System Restore Explorer is small, freeware tool that allows you to view and delete specific Windows system restore points. This is a handy way to clear up some disk space without wiping out all of the restore points since previously the only built in option we had was either all or none.

However, the best feature is that it allows browse and copy individual files inside the system restore points, without performing a full system restore.

This application only works in Windows Vista and Windows 7.

Screenshots

Viewing the list of available restore points to Mount or Delete.

Browsing inside a mounted restore point.

Download

Download from Official Site (search for “download it here”) – 840kb

Guest Post by Marco Rodi: Marco Rodi owns an IT Engineering university degree. He has his own computer repair business (OrdiRodi) that mainly does Apple Support.

So you receive a call from a client saying “My hard drive just crashed!!” or “I just bought a new Mac and I need to transfer all my information” or even “I want to clear my hard drive and do a clean installation”.

As a professional, you need to know exactly what to do to perform a perfect backup and reinstall. You don’t want to lose a client’s files or preferences. The client wants to have the exact same thing as before: their beautiful Mac, up and running again. They do not want to call you back and say: “Hey! I don’t have my music in my iTunes anymore!”, “Where are my bookmarks?” or “How come my icons are smaller?”.

Here are the steps to perform a perfect backup and reinstall on OSX using Time Machine.

To activate Time Machine, simply open your System Preferences. And click on the Time Machine icon.

Click on “Select Disk”.

Choose your external drive and click on “Use Backup Disk”.

Time Machine will copy everything (OS, Software, Files, and Preferences) to the external hard drive. So when you will reinstall the OS, you can restore everything from that backup.

Once everything is backed up, we need to clear and format the new hard drive. To do so, you need to have a copy of the OS that you need to install (Snow Leopard or Lion). It can be on either CD or USB, it does not matter.

Shutdown the computer and insert your bootable device into the client’s Mac.

Boot the Mac while holding the “Option” key (ALT key if you are using a non-Apple keyboard). You will arrive on a window where you can choose a bootable device. Please choose your OS Installation (Either CD or USB).

You will then arrive at this window. Choose the language you want and press enter.

Click on Utilities and choose Disk Utility.

Select the drive you want to format to the left.

On the Erase Tab, use the “Format” Dropdown and choose “Mac OS Extended (Journaled)”.

Name your Hard Drive

Click the Erase Button.

It will then take some time to format the hard drive.

Once this is completed, you can close the Disk Utility window and start the installation. It will install the OS on your new hard drive.

Once the installation is complete, it will reboot and it will start from your newly installed OS.

At the beginning, it will ask you if you want to transfer your information.

Plug your external device with the Time Machine backup and select “from a Time Machine backup” at the “Do You Already Own a Mac?” stage.

It will transfer all the files and settings that Time Machine made a backup of back onto the Mac.

So that is it. You can let your client test the computer and confirm that everything is back to normal.

Here’s a rundown of the most important things I’ve been carrying around for a few years now. All of the items I’ve listed have been lifesavers in one way or another. For any software, I’ve included a link to download the ISO or title itself.

Hiren’s Boot CD – Hiren’s is not a sole piece program but instead a compilation of some of the most useful freeware utilities available to a computer repair technician. This disc is very similar to Ultimate Boot CD which I also find to be a necessity, but with the addition of two important pieces of software: Offline NT Password Changer and Mini Windows XP.

The former allows you to reset nearly any user password on a Windows system old and new (NT through 7) and the latter is a WinPE-powered edition of Windows XP that runs as a Live CD. It’s extremely useful for quickly backing up customer data from a hosed Windows installation. You can also use it to test out hardware that may be questionable in condition, like wireless cards, outside of a client’s local Windows installation. There have been discussions surrounding the legality of Hiren’s Boot CD, but since about version 13 of the disc, they have removed all of the shareware or commercial software that caused controversy.

Ultimate Boot CD – This disc is similar to Hiren’s which I talked about above, but does have some different hardware utilities that aren’t necessarily found on the former. The reason I keep this in my arsenal is because, even when there is overlap in software with Hiren’s, at times programs do not load correctly and just hang on Hiren’s. When this happens, you have no choice but to give the programs a try off UBCD.

This product has been in development for quite a few years, and was actually the first utility live cd that I ever used. It may not be as expansive as Hiren’s, but for what it offers, it’s a bullet proof tool that should be in your onsite CD collection.

CCleaner – If there was one Windows-based tool I could not live without, it would be CCleaner. This little tool is completely free and constantly updated for more functionality. It’s a swiss army knife for cleaning off temp files from a system; fixing broken/missing registry entries; and providing a fast central location for uninstalling all programs on a machine.

It also happens to have a clean startup list manager which allows you to trim down unwanted junk that loads on many of the PCs you work on for clients. I’ve been using this tool for years and have yet to be let down. Give it a try if you are still (*sigh*) using the Windows built-in tools for doing similar functions.

Reversible Flathead & Philips Screwdriver – The reversible Philips/flathead screwdriver is probably the single most used piece of hardware in my toolbag. Nearly every computer case uses a mix of large and small screws, all of which can (generally) be handled with this wonder of a tool. It saves space because it includes reversible bits that cover large and small screw types for each variety. A wise investment and a near necessity for any proper computer tool bag.

Inline Network Cable Tester – While a traditional network cable tester works fine, the level of detail and information afforded by something like a Fluke NetTool device is unparallelled. This device allows you to check a multitude of aspects of any Cat5/Cat6 cable or jack such as proper crimping, proper punchdown, continuity, and passthrough functionality of an entire cable itself.

I happened to pick up a Series I NetTool on ebay a few years back and consider it well worth the $300 USD or so that it cost me. Don’t bother spending the $1000+ USD on a new device – these puppies are built like tanks and generally last a long time. Save yourself time when dealing with network cabling & jacks and consider an inline cable tester.

Utility Knife – Brand or make does not matter as much here. There is so much competition for these knives that I merely recommend you have some sort of utility knife in your toolbag. I happen to carry around a Leatherman as I prefer their higher quality, but the choice is yours. These knives are very handy in cutting open boxes onsite, cutting cabling, assisting with smaller sawing tasks, and general everyday nuances that you come across onsite.

Trying to replicate the functions of a single utility knife across separate tools would be both a money waste and space loss. Plus, you can carry one of these in your pocket when you are onsite without having to lug a toolbag all over to handle separate tools.

Tape Measure – Who’s to say when you will need to get measurements of a short distance or when scoping out a job? I use one of these to measure boxes I may need to ship, as well as how long of a cable I’ll need for any type of installation. They are handy, accurate, and you can even get ones in different shapes that offer advanced features like lasers and the like. My recommendation is to stay with something cheap (but not the cheapeast) as to keep thieves at bay.

