Easily Recover Deleted Photos And More – Open Source TestDisk & PhotoRec

Summary: When it’s time to recover deleted files from an SD Card, Hard Drive, Flash Drive, etc., this powerful portable recovery application, (despite its command line type interface), makes deleted file recovery just about as simple as it gets.

In previous reviews, I’ve covered more than a few file recovery tools,  some of which have lived up to the developers’ claims – but, most have not. PhotoRec, part of the bundled package included in TestDisk – despite it’s name – is capable of recovering 390 types of files, according to the developer.

In the following review, I’ll describe how easy it was to recover deleted photos from my camera’s SD Card and, deleted music files from my iPod. As you’ll see, this application is not wizard driven – but, despite that, it’s still very easy to use.

First up was a recovery attempt on a camera.

On launching the application, the connected camera was immediately identified.

Selecting the drive was a simple matter of cursoring down, and pressing the Enter key.

In just a few minutes (under 3 minutes), PhotoRec identified and recovered 121* previously deleted photos.

* Much to my surprise, the application actually recovered 241 previously deleted photos. I’m not complaining.      All recovered files were saved to the recovery directory (a sub-directory of the directory the application is running from) – as shown below.

Here’s a recovered shot (August 2012), of my BlackBerry Playbook in its Bluetooth keyboard case. As an aside – Tablets are super duper consumption devices – but, for real work, a physical keyboard is a must for me.

Next up – music file recovery from my iPod.

In just a few moments (less than a minute), PhotoRec identified and recovered *105 previously deleted tunes.

* The application actually recovered 106 previously deleted tunes.

But, can they be played? You bet!

Fast facts:

Fix partition table, recover deleted partition.

Recover FAT32 boot sector from its backup.

Rebuild FAT12/FAT16/FAT32 boot sector.

Fix FAT tables.

Rebuild NTFS boot sector.

Recover NTFS boot sector from its backup.

Fix MFT using MFT mirror.

Locate ext2/ext3/ext4 Backup SuperBlock .

Undelete files from FAT, exFAT, NTFS and ext2 filesystem.

Copy files from deleted FAT, exFAT, NTFS and ext2/ext3/ext4 partitions.

System requirements: Windows (NT4, 2000, XP, 2003, Vista, 2008, Windows 7 (x86 & x64), Linux, FreeBSD, NetBSD, OpenBSD, SunOS and MacOS X. (Reviewed on Win 8 x32)

Download at: Cgsecurity.org

You may only need this application a time or two – but, wouldn’t it be nice to have it sitting in your USB toolbox when you do? The answer is – YES.  

Tomorrow Is World Backup Day – So, Are You Going To? Backup, That Is.

I have some bad news – sad news – for you this morning. Those graduation pictures you treasured, the pictures of your toddler’s first steps, this year’s income tax return which was just about ready to be filed, that resume you just finished updating – GONE – ALL GONE.

Your Hard Drive just quit overnight – never to be booted again. I know I should feel some measure of sympathy for you – but, I don’t.

I’m not trying to be a big meanie* here but, it seems to me, that you are the architect of your own misfortune. A little pre-planning to safeguard your irreplaceable data; documents, digital photos, email messages, personal and business related work, and important private data – could have saved you considerable distress.

If only you had a backup – but, you don’t – do you? I suspect that it’s little consolation but, you’re not alone. Despite the importance of Hard Drive and individual file backups, most computer technicians will tell you that typically, computer users’ do not backup their irreplaceable data.

It’s a little late to tell you this but, if you had been one of the few, out of the ordinary, computer users, who regularly and faithfully backup, you would have had some work ahead of you – but, you would have recovered your data.

All of the above of course, is an imaginary scenario – in fact, your system did boot up his morning. But, that’s hardly cause for complacency.

Redundant information: Just like death and taxes are a certainty, the fact that your computer’s Hard Drive will crash one day and refuse to respond, is every bit as certain.

If you don’t yet have a backup plan, it’s time you thought seriously about developing one. The effort involved in learning how to protect your data, by developing and implementing a backup plan in today’s computing age, is minimal. Much easier than it was, even as little as two or three years ago.

The best backup strategy includes imaging your Hard Drives and partitions, since that allows you to restore your important data, your complete operating system, as well as your installed applications, user settings, etc.

There are loads of free applications out in the wild blue that, used properly and regularly, will speed to the rescue. One of the best free program – one that I have no difficulty recommending is – EASEUS Todo Backup.

