Monthly Archives: February 2008

Need a Free Collection of System Tools and Utilities? – Get Glary Utilities

Glary Utilities the number one free all-in-one utility on the market, is a must have collection of system tools and utilities to fix, speed up, maintain and protect your PC. Personal experience with this application for the last 6 months has convinced me that a typical user can really benefit by having this application on their system.

With this free program you can tweak, repair, optimize and improve your system’s performance, and its ease of operation makes it ideal for less experienced users.

You can quickly find the tool you’re looking for: disk cleaner, uninstall manager, secure file deletion, memory optimizer, registry cleaner, duplicate file finder, tracks eraser, empty folder finder; a very convenient feature for those of us who like to test drive new software. Prior to making important changes to your system, Glary Utilities creates a backup copy first, a very important feature.

As well, you can also manage and delete browser add-ons, analyze disk space usage and find, fix, or remove broken Windows shortcuts, and manage startup programs.

Key Facts:

· Disk Cleaner Removes junk data from your disks and recovers disk space

· Registry Cleaner scans and cleans your registry to improve your system’s performance

· Shortcuts Fixer eliminates the errors in your start menu & desktop shortcuts

· Startup Manager manages programs which run automatically on startup

· Memory Optimizer monitors and optimizes free memory in the background

· Tracks Eraser erases all traces, evidence, cookies, internet history and more

· File Shredder erases files permanently

· Internet Explorer Assistant manages Internet Explorer Add-ons

· Disk Analysis provides detailed information files and folders

· Duplicate Files Finder searches for space-wasting duplicate files

· Empty Folders Finder removes empty folders (I love this feature)

· Uninstall Manager completely uninstall programs

Designed for Windows 98, ME, NT, 2000, XP, 2003 and Vista. The 64-bit versions of Windows XP/Vista are not supported.

Download here: Download.com

Comments Off

Filed under Disk Cleaners, Empty Folder Finder, Freeware, Hard Drive Maintenance, Memory Optimizers, Secure File Deletion, Software, System Memory Management, System Utilities, Tracks Eraser, Uninstall Managers, Utilities, Windows Tips and Tools

Scamming By Spamming – They Just Won’t Quit!

It’s just human nature that allows us to think that we can get something for nothing. That’s the way of the world, and human environmental psychology.

Scam artists of course, count on this human failing to increase the chances that their constantly evolving criminal schemes will succeed with enough people to make their efforts economically worthwhile.

Again this morning, I received another carefully crafted email scam; this one aimed at the 120 million strong Blogging community. I have to wonder however, if the people who write these emails have ever heard of a “spell checker”. It boggles my mind as to how the creative minds who can devise these essentially brilliant schemes, can’t spell!

In any event, the following is the email that I received; notice the spelling mistakes.

Subject: Advertising Inquiry

From: advertising@polimedia.us

Hello,

We have reviewed your blogger.com blog on behalf of one of our

clients that would be interested in placing advertising with you.

Client profile :

DoingFine (http://doingfxxx)

We’d like either a 150×150 button, 160×600 skyscraper or 468×60 full banner (or footer). Alternatively, we may be interested in text-only advertising.

This would be a weekly, monthly or yearly arrangement. In either case we will require a one time, one day (24 hours) free placement in order to test the quality and quantity of traffic your website can actually provide*. Within this interval, we will make a final determination, based on the traffic volume, quality, and your asking price. Should we find your terms acceptable, this trial day will count towards the agreed interval.

Kindly let us know if you would be interested, which arrangement best suits your editorial needs, and what rates you would like to charge. We prefer using PayPal but may be able to accomodate alternative payment methods.

Thank you.

*Please note that we employ software that reliably detects autoclick and autosurf bots, pay per click and paid to surf type traffic, and other such non-human traffic. This may be a concern for you, especially if you are buying “bulk traffic”, or employing the services of dubious “SEO experts”

So can you see the problems with this email, other than just the spelling errors?

Well in the first place, they are looking to place a “one time, one day (24 hours) free placement in order to test the quality and quantity of traffic your website can actually provide”. But in reality, there are a fair number of SEO services such as Website Grader, that provide this service and more, at no cost. So the question is: why wouldn’t a professional advertising organization not have this type of information at hand? This doesn’t make sense.

