Whew! I am beat!
Got up at 7:30 AM to get fresh local donuts for Alvis and her BFF's who spent the night post eighth-grade senior dance.
Picked up the house from about nine to ten. Got more laundry going.
Went and grabbed some pic-i-nic vittles at the grocery store about ten. Got back and prepped all the yummies while continuing to deal with house-clutter.
Mom and brother arrived at about eleven thirty. Time for the picnic!
Drove out to the neighborhood park by noon, wondering if we would be able to find a free pavilion on such a wonderful Sunday. We did.
Got the barbeque pit loaded up. Brother realized his lighter fluid bottle was empty. Left to go find some more. I wadded up several paper plates and surrounded the core with brickettes. Lit it. Fanned it. By the time he got back it was going just fine; thank you very much.
Ate burgers and beans and basil-seasoned corn-on-the-cob. Ate a silk-chocolate pie. Played catch and caught up on everyone's stories and drama.
With the breeze, and the low humidity, and the clear blue skies, the barges going up and down the bayou and the gulls calling, it felt like a childhood Florida moment somehow.
Bundled back up by three PM at the house. Split up the leftovers.
Took a shower and shaved.
Ran out to get a book for Lavie she had reserved at the bookstore. Stopped by Khol's to look for new pillows and sheets for our bed.
Learned that Vera Wang makes very nice bedding and thinks highly of her products. Bought them anyway. Agreed that Lavie and I should try getting matching pillow styles, and found some to our mutual satisfaction.
Realized at checkout that there really are 1000 count pillowcases in the world, and that if you buy them, you must enjoy them. Every single penny of them. 1000 count pillowcases fell REALLY good. I better have some very sweet dreams tonight. That's all I am saying.
(OK, I picked them out, not Lavie. They do feel very nice.)
Got back home, Alvis reported she had finished her homework. Mostly. Lavie instructed Alvis of all the things that will not be allowed on the new master-bedroom bedsheets; hamsters, food, drinks, jeans still on Alvis's body home from school, hamsters.
Tossed out a few bedrooms worth of very old and very scary looking bedsheets that had been lurking far back in the linen closet. Convinced myself that while I could find many uses for them, that the simplest thing to do would be to just toss them and walk away. Done.
Still got to fold the mountain of laundry in the study. Still got to unload the dishwasher and re-load. Still got to change the sheets to the new 401K plan which consists of 400 to 1000 count Vera Wang bed sheets and Laura Ashley pillows (4).
Might eat some leftovers. Or not.
Got to get done by 8 PM in time for the last episode of Masterpiece Theatre's wonderfully fun Cranford. I missed most of the second installment, but fortunately, it's being offered to Watch Online!
What am I forgetting?
Oh yeah! This week's Linkfest Roundup!
Security Tools and Techniques.
This week in a rare moment, I was able to take a break from my project management and go hands-on in a tough fight with some challenging malware.
It was a strain of malware that tosses a big 3vil bio-hazard warning about infection on the user's desktop wallpaper, grinds their network connection to a crawl, and provides horrible popup warnings about (false) virus infections found and directs the user to pay for the tool to remove them.
Scam.
This particular variant is in a class similar to PrivacyProtector Free (Red BioHazard Desktop Screen). Turns out that it has been making our way around a few offices and desktops of ours. I think it seems to be installed by users as a "drive-by" when they visit a less-than reputable website. The guys have been resorting to just recovering the user's data files, then doing a re-image of the system and moving on. As I found out, it's very sticky, but not too complex if you have the right tools and a bit of know-how.
In the end I used Autoruns and Process Explorer to locate, disable and/or remove the startup items and delete most of the launching files. However there were two files I couldn't delete and attempts to use my "locked-file" killers resulted in BSOD's. With a bit more investigative work I discovered that the two particular files (both .dll's) were hooking at startup deep into the LSASS and Winlogin processes.
Fortunately I have another trick up my sleeve as we now run on XP Pro desktops. I logged into the Administrator account and set the Security permissions on the files to "Deny" for everything and all users.
Rebooted. The files could not be launched and executed! Then I merrily deleted them.
I then re-ran Autoruns and removed the remaining bits of the ilk from the auto-start shell, registry, and startup locations.
I removed a few more program folders where it had been "installed" and removed the annoying fake threat wallpaper folder. Finally (still disconnected from the network) I launched Internet Explorer and hand-entered the original home-page which had been changed to the PrivacyProtector website.
One quick pass with CCleaner and dumped all the temp files, cookies, history, etc. and plugged it back to the network.
