I have reviewed Kon Boot about a year ago and later on attempted to install it into USB flash drive using UNetbootin for convenience. During that time Kon Boot v1.0 was not made to support many types BIOS and also booting from USB which explains why it did not work for some of you.

Kon Boot has been recently updated to version 1.1 and it contains a lot of improvements over the version 1.0. It has been recoded from scratch to support booting from USB using the custom Kon Boot USB Loader Install Utility. It can now support both 32 and 64bit of Windows and also fixed bugs to work on the latest Windows 7. Kon Boot 1.1 internally still supports Linux, but it is not commercially supported due to the fact that there is way too many distros. If you have not heard of Kon Boot, basically it is a software which you boot up the computer with and allows you to log in to any user without knowing the password. Kon Boot works by hooking the BIOS and make changes to the Windows kernel temporarily to allow a user bypass the step of Windows authentication.


I personally don’t think that Kon Boot is an ultimate hacking tool that can be used to prank people or hack computers. Firstly, you have to be in-front of the computer and secondly, you must have access to BIOS to change the boot priority. There is no way to do it remotely. In my line of work, I had to deal with hundreds of computers everyday that are used by computer newbies. Many times I am faced with the annoyance of being asked to troubleshoot a computer but the user account is password protected. Kon Boot allows me to log in to the Windows computer and perform troubleshooting tasks without resetting or knowing the actual user account password.

Kon Boot is also capable of performing privilege escalation. For example, you can boot up the computer with Kon Boot, log in as Guest, copy cmd.exe to a different name and run it. You now have System privileges. You can then make use of “net user” command to add a new user, reset administrator password and etc FROM A GUEST ACCOUNT!

Unfortunately Kon Boot 1.1 is no longer free. The personal license cost $15.99 and it gives you free updates and support for a period of 6 months. You can still continue using Kon Boot 1.1 without restrictions even if you do not renew. As for Commercial license, it cost $75.99 for a year support and updates, allowing you to use on company or business environment. The commercial license can be transferred to any member in a registered business entity.

Kryptos Logic is very generous to offer 2 promotions to Raymond.cc readers and they are:

1: Everyone can get a 20% discount by using the following discount coupon:RAYCCREADER20

2. 30 Kon Boot personal license for free. Leave a comment and make sure you are a subscriber to be in the draw. Winners will be chosen and announced tomorrow.

I have been informed that a trial version of Kon Boot 1.1 will be made available in Kryptos Logic’s website. It will be a free 32bit version without Windows server support, essentially a much cleaner version of 1.0 but I couldn’t find the download link. I am not sure if Team Kryptos Logic has scrapped the idea of the trial version or there are some delays. Let’s wait for their response.

[ Visit Kryptos Logic ]

30 winners has been selected and will be receiving an email from me shortly on how to obtain the full Kon Boot v1.1.

So far I’ve only seen tools that is able to check if a person is invisible in ICQ. Today I found out that there’s a tool which you can check if your friend in your ICQ contact list has placed you in ignore list. ICQ has a feature where you can ignore specific types of messages, alerts or specific users. When a person is in ICQ ignore list, any communication these users send you will be blocked.

Here’s a small and useful tool for you to check if you’re being ignored by your friends in your contact list. Other than that, you can also manually check an ICQ UIN by typing it yourself.


ICQ Ignore Checker is developed by murb.com from Germany. To check if you’ve been ignored by a person from your contact list, just enter your ICQ UIN and password and click the Login button. Once you’re logged in, your ICQ contact list will be loaded. To check all your contact, simple click on the “Check all contacts” button.

I’ve tested it and it works! Now I know who is ignoring me in ICQ! Since they don’t want me to bother them, I’ll just remove them from my contact list.

[ Download ICQ Ignore Checker ]

If you ask anyone that knows about encryption, they would say that TrueCrypt is one the best out there. I have an old friend who used to be in the “scene” that was involved in warez and he uses TrueCrypt to protect the sensitive data on his computer in case one day the authorities decides to bust in to his house. If one follows the guide on using a complex passphrase, even FBI hackers fail to crack TrueCrypt using the dictionary attack.

One good thing about TrueCrypt is the portability where I can use it to protect data by encrypting it and then save both the TrueCrypt Volume and the software to a CD or DVD. The data in the disc will be encrypted which can be easily decrypted to access the files any time by just running TrueCrypt and mounting the volume with the correct password. The decryption is done instantly (on the fly) so you can immediately access your files upon entering the correct password. There are some shareware such as CD-Lock and GiliSoft Secure Disc Creator that encrypts disc but I will show you how you can do that for free with TrueCrypt.