This is a brilliant application which will allow you to backup, recover your backups, image your Hard Drives, clone your Hard Drives, and a host of additional features. All of this, in a “follow the bouncing ball” simple, user interface.

If there’s an easier way to backup critical data, I have yet to find it.

The user interface has been designed so that a user with minimum computing experience, should have no difficulty.

The following screen captures illustrate the simple process of backing up a particular folder.

In this case, I choose the task name, selected the folder to be backed up, selected the backup media/location, and …..

Done!

Bonus: You can copy backup images to your personal cloud for data double protection. More info here.

A ton of options so that you can set the parameters of the task to suit your particular needs.

Recovery, is point and click simple.

Additional functions and features are available under the “Tools” menu.

In the following example I’ve run a check on the test backup to verify readability.

Finding that an image file is unreadable when called upon, ranks with one of life’s low points – well, sort of.   

A quick initial check is a prudent move.

You’ll have the option of creating a system boot disk. You should do so.

The “emergency disk” will allow you to boot into EASEUS Todo Backup and then choose from a number of options.

  Fast facts:

System Backup and Recovery – One-click system backup. Backs up entire system state including the operating system and installed applications on-the-fly without interrupting your work to get the system up in time after crash.

File and Folder Backup – Backs up specified files, network shared files, files in use, folders or file types in case of virus attack, hard disk failure, or deletion by accident, etc.

Disk & partition Backup – Full backup disk(s)/partition(s), dynamic volume(s), or GPT disk(s)/volume(s) to image. It ensures PC security and instant data recovery in case of any data loss.

Incremental Backup – Provide alternatives to perform full backups each time by offering incremental backup. To capture changes saving time & disk space.

Backup Schedule – To run backup automatically at a predefined time. By scheduling a backup task, your system and important data can be backed up now, daily, weekly, monthly.

Disk Clone Tool – Clone or transfer all the data on a hard disk to another. Clone disk is especially useful to upgrade your hard drive to a new one without reinstalling operating systems and applications.

System requirements: Windows 2000, XP, Vista, Win 7, Win 8. (32 bit, 64 bit).

Download at: EASEUS

If you’re looking for a free application to handle all of your backup needs, I don’t think you’ll be disappointed in EASEUS Todo Backup. Give it a try.

* In recent years, I’ve written 20+ articles on the importance of backing up critical data and, it distresses me somewhat that they have been amongst the least read articles I’ve written.

Good buddy TeX, summed up the backup issue neatly in a comment to a previous backup article sometime back, when he wrote – There are so many good programs out there for backing up, the problem is getting people to take that whole step seriously. It’s like dying,  “That always happens to someone else” theory.

It’s a point worth considering.

For additional reading on this important task, you might consider dropping by the World Backup Day site – DON’T BE AN APRIL FOOL. Backup your files. Check your restores.

Malware Hunting? Checkout These 20 + Free Tools Designed To Destroy Tough Malware

Choosing and using the right tool, which has been designed specifically for the job at hand, is obviously a levelheaded approach. Still, I’ll wager that you can conjure up more than one occasion when you’ve encountered the “one tool for all purposes” mindset – the so-called “Birmingham Screwdriver” effect – “If it doesn’t work – hit it. If it still doesn’t work, use a bigger hammer.”

The Birmingham Screwdriver approach, taken by many AV solutions, may not always be the most appropriate approach to eradicating a tough malware problem – a specially designed application which targets specific classes of malware may be a better solution.

The following tools have been specifically designed to help skilled users better identify malware infections and then, eradicate (hopefully), those specific infections. These tools require advanced computer knowledge – unless you feel confident in your diagnostic skills, you should avoid them.

Just to be clear – not all of these tools are “one-click simple” to decipher, and users need to be particularly mindful of false positives.

Should you choose to add these applications to your antimalware toolbox, be aware that you will need the latest updated version for maximum impact.

Note: Many of the following tools have been tested and reviewed here previously.

Emsisoft HiJackFree

The program operates as a detailed system analysis tool that can help you in the detection and removal of Hijackers, Spyware, Adware, Trojans, Worms, and other malware. It doesn’t offer live protection but instead, it examines your system, determines if it’s been infected, and then allows you to wipe out the malware.

