Saturday, August 23, 2008

So many links….So little time…


cc credit flickr: peasap

Yep, it's another Grand Stream Dreams Linkfest extravaganza! 

Sometimes I wonder if I don’t bring it all on myself.

I’m pretty curious and am always open and looking for new utilities, updated versions, and new )techniques that I can apply to Windows systems both at home and at work.

What I usually end up with is a pile of links to sort out and share, and not nearly enough time to get them all recorded and given their just due in commentary.

So get out the baton, the piñata is full of treats!

How-To's and Cool Utilities

How to Prepare Yourself for System Restore From Scratch - Nice little tutorial on one method to prepare a custom system restore disk from scratch.  There are a lot of different methods--to each their own--but this guide did take an interesting approach.

5 Ways To Update Your Windows Operating System - Previously covered on Grand Stream Dreams, there are a wide number of applications that make updating the Windows operating system a bit easier, especially on a large-scale.  Varun Kashyap's line-up of choices is pretty good!  All my favorites were included (c’t offline updater, AutoPatcher) and a new one called Project Dakota which I hadn't heard of before.

USB Office Showdown: Tiny USB Office vs. Portable Apps -  Which is better? Who knows.  It is cool to know that Tiny USB Office backs a bunch-load of apps into just 2.5 MB of space.  While the PortableApps suite has just about all the mojo you could need for basic to advanced office application management in a slick GUI launcher, but it weighs in much larger.

MobaLiveCD - Run your LiveCD on Windows - Spotted via a recent back room tech post.  While I already have a number of virtualization apps (Virtual PC or VirtualBox to name just two) I use to pre-test "Live CD" burns I am always building, some folks might just want a bit more integrated solution for ISO testing and running.  What makes MobaLiveCD so nice is that once you run and install it, you get an easy-to-use wrapper for QEMU.  So when you want to test an ISO, just right-click on an (bootable) ISO file to launch it in the QEMU emulator. It has a very nice and helpful interface.

Mark Minasi's Newsletter #72 August 2008: Making Pkgmgr Deliver Hotfixes Offline is out and has a great amount of tips on how to use the Pkgmgr to "inject" update patches into (ImageX) WIM files. Turns out there is a bit of trickery required and Mark's got the details down great.

Windows Post-Install Wizard Home - (freeware) - I had never ever heard of this tool before I read Confessions of a freeware junkie's post reviewing it.  I must say I am very, very impressed with this and I haven't even downloaded it yet to play with.  It really seems to be able to open up a number of doors.  While no replacement for SysPrep for image pre/post deployment work, it does and a wicked-cool wizard post image deployment that allows system administrators (or geeks) to add particular applications or system tweaks on a per/system basis.  It appears to be highly customizable from the element lists, to the template styles, to the image used on the wizard's background.  It does have a steep learning curve, but once you get it down, I bet you will be amazed! I'm thinking right now on how I can incorporate it into our post-image workstation deployment process at work.  Any Sysadmins out there must at least take a look at it.

New and/or Improved

Sandboxie version 3.28 - (freeware) -This favorite tool which creates a "sandbox" for programs to be installed or operate within got a recent  update.  While not a common tool for most folks to use, system administrators in general, software testers, and malware avoid'ers might find it beneficial to use.

Altiris Software Virtualization Solution (SVS) - (free for personal use) - To get it, go to this Altiris Juice page and scroll down a bit to the "Free for Personal Use" section. A number of download sources are provided from trusted locations.  Basically what SVS does is to manage "virtual software packages" without "installing" them on the host system.  Similar to SandboxIE but a bit different.  There is an active developer and support community out there and a number of popular Sample Applications already built.  For more details from a third-person perspective check out Altiris SVS - review at

AutoRuns for Windows - (freeware) - Gets another version bump to v9.33 and this time brings some command-line options for auto-scanning and exporting of results.

EASEUS Disk Copy 2.0 - (freeware) - Many new features in this version including expanded drive support, partition copy, dynamic disk support, booting from CD, GUI upgrades, and then some more.  Related: EASEUS Partition Manager (free for personal use).

RegFromApp - (freeware) - NirSoft app to monitor registry changes made by an application gets updated for command-line support and drag-n-drop.