1. Download the latest version of TrueCrypt. Currently the latest version is 7.0a.

2. Run the TrueCrypt setup file (TrueCrypt Setup 7.0a.exe). Accept the license agreement and at the second wizard mode, select Extract.

3. Run TrueCrypt.exe and click on Create Volume button.

4. Select “Create an encrypted file container” and click Next.

5. You are asked to either select “Standard” or “Hidden” TrueCrypt volume. This feature is very interesting and I hope I am able to explain in an easier way to understand.

The Standard volume let’s you create just one encrypted space. Let’s say you’re being threatened to reveal the password or something bad is going to happen to you. Revealing the password will decrypt all the encrypted files and the person who threatened you get all the files.

As for Hidden volume, it creates another encrypted volume on the existing encrypted space with another password. So if you gave the first password, the hidden volume will still stay hidden and not be revealed. Only if you mount the volume using the hidden volume password, then only the hidden volume will be mounted.

As a simple test, we’ll select the “Standard TrueCrypt volume” and click Next.

6. Now you’re asked to specify where should the TrueCrypt volume be saved to. Click the Select File button and set a name for example, dummy, and click Next.

7. There are a bunch of encryption algorithms to choose. Let’s leave it as default and click Next.

8. A normal CD have 650-700MB in space and DVD is 4.7GB. If you’re going to create an encrypted CD, let’s create the volume size as 600MB and click Next.

9. Enter a password. Make sure you use a good password and remember it. If you lose the password, you are not going to get back the encrypted files.

10. Click the Format button to format the volume and wait for a few seconds. Click Exit when the volume is created.

11. Now you’re back at the TrueCrypt main interface. Click on any drive letter that is on the program, and click the Select File button. Select dummy file and then click the Mount button. Enter the password that you’ve specified in step 9.

12. Go to My Computer and you will see a new drive letter. Alternatively you can also double click on the drive that is mounted at TrueCrypt to directly open the drive. That is the encrypted volume (space) which is now decrypted. Copy the files that you want to encrypt to the drive.

13. Once you have finished copying the files to the mounted volume, to dismount, simply click on the drive at TrueCrypt to make sure that it’s highlight and then click the Dismount button. Click Exit to close TrueCrypt.

14. To put it on a CD, just burn the 4 TrueCrypt files (TrueCrypt.exe, TrueCrypt Format.exe, truecrypt.sys, truecrypt-x64.sys) and dummy file to the disc.

To access the encrypted files in future, insert the CD to your computer, run TrueCrypt.exe and follow step 11 to mount the TrueCrypt volume. The files will be read-only and cannot be modified since it is written on a disc.

Here is how TrueCrypt works in summary:

1. Create volume (make an encrypted space): Refer step 3 to 10
2. Mount volume (map the encrypted space to a drive letter) Refer step 11
3. Copy files to Volume (Move any files to the mapped drive that you want to encrypt) Refer step 12
4. Dismount Volume (unmap encrypted drive). Refer step 13

I just bought a 12.1″ Acer TravelMate 6293 laptop to replace my big and bulky 15.4″ Acer TravelMate 4100. Initially I planned to buy Sony Vaio but it after comparing the price and specifications, Acer gives a better deal although I know that the quality of Acer is much lower than Sony Vaio. The quality and finishing doesn’t really matter so much to me because I am always using an external keyboard and mouse to avoid strain injury. I am only looking forward on the portability as it weighs less than 2KG and also it is using the latest Centrino2 processor with 2GB DDR3 ram which claims to draw less power and provide better performance.

The salesman told me that Acer no longer provides Recovery Disc to restore the system back to factory default anymore. I had to create them myself from Acer eRecovery Management with 2 DVD discs. The funny part is the salesman told me that the recovery disc can only be created ONCE. I was frightened by what the salesman said and I started to do a lot of research on the laptop recovery system.


I read a lot of forum posts and found that my Acer’s laptop hidden partition is totally different from what other people are getting. For example, many people has been successful to unhide the hidden EISA partition using Symantec’s PowerQuest Partiton Table Editor PARTEDIT32 tool. I’ve disabled D2D in BIOS and tried to set the hidden partiton type to 07 (Installable File System NTFS ,HPFS) but everytime after a reboot, the PQSERVICE partition will automatically be reverted back to the default type. I tried booting in to Safe Mode, the type shows 07 but I couldn’t see the hidden partition.