2 Gallon Air Compressor - Before I get emails from people asking me how I fit this in my toolbag, I’m going to say up front that I simply do not. It’s a companion tool that travels alongside my toolbag to most customer locations, and beats compressed air for cleaning out dust by a longshot. Not only does it provide for MUCH greater pressure, but it saves money in the long run.

For 5-7 packs of compressed air, you could instead purchase a small portable air compressor. My unit is a 2 gallon device and serves me well. Customers are impressed with the professionalism of having such a device, and truly cleans a PC better than any small can ever did. Works great on laptops too!

Floppy Disks & USB Floppy Drive – Call me crazy, but as a PC tech, you NEVER know when you will run into a situation that needs one or both of these items. I needed to use a USB floppy drive just this week. Many older PCs and servers made before 2004 still (sadly) require floppies to perform BIOS updates. I keep a pack of brand new floppies in my bag, along with a USB floppy drive that has a single disk loaded in at all times. You will be hardpressed to find new packs of floppies in any store, but online sites like Ebay still carry them in plentiful quantities for cheap.

USB IDE/SATA HDD Adapter – Don’t get caught onsite without one of these. I happen to use a Bytecc combination adapter, but there are many different types on the market today. This tool can be used to connect any IDE or SATA hard disk to a machine of your choice, whether it be for emergency virus removal or worse yet – data recovery.

Whatever the purpose, this little tool costs under $50 USD generally and is light enough to be stuffed into a side pocket of any toolbag. For my office, I have a HDD caddy that performs the same functions, but offers a drop-in bay for the hard disk drive itself. Costs a bit more, but great if you are doing a lot of workbench based virus removals or data recovery.

LED Flashlight – Cheap, portable, and super effective in low light situations. There’s no reason anymore to debate about carrying around police-quality Maglites. These LED powered flashlights that have become quite common over the last few years are just as powerful for directed-light situations that need just a small surface illuminated. Batteries last a long time in these flashlights so don’t worry about the need to keep spares on hand. Any hardware store should have a variety to choose from.

In this article you will learn all the most important boot shortcuts on a Mac. We’ve all been there. The client is there, you boot their computer and the screen just hangs there. No OS. You sometimes see the grey apple logo, sometimes it’s all white and sometimes you see nothing at all. You absolutely need to know which key to press in order to repair the Mac. Enter the Apple Mac boot shortcuts.

To make these boot shortcuts work, the computer needs to be shutdown and you need to press/hold these keys while booting the computer.

C

Sometimes, the Mac is not programmed to automatically boot from a CD. This allows you to boot directly from the CD.

Option

By far, the most useful shortcut that will tell if the computer has a hard drive failure or a motherboard corruption. When you hold option at start, it will detect all the bootable devices in the Mac such as the CD, Hard Drive, External USB and External FireWire. You can then choose which devices you want to boot from. This is perfect if you want to boot from an external USB/FireWire.

D

All Apple Computers come with an Hardware Test CD. When you hold D, the cd needs to be already inserted. It will boot Apple Hardware Test which is an incredible powerful tool that will make a precise diagnostic on your client’s computer about any form of hardware failure: RAM, hard drive, motherboard etc.

Option – Command – P – R

This combination will reset the NVRAM and PRAM of your client’s computer. What does it mean? It will reset all the default settings on the motherboard or built in features including: Serial Port Configuration, Clock, Volume, Double-Click time, Virtual Memory, RAM disk, Mouse Speed, Application Font, Alarm Clock, Monitor Color Depth, Startup Disk and Serial Printer location. This is often done if your client’s machine boots into a weird pink color. To do this NVRAM/PRAM reset, your need to hold the keys when you boot your client’s Mac. Hold down the keys until the computer restarts with the startup sound the second time.

Hold the mouse or trackpad button

This will eject all the removable media plugged to your Mac. (Cd, USB, Firewire etc.) This is perfect if the CD is stuck inside and the keyboard is not working or if the Mac tries to boot from an unknown external device.

Command-S

This will boot the machine in Single-User mode. It is a UNIX-like interface where you can enter many simple commands to troubleshoot the machine. This is mainly popular with the use of “fsck ” to check the computer disk permission.

Command-V

This starts the Mac in Verbose Mode. You will see all the descriptive text of all the boot steps, similar to Windows’s Safe Mode. If the computer freezes on startup, you can see where it will freeze.

T

This puts the Mac in Target Mode. It will transform the Mac into a giant Firewire external drive. You can access the files from another computer. Perfect if you need to repair a corrupted hard drive or backup files.

Shift

This will start the Mac on a safe boot. It will disable all the login items, all the non-default fonts, disable all the cache and it will force a directory check.

If you are still unable to enter the system or at least see the grey Apple logo at the beginning after using these shortcuts, the problem is most likely going to be a motherboard corruption.

Computer technicians know all too well of the security threats in the cyber world. Virus and malware removal is usually on the most in-demand services for computer repair businesses, especially companies that service residential PC’s. Technicians who service small businesses know the importance of securing networks, configuring firewalls, spam filters, frequent software patches, and virus definition updates in order to keep the vulnerabilities of the computing environment at a minimum.

There are a number of hardware and software tools that are designed to create a “secure fortress” of protection, with their main goals to keep the bad guys from infiltrating a system and malicious software from taking over. While these tools are necessary, there is one element that they still can’t protect – the human element. A solid fortress of hardware protection, updated anti-virus, and long cryptic passwords won’t do any good if you simply give the bad guys (or girls) the information they are looking for.

Social engineering is one the biggest threats (if not the biggest threat) to computer security, whether in residential or business environments. If computer technicians are to properly secure a computer system or network, they must know about social engineering and how to mitigate the attacks.

What is Social Engineering?

Social engineering is the process of gaining information through human, interpersonal, behavioral, and psychological means. There are two classifications of social engineering: technology based and human based. Technology based social engineering is when a user is deceived via a computer or device, usually through software, into believing something is real when it is not. Human based social engineering is when people are deceived or coerced by human interaction. Human based attackers normally impersonate a legitimate role to gain access to information; for example by impersonating an IT support technician, an attacker may easily be able to get past the front desk of an office and even gain access to the server room.

Whether technology based or human based, social engineering takes advantage of the human condition. Attackers manipulate people into providing sensitive and personal information by gaining their trust, deception, and playing off of human psychological and emotional factors. They use curiosity, fear, accomplishment, economic duress, economic gain, the desire the help people, and friendship, to name just a few, in order to easily extract information from the victim. Many times the victim will be totally unaware that they are being attacked or have been attacked. Social Engineering is akin to conning people.