OpenedFilesView - (freeware) - NirSoft app to display what application/processes have opened which files on your system now gets an option to mark filenames that their their date/time or file size was changed since the last OFV snapshot was taken.

MozillaHistoryView - (freeware) - NirSoft app to explore and manage Mozilla/Firefox browser history files now is able to support Firefox 3 (places.sqlite) file.  Hurray!

FavoritesView - (freeware) - NirSoft app to explore and manage Favorites/bookmarks in your system browsers is updated to deal with some bug-fixes, but also now supports Firefox 3.0 (places.sqlite).

UserAssistView - (freeware) - Let's let Nir Sofer explain this new utility; "This utility decrypt and displays the list of all UserAssist entries stored under HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist key in the Registry. The UserAssist key contains information about the exe files and links that you open frequently. you can save the list of UserAssist entries into text/html/xml/csv file, as well as you can delete unwanted items."  Sounds handy to me!

KeePass Password Safe - (freeware) - Bumped to version 1.12 brings in lots of new features and improvements.  Still hands-down my most favorite password manager.

xpy - (freeware) - This perennial Windows XP tweaking toy brings in a number of new features and program tweaks.  A must-have for anyone who tweaks and manages Windows XP systems.

 AceBackup - (now freeware) - Lots of tools are out there for making backups and archives of Windows systems some of my favorites are DSynchronize, Toucan at, SyncBack, Cobian Backup, Comodo Backup, and Karen's Replicator.  Ace Backup has some easy-to-use wizard help and a nice interface to make setting up your backups a breeze. Ace brings some special elements to the backup mix including secure FTP support, file-specific encryption, and multi-file versioning support.  For a brief review check out the one at

Tiny Apps Two-Fer!

I love the TinyApps.Org site.  It is sparse. and when a post is made, it is always good.  So with delight I found Miles Wolbe's Automatically click OK (or any button) with ClickOff post contained two great finds!

ClickOff - (freeware) - An amazing tool that will "click" a button and then some, automatically. Who might need this?  Well, as Miles points out, if you have ever been confronted by an application that requires an "OK" button press to continue, only there are a ton of windows to clear, you will instantly know and recognize the worth of this application!  Once installed the program files can be copied to USB for a portable version.  The program starts out in German, and it is a bit confusing at first to switch to English. Here's how to change ClickOff from German to English: Once launched, right-click the program's icon in the system tray.  Choose the 2nd option from the top "Einstellungen".  When the window launches, find the "Programmsprache" section and click the drop-down arrow to select the "English.lng" file.  Click OK. Done!

Anyway, the second find was another tool that could be used to scan and remove specific virus files; Trend Micro Damage Cleanup Engine / Sysclean.  I'm going to have to save configuration and usage of this tool for another post, but suffice it to say, it is really easy to use and I really like the ideas that come to mind on using it to perform a 2nd-opinion scan on a potentially impacted system.  Similar to McAfee's Stinger tool as well as the McAfee command-line scanner with Bart Lagerweij's ScanGUI interface.  All three of these will be well worth a GSD post of their own soon.

Thanks Miles!

In Security News...

(IN)SECURE Magazine - latest edition (July 07) has some great articles.  Good PDF reading during slow meetings.

Symantec to Acquire PC Tools - Donna's SecurityFlash - Yep. The Yellow Monster of system security is gobbling up PC Tools which provides a number of great consumer-oriented computer security products (both free and $) such as Spyware Doctor, PC Tools AntiVirus Free Edition, PC Tools Firewall Plus, and my personal favorite (running it on all my XP and Vista systems) ThreatFire Free Edition.  I'm really not sure what to make of this.  I just hope these free versions don't get shoved to the wayside and abandoned by Symantec. Official Symantec press release.

Security Vulnerability Research & Defense : IE 8 XSS Filter Architecture / Implementation - New and technical details from Microsoft on how the IE 8 browser will defend against Cross-Site-Scripting malware attack methods.  Interesting stuff.  IE 8 is stepping up to the security plate looking to smash one out of the park. Opera and Firefox better take note!

IE 8 looking like a November release -  Looks like the IE 8 Beta 2 release for testers might come out at the end of August or early September.  Then the Final Release of IE 8 is still on track (per Microsoft) for an end of 2008 release. Wowzers!  We still haven't deployed IE 7 yet in our enterprise shop.  Yikes!

