Technology Vault - NewsBytes

Monday 29 September, 2003

Nforce Remix drivers and AOpen new Nforce 2.64 drivers by @ 10:46 am

Driverheaven has posted a link to a new mixed set of Nforce drivers made up by mwarhead. Mwarhead says: So why this release??? Aopen leaked a Nvidia Nforce driver set version 2.62. I examined the drivers and found that the Ethernet driver was actually older so I left the 3.39. The Gart, the SMBus, and the Memory controller were the same. The IDE In the Box driver is newer, can't tell you whats new about it other then Nforce 3 support, which may or may not work with my 2k ide driver as I don't have nforce 3 to test it on. The audio driver is also newer, but does not seem to work with the control panel. To fix this problem I have merged part of the 3.62 with the 3.48.

You can download these remixed drivers from HERE

AOpen has also released a new set of Nforce drivers today version 2.64. You can download them from HERE, thanks to Warp2Search for the heads up with this news.

All in all, it can't be long before Nvidia release an official newer version on their website. It's been a while now.

Bootvis pulled by Microsoft by @ 10:25 am

Microsoft have pulled all links to their Bootvis.exe utility for Windows XP. Microsoft now tell us that the utility does not improve boot/resume performance. Most odd because I've used Bootvis on many occasions and found it speed things up alot.

The guys/gals at Tweakhound also think it does and have posted some examples to prove it.

Then why have Microsoft pulled it? Who knows. I will say that I had downloaded the updated version a few months back and found it crashed my computer when it tried to boot up. I went back to the older version and it continued to optimize my system without any problems.

Microsoft tells us: Please note that Bootvis.exe is not a tool that will improve boot/resume performance for end users. Contrary to some published reports, Bootvis.exe cannot reduce or alter a system's boot or resume performance. The boot optimization routines invoked by Bootvis.exe are built into Windows XP. These routines run automatically at pre-determined times as part of the normal operation of the operating system.

OK then, what the hell was it then?

You can read the full text (but not find the Bootvis.exe file) HERE

I keep a back-up of my system using Nortons Ghost and found this utility a must to put the files where they should be on my disk for the fastest possible boot-up. I really don't understand why Microsoft have made this decision. Most odd.

Mozilla Thunderbird 0.3 RC by @ 9:57 am

Mozilla Thunderbird 0.3 release candidate is available for download. Just rename yor Thunderbird folder in program files (if that's where you have put it) and place the new build in it's place. Once your happy with the set-up, you can delete the old build.

The latest build 0.3 is available HERE

Mozilla tels us: Mozilla Thunderbird is a redesign of the Mozilla mail component. Our goal is to produce a cross platform stand alone mail application using the XUL user interface language. Our intended customer is someone who uses Mozilla Firebird (or another stand alone browser) as their primary browser and wants a mail client based on mozilla that "plays nice" with the browser. In addition, by focusing solely on stand alone mail, we believe we can make some dents in the overall footprint and performance of the mail client by removing components and chrome we don't need. On top of that, the UI becomes much cleaner as a stand alone application as opposed to being part of the mozilla suite.

CLICK HERE to visit the Thunderbird website.

Wednesday 24 September, 2003

Things look bad for Nvidia by @ 8:00 pm

Anantech have posted a report on day 2 of Computex. They tell us:

ASUS will be announcing the worldwide launch of ATI-based video cards. Add to that the mixed feelings on nForce3 and the fact that MSI, NVIDIA’s largest OEM and retail channel graphics manufacturer, is considering a move similar to ASUS, things look bad for NVIDIA.

CLICK HERE to read the full report at Anandtech.

Tuesday 23 September, 2003

Grisoft adds Swen Virus Removal Utility by @ 9:10 pm

Grisoft has added an I-Worm/Swen virus removal tool on their website. Grisoft says:

Please run the rmswen.exe healing utility for I-Worm/Swen virus infection removing. Save this utility on your HDD and run it.
Infection will be removed and your registry will be repaired.
When the utility stops, please reboot your computer and run the AVG Complete test to ensure that your computer is virus free.

