tech Julie steps us through the detailed workaround.

We do use Zenworks imaging "officially" to support our desktop/laptop image building. I however prefer to brew our own images using Microsoft's ImageX software and also Clonezilla as a backup imaging solution. Basically I just prep and Sysprep-seal the image, then capture it in both those formats. These are then distributed on USB hard-drives for our field-technicians to use.

Easy-peasy.

Spitting Images

Ben Armstrong's Virtual PC Guy blog posted some Virtual PC goodness:

Virtual PC Guy's WebLog : Updated VHDs Available

The Internet Explorer team have provided updated "IE Compatibility" test virtual machines, which now include an IE6, IE7 and IE8 Beta 1 virtual machine. Download available here: http://www.microsoft.com/downloads/details.aspx?FamilyID=21eabb90-958f-4b64-b5f1-73d0a413c8ef&DisplayLang=en

The Microsoft Forefront Codename "Stirling" VHDs. While this is a potentially massive download (16GB all up) it is a great example of the power of virtual machines for easy evaluation of complex technology. The full download comprises 5 virtual machines that build an isolated domain environment with the latest Forefront technology and a client computer to test with. It can be downloaded from here: http://www.microsoft.com/downloads/details.aspx?FamilyID=d4c3410f-11f0-42b8-9da7-b826d243536b&DisplayLang=en

The first offering is really great. You can run an almost fully functional version of XP SP2 with IE6, IE7 or IE8 Beta 1 in a pre-build virtual-pc environment. I use these to test software without nuking my primary systems. Awesome tool. Not only that, you can also play with an almost fully working version of Vista (business version) running IE7 to test applications. Only drawback is the download file sizes. They are whoppers. Bring your broadband connection with you to download these! They will expire in September 2008. So far Microsoft keeps issuing updated versions prior to the expiration dates

For more information on the second one, see Microsoft Forefront "Stirling" Home Page.

XP SP3 and Updated Sysprep'ing

From a previous post here. Seemed important enough to re-remind myself of:

This is critical info for all you system administrators who use Microsoft Sysprep to prepare a system before imaging and deployment.

Updated Sysprep.exe now available for Windows XP SP3 « the back room tech

Back Room Tech guru Julie points us to a post by David Remy in which he provides the following summary:

...the issue deals with the default profile and it no longer being copied when running sysprep. Before SP3 and without the patch the default profile was copied from the administrator account during the sysprep process, this behavior however changed in SP3 or when you installed the hotfix 887816. In SP3 the default setting is to not copy the default profile, thus a new key was added to sysprep.inf to allow for this functionality. The UpdateServerProfileDirectory=1 setting tells SP3 to copy the administrator profile to the default profile during the sysprep process.

He also has updated his great sample sysprep.inf file to incorporate the changes in sysprep in it.

Secunia may misreport Adobe Reader Version 8 patch-levels

I’m a big fan of The Secunia Software Inspector.

It quickly performs a in-depth scan of your Windows systems looking for vulnerable versions of common software.

The other day I was working on updating the base installation packages for five of our desktop system configurations; mostly just Windows patches and other application updates. From there I take an image of them which is distributed to our field technicians to use for quick system re-deployments.

As one of the final stages of this process, I run a scan of the Secunia Software Inspector to make sure I haven’t missed something. This is usually where I find a Java runtime version needs updating or maybe there is a newer version of Flash.

This time I found SSI reported that my Adobe Reader was at a vulnerable version. Secunia was reporting that I was at version 8.1.0.137 and needed to update to 8.1.2.215.

Hmmm. I thought I had already went and patched it already.

So I went back and checked again.

AdobeReaderUpdate

Nope. Adobe says there are no updates and it is at 8.1.2.

So at first I thought I had a corrupted installation, so I completely uninstalled Adobe Reader then (at that time) downloaded the latest version offered (version 8) and reinstalled it.

Same result.

Hmmm.

I then checked the program properties for the main exe file AcroRd32. Sure enough. It was indeed showing what Secunia reported; 8.1.0.137.

Based on that version information, that I thought that maybe the security settings of this file somehow were preventing it from getting update. However a check showed that it was not locked at a “read-only” state.

I also found this was the case on all the other four systems I was trying to update as well.

(I also went through this same process on my own home XP and Vista systems...so it could be one that home users are likely to frustratingly encounter as well.)

What’s up?

Turns out the problem is one with both Adobe and Secunia.

Adobe’s security update/patches in this latest case did not update the file and version numbering of the main Adobe Reader executable file. Instead it patches some additional components in the application to bring it up to the version 8.1.2 level, leaving the main file at the lower version number.

While I am not sure exactly how and what Secunia is checking when it looks for updates, it is clearly looking at the main file version in this case. Thus causing the mis-reporting of a fully patched version of Adobe Reader 8 as at an insecure level needing updating.

Apparently I’m not the only poor sap who wasted a bunch of time working this issue out.

Secunia finds old Adobe Reader after Security Patch - dslreports.com
Adobe Reader patch, now you see it, now you don’t - Defensive Computing - CNET News.com
[RESOLVED] For Secunia users - Virtual Dr Forums-Computer Tech Support
AcroRd32.exe stuck at version 8.1.0.137 - Adobe Forums
Security fix for Acrobat & Reader 8.1.2 - Adobe Forums
"How Can I Tell if I've got Reader 8.1.2 or 8.1.2 Security Update 1 Installed?" - Adobe Reader Weblog

So chill out. If you have to continue using Adobe Reader version 8, just open it up and run the internal updater. If Adobe wraps that up and no more updates are available, then you are sufficiently patched. Don't waste your time with reinstalls of the main application again. You should be good to go.