A con-artist and a social engineer have very similar traits, although social engineering can be used for good purposes also, such as ethical hacking, penetration testing, security audits; and in non-technical environments, such as doctors trying to get information for a correct diagnosis, law enforcement asking certain questions in search for the truth (or a confession), and parents trying to connect with their children through discipline or teaching. Social engineering is not always a bad thing, and can be applied to all those situations and more. We, as security conscious computer technicians, however, need to make sure we are aware with the dark side of social engineering.

The Social Engineering Framework

The social engineering framework website provides a wealth of information regarding the art of social engineering. They provide resources and information regarding what they call the social engineering framework, which in summary contains the following:

• INFORMATION GATHERING: Doing your homework! Researching as much about the mark as possible in order to become as believable as possible.
• ELICITATION: The process of extracting information or data from people.
• PRETEXTING: The act of creating an invented scenario to persuade a targeted victim to release information or perform some action. (Source)
• PSYCHOLOGICAL PRINCIPLES: Using human nature, psychology, and emotions to your advantage.
• INFLUENCING OTHERS: Persuasion tactics.
• SOCIAL ENGINEERING TOOLS: The website has a social engineering toolkit that includes a software program based on Metasploit with pre-defined templates used for security audits. Also explains the use of other technical tools of the social engineer.

Typical Attacks

• Pretexting: Mentioned above.
• Phishing: Many times in the form of pop-up windows and fake websites
• Voice/IP/CallerID Spoofing: Using a well known or familiar voice or caller ID in order to gain instant trust.
• Baiting: Leaving a flash drive containing malicious code in a public place, such as a hallway, bathroom, office floor, etc. Human nature is curious and many people will insert the flash drive to see what’s on it. especially if it has a label such as “financials,” or “contracts.”
• Computer Viruses/Malware: Normally in the form of rouge software, such as fake-anti virus programs that look real and tell the victim to pay money for the program in order to delete the many viruses on their pc. Other social engineering viruses are distributed vial emails and intriguing attachments, especially if they are sent from hacked friend’s account.
• Dumpster Diving: Careless people will through away sensitive material in the garbage. There has been a lot of important and private information gathered form simply digging through the garbage.
• Shoulder Surfing: Secure passwords, PIN numbers, and personal information can easily be found by people looking over your shoulder. Many people are not aware that others are watching them or simply don’t secure their environments enough to prevent it from happening.

Payloads:The attacks can be technology based or human based, and so can the payloads. The malicious scripts placed on computers as a result of a successful social engineering attack can take the form of: Rootkits, Backdoors, Keyloggers, Worms, and other Viruses that pass information from the victim to the attacker, many of them even giving the attacker direct access and admin rights of the victim’s computer. Human type payloads can be access to private or locked down environments, direct information gathering form the target, and simply the trust of victim, which can lead to the attacker getting quite a bit of information.

How to Mitigate Social Engineering Attacks

• Education is the number one tool for fighting social engineering attacks. People need to be aware of the threats if they are using the technology or are in a position where they need to protect private information (this doesn’t mean they are a security guard, it could even be a receptionist, or a regular home user). Many times storytelling and/or showing videos of social engineering tactics in action, both human-based and technology-based, are very effective.
• Password Management: Guidelines such as the number and type of characters that each password must include, password changing frequency, and a strict policy that employees should not disclose passwords to anyone, not even IT.
• Two-Factor Authentication: When applicable, using more than one factor for authentication, such as a password and a key fob.
• Anti-Virus/Anti-Phishing Defenses: Multiple layers of anti-virus defenses, such as at mail gateways and desktops, can minimize the threat of phishing.
• Change Management: A documented change-management process is more secure than an ad-hoc process.
• Document Handling and Destruction: Sensitive documents and media must be securely disposed of and sanitized.
• Physical Security: The organization/client should have physical security controls such as visitor logs, mantraps (to prevent piggybacking), monitor placement, privacy screens, etc.

Stats

Here are some interesting security stats that relate to social engineering.

• This article found on massachusettsnoncompetelaw.com states that a staggering 60% of employees interviewed admitted to stealing data of one sort or another when leaving a job. Some of the other statistics mentioned are:
  “Most common (61%) is old-fashioned theft of paper documents or hard files, followed by downloading information onto a disc (53%), onto a USB memory stick (42%), and sending documents as attachments to personal emails (38%). Interestingly, comparatively few employees ]were taking information by stealing BlackBerrys and laptops. Another quite alarming finding is that approximately 25% of the employees indicated that they were able to access data on a company’s network even after they had departed.”
• Another statistic from employeetheftsolutions.com states that 75% of employees steal from their companies and lists the top 10 most important things to employees, showing what they may be disgruntled about.


(Source)

• The U.S. Chamber of Commerce estimates that 75 percent of all employees steal at least once, and that half of these steal repeatedly. The Chamber also reports that one of every three business failures is the direct result of employee theft. According to the U.S. Department of Commerce, employee dishonesty costs American business in excess of $50 billion annually.
• In an IT security survey, 90% of office workers gave away their password in exchange for a cheap pen.
• People are usually the weakest link in the security chain.
• Social engineering is still the most effective method used to get around security obstacles.
• A skilled social engineer will often try to exploit this weakness before spending time and effort on other methods to crack passwords.
• An analysis for SANS estimated that nearly 10 million U.S. households own a computer that is infected with some type of keystroke logging program. Although not every PC user whose keystrokes are being logged has experienced financial losses the analysis estimates that organized-crime groups have access to roughly $24 billion in bank assets from accounts associated with the owners of infected machines.
• A study by Google researchers analyzing fake AV distribution found that up to 90% of all domains involved in distributing fake antivirus software used social engineering techniques: (Source)

What is a Rootkit?

A rootkit is a software program that enables attackers to gain administrator access to a system. On Unix/Linux system, this is called “root” access. Rootkits contain tools and code that help attackers hide their presence as well as give the attacker full control of the server or client machine continuously without being noticed. Sometimes they even cause typical malware type problems. I had a case where a browser hijack was being caused by a particular rootkit installed on the system. In this article, I will show you one way to remove a Rootkit from a Windows system.

“Rootkits are usually installed on systems when they have been successfully compromised and the highest level of access has been given (usually root) Some rootkits refuse to be installed until the attacker has root access, due to read and write permission to certain files. Once the system has been successfully compromised and the attacker has root, he\she may then install the rootkit, allowing them to cover their tracks and wipe the log files.”

A typical rootkit consists of the following utilities:

• Backdoor Programs – login backdoors, telnetd etc
• Packet Sniffers – Sniff network traffic such as FTP, TELNET,POP3
• Log-Wiping Utilities – Bash the logs to cover tracks
• DDoS Programs – Turn the box into a DDoS client (Remember trinoo?)
• IRC\Bots – Bots used to take over IRC channels (Lame and annoying)
• Miscellaneous programs – May contain exploit, log editor

(Source)

Types of Rootkit

• Persistent Rootkits

A persistent rootkit activates each time the system boots. Normally these types of Rootkits are stored in the system registry.