Runscanner

If you’re a malware hunter, and you’re in the market for a free system utility which will scan your system for running programs, autostart locations, drivers, services and hijack points, then Runscanner should make your shortlist. The developers of Runscanner describe this freeware utility as having been designed to “detect changes and misconfigurations in your system caused by spyware, viruses, or human error.”

HijackThis

HijackThis is a free utility which heuristically scans your computer to find settings that may have been changed by homepage hijackers, spyware, other malware, or even unwanted programs. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer. The program doesn’t target specific programs, but instead it analyses registry and file settings, and then targets the methods used by cyber-crooks. After you scan your computer, HijackThis creates a report, and a log file (if you choose to do so), with the results of the scan.

RKill

RKill is a program developed at BleepingComputer.com – “It was created so that we could have an easy to use tool that kills known processes that stop the use of our normal anti-malware applications. Simple as that. Nothing fancy. Just kill known malware processes so that anti-malware programs can do their job.”

Emsisoft BlitzBlank

BlitzBlank is a tool for experienced users and all those who must deal with Malware on a daily basis. Malware infections are not always easy to clean up. In more and more cases it is almost impossible to delete a Malware file while Windows is running. BlitzBlank deletes files, Registry entries and drivers at boot time before Windows and all other programs are loaded.

McAfee Labs Stinger

Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.

Specialty Removal Tools From BitDefender

28 special removal tools from Bitdefender.  On the page – click on “Removal Tools”.

Microsoft Malicious Software Removal Tool

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

NoVirusThanks

NoVirusThanks Malware Remover is an application designed to detect and remove specific malware, Trojans, worms and other malicious threats that can damage your computer. It can also detect and remove rogue security software, spyware and adware. This program is not an Antivirus and does not protect you in real time, but it can help you to detect and remove Trojans, spywares and rogue security software installed in your computer.

Norton Power Eraser

Symantec describes Norton Power Eraser in part, as a tool that “takes on difficult to detect crimeware known as scareware or rogueware. The Norton Power Eraser is specially designed to aggressively target and eliminate this type of crimeware and restore your PC back to health.”

FreeFixer

FreeFixer is a general purpose removal tool which will help you to delete potentially unwanted software, such as adware, spyware, Trojans, viruses and worms. FreeFixer works by scanning a large number of locations where unwanted software has a known record of appearing or leaving traces. FreeFixer does not know what is good or bad so the scan result will contain both files and settings that you want to keep and perhaps some that you want to remove.

Rootkit Tools:

If you think you might have hidden malware on your system, I recommend that you run multiple rootkit detectors. Much like anti-spyware programs, no one program catches everything.

IceSword

IceSword is a very powerful software application that will scan your computer for rootkits. It also displays hidden processes and resources on your system that you would be unlikely to find in any other Windows Explorer like program. Because of the amount of information presented in the application, please note that IceSword was designed for more advanced users.

GMER

This freeware tool is essentially a combination of Sysinternals’ Rootkit Revealer and Process Explorer. The program can list running processes, modules and Windows services, in addition to scanning for the presence of rootkits.

Special mention 1:

MalwareBytes – In addition to its superb free AV application, MalwareBytes offers a basket full of specialty tools. The following application descriptions have been taken from the site.

Chameleon

Malwarebytes Chameleon technology gets Malwarebytes running when blocked by malicious programs.

Malwarebytes Anti-Rootkit BETA

Malwarebytes Anti-Rootkit removes the latest rootkits.

FileASSASSIN

FileASSASSIN can eradicate any type of locked files from your computer.

RegASSASSIN

RegASSASSIN removes malware-placed registry keys in two simple steps – just reset permissions and delete! This powerful and portable application makes hard-to-remove registry keys a thing of the past.

Special mention 2:

A Rescue Disk (Live CD), which I like to think of as the “SWAT Team” of antimalware solutions – is an important addition to your malware toolbox. More often than not, a Live CD can help you kill malware DEAD!

Avira AntiVir Rescue System – The Avira AntiVir Rescue System a Linux-based application that allows accessing computers that cannot be booted anymore. Thus it is possible to repair a damaged system, to rescue data or to scan the system for virus infections.

Kaspersky Rescue Disk – Boot from the Kaspersky Rescue Disk to scan and remove threats from an infected computer without the risk of infecting other files or computers.

Sandboxie! – Think INSIDE The Box!

Wouldn’t it be terrific if, following a mistake which led to malware making its way on to your computer, you could wave a magic wand, utter the words – “get thee gone” – and, quick as you like – no more malware infection?