Miscellany

Curiously, the localized version of Secunia Software Inspector - Personal (PSI) RC3 - correctly reports Adobe Reader as being at 8.1.1.20 and at a sufficient patch state.

And yes. I know. Adobe's version numbering is a fit. Check out all the screenshots. Hard to tell exactly what version you are running isn't it?

In our shop, we have to stick with version 8.x for now. The better solution would be to ditch it and just go and upgrade to the just released this past week Adobe Reader 9 and be done with the issue.

Adobe Reader 9 is Here! - Adobe Reader Weblog
Adobe Reader 9 download - Adobe

Course, if it were up to me...I would just use Foxit Software's Foxit Reader (free) and be done with the lot.

Finally, more GSD gushing on Secunia's otherwise very fine and free system vulnerability scanners:

Software Vulnerability Scanner for the Masses - Grand Stream Dreams post.
Secunia Personal Software Inspector RC-1: Wowzers! - Grand Stream Dreams post.

In the end I was satisfied that the Adobe 8 versions I had were sufficiently patched, I Sysprep'ed my systems and sealed them up. I finally captured the images using Microsoft's ImageX software and copied the WIM files to the portable USB drives we issue out.

Sheesh. Too much drama.

--Claus

Claus’s Five Best Windows Maintenance Utilities

Lifehacker started it this time round: Hive Five: Five Best Windows Maintenance Tools

Todd Ogasawara picked it up and offered his choices: My Alternative Recommendations to: LifeHacker’s Five Best Windows Maintenance Tools

Being as I like a good and useful utility and know more than a few, I thought I would offer my own take.

I set the following self-imposed conditions; it must be free, portable (on USB), be XP/Vista compatible, and otherwise provide a capability above and beyond that which Windows can (within its common features) provide.

Claus's Fave-Five:

1) CCleaner - Great for very thorough cleaning of temp files, registry items, and other gunk and buildup that accrues in a Windows system. Take the defaults for a painless cleaning or go into the advanced items for deep spa-cleansing and rehabilitation.

2) Glary Utilities – Since we are focusing on “maintenance” tools only, this is a no-brainer choice. It does have some CCleaner-like tools, but also includes a short-cut fixer, uninstall manager, memory optimizer, context-menu item manager, file shredder, file undeleter, disk-space analyzer, and empty-folders finder. So many tools in a single package!

3) AutoRuns for Windows – This Microsoft Sysinternals tools should help with some major cleanup work for Windows auto-run items. It covers many, many more areas than the msconfig tool by default. That’s why it makes the cut. Granted, removing an incorrect entry here can tank your system, so I always disable, reboot and recheck before finally removing (deleting) an entry. Not for noobies but oh-so-powerful! With some surgical removals, it can really improve startup-performance on many systems; shedding unneeded items.

4) Spybot-S&D 1.6, Release Candidate 2 – 1.6 RC2 now supporting Opera 9.5 and Firefox 3.0 builds. There are lots of other anti-malware cleaners. Many now do a more detailed job. However the fact that this latest build can handle the newest generation of browsers means you can do some effective cookie-cleaning. It runs much faster than previous versions as well.

5) XdN Tweaker – Because maintaining a Windows system means more than just deleting files and folders. I selected this system-tweaking tool as it supports both XP and Vista systems in a single package. It does require the host machine have .NET installed. Other than that it provides a wealth of system adjustments and fine-tuning options Definitely needed in the professional system maintainer’s toolbox of applications.

What is missing from this list?

No dedicated uninstaller was listed…by default Windows has one in Add/Remove programs.

Likewise, no defragger listed…by default Windows has one.

Honorable Mentions:

These utilities provide similar (though magnitudes better) features than Windows default tools and/or require local system installation to function properly.

Revo Uninstaller or MyUninstaller – Revo is awesome in that it has advanced features that really make it easy and complete to remove everything when removing applications. NirSoft''s uninstaller is just so tiny and fast it is 1000x's better than Window's own method.

JkDefrag Option GUI - In my mind, the best interface for the JkDefrag drive defragging tool.

Malwarebytes' Anti-Malware or Spyware Terminator - two very aggressive and very deep-cleaning anti-malware removal tools. Only drawbacks is that they must be installed on the host system to perform properly. Like two Dobermans.

Process Explorer - Microsoft Sysinternals utility. Not really useful for cleaning and maintenance in-of-itself. However, it can provide an incredible level of detail as to what processes are running on your system and what they are doing. Great for assessing just what is happening. Might allow advanced geeks to hone in on problem areas with certain applications.

xpy or Vispa - Two handy tools for XP or Vista systems (respectively). Allow a fine number of system tweaks and restoration. Nice, small and useful.

Related Posts:

PC Housecleaning - Grand Stream Dreams blog

A BIG List of 34 Free XP and Vista Tweaking Apps - Grand Stream Dreams Blog

Anyone have any "my fave-five" favorites they would recommend? Feel free to leave-em in the comments!

--Claus

Grand Stream Dreams blog