Then, another different issue is regarding reverting the MBR back to the original Acer’s default MBR. Let’s say the Acer laptop is preinstalled with Windows Vista. You hate using Vista and formatted the hard drive to reinstall Windows XP. By doing that, you’re actually wiping off the MBR records and you can never use the Alt+F10 to launch the eRecovery Management to perform system recovery. Fortunately on older laptops, this can be easily fixed by extracting the rtmbr.bin and mbrwrdos.exe file from the hidden PQSERVICE partition to restore the MBR to the original state. Weirdly, my Acer TravelMate 6293 PQSERVICE hidden partition doesn’t contain mbrwrdos.exe and rtmbr.bin files 🙁

To me, the current recovery method implemented by Acer and many other laptop manufacturers are just CRAPPY. No doubt that it is easy to restore the system back to factory state for basic computer users, but for a slightly more advance user (but not too geeky) who knows how to format a hard drive or mess around with partition, they could wrongly delete the PQSERVICE partition causing them unable to perform a system recovery. I guess many people also knows how to install Windows XP and by doing that, they’re wiping off the MBR and won’t be able to use the ALT+F10 hotkey during bootup to launch the Acer eRecovery Management. So if you screw up, you’ll have to fork out money to get the manufacturer to restore back the hidden PQSERVICE partition and the default MBR.

After reading a lot on forums regarding the hidden partition and MBR, I think it is VERY important that these steps are taken IMMEDIATELY to prevent from spending unnecessary money in bringing back the laptop to manufacturer to have them restored.

1. Create Recovery Discs
– Usually laptops that doesn’t come with recovery discs has to be manually created. In Acer, it can be done from Acer eRecovery Management. Even if you’ve accidentally deleted the hidden partition, can you still restore the system back to default state using the recovery discs.

2. Backup Master Boot Record
– If you’ve removed Vista and installed another operating system such as XP, but would like to revert back to Vista, you can restore the original MBR and hit the Alt+F10 hotkey during startup to launch the recovery system from the hidden partition. Here are 5 free tools that you can used to backup and restore MBR (Master Boot Record)

3. Backup EISA hidden partition PQSERVICE
– I’d say that this step is the most important of all. Having the hidden partition is better than having the recovery discs. There are many third party partition tools that can handle hidden partition but I found that the free version Macrium Reflect is an excellent free tool that is able to easily detect, backup and restore the hidden PQSERVICE partition. It even automatically backs up the Master Boot Record whenever you create a backup.

To backup PQSERVICE hidden partition. Run Macrium Reflect, right click on PQSERVICE partition and select Create Image of ’1 – PQSERVICE’.

Select a backup destination, you can backup to your local hard disk, network shares or even CD/DVD discs. Should take less than 20 minutes to backup the 13GB hidden PQSERVICE partition. Next time when you want to restore the backed up PQSERVICE partiton, simply create a Macrium Reflect Rescue CD (preferably Linux), boot up the computer with the rescue cd and load the image.

To view the contents of the PQSERVICE hidden partition, just double click on the backed up image file that you created with Macrium Reflect and check on the checkbox. It will amount the backup image on new drive letter.

You can now view the PQSERVICE contents from My Computer by accessing the mounted drive letter.

Once you have done all the 3 steps above and store the backups in the proper place (external drives, DVD discs and etc), you can pretty much do whatever you want on the laptop without having any problems in restoring the laptop’s system back to the original state.

One of my client’s computer encountered a problem which is unable to run Windows Disk Defragmenter. Windows Disk Defragmenter is a computer program included in Microsoft Windows designed to increase access speed (and sometimes increase the amount of usable space) by rearranging files stored on a disk to occupy contiguous storage locations, or defragmenting. The purpose is to optimize the time it takes to read and write files to/from the disk by minimizing head travel time and maximizing the transfer rate.

The problem is whenever he tries to run the Disk Defragmenter shortcut from Start > Programs > Accessories > System Tools > Disk Defragmenter, only an error window “MMC cannot open the file C:\Windows\system32\dfrg.msc. This may be because the file does not exist, is not an MMC console, or was created by a later version of MMC. This may also be because you do not have sufficient access rights to the file.” appears.

Here are some suggestions on how to fix running disk defragmenter problem in Windows.


One of the methods below should be able to help you restore Windows Disk Defragmenter. Try the first solution and then run Disk Defragmenter. If it didn’t fix the problem, continue with the second one and etc.

Solution 1: Make sure you have rights to run Microsoft Management Console (MMC) and MSC file.

Solution 2: Go to Start > Run, type regsvr32 msxml3.dll and click OK.

