My new eBook, “14 Golden Rules of Computer Security” is almost complete and will be ready for downloading shortly. Written with the non-technical person in mind, the book is packed with proven, practical advice on how to stay safe on the Wild, Wild Web including bonus articles about creating strong, easy-to-remember passwords and email security tips. I give you tons of links to free and low-cost tools as well as special discounts for software and services by some of the best computer security companies in the business. It’s a must-have for every computer owner.

Based upon my popular “How to Secure Your Computer” series of web articles and fully updated with late-breaking information on safe searching and social networks, “14 Golden Rules of Computer Security” will help you develop your own secure computing practices and save you from the hassle of dealing with unpleasant malware attacks.

The book will cost $9.95 for the general public, but all Ask the Geek subscribers will be sent a download link and password for a free copy, so be sure to sign up. (If you already closed the subscription panel, you can sign up by clicking here or on the Sign Up! link on the Pages sidebar.)

Sign up today and then watch your email for the release announcement and download instructions.

NOTE! The BLTDVS Toolkit in its original form is now obsolete. The current state of the art has yielded self-contained USB installer tools for most of the popular antivirus rescue CDs.

I have updated this article: Make an Anti Virus Bootable USB Thumb Drive with the latest information and put two versions of popular rescue CD USB installers in the revised BLTDVS Toolkit which is still available for download from the original location when you sign up for my newsletter list.

Once again, in May 2009, I have had to revise this article because Avira’s updates no longer work (thanks, Cindy, for your help in pointing out the problem to me). This new revision supercedes all previous articles I have posted on this subject; specifically, these two:

http://askthegeek.kennyhart.com/2005/12/how-to-make-bootable-thumb-drive-virus.html

http://askthegeek.kennyhart.com/2007/03/update-how-to-make-bootable-thumb-drive_20.html

“How to make a bootable thumb drive virus scanner for NTFS” is the second most popular article on this site, outranked only by “My Computer Won’t Shut Down!” and I thank you for visiting Ask the Geek for advice on these issues. Because of the continuing popularity of the thumb drive virus scanner, I want to make sure you have up to date and relevant information. The two articles listed above are outdated.

The original DOS-based version of the thumb drive virus scanner used F-Prot Antivirus for DOS, one of the best and most popular DOS-based? scanners for nearly 20 years. Unfortunately, F-Secure is no longer updating the virus definitions for that version. In fact, the F-Prot virus signatures are now almost two years old, making them virtually useless. Other vendors are following suit. I’ve had quite a bit of feedback asking me if I could solve this problem and provide an updated method of offline virus scanning.

The good news is that, yes, I’ve solved the problem, thanks to the fact that several vendors offer free bootable rescue CDs for download. Most of these run under some flavor of Linux and after a bit of hacking, I found it’s a simple matter to make a bootable thumb drive from the images.

Note: Avira has changed the ISO image *again* since this article was first posted. I have had comments from some people that the new ISOs just don’t work right on the thumb drive. As of May 2009, the VDF updates cause the old version to fail. I have revised the steps below and updated the BLTDVS toolkit. 

I chose the Kaspersky Rescue CD from Kaspersky Lab for my latest incarnation of the thumb drive virus scanner. Since it runs under Linux, it has native NTFS read/write support making it unnecessary to use any third party tools like NTFS4DOS (which is still available, but no longer supported by Avira).

Here’s how to be up and running with your own copy of my latest tool in just a few minutes. I’ve made it easy by providing everything you need, except the rescue CD image:

1. I no longer require that you make a donation, but would appreciate it greatly. I’ve worked hard to keep the BLTDVS toolkit up to date and will contintue to do so.
2. I do require that you sign up on my list. That is the only way to get the download link and password for the BLTDVS toolkit. Once you sign up and confirm your subscription, the welcome email will give you instructions, a link to the new toolkit, and the password.
3. If you bypassed the fade-in sign-up form when you arrived at this page, you can click here to go to another sign-up page or click on Sign Up! in the toolbar to the right.
4. Download the BLTDVS toolkit from the link I send you.
5. Extract the folder to the root of your hard drive.
6. Download the Kaspersky Rescue CD ISO image
7. Move the CD ISO image to the BLTDVS_toolkit folder?
8. Plug in your thumb drive.
9. Open the BLTDVS_toolkit folder and navigate to the DriveKey folder.
10. Run HPUSBF.EXE (command line version) or HPUSBW.EXE (windows version) and format your thumb drive using FAT or FAT32. Deselect the “Create a DOS startup disk” option.
11. Open the BLTDVS_toolkit folder and copy or move its contents to your thumb drive. Don’t move the actual folder.
12. On your thumb drive, double-click avrescd.bat. This will extract the necessary files from the ISO image to your thumb drive. Be sure you specify the right drive letter for your thumb drive.
13. Once the files have been extracted, makeboot.bat will be called automatically. See the caution in the next step!
14. CAUTION! This step is dangerous! Heed the warning message. Please verify the correct flash drive letter is being displayed before proceeding. Do not run this file on your hard drive or your current MBR will be overwritten rendering Windows unbootable. (This isn’t a complete disaster, but it takes some geeky knowledge to fix it.)? NOTE: If you are usingVista, you may see a “failure to update the MBR” error. In this case, right-click the file and specify “Run as administrator.”
15. Hit any key to exit. You now have bootable Linux thumb drive virus scanner that will handle NTFS drives as well as most other formats.

One really cool feature of the Kaspersky program is that it will allow you to update it over the Internet as long as you’re plugged into your network. It doesn’t work well with a wireless connection (which both of my laptops have), but I haven’t had a bit of trouble getting an address and updating when I’m plugged in.

Another great feature of the program is that it has a built in file manager, so you can also use it to recover files from an infected hard drive without having to boot into the native OS.

As always, feedback is welcome. I want to know how this tool is working for you.

(Thanks to PDLA ©2007 http://pendrivelinux.com and Lance ©2008? http://pendrivelinux.com. Syslinux is ©1994-2006 H. Peter Anvin http://syslinux.zytor.com for the files used in this tool.)

Cheers!
The Geek

I want to let everyone know of some new features you’ll be seeing here at Ask the Geek. First off, you’ll notice that there are more pages being posted. These are permanent pages that will always show up on the site, unlike the posts that usually wind up in the archives. I’ll be updating these frequently. The latest page is “Safe Computing Tips” and I suggest you check it out.

You’ll also notice a sign-up pop-up on some pages when you go to them. Please sign up so I can keep you up to date on new content and special offers from select vendors. I promise I won’t spam you with a bunch of useless junk; I will pass on any special offers that I become aware of from reputable hardware and software sellers.

For now, check out the “Safe Computing Tips” and sign up for my list. And be on the lookout for a new page that reviews top freeware, Open Source, and commercial software offerings.

As always, I’m glad to be of service and I look forward to keeping you as a loyal reader. If you ever need anything at all, feel free to hit the “Ask a Question” or “Leave Feedback” links over at the right.

Cheers!
The Geek

I recently had the opportunity to test drive Chengdu Yiwo Tech Developments’ EASEUS Partition Manager Server 2.1.1 (EPMS). Using EPMS, you can easily create, format, and delete partitions on your hard disk. The most attractive feature is that it can resize/move your partitions by using your hard disk’s free space without destroying data. The program’s main functions allow you to easily:

• Resize/ Move partitions
• Create partitions
• Delete partitions
• Delete all partitions
• Label partitions
• Format partitions
• Check partitions
• Hide partitions
• Create a Bootable CD

EPMS has an impressive list of key features:

• It works perfectly with hardware RAID
• It can handle up to 32 hard disks, which makes it a good choice for server systems
• Resize/Move system partition by simply clicking the system partition and sliding it through the unallocated space
• The data on the system partition is completely untouched
• Hide drives so they will not be visible (or accessible) from Windows even booted in Safe Mode
• Create a bootable CD/DVD to manage partitions easier and faster.

Being a systems engineer, I have a lot of contact with servers. One of the biggest problems I run into is servers that were misconfigured with undersized system partitions that susequently got filled up with too many programs; this is where a partition manager is an essential tool.

I installed EPMS on my work laptop–the program works fine on XP–and put it through its paces. Within a couple of minutes, I had resized my C:\ partition to one-half of what it was. The program required me to reboot and when I arrived back at the desktop, my C:\ drive was fine and I had 57GB of unallocated space. Next, I hooked up a spare 120GB hard drive to my USB interface, plugged it in and ran EPMS. I deleted the existing partition and recreated a new one then formatted it. When you delete a partition, you’re given the option to simply delete it or to delete it and destroy data. Choosing to delete and destroy data wipes all of the sectors on the drive. Every operation I tried went smoothly. The only glitch I experienced was when I tried to make a bootable CD on my laptop; I got an error message “Recorder scan fail!” The message said I had no recorder or one that is unsupported. The feature worked fine on another system with a generic CD writer, though, so this isn’t a big issue.