Grisoft now host a range of single virus romoval tools and have handbooks to help you remove each virus. You can visit the page HERE

You'll find utilities for Win32/Valla.2048 I-Worm/Bugbear, Win32/Dupator, Win32/Elkern, I-Worm/Ganda, VBS/Iloveyou, I-Worm/Lovgate.C, I-Worm/Navidad, I-Worm/Nimda, I-Worm/PrettyPark, I-Worm/Sircam.A, I-Worm/Happy99, W95/Space.1445, I-Worm/Verona.B and now I-Worm/Swen. Very useful.

AVG Update by @ 9:00 pm

Grisoft have a new definitions update for both AVG6 free and AVG7.

This update adds detection of Worm/Capside and new variants of I-Worm/Gotit, I-Worm/Lovgate, Worm/Spybot.

The file size was 28kb and a restart is not required.

Friday 19 September, 2003

Virus Alert: W32.Swen.A@mm or W32.Gibe.B@mm by @ 11:06 pm

You are advised to keep a lookout for emails that claim to be Microsoft Critical Updates. The email may come with the title "Microsoft Internet Update Pack", "Microsoft Critical Patch" or "Newest Security Update". The email has an .exe attachment.

The Text in the email may read something like this:
--------------------------------------------------
Microsoft Customer

this is the latest version of security update, the
"September 2003, Cumulative Patch" update which resolves
all known security vulnerabilities affecting
MS Internet Explorer, MS Outlook and MS Outlook Express
as well as three new vulnerabilities.
Install now to maintain the security of your computer
from these vulnerabilities, the most serious of which could
allow an attacker to run code on your computer.
This update includes the functionality of all previously released patches.

System requirements: Windows 95/98/Me/2000/NT/XP
This update applies to:
- MS Internet Explorer, version 4.01 and later
- MS Outlook, version 8.00 and later
- MS Outlook Express, version 4.01 and later

Recommendation: Customers should install the patch at the earliest
opportunity.
How to install: Run attached file. Choose Yes on displayed dialog box.
How to use: You don't need to do anything after installing this it"
-------------------------------------------

One of the names this virus uses for the exe attachment is Qnfje.exe.

We suggest:
1. Do not click on the attachment.
2. Make sure you have installed the latest critical updates from the WINDOWS UPDATE WEBSITE
3. Delete the email.
4. Make sure your antivirus and firewalls are up to date.

Microsoft never sends customers critical updates through email.

The W32.Swen.A@mm or W32.Gibe.B@mm worm uses its own SMTP engine to spread itself and attempts to kill anti-virus and personal firewall programs running on a computer. Swen/Gibe is also capable of exploiting a known Internet Explorer vulnerability to spread via peer-to-peer networks like Kazaa and IRC. The virus, which was written in C++, auto-executes the e-mail attachment on vulnerable computers by exploiting a known Microsoft vulnerability (MS01-020).

You can CLICK HERE to learn more about MS01-020 and to download the patch.

We used a small section of text from www.internetnews.com where you will find more information about this virus.

Wednesday 17 September, 2003

Update, update, update by @ 9:57 pm

First up, AVG6 and 7 have definitions updates. They have added detection of Worm/Richi and new variants of I-Worm/Yaha, I-Worm/Vote.

No.2 is an update for Windows Media Player 9 Series. Microsoft says: When you stream files from a Windows Media Services 9 Series server, you may notice a delay of five or six seconds when you switch between files. This wait may be an undesireable user experience. CLICK HERE to get your version of the patch file and read the full details.

Next up, Spyblaster has about 7 new bits of spyware added.

Lavasoft have updated the definitions file of Ad-Aware 6.