It seems to me, that one of the objectives of this scam is to insert bad JavaScript ads into the Blogs of those who commit to the one time, one day free ad placement. As well, since PayPal is mentioned, it is conceivable that a second part of the scam is aimed at obtaining the credit card details of those who respond to this offer.

While I despise the objectives of these scams, it’s difficult for me not to have some degree of admiration for the creativity, and the audacity, of these scam artists.

As ever, we need to be security conscious while dealing with web related issues and to be sure to always practice the following: Stop – Think – Click.

A great web site which is dedicated to debunking email hoaxes, thwarting Internet scammers, combating spam, and educating web users about email and Internet security issues is Hoax-Slayer. Check it out.

2 Comments

Filed under Email, Internet Safety, internet scams, Online Safety, Safe Surfing, Windows Tips and Tools

Want the Best in Free Internet Security? – Get People Driven Security With WOT

dangerous_websites_pie_small.jpgSome time ago I received an email from Esa Suurio, CEO of a relatively new free web service/browser add-on, WOT (web of trust), in which he set out the advantages of this Internet community whose purpose is to allow its members to exchange their personal knowledge about a web site. According to WOT, the user community now has reputation data on over 17 million sites worldwide.

The shared information on a site’s reputation includes trustworthiness, vendor reliability, privacy, and child safety. In addition, WOT uses hundreds of trusted sources including phishing site listings, to keep users protected against rapidly spreading threats.

Based on the information I gathered I decided to test this browser add-on for 30 days. A major attraction for me was WOT’s ability to provide information on the reliability/unreliability of online shopping sites. I was so impressed with WOT’s functionality that I have kept this browser add-on as part of my permanent security armor.

People-driven security is an idea whose time has finally arrived. An obvious advantage of the Internet is the gathering and dissemination of information. What better way to use the Internet then, than to provide critical security information gathered from web users, to the people most in need of this information; other web users.

Johannes Ullrich, chief research officer at the Internet Storm Center (ISC), has been quoted as saying with respect to people driven security “The good guys need to out-share the bad guys to help counter them.” Given the unstable state of Internet security, it would be difficult to disagree with the sentiment expressed in this statement.

Quick facts – WOT checks the following:

  • Trustworthiness
  • Vendor reliability
  • Privacy
  • Child Safety

 

WOT is free and it’s available for both Internet Explorer and Firefox.

Download at: MyWot

2 Comments

Filed under Browser add-ons, Firefox Add-ons, Freeware, Internet Explorer Add-ons, Internet Safety, Internet Safety Tools, Online Safety, Phishing, Safe Surfing, System Security, Windows Tips and Tools

Rootkits – Kernel Mode Trojans – Are You Protected?

rootkits.jpgA rootkit is a malware program, or a combination of malware programs, designed to take low level control of a computer system. Often, they are Trojans or Keyloggers as well.

Techniques used to hide rootkits include, concealing running processes from monitoring programs, and hiding files or system data from the operating system. In other words, the rootkit’ files and processes will be hidden in Explorer, Task Manager, and other detection tools.

It’s easy to see then, that if a threat uses rootkit technology to hide, it is going to be very difficult to find.

All power to the major anti-malware companies though; many have come up with a free serviceable solution to rootkits. Enter the Rootkit detector which will give you the tool to find and delete rootkits, and to uncover the threat rootkits may be hiding.

Generally, rootkit detectors are capable of the following type of scans, although it is important to note that not all scan, or handle rootkits, in precisely the same way.

· hidden processes

· hidden threads

· hidden modules

· hidden services

· hidden files

· hidden Alternate Data Streams

· hidden registry keys

· drivers hooking SSDT

· drivers hooking IDT

· drivers hooking IRP calls

If you think you might have hidden malware on your system, I recommend that you run multiple rootkit detectors. Much like anti-spyware programs, no one program catches everything. To be safe, I use each of the rootkit detectors listed below on my machines.

The following are a number of free rootkit detectors available for download.

AVG Anti-rootkit

The AVG Anti-rootkit download is a tiny 414kb, and it installs quickly. Its straightforward, no-frills interface allows a regular search and an in-depth search.