• Memory-Based or non-Persistent Rootkits

Memory-based rootkits will not automatically run after a reboot; they are stored in memory and lost when the computer reboots.

• User-mode Rootkits

User-mode rootkits operate at the application layer and filter calls going from the system API (Application programming interface) to the kernel. These rootkits normally change the system binary files to malicious code that redirects control of the computer to the creator of the rootkit.

• Kernel-mode Rootkits

Kernel-mode rootkits hook to the system’s kernel API’s and modify data structure within the kernel itself. These are the most effective and dangerous types of rootkits. Kernal-mode rootkits are very difficult to detect and can hide on a system without any indication of being active.

• Bootkits

Bootkits are variations of kernel-mode rootkits that infect the Master Boot Record (MBR). The malicious code can be executed before the computer actually boots.

• FirmWare

A firmware rootkit infects a device or piece of hardware where code resides, such as a network card or the system BIOS.
Mebromi firmware rootkit http://blog.webroot.com/2011/09/13/mebromi-the-first-bios-rootkit-in-the-wild/

• Hypervisor

These are newer types of rootkits that are infecting the hypervisor layer of a virtual machine setup. The hypervisor is basically the layer between physical hardware (host systems) and the virtual system (guest), although a type II hypervisor can be installed on top of an OS in order to present a virtual layer to the virtual system. These rootkits can intercept hardware “calls” going to the original operating systems.

How to remove the Rootkit

This is where it gets fun! There are different approaches and really no single full-proof method, neither is it guaranteed that the rootkit will be fully removed. As a matter of fact, there are some computer security experts who simply recommend formatting the drive and completely re-installing the operating system.

The Manual Method

This may or may not be more time consuming than trying to search using an automatic tool. If you are familiar with legitimate Windows services and programs and can pick out suspicious files, then this could be the way to go. Many times, rootkit scanners will not detect rootkit infections, especially if they are new, so this may be the way to go if you don’t want to go straight to the nuke-and-pave solution.

Tools:

• AutoRuns
• Process Explorer
• msconfig
• Hijackthis along with hijackthis.de

Technibble has a video on using Process Explorer and AutoRuns to remove a virus. Finding a rootkit would be a similar process using these tools.

Read here for more on HijackThis and the HijackThis reader. Those tools can be used to find suspicious processes and files and, each have a unique form of analysis.

Here is a process for locating a rootkit via msconfig:

1. Open msconfig and enable bootlog.
In XP, goto Start > Run. Type in “msconfig” (without quotes). Goto the “boot.ini” tab and tick “Boot log”
In Vista and Windows 7, goto Start, type in “msconfig” (without quotes). Goto the “Boot” tab and tick “Boot log”

2. Restart the Computer

3. Open C:WINDOWS or C:WINNT and open ntbtlog and search for malicious files.

You can start by searching this short list from Computersight.com for the files starting with the following names. It may contain some random characters after it.

• rot
• gas
• gaopdx
• seneka
• win32k.sys
• uacd
• tdss
• kungsf
• gxvxc
• ovsfth
• msqp
• ndisp
• msivx
• skynet

Get the path of the file name: \SystemRoot\system32\drivers\BadRootkit.sys

For an exhaustive list of rootkits that you can search for, check out this Rootkit List from Bleeping Computer.

4) Open up a command prompt and disable file permission using either the CACLS or ICACLS command.
For e.g., type cmd in the Run box (XP) or search box (Vista/7) with Admin privilages (in Vista and Windows 7 Hit Ctrl-Shift-Enter to enter the command prompt as an Admin) and type
cacls C:WINDOWS\system32\drivers\BadRootkit.SYS /d everyone or
Icacls C:WINDOWS\system32\drivers\BadRootkit.SYS /deny S-1-1-0:FMRXRW
(cacls /d everyone denies permission to the files for all users, Icacls /deny Sid:permission can deny Simple or Specific rights)

5) Restart the computer

6) Search for the file in the following location and remove it
C:\WINDOWS or C:WINNT
C:\WINDOWS\system32
C:\WINDOWS\system32\drivers
Registry
Clear the temp, %temp% and prefetch folders

Source: Computersight.com

The Automatic/ Semi-Automatic method

You can check out a list of rootkit removal tools here.

I would first fire up TDSSKiller from Kaspersky. It runs a fairly quick scan and TDSS variants are popular, so it may catch something on the first attempt.

If the TDSSKiller comes up empty then try out GMER, which is a powerful and exhaustive rootkit scanner.

From there I like to use AVG’s Rootkit Scanner. This tool has actually found quite a bit of rootkits for me. It’s also good to run it after you have removed the rootkit to be thorough, although you could do that with any of these tools. Another program worth mentioning at this point is the new Microsoft Standalone System Sweeper Beta. There has been some buzz that this tool has been fairly successful at finding hidden rootkits.

If these rootkit scanners are not finding anything, or they do find something but can’t delete it, then you may have to move to the manual method. You can also keep trying other tools but there does come a point when you have to evaluate if the time and effort is worth it or you should either try a manual method, or perform a full re-installation of the operating system.

ListDLLs is a software utility that displays all the DLLs loaded into processes. It’s great for diagnosing, blue screens (BSOD’s), Viruses, malware, and other software related errors. ListDlls shows you the full path names of loaded dll’s as opposed to names only, which can aid in finding rougue dll’s that have legit names but are in the wrong directory. The program also flags dll’s that have different version numbers after being loaded than the version of the file on the disk. This can occur when a program is updated after it loads the dll, or in the case of a malware infection.

ListDlls will work on Windows XP, Vista, and 7, as well as Windows Server 2003 and higher.

Usage

• listdlls [-r] [-v | -u] [processname|pid]
• listdlls [-r] [-v] [-d dllname]
• processname | Dump DLLs loaded by process (partial name accepted).
• pid | Dump DLLs associated with the specified process id.
• dllname | Show only processes that have loaded the specified DLL.
• -r | Flag DLLs that relocated because they are not loaded at their base address.
• -u | Only list unsigned DLLs.
• -v | Show DLL version information.

Source

ListDlls.exe

ListDlls -v Dll Versions

Versions of DLL's for a Specific Process

List Process that Contain a Specific Dll

Download Links

Download from Official Site -48kb
Download from Brothersoft.com [Mirror] – 48kb

ProcDump is a command-line utility that allows the technician to analyze and diagnose CPU spikes and hanging services. ProcDump also includes hung window and unhandled exception monitoring. The program will write a customized crash dump (.dmp file) based on the technician’s entered parameters. A great feature about ProcDump is that you can automatically set a specific CPU threshold for a process to hit before the program writes a dump file. This means that the program can run unattended and create a dump file at the exact time it causes problems or an abnormal spike.