Humus has finished RenderMonkey version 1.0 final. Here's the low down on it. ATI says: This is the first full release of RenderMonkey version 1 for the DirectX 9.0 platform. This release has been tested with the Catalyst 3.6 drivers from ATI and the DirectX 9.0b runtime from Microsoft. Please ensure both of these (or a more recent release) are installed before using RenderMonkey.

What's New
RenderMonkey has undergone a major rewrite since the V0.9 beta release. These changes have greatly improved the stability and usability of RenderMonkey and also provided a much more developer friendly framework for the introduction of the RenderMonkey SDK.
CLICK HERE for the full list of fixes and download links.

That's about it for another night. I'll bring you more as and when. These updates are like busses, you can wait for hours, nothing.... then they all come along at once;-)

STOP PRESS: Just about to check my email for the last time and up pops Zonealarm personal firewall with an update. ZoneAlarm Free 3.7.211 is available for download and has a security threat fix and performance improvements. What a busy night I've had. Nighty night!!

Sunday 14 September, 2003

Be a 'hi-tech' Wincey Willis! by bluetracker @ 2:12 pm

Thanks to forum member Tone for providing the 'heads up' on this one.

Mailinator instant email by @ 2:46 am

What a good idea. Have you ever gone to a website that asks for your email for no reason (other than to spam you later)? This is where Mailinator comes into it's own.

Mailinator says: Have you ever needed an email .. NOW? Have you ever gone to a website that asks for your email for no reason (other than they are going to sell your email address to the highest bidder so you get spammed forever)?

Welcome to Mailinator(tm) - Its no signup, instant email. Here is how it works: You are on the web, at a party, or talking to your favorite insurance salesman. Whereever you are, someone (or some webpage) asks for your email. You know if you give it, you'll be spammed. On the other hand, you do want at least one email from that person. The answer is to give them a mailinator address. You don't need to sign-up. You just make it up on the spot. Pick jonesy@mailinator.com or bipster@mailinator.com - pick anything you want (up to 15 characters before the @ sign).

Later, come to this site and check the email for that account. Its that easy. Mailinator accounts are created when mail arrives for them. No signup, no personal information, and when you're done - you can walk away. The emails will automatically be deleted for you after a few hours.

Let'em spam you!!

CLICK HERE to visit the Mailinator website.

Saturday 13 September, 2003

FutureMark Slashes it's benchmarks by @ 8:33 pm

We have all read the news stories about the driver cheats and the comments about it not being a proper benchmark, well FutureMark have now slashed prices on it's benchmarking programs.

Here are the new prices:

- 3DMark03 Pro Download: $19.95
- 3DMark03 Pro CD-ROM: $29.95 + shipping and handling
- 3DMark03 License Upgrade Download: $14.95

- 3DMark2001 SE Pro Download: $14.95
- 3DMark2001 SE Pro CD-ROM: $19.95 + shipping and handling

- PCMark2002 Pro Download: $19.95
- PCMark2002 Pro CD-ROM: $29.95 + shipping and handling
- PCMark2002 Registered: $8.95

- Benchmarkers Pro Pack: $49.95 + shipping and handling (3DMark03 Pro, 3DMark2001 SE Pro, PCMark2002 Pro)

- Platinum Suite: $429.80 + shipping and handling (3DMark03 Pro, PCMark2002 Pro, SYSmark2002, WebMark2001)

(All prices in United States Dollars. Taxes and any other possible statutory costs are not included)

User who have already bought software will be getting an email.

Here is part the official press release from FutureMark: To further enhance the momentum, Futuremark is slashing the retail prices of its popular professional 3DMark03 and PCMark2002 benchmark suites, to $19.95 each. Said Tero Sarkkinen, Executive Vice President at Futuremark Corporation: "We are responding to customer feedback; the additional features of the professional versions are very useful and valuable to our customers. By lowering our prices, we enable more users to take their benchmarking to a professional level, and at the same time improve our own bottom-line financial results."