Luckily, you can do just that. You don’t have to be a mage or a magician – you don’t have to deliver a magic enchantment – but, you do need to be running a sandbox based isolation application.

And that, brings me to Sandboxie (last updated December 16, 2012) – the King of isolation applications in Geek territory. Rather than geek you into the land of nod – today’s review is what I like to refer to as a “soft review”.

Simply put, Sandboxie, when active, creates a virtual environment (of a sort), on a computer by redirecting all system and application changes, to an unused location on a Hard Drive. These changes can be permanently saved to disk or, completely discarded.

A case in point for isolating web surfing:

While surfing the Net, an inexperienced user mistakenly accepts an invitation to install a scareware application but realizes, after the fact, that this is a scam. Operating in a “real” environment, the damage, unfortunately, would already have been done.

Operating in an isolated environment with Sandboxie active; the system changes made by this parasite could be completely discarded – since the attack occurred in a – “I’m not really here” environment .

An obvious part of reviewing an application is, providing a technical breakdown of just how an application gets the job done – or, in some cases how/why an application doesn’t quite get it done.

It’s not often that I get caught between the proverbial “rock and a hard place” in terms of illustrating an application’s aptitude in getting the task accomplished. In this case however, Ronen Tzur, Sandboxie’s developer, has taken the expression – a picture is worth a thousand words – and definitely run with it.

From the site: Introducing Sandboxie

Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.

The red arrows indicate changes flowing from a running program into your computer. The box labeled Hard disk (no sandbox) shows changes by a program running normally.

The box labeled Hard disk (with sandbox) shows changes by a program running under Sandboxie. The animation illustrates that Sandboxie is able to intercept the changes and isolate them within a sandbox, depicted as a yellow rectangle. It also illustrates that grouping the changes together makes it easy to delete all of them at once.

Fast facts:

Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.

Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don’t leak into Windows.

Secure E-mail: Viruses and other malicious software that might be hiding in your email can’t break out of the sandbox and can’t infect your real system.

Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox.

The developer has provided a clear and concise Getting Started tutorial – which includes:

How to to use Sandboxie to run your applications.

How the changes are trapped in the sandbox.

How to recover important files and documents out of the sandbox.

How to delete the sandbox.

System requirements: Windows XP, Vista, Win 7 (32 and 64 bit), Win 8 (32 and 64 bit).

Available languages: English, Albanian, Arabic, Chinese (Simplified and Traditional), Czech, Danish, Estonian, Finnish, French, German, Greek, Hebrew, Indonesian, Italian, Japanese, Korean, Macedonian, Polish, Portuguese (Brazil and Portugal), Russian, Spanish, Swedish, Turkish, and Ukrainian.

Download at: Sandboxie

A Caveat: You may run with Sandboxie free of charge – but, once past the initial 30 days, you will be reminded that a lifetime licensed version is available for € 29 (approximately $38 USD at today’s conversion rate).

Glary Utilities 2.52 – A Free Collection of System Tools and Utilities – In 2 Flavors

Glary Utilities Free (last updated Jan. 9, 2013), is a reasonably complete set of system tools with which even a relative newcomer to the computing game can tweak, repair, optimize and improve system performance. Since discovering Glary Utilities years ago, it has remained my go-to application for system maintenance and cleanup.

With a graphical user interface arranged in a clean straightforward manner, you can quickly find the tool you’re looking for: disk cleaner, uninstall manager, secure file deletion, memory optimizer, registry cleaner, duplicate file finder, tracks eraser, empty folder finder; a very convenient feature for those of us who like to test drive new software.

Installation: YIKES!!!!

You can avoid all of the above (strongly recommended), by selecting the Slim Version – no toolbar. Alternatively, choose either of the two Portable Versions as per the following screen shot – no toolbar.

I suspect that there may be users who see the advantages of installing a Toolbar such as the one offered as part of this installation package. Quite frankly though, I’ve yet to meet one. For a taste of my views on Toolbars please see – We Don’t Want No Stinkin’ Toolbar!

For users who are comfortable with a “one click” solution – Glary Utilities covers the basics nicely.

Results: running the Standard Version installed on an SSD HD. Scan time – 2 minutes and 8 seconds.

Results: running the Portable Version from a Flash drive. Scan time – 2 minutes and 8 seconds.

Dig a little deeper: The hands-on crowd can dig into the individual Modules and clean and massage their machine to their heart’s content.