Here’s an example: you notice on a client’s computer that the explorer.exe process spikes the CPU to 90 percent at random times throughout the day, and you’d like to create a few dumps to analyze the problem. Instead of sitting at the computer with task manager open waiting to see a CPU spike, you can enter the following command to create a dump file at three separate times when the CPU for explorer.exe is at or exceeds 90 percent, and then write the dump files to the c:\procdumps directory:

c:\procdump.exe -c 90 -n 3 explorer.exe c:\procdumps

The -c switch is the CPU threshold parameter. The -n switch tells ProcDump how many dump files to create.

You can get more granular in your parameter settings by adding how long a process spikes the CPU before creating a dump file. Example:

c:\procdump.exe -c 90 -s 5 -n 3 explorer.exe c:\procdumps

The -s switch tells ProcDump the length of time the service needs to spike the CPU at the threshold you configured before a dump is created.
Other interesting parameters include “-u” that treats CPU usage relative to a single core, and “-w” which will wait for a specific process to launch if it’s not running.

Download Links

Download from Official Site – 178kb
Download from Brothersoft.com [Mirror] – 178kb

RAMMap is a portable, stand-alone software tool that allows you to see exactly how Windows assigns physical memory. The tool does not just display memory usage on an application or process basis, but it shows the the memory usage down to each individual file. The technician can analyze the exact memory allocation of drivers, dll’s, system fonts, cached files, and more.


The following tabs are available on the main RAMMap screen:

• Use Counts: usage summary by type and paging list
• Processes: process working set sizes
• Priority Summary: prioritized standby list sizes
• Physical Pages: per-page use for all physical memory
• Physical Ranges: physical memory addresses
• File Summary: file data in RAM by file
• File Details: individual physical pages by file

A technician will find RAMMap useful in troubleshooting system slowdowns and memory issues by being able to see exactly what files/programs are taking up the most memory, or if program files are not being released from memory correctly. RAMMap can also help the technician clean up a client’s computer of files, drivers, and fonts that are taking up memory space but are not necessary.

HERE is In-Depth Explanation of the Use Count and File Summary Tabs from Technet.

Download Links

Download from Windows Sysinternals – 272kb
Download from Brothersoft.com [Mirror] – 272kb

TOR is a free client application that uses a network of multiple encrypted tunnels to route your Internet traffic. You can install the components to use TOR or download a standalone bundle that does not require installation. TOR can benefit IT Professionals in several ways:

<\/span>

• To verify IP based firewall rules: Instead of needing to physically go outside your LAN you can use TOR on an internal machine to fetch IP addresses outside of your company’s block to test and validate your firewall settings.
• To “remotely” connect to deployed services internally: A technician can use Tor to remotely connect back to services, without the need for an external machine.
• To bypass security policies for critical IT usage: Tor can allow unfettered access to the internet while leaving standard security policies in place.
• To work around ISP network outages: If an ISP is having DNS or routing problems TOR may be able to bypass the problem areas allowing you to connect to the internet, even though the ISP is malfunctioning.
• Performing Malware Analysis: IT professionals in charge of incident handling/analysis may need to trace back the origins of malicious software or breach attempt. TOR allows the technician to do this anonymously for protection against retaliation attacks.

How to setup TOR

You can install TOR as a browser plugin or you can download a bundle pack specific for your operating system. The necessary components are TOR and a web proxy such as Polipo. You can add an additional layer of security by using PuttY. The TOR bundles include the torbutton (plugin for Firefox) and Vidalia (a GUI for TOR). Install, check that it’s working, and explore anonymously.

Vidalia Control Panel

TOR Confirmation Page

Download Site

SpaceSniffer is a free and portable application that will scan a drive and give you a visual treemap of the contents on that drive. This is useful for the technician who is trying to clean up data on a system, or is looking to delete/move data from a full partition to another with more space. What’s nice about this program is that you can easily analyze what files are taking up the most space, in a visual manner, and then use the interface to dig deeper into a directory or file.

<\/span>

SpaceSniffer allows you to modify your searches in many ways. You can look for specific types of files, such as .doc, or can look for older files by using a condition such as “2years.” The main menu shows a high level view of your data breakdown, and by clicking on a section you can drill down to see more files and how much space each individual file is taking up. You can even navigate the interface while a scan is in process.

At first glance the layout of your data in a visual manner may seem cluttered or bit confusing, but you quickly get used to it, and the visual aspect helps you hone down unnecessary files with ease.

Here is a the feature set from the Website:

• Supports drag and drop
• Export module lets you produce customizable textual reports
• Intuitive structure layout, multiple views for different media
• Zoomable elements, navigate like a web browser
• The Windows folders and file popup menu is accessible by right mouse click
• It’s possible to restrict the view content by typing simple yet powerful filtering criteria
• Lets you temporary tag files with four different colors and perform filtering on them
• Different views of the same media can show differently filtered elements
• Customizable in geometry, colors, behaviors
• You can navigate even during the scan
• Smart cached scanning engine, multiple views, single scan
• You can refine a zoomed area by a secondary scan process, even with main scan active
• Reacts to file system events, keeps always in synch, warns you by blinking elements
• Can scan NTFS Alternate Data Streams
• It doesn’t clutter your registry, only a plain XML configuration file
• It’s portable, no installation required, just put the executable somewhere and let’s go

Main Screen visual file tree

Drill down to Documents

Download from Official Site – 1.41mb

GParted is a free and open source partitioning tool. It can run within a Linux environment or can be booted from a live CD. GParted supports multiple file systems and works great on servers in RAID configurations.

GParted is very useful when a technician needs to re-size a partition, re-format a drive (to a different file system), set the boot flag to a partition, and perform other useful features. Recently this program was used in a small business environment on two different servers in RAID 5 configurations. Both servers were running Windows Server 2003 and had a system partition (C: drive) size of only 12 GB.

<\/span>

Obviously this is too small for a system partition by current standards, and it was at the point where these servers could not download and install updates. One server had about 400GB of information stored on it with a couple hundred free. We were able to successfully boot into GParted and re-partition the drives on both of these servers without any problems (boosted the C: drive partition to around 40GB).

I have used GParted many times on workstations and I can’t remember a time when it has failed or I lost data. It’s a great tool that all technicians should have in their toolkit. It can be downloaded as an ISO and burned to a bootable standalone cd, and many times comes included on multi-application boot/rescue cd’s.