Online banking Customers subjected to e-mail fraud! by bluetracker @ 7:56 am

SpywareBlaster version 2.6.1 (program update) by @ 7:34 am

SpywareBlaster doesn't scan and clean for spyware - it prevents it from ever being installed.

By setting a "kill bit" for spyware ActiveX controls, SpywareBlaster can prevent the installation of any spyware ActiveX controls from a webpage. It does this while not interfering with "friendly" ActiveX controls - so your browser can work correctly and you can have peace of mind!

You won't get any more annoying "Yes/No" boxes popped up, asking you to install a spyware ActiveX control (which can increasingly be found in pop-up ads!). In fact, Internet Explorer will never even download or run the spyware ActiveX control!

In addition, SpywareBlaster can prevent many of these spyware ActiveX controls from running, even if they are already installed on your system.

The newest SpywareBlaster version can even block spyware/tracking cookies! And SpywareBlaster does not need to be running in the background to provide this protection!

The SpywareBlaster database contains information on these known spyware Active-X controls. Make sure you run the Check For Updates feature frequently to get the latest database! (And make sure you check the new items to protect your system against them!)

SpywareBlaster also provides the exclusive System Snapshot! - Take a snapshot of your computer in its clean state, and use System Snapshot later to revert many changes made by spyware and browser hijackers!

SpywareBlaster System Snapshot works a lot like Microsoft's System Restore for Windows ME/XP - however it exclusively targets items used by spyware and browser hijackers to embed themselves into your system - so you can get the results you want: a spyware-free system. It provides the following benefits:

- Only targets items used by spyware and browser hijackers to embed themselves into your system - so you can get the results that you want: a spyware-free system
- Detects changes and additions - and alerts of both on a restore operation
- Provides a list of changed/added items - so the user has full control over what will be restored
- Covers hundreds of items - including the most popular areas altered by browser hijackers and spyware, as well as many currently un-tapped areas
- And much much more!

SpywareBlaster is free. If you like the program, all the author asks is that you make a small donation to help with the costs of running the site.

CLICK HERE to visit the SpywareBlaster website.

AquaMark3 - The Reality Benchmark by @ 6:41 am

The long awaited AquaMark3 will be released on Monday 15th September 2003.

We are told: We are proud to announce the release of our long-awaited benchmark AquaMark3 – The Reality Benchmark for September 15, 3:00 pm GMT. And before you ask: yes, the swatch beat countdown has been set to indicate the time to go.

AquaMark3 is the first commercial benchmark offering both: a real world DirectX 9 game engine and free access to an online database, the AquaMark Result Comparator ARC. It is based on Massive Development’s multi platform krass™ Engine, a real life game engine used by AquaMark2.3 and games like subwater action shooter AquaNox, AquaNox2: Revelation and the upcoming strategy hit Spellforce.

The basic application will be available as a free download on a large number of mirror sites around the world. This version supports the AquaMark TRISCORE™ benchmark test and free online access to the ARC.

The AquaMark online shop will offer a range of extended versions for private as well as for commercial use. All of these licenses contain the capability to check the customer’s system extensively. They also comprise a wide range of unique features like pixel rate tests and pixel shader complexity tests.

Keep your eyes peeled on the download page for the list of mirrors on the Aquamark Website

TVTool Updated to 8.3 by @ 6:33 am

TVTool has been updated to version 8.3. HOT tells us: The TVTool context menu function, which is one of the most popular features, has been improved significantly in version 8.3. Now this function has its own tab, which allows the configuration of 5 movie players. Also the 768x576 mode was added for the SAA7102 and 7108, and the TV detection can be forced now.

Those who have purchased TVTool will recieve an email with a link to download the latest version.

TVTool is a program that makes it easier to use the TV-Out function on most nVidia graphics cards.

Windows Update by @ 6:24 am

Impact of vulnerability: Three new vulnerabilities, the most serious of which could enable an attacker to run arbitrary code on a user’s system.