The acid test was to try the program on a server running in production. I chose a Windows 2000 Server that is running as an application server. Installing EPMS was straightforward and no reboot was required. I launched the application and resized the D:\ partition, creating an unallocated section of about 14 GB. EPMS requested a reboot. When the server came back up, the EPMS batch file ran, carrying out the operation I requested; the server then rebooted again and came back up normally.

The program is easy to use and out-performs every other partition tool I’ve tried, both open source and commercial, earning EASEUS Partition Manager Server a “Superior Product” rating. It’s well worth your money at $149.00. This is a tool that should be in every engineer’s toolkit and one that I’m glad I have at my disposal.

Have a question? It can be about anything from cooking to science, whatever you’re interested in: Click here to Ask the Geek! Kenny “The Geek” Harthun has been playing with geeky stuff since 1965. He’s a former research scientist, currently works as a Microsoft Certified Systems Engineer at Connective Computing, Inc. and loves to learn about anything and everything.

Having recently had the pleasure of interviewing Zonbu’s CEO, Mr. Gregoire Gentil, and also having had the pleasure of testing the laptop, I have to say I’m impressed by both the business model and the product. But my being impressed is just one opinion; what are others saying about Zonbu? Rather than my writing my own review, I present  a random sampling of quotes from email and other reviews along with my comments.

Mr. Zonbu says: "The company has consistently delivered new releases, fixing bugs, enhancing the system and updating the key software packages. None of the updates have broken anything on my system and Zonbu has listened to the public feedback and made changes and adjustments to continue to improve and refine the overall experience for the end-user. I was skeptical about their ability to keep up the pace and handle things smoothly, but so far they have exceeded my high expectations…If you don’t want the hassle, let Zonbu take care of it for you."

Yep, it’s completely hassle-free and mostly automatic for even the most novice user.

John Biggs of crunchgear.com says: "The Zonbu notebook costs $279 with a 2-year $14.95/month subscription to Zonbu’s update and storage service. This, clearly, is Zonbu’s real MO. They offer unlimited support and upgrades along with 50GB of Amazon S3-based storage. If you opt out of all of the support, you pay $479 for a fairly basic laptop.

"Here’s the rub, kids. With the service pack you’re paying $637.80 for a Linux laptop."

The key words here are "unlimited support and upgrades along with 50GB of Amazon S3-based storage." Most people don’t have a clue how to back up and secure their PCs, much less do upgrades. Geek Squad will give you "Basic Security" for $229. With Zonbu, you plug it in, it works, it’s secure and you never have to worry about it. As long as you’re under the subscription plan, if the unit breaks, they ship you a brand-new one. That says "affordable" to me.

Arsgeek.com says: "On turning it on, you’ll see the typical Zonbu startup screen where various icons light up to show you what phase of the boot process it’s in. After about a minute or so I was on the desktop. Zonbu, no matter what else they may have going for them certainly have great wallpapers. The desktop is crisp and clean, with a few icons in the upper left and a few items in the taskbar on the bottom.

"I was immediately greeted with a network connection wizard which walked me through getting online using my home wireless connection. It was painless and in a minute I was happily online. I logged in with my email and password and I was ready to play!"

I had the same experience on first boot. Even a novice could get on line quickly, in my opinion.

Security? I can compromise your PC in just a few minutes at some of the sites I know of. I have been unable to compromise either the Zonbu desktop unit or the laptop.

The Zonbu laptop isn’t necessarily for Geeks to use, but it will certainly lower the amount of free tech support you have to give to your friends, neighbors, mom and girlfriend who all own Windows PCs.

Cheers!
The Geek

Zonbu is poised to become the de facto standard for hassle-free, environmentally-friendy,  secure computing. I’ve been using the Zonbu desktop unit since August and I’ve fallen in love with it. I recommend it to everyone I know who’s looking for a home PC or one for their children.

With Zonbu’s announcement of their new notebook, manufactured by Everex (which I will be testing shortly), I asked Zonbu’s CEO, Mr. Gregoire Genil, a few questions.