Anti-Malware Toolkit - (freeware) - This isn't really a anti-malware tool per-se.  What it does do is allow you an (almost) one-click experience to download a majority of anti-malware tools to a target system.  It's available in both an exe installer and a non-install zip format.  See also their informative PC Cleanup and PC Security pages that contains advise and helpful links. This program will download all the major anti-malware and pc cleaning programs, along with some definition files, some recommended web-browsing/email platforms, some anti-virus platforms, firewall, and some very helpful utilities.  I really can't say anything bad about these at all.  It looks like the download files come directly from the specific developer's sites so you should feel confident you are getting unadulterated versions.  Worth sticking on your USB stick as a time-saving download helper!  For more information see these reviews: Anti-Malware Toolkit Keeps Your Arsenal Up-To-Date - Download Squad and Featured Windows Download: Anti-Malware Toolkit Builds a Quick Computer Cleaning Toolbox - Lifehacker.

Windows Incident Response: Browser Artifact Analysis - (post) - Harlan covers a common scenario I run into; not really doing forensics work, but assessing a web-browser session to evaluate clues for system infection.  He provides some great tips and article links to help organize this process.  There are a number of tools and utilities I keep at hand to do this on my USB stick, but Harlan provides even more.

Microsoft Sysinternals Desktop Utility

I'm giving this one a standalone section.

Desktops - (freeware) - is a standalone (no-install) utility from the Yodas of Microsoft (Mark Russinovich and Bryce Cogswell) that allows you to create up to four virtual desktops in XP or Vista.

Who needs it?  Mostly no-one except maybe those who want the dual-monitor effect but can't afford or configure a real multi-monitor configuration.  Or maybe (and I see this as the true use) for those who demo or provide presentations.  This will allow them to quickly and professionally jump between multiple applications quickly like Mark often does during his TechNet Live presentations.

It seems to perform much better than the Virtual Desktop Manager - PowerToy for Windows XP that Microsoft put out a long time ago.  I've used that before and was so (yawn) in awe of it I ended up uninstalling it.

This version seems more flexible as I can run it on demand on whatever system I want to.

Seems to have a few "bugs" but might fit most folks needs and is bound to see feature improvements.

For reviews see this Download Squad review as well as a nice Cybernet News review.

Other (but not by far all) notable utilities that accomplish much the same thing, but with many added features (and not quite the portability level) are:

Despite the large numbers of applications available for this segment, I wonder just how many folks use them on a daily basis.  Give me a multi-monitor configuration over a virtual one any-day.

That said, I think Sysinternal's Desktop utility will become much loved and used as it is free, portable, and seems to be designed by the Microsoft pros.  As I said, I bet presenters will find the most use for it.

Finally - Firefox

Turns out that Firefox 3.1 will get a MAJOR boost to JavaScript performance.

Firefox to get massive JavaScript performance boost - Ars Technica

Some say it might be up to seven-times as fast. Wow.

It is built into the Firefox "Minefield" nightly releases now. (If you are confused about Mozilla "nightly" versions please read this Grand Stream Dreams primer: Resolving a “Nightly” Firefox Issue…).  However it is disable by default.

John Resig - TraceMonkey post has the method to get it enabled:

If you want to try these out for yourself, just snag a nightly of Firefox 3.1, open about:config, and set the following preference to true:


You should be, happily, in just-in-time tracing land. It's still buggy (hence the reason for hiding behind the preference wall) but it should be good enough to handle most web sites.

What's especially exciting is that this code is working on x86, x86-64, and ARM - which means that these improvements won't be limited to just the desktop - you'll be able to receive them on your mobile devices as well.

I'm wondering if even more Firefox 3.1 browser performance with JavaScript can be eked out by combining this feature with Sun's Java SE 6u10-b28 build version which is now available for download.  The 10-b builds promise to bring Next-Generation Java Plug-in Technology to Firefox and Opera.  More here.

I've been running them both (the updated Firefox feature and Java SE 6u-10-b28) without any ill effects, but I don't (yet) really use any heavy-lifting JavaScript programs to allow me to fairly make a conclusive statement.


Looks like that linkfest piñata has been beat to death!

Have fun picking out your favorite candies!


1 comment:

mozyman15 said...

another cewl utility backup to email wtih a right click (