The fix provided by this patch supersedes the one included in Microsoft Security Bulletin MS03-026 and includes the fix for the security vulnerability discussed in MS03-026, as well as 3 newly discovered vulnerabilities.

Technical Details:
Remote Procedure Call (RPC) is a protocol used by the Windows operating system. RPC provides an inter-process communication mechanism that allows a program running on one computer to seamlessly access services on another computer. The protocol itself is derived from the Open Software Foundation (OSF) RPC protocol, but with the addition of some Microsoft specific extensions.

There are three newly identified vulnerabilities in the part of RPCSS Service that deals with RPC messages for DCOM activation— two that could allow arbitrary code execution and one that could result in a denial of service. The flaws result from incorrect handling of malformed messages. These particular vulnerabilities affect the Distributed Component Object Model (DCOM) interface within the RPCSS Service. This interface handles DCOM object activation requests that are sent from one machine to another.

An attacker who successfully exploited these vulnerabilities could be able to run code with Local System privileges on an affected system, or could cause the RPCSS Service to fail. The attacker could then be able to take any action on the system, including installing programs, viewing, changing or deleting data, or creating new accounts with full privileges.

To exploit these vulnerabilities, an attacker could create a program to send a malformed RPC message to a vulnerable system targeting the RPCSS Service.

Microsoft has released a tool that can be used to scan a network for the presence of systems which have not had the MS03-039 patch installed. More details on this tool are available in Microsoft Knowledge Base article 827363. This tool supersedes the one provided in Microsoft Knowledge Base article 826369. If the tool provided in Microsoft Knowledge Base Article 826369 is used against a system which has installed the security patch provided with this bulletin, the superseded tool will incorrectly report that the system is missing the patch provided in MS03-026. Microsoft encourages customers to run the latest version of the tool available in Microsoft Knowledge Base article 827363 to determine if their systems are patched.

Affected Software:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server® 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003

To download the patch CLICK HERE

Friday 12 September, 2003

.EU Web domain name registration warning! by bluetracker @ 7:57 pm

AVG Updates by @ 3:26 am

Grisoft have released a number of new program and definitions updates for both AVG6 free and AVG7.

Program Update AVG 7.0 - 7.0.175
Program version 7.0.175 includes several modifications and improvements. These include a decreased load on slower systems (such as those running Windows 95), an improved update process and support for remote administration using AVG TCP Server.

Update AVG 7.0 - AVI 260.1.0
Added detection of I-Worm/Zush, I-Worm/Nolor, I-Worm/Miniman, I-Worm/Lehs and new variants of Worm/Randex, Worm/Raleka.

Update AVG 6.0 - 518
Added detection of I-Worm/Zush, I-Worm/Nolor, I-Worm/Miniman, I-Worm/Lehs and new variants of Worm/Randex, Worm/Raleka.

With the program update of September 8, AVG 6.0 now supports smaller update files! AVG 6.0 customers will benefit because of the quicker distribution and download times of the new updates. In order to take advantage of the smaller update files, your system must be on version AVG 6.0.516 or higher.

Keep your pc safe and secure, check for updates daily.

Tuesday 9 September, 2003

First Single-Chip Processor For Phones Running Advanced Wireless Data Networks by bluetracker @ 10:00 pm

Thursday 4 September, 2003

CATALYST 3.7 Driver released by @ 8:44 pm

Great news for everyone who has been waiting to see the next driver release from ATI, version 3.7 of the Catalyst drivers has been released. Here are the details from the options screen.

Wednesday 3 September, 2003

Skype by @ 10:13 am

Make free unlimited free phone calls anywhere in the world with a new application from the makers of KaZaA which claims Superior sound quality that's better than your regular phone. Skype tells us: Skype is the next phenomenon from the people who brought you KaZaA. Just like KaZaA, Skype uses P2P (peer-to-peer) technology to connect you to other users – not to share files this time, but to talk and chat with your friends. The technology is extremely advanced - but super simple to use... You’ll be making free phone calls to your friends in no time!