Users can even avoid the frustration of having to hunt down a number of standard Windows tools by selecting the appropriate tool from the System Tools menu.

You can comfortably fine tune the application using the clear and precise Settings Menu. While the “Settings” menu is often the last item to be looked at following an application installation, it should be at the top of the “to do list” prior to running any new application. Unpleasant surprises can be avoided with a little prep work – first.

Of particular interest, to those of us who work with files using a “context menu”, Glary Utilities has a nice selection of new items which will be added to Windows Explorer.

There are those who will take comfort in an included “Restore Center” but, a more prudent course to follow is – prior to completing any significant system changes – take the time to generate a manual Restore Point.

Fast facts:

Disk Cleaner – Removes junk data from your disks and recovers disk space

Registry Cleaner – Scans and cleans up your registry to improve your system’s performance.

Shortcuts Fixer – Corrects the errors in your start menu & desktop shortcuts

Uninstall Manager – Uninstalls programs completely that you don’t need any more

Startup Manager – Manages programs which run automatically on startup

Memory Optimizer – Monitors and optimizes free memory in the background

Context Menu Manager – Manages the context-menu entries for files, folders…

Tracks Eraser – Erases all the traces,evidences,cookies,internet history and more

File Shredder – Erases files permanently so that no one can recover them

Internet Explorer Assistant – Manages Internet Explorer Add-ons and restores hijacked settings

File Encrypter and Decrypter – Protects your files from unauthorized access and use.

Disk Analysis – Shows you the disk space usage of your files and folders

Duplicate Files Finder – Searches for space-wasting and error producing duplicate files

Empty Folders Finder – Finds and removes empty folders in your windows

File Splitter and Joiner – Splits large files into smaller manageable files, and then rejoin them.

Process Manager – Monitors programs that run on your PC and stop spyware and Trojans.

Windows Standard Tools – Provides direct access to the useful windows default functions.

Current Version: 2.52.0.1698.

File Size: 8.59 MB.

Release Date: Jan. 9, 2013.

System requirements: Windows 8, 7, 2000, XP, Vista. 32/64bit versions.

Languages: 23 Languages.

Download at: Glarysoft

InternetOff – Or Not?

I’m not in the habit of leaving the door to my home wide open – unlocked perhaps – depending on circumstances. But wide open? No. Nor, have I ever developed the habit of leaving my Internet connection wide open – unless I have a need to do so. Otherwise – I break the connection.

My Tablet computer is subject to the same set of rules. Unless I’m actively engaged with the Internet – off goes the Wi-Fi.

As a one-time user, and a big fan of the free ZoneAlarm Firewall (since the “olden days”), disconnecting from the Internet was as simple as flicking a switch from within the ZoneAlarm GUI –  “Stop All Internet Activity”. Until, that is, ZoneAlarm underwent “improvement” to the point that it became useless for my needs. But, that’s another story.

Next up, on the Firewall scene, was PC Tools Firewall Plus which offered the same – “switch off” capabilities. Unhappily though,  PC Tools Firewall Plus, went the way of the Dodo Bird (on Windows 8) – at least as a stand alone application.

Now running to catch up, I finally relented and activated Windows 8 internal firewall which, with the addition of the freebie application, Windows Firewall Control, suits my needs – for now.

Still, this is a fairly clunky method to accomplish a simple task such as shutting down a Network Adapter (Ethernet Card) – there has to be a better way. Other than pulling the Cat 5 cable.    And, there is.

Regular reader Hipockets, has reminded me (thank you Sir) that the freebie application – InternetOff – is designed to do just that – turn off an Internet connection.

Installation:

A couple of clicks ……..

…………… and, you’re finished.

Following the installation, you’ll find a “Globe” icon in the system tray which when activated, will bring up …….

Click – and you’re done – as shown in the following screen captures.

Reverse the process and, you’re back online. Quick, simple, and painless.

System requirements: Windows 2000, XP, Vista, Win7, 32/64 bit (Tested on Win 8/32 bit under which the application must be run as an administrator).

Download at: The developer’s site.

From the – “he got there first files.” Good friend and fellow blogger, Rick Robinette, posted on this application previously. You’ll enjoy reading Rick’s take on this neat little freebie.

Lift The Hood On Your PC – Take a Peek With These 5 Free System Information Utilities

If you think developing information, including diagnostics, on your computer’s operating system and hardware is a tough task, you can relax. Here are 5 small, free applications, that make it easy to probe your computer system and create a detailed profile which can include hardware, installed software – motherboard, CPU and GPU specs, remaining drive space, and your operating system security hotfixes – and a lot more.