Features

• Create partition tables (e.g., msdos, gpt)
• Perform actions with partitions such as:
  • create or delete
  • resize or move
  • check
  • label
  • copy and paste
• Manipulate file systems such as:
  • btrfs
  • ext2 / ext3 / ext4
  • fat16 / fat32
  • hfs / hfs+
  • linux-swap
  • ntfs
  • reiserfs / reiser4
  • ufs
  • xfs
• Enable and disable partition flags (e.g., boot, hidden)
• Align partitions to mebibyte (MiB) or cylinder boundaries
• Attempt data rescue from lost partitions
• Supports hardware RAID, motherboard BIOS RAID, and Linux software RAID.
• Supports all sector sizes (e.g., 512, 1024, 2048, 4096 byte sectors)

Boot Selection Screen

Resizing a Partition

Selecting Flags

Supported File Systems

Download

Download from Official Site – 97.7mb
Download from Brothersoft.com – 97.7mb

 

Open source software is one my favorite tech topics. Linux is my preferred operating system kernel of choice and I use it on my main system (and virtualize other OS’s). I use it to run my business and I use it as a tool while on the job no matter what type of system I am working on. Here is a descriptive list of tools, systems, and applications that will help you on the job or in the office that are open source and will run in a Linux environment or live CD (based on Linux). All of these tools are available for free.

Linux can read NTFS and FAT file systems and ignores any file system permissions set within Windows, so as long as the data is unencrypted, you should be able to read, write, copy, and move. It’s a great tool if you can’t boot a system due to a virus, but would like to backup/recover any data before working on the system (just remember to check the files on the external drive to make sure the viruses didn’t attached themselves).

I was at an on-site job where my customer wanted to transfer all of her data from her old PC to a newer one; however the C: drive was almost full (literally a few MB’s free), not to mention whatever else was on there. It took about 15 minutes to fully boot and navigating was horribly slow. I took out my Puppy Linux CD, rebooted into Puppy, and was able to backup what she needed in less time that it took to originally boot into Windows! This was a huge time saver, and the customer appreciated that!

2. Darik’s Boot and Nuke (DBAN) – DBAN is a boot disk that will securely wipe a hard disk clean. It is great for bulk destruction or emergency sanitation. DBAN writes random data to the disk several times which ensures that the old data will never be recovered. A very useful tool when you want to make sure the data is totally erased.

3. GParted – GParted is an open source partition editor that runs off of a live CD. This is a fantastic tool that I have used many times to re-size hard disk partitions with great success. It has no trouble recognizing hardware and software RAID, and was recently used on servers at our software company to allocate more C: drive space on some older machines. No problems at all.

4. Virtual Box – Virtual Box is an open source virtual machine application and, in my opinion, the easiest to use. If you are new to virtual machines, give this program a try. It runs in Windows, Linux, OSX, and Solaris  My main PC runs Linux Mint as its host operating system. When I need to use Windows I run it in Virtual Box. I use it for test environments and as a learning tool.

5. GNU Cash – GNU Cash is open source accounting software that runs on Linux and Windows. It is straight forward double entry accounting and is not anywhere near as powerful as Quickbooks; however, it gets the job done if your accounting needs are basic. GNU Cash is easy to use and set up, plus it’s free! If you are starting out or looking for a cost effective alternative (or Linux alternative) to Quickbooks, with less of a learning curve, give it a try. I use it in conjunction with some custom spreadsheets and honestly, it’s all I need (at least for now). My accountant had no problems with my documents at tax time.

6. Clonezilla – Clonezilla is an open source live CD application used to create disk images. I have used it many times with no problems. You can create a full disk image of a drive or drive partitions and save it over a network or to an external device. Obviously, you can restore the image from any of those devices as well. I keep this in my tool kit all the time.

7. Reconstructor and Remastersys – Reconstructor is an application that you can use to make customized ISO’s of Linux distributions. For example, when you download Ubuntu you get whatever applications and setup that the developers packaged into the ISO. With Reconstructor, you can take a base Ubuntu ISO, delete applications that you don’t want or add in applications that you need, and create a brand new Ubuntu ISO.

This is great if you want to make a customized “repair” version, or you want to keep an ISO backup with your added applications in case you need to reinstall the OS. You may want to use the OS on an older computer and want to lighten to load. Remastersys does the same thing, but I am more familiar with Reconstructor.

8. Truecrypt – Open source encryption software. Truecrypt can create a single file on your drive that you can mount as a virtual encrypted drive, or it can encrypt entire volumes. Anything that you put into a Truecrypt file/volume will be encrypted, and you need to mount it to Truecrypt and enter a password to decrypt. It’s a great tool for on the fly encryption for flash drives or external hard drives.  You can also use it to encrypt Dropbox files for added security.

9. AVG Rescue Disk – This is not an open source application, however; the AVG rescue disk is a Linux based live CD that allows you to run a virus scan of the system hard drives. It is a free download. You can also download definition updates from the command line if you have an internet connection. It’s worked very well for me, especially when you are fighting a nasty virus and it’s difficult to boot to the OS.

10. System Rescue CD – A Linux based live CD that includes many of the tools mentioned above. It’s similar to the Ultimate Boot CD which contains many tools and also has a windows version.

© Technibble - A Resource for Computer Technicians to start or improve their Computer Business
To get started with your own computer business, check out our Computer Business Kit. 10 Must-have Open Source Applications for Computer Technicians

In our daily lives we are exposed to thousands of advertising messages every day, each promising us a better life, an easier time or a faster way. Good marketers don’t sell products, they create desire, and it is much easier to get someone to buy your product or service if they’re convinced they already want it!  In professional terms, desire is defined as creating a gap between a person’s perceived state and their desired state. When we perceive a “gap” we will try to close it, some gaps are short (i.e. I am hungry) and some gaps are long (i.e. I want to become accredited in X).

Whatever the case, a truly effective marketing campaign will not only fill this desire, but they will actually create the desire in your mind, sound kind of evil hey? Let me explain what I mean and maybe it won’t seem quite so bad.

So how can you use this information to help you make marketing material for your computer business? Well, most importantly the key issue here is education as the adage goes, “the more you know, the more you know you don’t know” While I am not suggesting that you simply make people “afraid” to the point of dependency, it can be useful to educate your customers in some of the ways in which things can go wrong with their I.T. After all they can’t ask you for a brand new backup system if they don’t know they need one. The purpose of creating the desire is to present your company as the ideal solution, thus making the consumer happy.

This desire doesn’t need to be inspired by fear or trouble, you can create desire through positive motivators too. For example, you may say something like  “Businesses on windows 7 spend less than half as much on service calls”. Here, the “desire” is created to spend less money, you have shown them there is a way and obviously you are now in a position to provide this service. Different people will obviously have different motivations so creating desire can require some planning and research.  To give you an idea, in Australia, when trying to sell a product to the “middle class” customer, marketers will try to position their products alongside “upper class” products in an attempt to make the product seem more elusive. This (apparently) exploits the desire for middle class people to feel they are part of the upper class and is known as the “upward pull” effect.