Download here: www.free.grisoft.com

Microsoft Rootkit Revealer

Microsoft Rootkit Revealer is an advanced root kit detection utility. Its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. According to Microsoft, Rootkit Revealer successfully detects all persistent rootkits published at http://www.rootkit.com, including AFX, Vanquish and Hacker Defender.

Download here: www.download.com

IceSword

IceSword is a very powerful software application that will scan your computer for rootkits. It also displays hidden processes and resources on your system that you would be unlikely to find in any other Windows Explorer like program. Because of the amount of information presented in the application, please note that IceSword was designed for more advanced users.

Download here: www.majorgeeks.com

GMER

This freeware tool is essentially a combination of Sysinternals’ Rootkit Revealer and Process Explorer. The program can list running processes, modules and Windows services, in addition to scanning for the presence of rootkits.

Download here: www.gmer.net/files.php

2 Comments

Filed under Anti-Malware Tools, Freeware, Internet Safety Tools, Malware Advisories, Phishing, Privacy, rootkits, Software, System File Protection, System Security, Utilities, Windows Tips and Tools

I Got a Refund Notice from the IRS – Except I’m a Canadian – What a Scam!

Like you, I love to get money back from the government. Since I am a Canadian, and I reside in Canada, when I do receive a refund on my income taxes that money comes from the government of Canada. Imagine my surprise then, when I received an email purportedly from the U.S. Internal Revenue Service advising me that I was eligible to receive an income tax refund of $873.20.

Tax refund (Message ID L9238s7ds8)‏

From:

Internal Revenue Service (efile@re-fund.co.us)

Sent:

February 23, 2008 9:51:16 PM

Reply-to:

efile@re-fund.co.us

To:

A Secure Way to Receive Your Tax Refund

After the last annual calculations of your fiscal activity we have determined that
you are eligible to receive a tax refund of $873.20.
Please submit the tax refund request and allow us 3-9 days in order to
process it.

A refund can be delayed for a variety of reasons.
For example submitting invalid records or applying after the deadline.
To access the form for your tax refund, please click here
Note: For security reasons, we will record your ip-address, the date and time.
Deliberate wrong inputs are criminally pursued and indicated.

Regards,
Internal Revenue Service
Copyright 2008, Internal Revenue Service U.S.A. All rights reserved.

Unfortunately, since I am Canadian I will not be getting a refund from the IRS, but instead the scammers responsible for this email expected that I would click on the enclosed link. Clicking on the link would have begun the process whereby the scammers would have stripped me of all the confidential information I was willing to provide. The scammers would then have used the information to commit identity and financial theft.

The reality is of course, the IRS doesn’t send out unsolicited emails asking for personal or financial information. Credit card numbers, ATM PIN numbers and additional financial would never be required to find out the current status of your tax return, or your tax refund. The link in these phishing emails goes to a fraudulent IRS website, (http://spanishmegapixel.com/tien.da/images/.e-f), hosted abroad.

According to the IRS there are over 1600 IRS phishing sites operating, or online, at any given time in search of potential victims willing to hand over sensitive financial data. It’s easy to see that the email I received is not an isolated incident. The IRS goes on to say that by their estimates, 1% of all spam email is an IRS phishing scam.

What makes this particular scam so potent is the average person, on receiving an email from an authoritative source, generally lowers their defenses. As well, giving the time of year, the timing is right. Be warned, IRS scam emails always ramp up before tax day and continue for some time afterwards.

You know what to do right? Follow the tips below to protect yourself against these threats:

  • Your bank, the IRS, or any other legitimate organization will never ask you to divulge account information or passwords via email. Never give out this information, especially via email.
  • Don’t open emails that come from untrusted sources.
  • Don’t run files that you receive via email without making sure of their origin.
  • Don’t click links in emails. If they come from a known source, type them on the browser’s address bar. If they come from an untrusted source, simply ignore them.
  • Keep your computer protected. Install a security solution and keep it up-to-date. Also, before carrying out any kind of financial transaction on the Web, scan your computer with a second-opinion security solution, like NanoScan at www.nanoscan.com.

 

Elsewhere in this Blog you can download freeware anti-malware solutions that provide excellent overall security protection. Click here.

Be kind to your friends, relatives and associates and let them know that these types of scams are now epidemic on the Internet. In that way, it raises the level of protection for all of us.