Solution 3: Go to Start > Run, type regsvr32 dfrgsnap.dll and click OK. Then again go to Run, type regsvr32 dfrgui.dll and click OK.

Solution 4: Go to C:\Windows\Inf, right click at dfrg.inf file and select Install.

Solution 5: Go to Start > Run and type sfc /scannow. Make sure you have your Windows XP installation disc in the CD/DVD drive.

Solution 6: Download and apply .MSC association fix.

Solution 7: Download and apply Defrag SnapIn registry fix.

Solution 8: Download and install latest MMC 3.0 from Microsoft.

One of the methods above should be able to help you restore your disk defragmenter. But for my case, I’ve gone though all methods above and it still doesn’t restore Windows Disk Defragmenter. Every time I run defrag, I still get the error MMC Cannot Open the File C:\WINDOWS\system32\dfrg.msc. After days of trying, finally I just decided to rename the dfrg.msc file at C:\WINDOWS\system32\ to dfrg-renamed.msc. I ran dfrg-renamed.msc, and I was shocked to see that it was able to run! So I created a shortcut for dfrg-renamed.msc and place it at Start menu and desktop for my client.

Until today I still couldn’t figure out what is causing this weird behavior but this workaround allows me to run Disk Defragmenter without getting the MMC Cannot Open the File C:\WINDOWS\system32\dfrg.msc error. I’d appreciate if you can share with me what might be the cause of this problem and how to really fix it.

Few days ago I was trying to help a friend troubleshoot a computer problem using teamviewer. For some weird reasons when I gave him the direct link to download the Teamviewer QuickSupport module, Windows Live Messenger gave me an error “The following message could not be delivered to all recipients” message.

I thought that MSN blocked the link because there was an .EXE extension which can be unsafe so I tried uploading to MediaFire which the download link contains only random letters and numbers without the extension, but it still got blocked. I also remembered very clearly that I tried on Rapidshare but it was blocked too. Finally I had to ask him visit teamviewer.com and click on the “Join a Session” button to download the quick support module.

I googled and found some people also had the problem of MSN blocking Mediafire links. I really thought that this is the case but after doing more research, it appears to be different and MSN doesn’t hate or intentionally block MediaFire links.


I found out from MSN Protocol website that it is possible to use the GCF payload command to request a configuration file Shields.xml that controls blocking of security sensitive items like hyperlinks, Winks and Dynamic Display Pictures from the server. From Wikipedia I also found out that the latest MSNP is now 18 but the GCF link is on 11. Further research tells me that ever since MSNP13, they no longer pushes Shields.xml and the configuration files are now called policies.

Now I have some idea on how it works so I fired up oSpy and attach it to Windows Live Messenger to start sniffing the received data. I search for the word SHIELDS in the packets and found one received packet that has very interesting data. As you can see at the screenshot below, it has tons of base64 encoded strings for imtext value.

When I decoded one of the strings “cGhvdG8yMzRcLnppcA==” with an online Base64 decoder, it shows a filename “photo234\.zip” which I am pretty sure that’s the blacklisted word because there used to be MSN virus circulating around with similar filenames. I tried sending a test message with any URL together with that filename and BINGO! that message is blocked with the error “The following message could not be delivered to all recipients”.

Later I discovered that you don’t really need a packet sniffer to get the base64 encoded blocked because Windows Live Messenger has an option to enable connection logging. Open Windows Live Messenger, go to Tools > Options > Connection > Advanced Settings button > check Save a log of my server connections to help troubleshoot connection problems. Now sign in to your MSN account, and again go Tools > Options > Connection > Advanced Settings button > and click the View Log button. Search for the word SHIELDS and at the same line you will find a lot of encrypted imtext value such as aW1nNS0yMDA3XC56aXA=.

I’ve decoded all 91 strings from the current block list which contains censored words and URLs but I still couldn’t find why mediafire links are blocked. Further online research shows that the censored list gets updated, for example, older censored word list used to have “.pif” but now doesn’t and it is still being blocked. Try appending .pif with any links and the instant message surely can’t go through. Finally through online research, I found out that Mediafire links are blocked because “download.php” is in the URL and it is one of the older censored words.

For your convenience, I have compiled a list of blocked words by MSN. It may not be complete but it is currently the biggest list you can find on the Internet.