When creating the “desire”, try to put yourself in the shoes of your customer. If possible do some interviews with some existing customers and try to nail down exactly what is going through their minds when they are using the computer. You may discover some really fascinating insights which apply to a whole range of people. I don’t believe you should simply exploit the fears of your customers, as your understanding of their problems increases, so does your ability to provide a truly valuable service.

In my opinion the “desire” you create with your advertising should align with your business’ persona. For example, if you are a promoting a light hearted and fun approach to IT then your advertising should center around making life easier, reducing stress. Alternatively if you are a professional outfit with serious claims and a premium service your messages should center on efficiency, stability and productivity. If you have clearly defined consumer segments, it would be a good idea to create a separate set of communications.

Possible “Gaps” – Some ideas to get you thinking

• Antivirus Problems
• Lifetime of Hardware
• New Staff Education
• Scalability and Growth Options
• BSOD / any urgent problem
• Changing over key software
• Computer Speed Issues
• Long Term Support Options
• Power Failure Implications
• Backup Issues
• Trends in your clients industry

Ultimately if people feel like you can identify with them and fix their problems they will be much more likely to give you a call. Research and understanding will help you identify with people’s real problems and help you create a more compelling argument. Just try not to be as obvious a some companies if you are going to “create” the problem in the first place!

• Internet Explorer (Version 4.0 – 9.0)
• Mozilla Firefox (All Versions)
• Google Chrome
• Opera

Once WebBrowserPassView has gathered all the passwords from the various browsers, it displays them in a single table with the URL the password was saved for, what browser it was saved in and of course the username and password.

From there, you can save it as a TXT file, export the table as HTML and more. This product was created by Nirsoft and in true Nirsoft fashion, the application is very easy to incorporate into scripts due to its excellent command line support.

This utility works on any version of Windows, starting from Windows 2000, and up to Windows 7, including 64-bit systems.

Screenshots:

Downloads:
Download from Official Site – 204kb

Penetration testing is a fascinating subject. Learning how to ethically hack a system in order to find vulnerabilities and prevent malicious hackers from taking advantage of an exploit is a dream for those who love to make money hacking but prefer not to wear orange jumpsuits in an 8’x10’ cell. Let’s take a look at some of the tools of the trade for the penetration tester, most of which are freely available for you to tinker with.

1. Metasploit

Metasploit is a free open-source security vulnerability scanner. In the Metasploit framework you can actually develop and execute exploit code against a machine or network.

The basic steps for exploiting a system using Metasploit (from Source)

1. Choosing and configuring an exploit (code that enters a target system by taking advantage of one of its bugs; about 300 different exploits for Windows, Unix/Linux and Mac OS X systems are included).
2. Checking whether the intended target system is susceptible to the chosen exploit (optional).
3. Choosing and configuring a payload (code that will be executed on the target system upon successful entry, for instance a remote shell or a VNC server).
4. Choosing the encoding technique to encode the payload so that the intrusion-prevention system (IPS) will not catch the encoded payload.
5. Executing the exploit.

The two most common payloads generated from Metasploit are:

1. Command shell that enables users to run scripts and commands against the host.
2. Meterpreter enables users to control the screen of a host machine using VNC.

Metasploit can also import vulnerability scan data and compare the identified vulnerabilities to existing exploit modules for accurate exploitation.

Armitage is a graphical interface front-end to the Metasploit framework that makes it easier to carry out security attacks.

2. NMap (Network Mapper)

NMap is an open-source network scanner (port scanner) that finds host, services, and port information. You can use NMap to scan a network for open and insecure ports, host systems, and servers. It can also be used for simple network inventory and maintenance by detecting operating systems, versions, and even hardware information. It’s fairly simple to use, yet very powerful in the hands of an experienced technician/hacker.

3. Nessus

Nessus is a proprietary vulnerability scanner. They offer a free version for personal and non-commercial use. Commercial and enterprise usage requires a license fee. Nessus can be used for auditing a network, vulnerability discovery, compliance verification, misconfiguration, and more. The software can also launch third party tools to hack passwords (Hydra) and scan ports (NMap).

4. Wireshark

Wireshark is free and open-source packet analyser (commonly known as a packet sniffer). Basically it will report and capture any traffic within a network. Data can be captured and read later or you can watch packets in real-time. Wireshark is a great tool to assess network bog-downs, malicious/suspicious traffic, protocol analysis, and even capturing raw USB traffic (currently available only in Linux).

5. Cain and Abel

Cain and Abel is a password recovery tools (password cracker) for Windows. It uses dictionary attacks, brute-force, and cryptanalysis as well as methods to decode encrypted passwords.

6. John The Ripper

John the Ripper is a password cracker that will run on Linux/UNIX, Mac OSX, and Windows. It is free and open source software.

7. Snort

Snort is a free and open source network intrusion prevention system (NIPS) and network intrusion detection system (NIDS). Snort uses signature, protocol, and anomaly-based inspection methods to detect malicious traffic trying to enter or probe a network. It can also be used as a packet sniffer and a packet logger. Snort will run in a Linux/UNIX and Windows environment.

8. Kismet

Kismet is a powerful packet sniffer, and intrusion detection system for 802.11 wireless LANs.
“Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and inferring the presence of nonbeaconing networks via data traffic.” – http://www.kismetwireless.net/

9. HPing3

HPing3 is a supercharged version of the Ping command utility. HPing3 can use TCP, UDP, ICMP and RAW-IP protocols other that just ICMP (as ping). It also has a built in traceroute mode.
“This tool is particularly useful when trying to traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities.” -http://sectools.org/

Rootkits are becoming more prevalent and more difficult to find. Technicians need to be aware of the best software tools that will detect and remove this elusive software. Here is a list of rootkit removal tools that will work on the major operating systems.

Rootkit Revealer
Rootkit Revealer is part of the sysinternals suite and is a free portable rootkit scanner. This tool was featured as a repair tool of the week.
Download

Sophos Rootkit Scanner
Sophos offers a suite of security software but most notably they have a free rootkit detector and removal tool available here:
Download

GMER
GMER is a powerful rootkit scanner and usually my first “go-to” rootkit scanner when I suspect suspicious activity above and beyond typical malware. It’s quite small and portable.
Download

TDSSKiller
A great free tool from Kaspersky. It’s portable and easy to use with a simple GUI. This tool recently helped me find a rootkit that was causing multiple browser hijacks. I could not find the rootkit with any malware scanner, HijackThis, Process Explorer, or a couple other rootkit scanners. I ran this tool and it found it almost instantly (this particular rootkit was part of the rootkit.win32.TDSS family). TDSSKiller will search for the win32.TDSS family of rootkits as well as bootkits (MBR rootkits/malware) and other suspicious services.
Download

Microsoft Standalone System Sweeper Beta
This is a fairly new application (still in beta!) that you can boot from a cd or flash drive. It is meant for situations where you can’t boot into a pc due to malicious software/activity. The program detects and removes rootkits and other malware.