Belarc Advisor 8.2.7.14:

Belarc Advisor is a free program that automatically generates a detailed audit report of the hardware and software on your computer. It records essential information such as, operating system and processor details, the amount of RAM installed, and drive specifications.

The report also includes a comprehensive list of the software installed on your system, as well as software license numbers and product keys. In addition, it lists the status of the Microsoft hotfixes on your system. If any hotfixes need reinstalling, you will be advised of this.

The results are displayed in a formatted HTML report. The report is clearly formatted for ease of understanding and divided into appropriate categories. Hyperlinks within the report allow you to quickly navigate to different parts of the document, find out more about a particular hotfix entry, or see where a listed software product is installed.

All of your PC profile information is kept private on your PC and is not sent to any web server.

System Requirements: Windows 8, Windows 7, Vista, 2003, XP. Both 32-bit and 64-bit Windows support.

Download at: MajorGeeks

LookInMyPC 2.10.3.158

LookInMyPC is a free application which, like Belarc Advisor, records essential information such as, operating system and processor details, the amount of RAM installed, drive specifications and so on. But, it digs much, much, deeper.

The following graphic shows a very small (I do mean very small) portion of a scan result, run on my test platform. The data shown here is pretty standard stuff.

System requirements: Windows 2000, XP, 2003/8, Vista, Windows 7, Windows 8.

Download at: MajorGeeks

A portable version is also available.

SIW (System Info) 2011.10.29i

SIW is an advanced System Information utility that analyzes your computer and gathers detailed information about system properties and settings and displays it in a very comprehensive manner.

The data generated is divided into major categories:

Software Information: Operating System, Software Licenses (Product Keys / Serial Numbers / CD Key), Installed Software and Hotfixes, Processes, Services, Users, Open Files, System Uptime, Installed Codecs, Passwords Recovery, Server Configuration.

Hardware Information: Motherboard, CPU, Sensors, BIOS, chipset, PCI/AGP, USB and ISA/PnP Devices, Memory, Video Card, Monitor, Disk Drives, CD/DVD Devices, SCSI Devices, S.M.A.R.T., Ports, Printers.

Network Information: Network Cards, Network Shares, currently active Network Connections, Open Ports.

Network Tools: MAC Address Changer, Neighborhood Scan, Ping, Trace, Statistics, Broadband Speed Test

Miscellaneous Tools: Eureka! (Reveal lost passwords hidden behind asterisks), Monitor Test, Shutdown / Restart.

Real-time monitors: CPU, Memory, Page File usage and Network Traffic.

System requirements: Windows 7, Vista, XP, 2000

Download at: MajorGeeks

Speccy 1.17.340

Speccy (from our good friends over at Piriform – the CCleaner guys), is not quite as comprehensive as the applications described previously. Even so, you can count on this free application to provide you with detailed statistics on every piece of hardware in your computer. Including CPU, Motherboard, RAM, Graphics Cards, Hard Disks, Optical Drives, Audio support. Additionally Speccy adds the temperatures of your different components, so you can easily see if there’s a problem.

Typical info screens.

System requirements: Windows 8, Windows 7, Vista and XP (32-bit and 64-bit)

Download at: MajorGeeks

PC Wizard 2012.2.10

PC Wizard has been designed for hardware detection but, it really shines in analysis and system benchmarking. It will analyze and benchmark CPU performance, Cache performance, RAM performance, Hard Disk performance, CD/DVD-ROM performance, Removable/FLASH Media performance, Video performance, and MP3 compression performance.

Typical info screens.

System requirements: Windows 8, Windows 7, Vista, XP (32-bit and 64-bit)

Download at: MajorGeeks

EraserDrop – Drop Files Unto An Icon To Erase Securely

This little Icon pictured here, is not just an Icon – it’s an active Icon. Let me explain – when the free portable application EraserDrop is active, this Icon is what you see. The Icon floats on the Desk Top or, on top of any opened applications. Simply by dragging and dropping selected files, or folders, onto this Icon, permanently, and securely, erases the files/folders from your system.

You may change the position of the Icon by holding down the “Left Shift” key and moving it to a desired position. As well, you may “Hide” the Icon by choosing “Hide” from the context menu.