ATG: Mr. Gentil, The Zonbu concept is like every good idea in computing rolled into one. Who first originated the idea?
Gentil:  I don’t think that anyone is the owner of the idea. It’s more a
trend that customers don’t want anymore to bear the hassle of managing
their PCs, especially as US households have more and more PCs. Fixing
your PC could be fun because you may like to do it, but doing [it] for your
wife, girl-friend, kids or the second PC in the kitchen or in the living
room becomes a real pain. And I’m not sure that customers want to buy
fat PCs with an OS that is, in itself, more expensive than our full-featured
zero-maintenance product. We want to be to the PC what Japanese cars have become to the automotive industry: reliable, simple and affordable
products.

ATG:  Did the problems inherent in Microsoft operating systems influence
the Zonbu concept in any way?
Gentil:  Definitely. Microsoft has done an amazing job in the 80s-90s but
much like the gas guzzlers of the 70s, the traditional PCs pursuit of
performance at all cost is having a negative impact on the environment and
is becoming a huge burn for customers. Our product holds on 700MB with
all the applications your need when Vista is already 30GB and you don’t
have everything you need.

ATG: Zonbu supports a wide range of hardware but only two MP3 players.
Are there plans to add more supported players?
Gentil: Actually, we support a lot of MP3 players, including all iPod, NJB
players and all players that store the music like a USB key chain.
Beyond this support, we intend to add more and more support for USB
accessories. We are constantly adding new drivers to increase the
support of our 1500 printers and 800 cameras. We have also just added
support for webcam.

ATG: Will Zonbu ever be available in retail stores or are you going with
a web-based sales model?
Gentil: For the moment, we are web-based sales only. We would like indeed to extend to retail next year.

ATG: What is the one best reason to buy you could give to a potential
Zonbu customer?
Gentil: One simple word: hassle-free. Aren’t you fed up to manage your
computer, finding the right plugin to watch such or such video, taking
care of your backup, fighting a malware? Fire yourself as IT
administrator of your home.

ATG: And go get a Zonbu and start enjoying computing again! Thank you very much, Gregoire, both for your excellent answers and the prompt response.
Gentil: No problem!

Cheers!
The Geek

Forgive my cliche headline, but it’s true; if you’re using Firefox on more than one computer, you have to have Foxmarks. It will keep all of your PCs’ Firefox bookmarks synchronized.

The Foxmarks Bookmark Synchronizer automatically synchronizes your bookmarks between two or more computers running Firefox. It also lets you access your bookmarks from any computer anytime via my.foxmarks.com. An easy-to-use wizard guides you through the quick startup process. Then Foxmarks works silently in the background to keep your bookmarks up-to-date on all your computers.

It’s very cool and it works just like they say.

Cheers!
The Geek

Technorati tags: Firefox, bookmarks, useful

Everybody likes free stuff, but when it comes to software, you often don’t know who to trust. We’ve all been burned by “free” software that was really just a means for someone to infect our machines with tons of spyware and other junk provided by miscreants disguised as “sponsors.” Don’t get me wrong, I’m not bashing free download sites, many of which I visit on a regular basis; it’s just that you can never be sure of the quality until after you’ve downloaded the program. This is especially true when there hasn’t been much user feedback.

Not so with Giveaway of the Day. You get quality software that you would normally have to pay for, free. Yep, you read that right. Every day, they feature a commercial software program and make it available to everyone for 24 hours, absolutely free.

…a convenient initiative allowing you to get the best commercial software titles – for free. Every day we offer licensed software you’d have to buy otherwise, for free! Yes, we are giving away software, and you can download it from our site, right now and right here and our goal is to give away every good piece of software, sooner or later.

They also have a Game Giveaway of the Day:

…a convenient initiative allowing you to get the best commercial games – for free. Every day we offer licensed game titles you’d have to buy otherwise, for free! Yes, we are giving away games…

And a spyware/virus/trojan-free freeware library where you can download any of the titles any time:

Freeware Library is the perfect place for you to download free software from. Here you can find and enjoy free programs from virtually any category. We check all software carefully for viruses, trojans, spyware etc., so you can rest assured that all programs are pure freeware and safe to download and install.

Check it out!

Cheers!

The Geek

Technorati tags: software, free software, freeware, games

Joe from Joliet writes:I’m tired of getting adware and spyware on my computer. Last week, my geeky brother got on my computer and showed me a bunch of web sites I had visited–he even found my webmail password. Is there any way to keep my computer from storing all this stuff?