.pif
168.169.78.19
1717wan.cn
51kongqi.com
51pingguo.cn
66663.cn
930le.com
94nile.com/apple
995ba.com
acilastir.info
acisalavans.info
acisalcap
albrahem.com
album.zip
amazondakayboldum.info
amazonhalki.info
amigosparasempre.smtp.ru
amigosparasempro.smtp.ru
armazfiles.smtp.ru
baratinha.mypets.ws
belgravehelpdesk.com
bezgi.info
bireyci.info
block-checker.com
blockinrio
bobblak.com
bobyup
bobzop.com
boyamagucu
burasiseninyerin.info
bush-gracioso.exe
checkmessenger.net
chinacircle.com
chirstmas-2007.zip
clipdeeps.com
dansadimi.info
downgrdr.exe
download.php
dreamlife365.com/member/
e-afyonkarahisar.info
ekars.info
ekastamonu.info
emret.info
fantasma.zip
fmconsulting
foto.exe
foto722a6
fotos.zip
friendims.com
friendly-offer.com
funbuddyicons.com
funpic.de
g038_jpg.zip
get-messenger
goldwindos2000.com
happy_2008.exe
happy2008.exe
hetandunhasde.com
hornymatches.com
hoto234.zip
imag091307.zip
image031.zip
image206.jpg-www.photoshare[1].com
image25.zip
images.coolpage.biz/images.php
images.getenjoyment.net
images.idohost.com
images.zip
imageswitch.info
img-0012.zip
img021.zip
img-0950.zip
img1756.zip
img301.zip
img-3773.zip
img5-2007.zip
img-6434.zip
img-8197.zip
imp.exe
implay.com
impluse.exe
improfile.net
iwantu.com
life365.com
love33.zip
mainmsn.com
mainmsn.net
malbranche.goracer.de
members.lycos.co.uk/svy21/t/contact.php
memebers.lycos.co.uk/getmessenger
mensagemparavc.mail15.com
messaging-names
messangerstats.net
messengerdeletechecker
messenger-scan
messengertools.org
miralafoto/foto.exe
monclocher.com
monica.zip
moorsh.com
mprofiles.net/members.php?msn=
msnblockerlist.com
msnblocklist.com
msn-friend.com
msnliststatus.com
msnspy.eu
msnwebimages.com
myalbum2007.zip
mydipan.cn
mymsngallery
mypengyou.com
myphoto94.zip
mypictures.zip
mypictures-0108.zip
no-ip.org
noticiasdobrasil.com.sapo.pt/noticiaurgentebrasilnumero9821.com
nowpounds.com
p1377.pic-myspace.info
photo2007-12.zip
photo234.zip
photo656.jpg
photoalbum2007
photogbase.com/pictures.php?photo656.jpg
photos.zip
photos1-2008.zip
pic.zip
pic1273.zip
pics.zip
pics-at-the-party.com
picts-7053.zip
pictura002
portakallidavet.info
profile.php?
quienteadmite.com
reuty.info
secretimages56.zip
shusu.cn
sjegat.pics.skaq.info
sontarih.info
stuff.zip
stuffplug.com/temp/downgrdr.exe
sulandirma
summer2008
sweetpictures.myphotos.cc/katiesex.pif
t35.com
tanyababe.zip
tufoto
tuhafkimse
tunabaligi
tutuskanlik
unknowntools.com
uysallik.info
verti2/fantasma.zip
viotagallery.com
windowslivemessenger.biz/msn/msn.php
wowbam.com
xpimad.com
yorungesel

Remember, MSN does not block these words alone. They must be in hyperlink. You can test them by adding www or http:// infront of those words. There are two ways to bypass this annoying censor by MSN. If you’re trying to send a mediafire link with download.php in the middle, you can use TinyURL to mask the URL. And if you’re trying to send a link with no-ip.org, do not include www or http:// infront of the URL. I find it hard to believe that no-ip.org is blocked by MSN!

I’ve been using Pingdom for at least 3 years already because they provide really good service and also the 1 minute checks from locations all over the world. I used to have problems sending SMS as notification and Pingdom’s support team fixed the problem really quick plus they even compensated more SMS credits to my account. I’ve always been using the Basic account because that is the cheapest plan they had back then. It’s pretty much a waste since I only have one blog site to monitor when the basic account offers checks on 5 websites.

My Pingdom account has just expired end of February and was billed $119.40 for a new invoice. I’ve just paid few thousand dollars for a years’ dedicated server at NetDepot and is really feeling the pinch for fork out another hundred bucks for a monitoring service. Moreover Adsense has stopped serving ads to this website and the revenue that is generated from other advertising companies is barely enough to cover the cost of this server. So I canceled my Pingdom account temporarily and thought that maybe I will re-sign up again at a later time when I have enough funds.

To my surprise I found out that Pingdom has started offering FREE accounts along with 20 SMS but limited to only monitor ONE website. Pingdom Free account is fine with me because I only have 1 website to monitor and can save money.