A quick walkthrough:

For this review, I’ve selected 14 files from an old download folder (1773 Files – 17.5 GB – I download a lot of stuff for testing, most of which never makes it to these pages), dragged and dropped them onto the EraserDrop Icon – and ……

gone – deleted – securely – never to be seen again. Following an erasure, an “Erasing Report” is provided, as shown below.

The erasing method can be set by opening the right click context menu and, selecting from a variety of increasingly more complex erasure settings.

You can choose to wipe both the Recycle Bin, and wipe the HD’s free space, from within the context menu.

The options menu will allow you – amongst other selections – to choose a “target image” for the Icon that is more to your liking.

Since this is a portable application –  it will not show up in installed applications –  so, it’s best to install to a new folder that’s easily accessible.

System Requirements: Windows 2000, XP, Vista and Win 7.

Download at: PortableApps

Why should you bother to erase files/folders permanently?

If you’re a typical computer user, you quite likely believe that the files you’ve deleted and sent to the recycle bin, are gone forever.

Not quite true however. When a file is deleted from your Hard Drive, what really gets deleted is the system link pointing towards the file, but not the file itself. Surprisingly, it is relatively easy to retrieve the deleted file using specialized file recovery software (often available as a free download), which takes advantage of shortcomings in the Windows operating systems.

In order to delete or shred files permanently – to protect your privacy and potentially your security – or, for any other reason for that matter, you need a program  that is capable of overwriting the file with a random series of binary data multiple times. That way, the actual content of the file has been overwritten and the possibilities of recovering such a shredded file, becomes mainly theoretical.

System Explorer and System Security Guard – A Review

Depending on which version of Windows Task Manager you use, you may find that it provides you with usable information – or not. Windows Task Manager is most commonly used to display information on all processes running on your computer, as well as advising you of the CPU and memory usage stats for a given process. Additional selective information on running applications, performance, local area connection and information on users, is also available.

But, back to running processes for a moment. What if you need additional information on a running process – or, processes? How, for example, would you determine which processes are safe if you rely on Windows Task Manager?

Running Windows Task Manager in Windows 8 (a major improvement over previous versions), as I’ve done for the following example, is not particularly useful since the only option is a raw online search. Which, in a real sense, is a hit and miss affair. Give it a try with your version of Windows Task Manager – you might be surprised to see just how cumbersome it is.

Instead, taking advantage of one of the built-in features in the freeware application, System Explorer, is a much more appropriate solution. In the following example, the selected process can easily be checked at VirusTotal, and at VirusScan, directly from within System Explorer.

It’s unlikely however, that you’ll have to take this extra step – since System Explorer has been designed to automatically rate, and provide details on processes that are listed in the developer’s extensive database.

Further information can be obtained by clicking on the “See More Details” link which will open the database reference at the developer’s site, as shown below.

System Explorer is not a one-trick pony since it has the capacity to provide detailed information on Tasks, Processes, Modules, Startups, IE Add-ons, Uninstallers, Windows, Services, Drivers, Connections and Opened Files. For this review I’ve focused on the security aspect and next up is System Explorer’s “Security Scan” which is easily launched from the GUI.

As you can see in the following screen capture – running processes are checked online against the developer’s extensive database.

The following screen capture shows a small portion of the 808 processes compared against the developer’s database.

Additional information on any specific process can easily be obtained by clicking on the “Details” link, as illustrated below.

One aspect of this application which I found intriguing is the “History” function. Running this function allows the user to view and develop information on currently running processes as well as those process running earlier but which are no longer running.

System requirements: Windows XP, Vista, Win 7.

Download at: System Explorer Net

Note: also available in a portable version that is just right for geeks on the go.

System Security Guard

System Security Guard, in a broad sense, is very much like the “Security Scan” built into System Explorer. System Security Guard however, as a stand alone small security utility, is designed to run at system startup and automatically scan running processes. As well, all new processes, as they are launched, are scanned.

The results of the initial run with System Security Guard shown below.

For this review I set the application to run at startup, and the following graphic represents the results following a week or so of automatic running. You’ll note that the application has identified 4 “Threat Files” – which, in reality, is the same file which has been flagged 4 times (each time the application was launched).

The application (CurrPorts), was flagged for good reason since it behaves in a way similar to that of a remote access Trojan. That is – it connects to the Internet in a peculiar way.

For illustrative purposes only, I ran the file against the developer’s database. However, since I use this application frequently throughout the day, I’m aware that this is a safe program.