To help you fight back, the following information has been taken from the official IRS web site and provides instructions on how to assist the IRS in shutting down these schemes.

The good news is that you can help shut down these schemes and prevent others from being victimized. If you receive a suspicious e-mail that claims to come from the IRS, you can relay that e-mail to a new IRS mailbox, phishing@irs.gov.

Follow instructions in the link below for sending the bogus e-mail to ensure that it retains critical elements found in the original e-mail. The IRS can use the information, URLs and links in the suspicious e-mails you send to trace the hosting Web site and alert authorities to help shut down the fraudulent sites. Unfortunately, due to the expected volume, the IRS will not be able to acknowledge receipt or respond to you.

IRS reporting site: phishing@irs.gov

2 Comments

Filed under Email, Internet Safety, Malware Advisories, Online Banking, Online Safety, Phishing, Windows Tips and Tools

Web Site Spoofing – The Danger of Public Proxy Servers

computer-attacks.jpgA week or so ago I wrote an article on Surfing on Public Computers? – Stay Anonymous in which I stated, “You have a number of choices when it comes to anonymous surfing. You can use a free proxy server service; not my personal first choice – but that’s fodder for another article!” 

Now comes word from Panda Security that in some cases public proxy DNS’s, the database that associates numeric IP addresses (206.4.XX.XXX) with URLs, microsoft.com for example, have been known to have been modified. 

The modification consists of changing the legitimate association for a fraudulent one, so that when users type a specific URL, they are redirected to a fraudulent page.  For example, if users try to log onto their banking web site, the server could redirect them to a phishing site which resembles the legitimate page, but which is designed to steal their bank details.

According to Luis Corrons, Technical Director of PandaLabs, “The danger of this type of attack is, users with malware-free, up-to-date computers with a good firewall, etc. could fall victims to these attacks”. 

To reduce the risk of phishing attacks it’s important not to use anonymizer services if you’re accessing sites at which confidential data (e.g. online banks, pay platforms, etc.), is being transmitted. 

It’s equally as important that you use a browser add-on such as McAfee Site Advisor, LinkScanner Lite, or WOT (Web of Trust), so that you have a first line of defense against this type of attack. 

If you’re interested in learning more about web spoofing, there is an excellent article at Princeton University’s web site entitled Web Spoofing: An Internet Con Game

5 Comments

Filed under Anonymous Surfing, Anti-Malware Tools, Freeware, Internet Safety Tools, Malware Advisories, Online Banking, Online Safety, Phishing, Safe Surfing, System Security, Windows Tips and Tools

5 More Gigs On-line Storage – Microsoft Windows Live SkyDrive

skydrive1.jpgMicrosoft has officially launched an online storage service that lets you securely upload and share documents, photos and music on the web for free. 

Windows Live SkyDrive came out of beta format in 38 countries yesterday and contains a significant increase in storage size from 1GB to 5GB. 

Files can be easily accessed anywhere, at any time, on the web. Users can even share files via email whether the recipient has a Windows Live ID or not. 

The 4GB increase in storage capacity to 5GB gives you enough space to upload around 1,000 songs, 30,000 Office documents of average size, or 30,000 digital photos at a resolution of 1200×1200. 

SkyDrive has three options for storing and sharing files, ranging from keeping all files personal, sharing them with people you select, or making them public to anyone on the internet. 

Furthermore, with the permission settings users can limit the actions of others when accessing files in the shared area by letting them add and change files or only read files. 

From Microsoft’s Site:

  • 5 GB of free online storage, available from any computer with Internet access.
  • Create personal, shared, and public folders — you decide who has access to each folder.
  • Windows Live SkyDrive works well on any Windows or Macintosh computer with Firefox 1.5 or higher, or Internet Explorer 6 or higher.
  • Your personal folders are password-protected with your Windows Live ID, so only you have access.
  • When you create a shared folder, the friends you’re sharing with need to sign in with their own Windows Live ID and password.
  • Just like at your online bank, all file transfers are protected using Secure Socket Layers (SSL).

Learn more at: Windows Live SkyDrive

 

You can read more on additional free on-line backup sites on this Blog at, So You Want FREE Online Backup?

1 Comment

Filed under Freeware, Online Backup, Software, Utilities, Windows Live SkyDrive, Windows Tips and Tools