What I like about Pingdom is the control panel is easy to use and understand and most importantly it does 1 minute checks from different locations around the world. For me, I set Pingdom to check for a certain keyword on my blog site every minute and only notify me via SMS and email if detected 11 consecutive check errors (10 minutes).

Other than checking for downtimes, Pingdom can also check how responsive is your website. Even if you only have FTP or mail server, Pingdom can check TCP ports (21 for FTP) and also SMTP, POP3, IMAP. The TCP port check makes it possible to check nearly everything including a game server such as Counter-Strike that is normally on port 27015.

The important requirement to keep your free Pingdom account alive is to log in to the Pingdom control panel at least once every 90 days. If you’re not good at remembering things, the easiest way is to install a free app by Pingdom called Pingdom Desktop Notifier that runs in the background and notifies you if your website is down. This application connects to your control panel so you can get more information about an outage and access more Pingdom features such as our various reports.

If you think about it, you can register 5 free accounts and you’re able to monitor 5 websites. It’s doable but it’s wrong under Pingdom’s terms of service. One of the terms is “Only one free account per person or legal entity is allowed“. If they catch you using two or more free accounts, you will risk your accounts being terminated. Blacklisting your account is fine because you can always use a new email address and contact information, just don’t blacklist the IP or website that you want to monitor…

So far I can’t find any better free uptime monitoring service than Pingdom. Sign up FREE Pingdom account from this link.

Have you ever noticed one very annoying problem when checking your Hotmail from MSN Messenger, it only opens with Internet Explorer? Windows Live Messenger is closely integrated with IE since Microsoft has to promote their web browser so Windows Live Messenger will always open pages in IE instead of other web browsers. I am very sure that I have Mozilla Firefox set as my default browser.

What I don’t understand is, when someone send me a message with a link, I am able to open link with Firefox, but when I click the small email icon to open my Hotmail inbox, it uses Internet Explorer! It seems the Windows Live Messenger does not respect Windows default browser.

There seems to be a place where I can configure default programs for activities in Control Panel > Add or Remove Programs > Set Program Access and Defaults > Custom > and select Mozilla Firefox. Tried that but it did not work. Seems like the only way to open Hotmail when clicking the email icon at Windows Live Messenger is by installing plugins.


1. Download Messenger Plus! Live and install.
Important Note: When install, at the first screen, click Next. Take a careful look at the second screen because that’s where it will ask you whether to install sponsor program or not. Select “I refuse to give my support, don’t install the sponsor“.

2. Download StuffPlug and install.

3. Launch Windows Live Messenger and sign in.

4. Try clicking the email icon and see if your Hotmail inbox will be launched in Firefox. If not, then click StuffPlug 3 from menu and select Options. Go to General tab and make sure the option “Open all URLs in default browser” is checked.

Is it even necessary to install 2 types of Windows Live Messenger plugin for this feature? It depends… I guess it is only necessary for people who has problems launching Internet Explorer and they are used to opening Hotmail inbox from the email icon. For me, I can still live with opening Hotmail inbox with Internet Explorer although my default browser is Firefox.

ESET, the developer for one of the top popular antivirus NOD32 has launched the beta version of ESET SysInspector late last year. ESET SysInspector is an application that thoroughly inspects your computer and displays gathered data in a comprehensive way. Information like installed drivers and applications, network connections or important registry entries can help you to investigate suspicious system behavior be it due to software or hardware incompatibility or malware infection. Pretty much like HijackThis but it is able to dig up more information about your computer.

After few months of testing, they’ve finally released a newer beta version which contains many fixes, changes and new features. Two major features added to the latest SysInspector beta is the detection of master boot record (MBR) infecting rootkits, such as Win32/Mebroot and anti-stealth device driver which dynamically loads at runtime to to detect rootkits and other hidden objects.


ESET Inspector is portable. There is only one executable file (SysInspector.exe) which you run and it’ll start inspecting your computer. Each time ESET SysInspector is run, it examines the system to precisely determine its configuration. This process may take several minutes, depending upon the speed of your computer and the software installed on it. When ESET SysInspector has completed cataloging the system, it displays this information in its graphical user interface.

ESET SysInspector divides various types of information into several basic sections called nodes. If available you may find additional details by expanding each node into its subnodes. To open or collapse a node just double-click the name of the node or alternatively click or next to the name of the node. As you browse through the tree structure of nodes and subnodes in the Navigation Window you may find various details for each node shown in the Description Window. If you browse through items in the Description Window additional details for each item may be displayed in the Details Window.