Ran like a top.
Some Microsoft Sysinternals tools got great updates this week:
Autoruns v9.2 - 9.21 - This tool got an update that allows exportation and importation of scan results to better view results on other systems. It also adds support to enable and delete Winsock notification DLL's and fixes bugs encounterd on the 64-bit Windows systems. Must have tool.
Process Monitor v1.33 - This tool fixes some 64-bit Windows issues and now preserves profile information by default when saving log files.
AccessChk v4.1 - This command-line tool for looking at effective permissions on files, keys and processes now handles Vista process owner rights and shows permissions on active threads.
I didn't know it at the time, but Precise Security has a free tool to effectively remove a specific collection of malware, desktop hijackers, and adware/malware installed by the Zlob trojan family.
Tools and Resources | SmitFraudFix - Freeware malware remover.
Turns out I probably could have used this tool to remove that PrivacyProtector junk from the get-go. Now I know.
Stinger v3.9.9 - McAfee Threat Center - (freeware) - Standalone utility used to detect and remove specific and active virus infections. No replacement for full anti-virus protection, but good to keep this single exe file on a USB stick, just in case.
Multi Virus Cleaner (MVC) 2008 v8.2.0 - (freeware) - Another standalone tool to detect and remove major viruses from a system. Covers over 6000 common variants. Offered as a public service by VirusKeeper security professionals. Good to keep handy as well
Nirsoft Fun
Nir Sofer is still at it! Here are some new and improved offerings from his workbench.
PstPassword - Outlook PST Password Recovery - (freeware) - Nothing is more frustrating that a end-user who figures out they can password their Outlook PST files, but then forgets their password! Sure, we can unlock their Exchange Server password, but their PST file? Luckily Nir has that one covered. This new update to version 1.10 allows the user to save the results as a CSV file. Nice.
OpenedFilesView v1.15 - (freeware) - Use this tool to display a list of all the open files on your system, along with information about read/write/delete access, and importantly to me, the process that opened the file. You can also attempt to use this to close the opened file or terminate the process that has it opened. New version supports CSV file export of results, AutoRefresh sub-menu selection is displayed, and the main window doesn't loose focus when switching back and forth.
MUICacheView - (freeware) - According to Nir Sofer, "Each time that you start using a new application, Windows operating system automatically extract the application name from the version resource of the exe file, and stores it for using it later, in Registry key known as the 'MuiCache'. This utility allows you to easily view and edit the list of all MuiCache items on your system. You can edit the name of the application, or alternatively, you can delete unwanted MUICache items." Granted, they come back when you run the application again, but it could be useful when you are inspecting a system and it's application usage.
Seriously Fun, Serious Utilities
Event Log Explorer - (free for personal use) - Great tool that allows you to one-stop-shop view, monitor and analyze the wealth of system logs and events on your Windows 2000/XP/2003 systems. Sure you can do it without this tool, but this really does help you organize the myriad of reports and drill down to exactly what you are looking for. Supports tabs, filter by event, power-searches, and the ability to print or export the results. Great for system inspection and auditing. From FSPRO Labs.
RegRunner - (freeware) - Stunningly well made tool that (like BillP Studios: WinPatrol) monitors your system for changes. RegRunner keeps its eyes open for registry changes. Very good to run during program installations/uninstalls. Can also display running processes and auto-run items, but I prefer the Sysinternal tools for those areas. Found via a DownloadSquad post.
Empty Folder Nuker by Simon Wai - (freeware) - Does knowing that you have empty folders scattered across your hard-drives keep you up at night? Want a quick and dangerous way to find and delete them? You need Empty Folder Nuker. Works on XP, Vista, 2000, and Server 2003. Simple and easy to use. But beware, some applications actually need these things to operate. Toss the empties at your own risk!
winMd5Sum Portable - (freeware) - There are a ton on MD5 file hash generation tools out there. I have about five or six. What I like about winMd5Sum in particular is that it allows you to quickly compare results without having to run multiple sessions of the same tool or copy/paste/write the first one down, then get the second one. Designed to run of USB.
SoftPerfect Network Scanner: fast and free network scanner - (freeware) - Updated recently to version 3.7. Does lots of wonderful things like pinging, detecting MAC addresses, finds hidden shared folders and write accessible shares on networks, scans for listening TCP and SNMP services. Exports findings in a variety of formats. Great and USB portable network tool.