System requirements: Windows XP, Vista and Win 7.

Download at: the developer’s site.

A big “Thank You” to regular reader Charlie L. for referring me to these applications.

Who’s Phoning Home On Your Internet Connection? Find Out With CurrPorts and, Process and Port Analyzer

There’s not much point (from a cybercriminal’s perspective), in infecting a computer with malware unless the information which it’s been designed to capture, ends up in the nasty hands of the criminal.

Generally speaking then, it’s reasonable to say that the most important function of malware (again, from a cybercriminals perspective) is to “phone home” with the information it’s been designed to steal. It’s hardly surprising that much of the malware infecting the Internet does just that.

You can, if you like, trust that your AV solution will tip you off to any nasty behavior occurring in the background. But, as a follower of  the “better safe than sorry” school of thought, trusting in any AV solution to safeguard my systems in all instances, just doesn’t compute with me. There are no perfect AV solutions.

All to often, “new” malware has already rampaged through the Internet (despite the best AV providers have to offer), before average users become aware. As a result, I’ve long made it a practice to monitor my open ports and Internet connections frequently, throughout a browsing session.

At first glance you might think port checking is time consuming and not worth the effort. But it is worth the effort, and it’s not time consuming – it often takes no more than a few seconds. More to the point, in my view, it is a critical component of the layered defense approach to Internet security that regular readers of this site are familiar with.

There are a number of free real-time port analyzers available for download, and the following is a brief description of each. If you are familiar and comfortable with using the Windows command structure, then you may want to try the command line utility Netstat, which displays protocol statistics and current TCP/IP connections. This utility and the process, are covered later in this article.

But first:

CurrPorts (this is the port tool I use daily), allows you to view a list of ports that are currently in use, and the application (keep in mind, that malware, for all practical purposes – is an application) that is using those ports. You can close a selected connection as well as terminating the process using it.

In addition, you can export all, or selected items, to an HTML or text report. Additional information includes the local port name, local/remote IP address, highlighted status changes and more.

Shown in this screen capture – Browser is not running. No remote connections. Looks like I’m safe.

Shown in this screen capture – Browser is running. Thirty remote connections, all of which are legitimate.

Fast Facts:

View current active ports and their starting applications

Close selected connections and processes

Save a text/ HTML report

Info on local port name, local/remote IP address, highlighted status changes

Download at: NirSoft (you’ll need to cursor down the page to the download link).

Next up:

Process and Port Analyzer is a real time process, port and network connections analyzer which will allow you to find which processes are using which ports. A good little utility that does what it says it will do.

Fast Facts:

View currently running processes along with the full path and file which started it

View the active TCP Listeners and the processes using them

View the active TCP and UDP connections along with Process ID

Double click on a process to view the list of DLL’s

Download at: http://sourceforge.net

Netstat:

Windows includes a command line utility which will help you determine if you have Spyware/Botware running on your system. Netstat displays protocol statistics and current TCP/IP connections.

I use this utility as a test, to ensure that the anti-malware tools and Firewall running on my systems are functioning correctly, and that there are no open outgoing connections to the Internet that I am not aware of.

How to use Netstat:

You should close all open programs before you begin the following process if you are unsure which ports/connections are normally open while you are connected to the Internet. On the other hand, if you are familiar with the ports/connections that are normally open, there is no need to close programs.

There are a number of methods that will take you to a command prompt, but the following works well.

Click Start>Run>type “cmd” – without the quotes>click OK> this will open a command box.

In Windows 8 – type “cmd” at the Metro screen.

From the command prompt, type Netstat –a (be sure to leave a space), to display all connections and listening ports.

You can obtain additional information by using the following switches.

Type Netstat -r to display the contents of the IP routing table, and any persistent routes.

The -n switch tells Netstat not to convert addresses and port numbers to names, which speeds up execution.

The Netstat -s option shows all protocol statistics.

The Netstat-p option can be used to show statistics for a specific protocol or together with the -s option to show connections only for the protocol specified.

The -e switch displays interface statistics.

Running Netstat occasionally is a prudent move, since it allows you to double check which applications are connecting to the Internet.

If you find there are application connections to the Internet, or open ports, that you are unfamiliar with, a Google search should provide answers.

Steve Gibson’s website, Shields Up, is a terrific source of information where you can test all the ports on your machine as well as testing the efficiency of your Firewall. I recommend that you take the Firewall test; you may be surprised at the results!