ESET SysInspector assigns risk levels to objects (files, processes, registry keys and so forth) using a series of heuristic rules that examine the characteristics of each object and then weight the potential for malicious activity. Based on these heuristics, objects are assigned a risk level from “1 – Fine (green)” to “9 – Risky (red).” In the left navigation pane, sections are colored based on the highest risk level of an object inside them. By adjusting the slider you can filter items by their Risk Level. If the slider is set to the utmost left (Risk Level 1) then all items are displayed. By moving the slider to the right the program filters out all items less risky than current Risk Level and display only items which are more suspicious than the displayed level. With the slider on the utmost right the program displays only known harmful items.

All items belonging in the risk range 6 to 9 can “pose” security risk. It is recommended that you scan the files that poses a security risk with an antivirus or you can upload it to VirusTotal. However, since SysInspector is in BETA, there will be some of unknown applications such as shadowservice.exe from PowerShadow or even false positives which need to be corrected. There is also no way for you to add an application to a trusted or safe zone so SysInspector will not pick it up and flag it as security risk in future.

Currently, ESET SysInspector does not have any ability to make any changes to computers. It is “read-only” in that it is designed for analysis, not malware remediation. Perhaps when it is no longer in BETA, it might have the ability to make changes.

[ Download ESET SysInspector for Windows 32-bit | 64-bit ]

I do realize that giveaways are not so often in this blog anymore. The truth is there are actually a few software companies that has approached me in sponsoring free licenses for giveaways but some of you may know me better, I do not simply host any giveaway for just any type of software. It had to be good, useful and I am even willing to do it for free if you are going to pay me. However if the software is not that good, I won’t even consider posting it here if they are going to pay for me it. Today’s giveaway is about a software which I have been using for many years already and it has helped me saved more than a hundred hours in total. Remember, time is money.

I believe all of us here browse the web and very often check on our list of favorite websites and forums for updates and the whole process unknowingly takes a lot of time. You had to open every page in tabs, wait for it to load and then try to remember if you have seen this article yesterday on this website. Probably it won’t be very time consuming if it was only a few websites but if you had like 50 websites to check daily, you are losing a lot of time if you add all of them up for the whole year.

I have tested nearly all webpage monitoring software that is available but no software can beat Website-Watcher. I would say that it is the best of what it does that I have come across.


Basically what Website-Watcher does is it can monitor web pages, forums, RSS/Atom feeds, newsgroup, documents and binary files for updates. Then you can control what and when it gets checked with many other advanced features. Most blog sites including the one that you are currently reading now has RSS feeds and you can easily add it to Website-Watcher’s bookmark list. Checking the RSS feeds is faster because it doesn’t download all those unnecessary images and advertisements, saving both bandwidth and time.

Forums are the hardest to monitor for updates because it has a lot of real time data being generated such as the number of reads, views which could generate false alert. But with Website-Watcher, it supports popular forum such as Burning Board, IP.Board, SMF, phpBB and vBulletin through plugins where everything is configured automatically. For password protected websites, you can enter the username and password or if it is a custom web form, then you can use Macro to record the login process.

Website-Watcher 2010 has way too many features for me to mention everything on this article. For more detailed information, you can visit the official website or even better, download and install a 30 day trial and then you will know why I say that it is the best webpage update monitoring software. Below is the proof that Website-Watcher has saved me over 99 hours of time after using it for more than a year.

There are 3 editions of Website-Watcher. Basic, Personal and Business. The basic edition is the cheapest version that cost €29,95 for a single user license and it is most useful for people that just want to use it to auto check for website updates. As for the Personal edition, it cost €49,95 and it has more advanced feature such as AutoWatch, Newsgroup support, Scripting Language and Follow Links. As for Business, the features are very similar to Personal except it can password protect bookmarks and allows you to use in business environments.

Aignesberger Software GmbH has been very kind to sponsor 5 personal license to be given away at this blog. It is a 1 year license which allows you to install any updates within the licensed period but you can continue using it when the 1 year period is up. Same rule applies, first you need to be a subscriber and secondly, leave a comment on this page. The winner will be randomly picked and announced tomorrow.

[ Visit Aignesberger Software Website | Download Website-Watcher 2010 ]

Firefox can securely save passwords you enter in web forms to make it easier to log on to websites. By default the option “Remember passwords for sites” option is enabled but you will still be asked whether to save passwords for a site when you first visit it. Clicking the Remember button will save the login information, Not Now button to ignore it or Never for This Site, that site will be added to an exceptions list and will never prompt you to save the username and password for that site. This feature is available at every web browser and is offered as a convenience but also increases the risk of your login information being exposed.