Visual IP Tools: Visual Ping, Traceroute, Whois and Email Headers Investigation tool. - (freeware) - Yep it does all that. For free. See visual route tracking for packet sends. Get WHOIS info. Pings are very pretty. And what I find especially cool, is that it can review email header information and analyze it to get a better understanding of who sent you what.
Seriously Fun, Not-so-serious Utilities
Task Coach Portable 0.69.2 - PortableApps - (freeware) - From the feature description, "Task Coach is a free/open source to-do manager with a friendly interface making it very easy to create, organize, and manage all of your tasks. Task Coach features various handy options such as setting start and completion dates for a task, creating a budget for a task, adding attachments, reminders and more!" Learn more about Task Coach...
BootTimer - (freeware) - Itty-bitty utility to find out just how fast your XP system boot-up time is. Nothing deep here. Just for geeks who like to compare boot-times as a badge of honor. Could be good to see if disabling certain auto-run items makes any difference or not. Spotted via LifeHacker
Rulers - Omnidea - (freeware) - Really cool on-screen ruler utility and screen shot capture tool. Supports multi-monitors, also contains a magnifier, color picker and comes in both Windows and Mac versions. Fun and useful!
Bytessence UserBar Generator - (freeware) - Ever notice those cool little user-bars that some forum users have as their signature graphics? This tool helps you to design and craft your own custom creations. It is very easy to use and supports a lot of really eye-catching visual graphic effects including gradients, reflections, "scanlines", custom fonts, opacity, transparency masking and other graphic elements. Quite addicting to play with.
For the Browser Fans
Yes, I know. I heard.
Firefox 3 Release Candidate now available for download
Dwight is now encouraging folks to go try this version. I would agree.
I personally have been using the "nightly" builds of Firefox 3 for quite some time now and am very pleased with the performance and behaviors. It is my full-time browser of choice now.
However, I'm not really looking at that old-news.
I've been playing a bit more with the Opera 9.50 beta 2 browser.
Me likey!
No, I'm not going to switch anytime soon from Firefox, but this little browser just keeps getting faster and faster and better and better. Amazing piece of work, it is.
Oh, and like testing bleeding-edge versions of Opera?
I found that download page as well: Opera Software - Beta Testing.
While not quite as "nightly" as Mozilla's "Nightly" are, they are still periodically made available.
More neat Opera development news can be found over on the Desktop Team blog.
I spent considerable time last weekend playing around in Opera. In doing so I found a great resource that documents all the files and folders used by by Opera on Windows. Really good stuff here. If you are an Opera fan, you must bookmark this page for posterity. It really helped me understand the files and folder structure when I was poking around my system, post-Opera install.
Files Used by Opera for Windows
Also found out that like Mozilla's "about:config" that contains the inner configurations of the Mozilla Zilla, Opera has a back-stage pass as well; "opera:config". Only Opera's is very slick and well organized.
Speaking of Firefox 3 and the Zilla, you may remember this post where I found a variety of tools that could be used to look at Firefox 3's SQLite files now used in the latest version: Two More "Lite" SQLite viewers - All good, light, and free
Turns out there is actually a great Firefox Add-on extension that can view SQLite files!
SQLite Manager :: Firefox Add-ons - spotted via this Confessions of a Freeware Junkie blog post.
So if you don't want a standalone freeware SQLite viewer utility to inspect your Firefox SQLite files, then you can use an add-on to do it! Neat!
One feature of Opera I think I like (still not sure) is the speed-dial feature (Flash-based example) where-by you are presented with a number of thumbnailed sites to pick from as your home-page. Cool I suppose if you are sorting through the same sites each morning. I personally just use this blog as mine, but at work, I think I could see some value in this. Though I usually spend most of my time in my RSS Feed reader (NewsFox) first, then branch out to some other sites.
Anyway, there are two similar Add-on's for Firefox that capture the "speed-dial" feature in Opera:
Speed Dial :: Firefox Add-ons
Fast Dial :: Firefox Add-ons
Which is better? I'm not really sure at the moment. Give me a few weeks trying one, then the other and I will be able to provide a fair evaluation.
Finally, the Firefox Extension Guru has been providing some wonderful tip-posts on how to tweak Firefox 3:
My personal favorite? Fx 3: Removing Bookmark ‘Star’ Button.
Others have included:
Removing ‘Live Feed’ Button
Make Active Tab Wider
Fx 3: Removing The Search ‘Go’ Button (and the "search bar" magnifying glass)
Find even more Firefox tweaks in The FFGuru's redesigned Tweak's Section
Good work Guru!
And now...time for Masterpiece!
See you in the Skies!
--Claus