Features include:
• Free unlimited worldwide phone calls to other Skype users
• Superior sound quality - better than your regular phone
• Works with all firewall, NAT and routers – nothing to configure!
Friends list shows you when your Skype friends are online and ready to talk or chat
• Super-simple and easy to use
• Your calls are encrypted “end-to-end” for superior privacy
• Based on cutting edge peer-to-peer technology developed by the creators of Kazaa and Joltid.

CLICK HERE to visit the Skype website.

Everyone knows that KazaA was stuffed with adware/spyware and many users switched to KazaAlite which had all the nasty bits removed. At the time of writing, I do not know if this new software contains Similar tracking software and a brief look at the terms and conditions of use doesn't throw any light on this subject. If you do decide to use this software, be aware that it may contain new items of spyware that spyware removal tools like Ad-Aware may not yet have covered as it has only been released in the last few hours.

All in all, it looks like a very good free product. But the proof of the pudding is in the eating. Please use the forums to discuss this new program.

Monday 1 September, 2003

Spywareblaster Update by @ 9:05 pm

SpywareBlaster version 2.6.0 also has an update available today dated 01/09/2003. The file size is around 150kb. Make sure you tick all items and then press the 'protect all marked items' button.

SpywareBlaster doesn't scan and clean for spyware - it prevents it from ever being installed.

How? By setting a kill bit for the CLSIDs of spyware ActiveX controls, it prevents the installation of any of them from a webpage. You can run Internet Explorer with Active-X enabled, but you will never even get a Yes/No box popped up, asking you to install a spyware Active-X control (Internet Explorer will never download or run it!). All other Active-X controls or plug-ins will work fine.

The SpywareBlaster database contains information on these known spyware Active-X controls. Make sure you run the Check For Updates feature frequently to get the latest database! (And make sure you check the new items to protect your system against them!)

As a side benefit, setting this kill bit will also prevent the spyware Active-X from running, in many cases, if it is already installed on your system.

Ad-Aware Update by @ 9:00 pm

Lavasoft have released an update to Ad-Aware 6 build 181.
Reference file 01R215 01.09.2003 is available for download. Just press the update button on your Ad-Aware to automatically download and install the update.

It's Demo season by @ 8:42 pm

The folks over at Scene.org have all the results and releases from the Evoke Zoo3, Pilgrimage 2003, Cafe 2003 and Buenzli 2003 demoscene parties.

My favourite is the first place winner at Evoke Zoo3. It's called 'Weltenkonstrukt' and continues the success of Smash design who bought out adrenalin and Darkstar. The demo takes you through a plaza in Cologne (I think). The attention to detail is stunning. Every brick, ivy leaf even a rain water gutter hidden from view down a car ramp is made up of photo realistic 3D graphics. Unfortunately, I cannot show you a screen shot as the print screen key has been disabled. You will have to download it and see for yourself. Oh, forgot to tell you, it's not just a demo that runs from start to finish, it's fully interactive as well. You can use your mouse to do a bit of virtual shopping or sight seeing. It's breath-taking.

You'll find a bugfixed version of 'Weltenkonstrukt' HERE on the list at screen.org.

Windows Update by @ 8:30 pm

Microsoft have updated the engine that runs Windows Update. It's still version 4 of Windows Update but when visiting and checking for updates, you are asked to install the new component. Just out of interest, no new updates were available at the time of trying. The update was dated 26th August 2003.

AVG Update by @ 8:27 pm

Grisoft have released updates for both AVG6 (free) and AVG7 tonight. Grisoft says that this update adds detection of Worm/Raleka, Worm/Franvir and new variants of Worm/Lovsan, Worm/Spybot, Worm/Rootbot, Worm/Randon, trojan IRC/BackDoor.SdBot.

The file size for AVG7 users is 266kb