I normally save most of the usernames and passwords on my laptop because I am the only user and that computer is not shared with anyone else. If the laptop is not stolen or Windows is not hacked, then my usernames and passwords are pretty safe. One big reason I never let anyone touch my laptop is because someone could just run either of the 2 free portable tools to grab all my website passwords. Of course, we can also put these 2 tools to good use such as recovering the sign-on details when Firefox fails to open.


1. FirePasswordViewer

– FirePasswordViewer is the GUI version of popular FirePassword tool designed to decrypt sign-on secrets stored by Firefox. FirePasswordViewer tool can decrypt and display these secrets on the same lines as the Firefox built-in password manager. The main advantage of FirePasswordViewer is that it does not require Firefox to be running. Also FirePasswordViewer can be used to display sign-on secrets from different profile (other than current profile) as well as from the different operating system (such as Linux, Mac etc) altogether. This greatly helps forensic investigators who can copy the relevant files from the target system to test machine and view the credentials offline without affecting the target environment. The displayed sign-on information can then be saved to a file in standard HTML format which can be used as valuable and quick offline reference.

[ Download FirePasswordViewer ]

2. PasswordFox

PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename.

[ Download PasswordFox ]

To protect yourself against these 2 tools, simple enabling and setting a Master password would stop this 2 tools from harvesting your login information. You can do that in Tools > Options > Security tab > check “Use a Master password” and enter the password twice.

Note: Here’s a weird case of false positives. According to VirusTotal, 27 out of 41 antivirus detects PasswordFox as hacktool/trojan but NONE detects FirePasswordViewer as a threat. Now both tool does the same thing, do you think that PasswordFox is infected or a false detection? To me, PasswordFox is a tool that’s more likely to be used by hackers because it can be ran with a command line using a backdoor trojan while the user is using the computer and he won’t know a thing about it. As for FirePasswordViewer, the hacker would have to run the program, click the Show button and then Export the results. You should read about what Nir Sofer has to say about the false detection on his programs.

I’ve played Master of Defense game before and it’s very addictive. I just kept on playing non-stop! I played Master of Defense few months back and today I found another similar game, a Macromedia Flash based Tower Defense game inspired by Elemental TD for WarcraftIII.

The aim of the game is to kill the creeps before they reach the end of the maze, do this by building attacking towers on the grass around the maze.


To build a tower click on it on the right hand side then click on the map where you want it to be built. Once built you can clock on towers to upgrade or sell them. To get a high score keep as much of your gold in the bank as possible, at the end of each round you earn interest on the gold in the bank.

This game is FREE. You only need to make sure you have Flash player for this game to load in your browser. If you love this game, do leave a comment and I might just put out “Master of Defense” which I finished few months ago!

[ Play Tower Defense ]

Back when I was using Windows 98 and XP, codec pack is the first thing that I will install after completing the driver installation. These codecs are required to play downloaded videos and sometimes even audio files or else you might end up hearing the sound but no video and vice versa. The only codec pack that I used before is K-Lite Codec Pack and I never had any playback problems with it. As for now, I have not installed any codec packs ever since I started using media players such as VLC media player and KM Player that has built-in codecs. Moreover most of time I watch downloaded videos in my WD TV Live player and not on my computer so there is no reason that I need to install any codec packs on my computer.

What I’ve learned last time was codec packs are very sensitive. After installing it and if it works perfectly, just leave it as it is and there is no need to update the codec pack. Reinstalling codec packs because of some playback problems may not even be advisable. You should probably try to use a tool called Codec Tweak Tool to scan the registry to detect and remove broken references to codecs and filters first.


Actually Codec Tweak Tool is already included in the K-Lite Codec Pack. If you don’t have K-Lite Codec Pack, then you can just download this portable and free tool to help you detect and remove broken codecs and filters. It comes with a very simple and straight forward user interface with a couple of buttons such as Fixes, Reset settings, Various tweaks, Backup settings, Manage DirectShow filters, Manage source filters, Thumbnail settings, Generate log, Speaker configuration, DirectShow filter configuration, Restore settings and Manage ACM/VFW codecs.

Most of the buttons there will probably confuse you if you are not familiar with codecs. So the best option to attempt fixing codec problems is to click the first button “Fixes” followed by detect and remove broken VFW/ACM codecs and DirectShow filters. Do not worry if some of the buttons in Codec Tweak Tool are grayed out or disabled. It merely meant that there is nothing to configure for that section.

Download Codec Tweak Tool