The Geek answers:Thanks for your question, Joe; it’s a good one. The short answer is , yes, you can fix this; but let me explain a bit about what is going on here. Most web browsers use some form of caching to enhance your browsing experience. Caching is a way of storing the web pages you visit on your hard drive, rather than downloading them every time. There’s no need to download every web page every time you access it because web pages don’t change very often and it takes longer to download a page from the ‘Net than it does to display it from the cache your hard drive. So, depending on how much your browser is set to store in its cache, someone in the know may be able to come along and see what web sites you’ve been looking at. That’s what your brother did. You must have your browser set to remember your webmail password, too. Bad idea if you value your privacy; I always type my passwords into every field.

So, if you’re worried about what someone might see on your system, there is a simple way to prevent anything from being stored in the cache, history and remembered password files. It’s called SandboxIE, and it’s probably one of the best privacy-assurance applications out there because you don’t have to do anything but run IE (or any other browser) in the sandbox. What is a sandbox, you ask? Well, it’s like a secure little section of your computer that is walled off from your operating system; nothing can get out of it unless you let it, and when you shut it down, anything that was there is gone, erased, nada, nothing. Even if the nastiest spyware on the Internet managed to get into the sandbox, as soon as you close it, the bad boy is gone. And so is the history list, the cached pages, EVERYTHING. Pretty slick. See the Wikipedia entry about sandboxes for more info. Steve Gibson, star of Security Now! dedicated a podcast to application sandboxes that you can download here.

As always, if you have further questions, you can “Ask the Geek”!

Cheers!

The Geek

Back in December 2005, I wrote about how to make a thumb drive virus scanner using datapol’s NTFS4DOS, a Kool Tekkie Tool that allows you to read and write NTFS volumes from a DOS command line interface. Now, the good folks at datapol have come up with another winner: CIA DRiVE.net, a very cool remote recovery and offline antivirus utility that no IT pro should be without. There’s a free (read-only) demo available as well as Professional and Enterprise editions. I’m testing the Enterprise edition.

CIA DRiVE.net is the fastest and easiest method to access the drives of a remote computer over the network or the internet. Whether you simply want to transfer data from one PC to another (even in the case that the remote computer doesn’t boot Windows any more), backup or restore data over the network without a working Windows installation or whether you want to be able to perform an offline anti-virus check…with CIA DRiVE.net you get a full-blown solution for managing and recovering remote computers that is nearly…a perfect way to exchange data between computers that don’t belong to the same domain or workgroup.

This isn’t hype; it does everything they say it does. It works over TCP/IP and there’s no need to worry about domain names and workgroups, nor even which subnet you happen to be on; if you know the IP address of the computer you want to connect to, and it’s booted with the CIA DRiVE.net server, you’re good to go. I’ve tried it three ways: with an ethernet crossover cable (much better than a null modem cable); over the LAN in my office; and — this is really slick — over the Internet (you have to open port 45751 in your firewall). No matter how you hook it up, you can do anything to the remote PC that you can do on a local hard drive.

The other techs in my office thought it was pretty cool when I mapped the hard drive on my home computer to my laptop over the Internet and kicked off a full virus scan. Impressive. But there’s more. For those PCs that support it, you can wake them up with a magic packet or force a shutdown or restart. There’s also a user manager that in the Enterprise edition allows you to reset lost WinNT/Win2k/XP passwords that are stored in the SAM and in the Active Directory of Windows Server 2000/2003. If your network card on the remote PC is PXE-capable, you don’t even have to build boot media; the CIA DRiVE.net client has a built-in PXE server and will automatically upload the software to the remote machine.

The boot media maker allows you to make floppies or CDs and also create bootdisk image files: .img for floppies; .iso for CDs. Using an image, you should be able to make a bootable thumb drive, but I haven’t tried this yet. You can make the images available for download, or you can email them easily because they are quite small (less than 2MB).

The free version of CIA DRiVE.net is read-only, but will allow you to see how it works; the Professional version sells for $179 and allows up to 25 remote connections; the Enterprise edition sells for $299 and allows unlimited connections. Obviously, this isn’t a tool for casual use, but it can pay for itself quickly. For instance, saving just one client from major data loss by recovering data from an unbootable hard drive justifies the cost. It might even work on systems where the hard drive isn’t recognized by the BIOS. I haven’t tried it, but if you use the “direct disk access (bypass the BIOS)” option to make a boot disk, it should work in all but the most desperate circumstances.

If you got the feeling that I’m sold on this Kool Tekkie Tool, you’d be right. Check it out.