Check it out here: Download
(NOTE: This is an excerpt from the Microsoft website regarding licensing for the System Sweeper Tool. Please read the license agreement at the bottom of the page or contact Microsoft for more information.
“INSTALLATION AND USE RIGHTS.
a. Home Use. If you are a home user, then you may install and use any number of copies of the software on your personal devices for use by people who reside in your household to test how it runs with your programs. As a home user, you may not use the software in any commercial, non-profit, or revenue generating business activities.
b. Small Business. If you operate a small business, then you may install and use the software on up to ten (10) devices in your business to test how it runs with your programs.
c. Restrictions.
d. Separation of Components. The components of the software are licensed as a single unit. You may not separate the components and install them on different devices.
e. Included Microsoft Programs. The software may contain other Microsoft programs. The license terms with those programs apply to your use of them.”)

AVG Rootkit Scanner
This is the rootkit scanner that comes bundled with AVG anti-virus. It was only available in the paid version up until AVG 2010 was released; now it comes bundled with the free anti-virus download. In my experience it works pretty well and has detected some rootkits that went otherwise unnoticed. Most well known anti-virus suites do come with a rootkit scanner.
Download

Prevx
Prevx offers a suite of paid security tools; however they do offer a free trial version that includes a rootkit scanner.
Download

RootRepeal
RootRepeal is a rootkit detector that seems to be in a perpetual beta, so use it at your own risk and take precautions. It has an advanced rootkit detector for Windows XP and Vista. This was also featured in a Repair Tool of the Week Article
Download

Linux and Apple Mac OSX Based

Let’s not forget our Unix based systems! It’s fairly slim pickings for rootkit scanners on these operating systems, but there are two that I know of that work well. As the popularity of these systems continue to grow I believe we will be seeing more security concerns, hence more tools.

chkrootkit
A rootkit detector that searches system binaries for modifications.
Download

rkhunter
This is a free tool that will search for backdoors and exploits by comparing MD5 hashes and strange file activity.
Download

Mobile Platform

Lookout Mobile Security
Lookout is a security application for Android, Windows phone7, and Blackberry mobile devices. It isn’t necessarily a rootkit tool but I wanted to include a security tool for the ever increasing mobile platforms. The more a platform grows in popularity the more it will be attacked.
Download

"The cloud" has become the new buzz phrase in the technology industry and whether or not you like the idea of using the Internet as a base camp, there are some cloud based tools that can increase your productivity, save you time (and money), and increase efficiency within your business. There are many tools out there, so allow me to introduce five tools, either cloud based or used in conjunction with cloud based apps, that I have been using in my business and professional life.

TIP: I am well aware of the recent news about Dropbox’s security (or lack thereof). You should definitely think ahead about what files you are saving to the cloud. The files that I use within dropbox are not highly sensitive and the benefits of efficiency outweigh the risks in my case. However, for files that may be more sensitive you can use open source Truecrypt to create an encrypted fileholder. I keep a small Truecrypt file within Dropbox just in case I want to drop in something that requires more security. If anybody accesses my Dropbox they will not be able to decrypt anything in my Truecrypt file since I alone hold the private key.

If you are a Linux user making backups to Dropbox you can use a program called DejaDup that encrypts your files to the cloud and allows for incremental backups.

2. Tomboy Notes – Available for Windows and Linux. Tomboy is not technically a cloud based tool (yet); it’s actually a desktop note taking application. However, it does have web sync capabilities. The development team is working on a Tomboy server where you can type notes and it will sync directly to your local Tomboy apps, but it’s still unstable.

I use it in conjunction with Dropbox which allows your notes to sync up flawlessly while basically keeping a backup in the cloud. I love tomboy notes because: 1) it’s available for Linux; my main OS kernel of choice. 2) It is small, simple, and intuitive; just install and use with little to learn. 3) It automatically saves and links to other notes. 4) It’s free.

I have just about ditched using paper for note taking, I use Tomboy instead. Click "new note", type what I need, hit sync, and close. I can print if I need to or keep notes open like sticky notes on my pc. The only downside thus far is that there is no app for a mobile device, although you can read the synced files in Dropbox that are in XML format if you really need to look at a note.

TIP: Here is a quick tutorial on how to sync Tomboy notes using Dropbox.

3. Evernote – Available for Windows, Mac, and most Mobile devices. Evernote is a powerful note taking tool and cloud based app that will sync with all of your pc’s and devices. It offers many more features over the simplistic Tomboy app and is comparable to Microsoft OneNote, althoughh I have found Evernote easier and more intuitive than OneNote which is why I am recommending it.

Evernote is awesome as a mobile app! I frequently use it’s camera feature to snap a shot of a business card, receipt, written note, etc, then use it’s integrated Dropbox feature to upload into my Dropbox. Seconds later the file is synced to all of my devices. I cannot tell you how much this has reduced clutter and made my business (and life) more efficient. You can also save voice notes as well as typed notes. Evernote is what I use to type notes on my mobile device since Tomboy isn’t available yet. It is also great for clipping notes, articles, and pictures from websites and then syncing to use later.

4. Voltage Secure cloud email – Voltage secure email is a cloud based email encryption tool.

We implemented this tool in order to send securely encrypted emails to our hospital and healthcare customers. Voltage is HIPAA compliant (regulations in the USA regarding patient privacy) and most of our hospital customer are already using it internally. The current cost is $65.00 per license, per year. The reason that I like this tool so much is that it does not require the recipient to install anything, such as a private key or a certificate, nor do they have to be using the same software. It is cloud based and both parties only need a web browser (though there is an Outlook plug-in that creates a "Send Secure" button, making it very easy to use with that mail client). The first time when you send a Voltage encrypted email to somebody they will receive a link to the Voltage website in order to create a login and password. Once the information is verified they can open and decrypt the message using their voltage credentials. This is extremely useful when dealing with healthcare clients because getting healthcare IT departments to install anything within their environment requires nothing short of a miracle! Sensitive data requests can now be easily transferred via email and is easy for the non-tech savvy recipients to use.

5. Kindle (app). The Kindle app is available on Windows, Mac, and most Mobile devices. I am including this here because I consider the Kindle an extremely useful business tool with great syncing capabilities. Learning is an essential business process. I don’t know of many successful business owners (at least the ones I want to emulate) that haven’t cited reading as a key to their success. The Kindle app is useful because you can download an e-book on any device, whether it be the Kindle e-reader itself, or one of the free Kindle apps available for Windows (PC), Mac, iPhone/iPod Touch, Blackberry, iPad, Android, and Windows Phone 7, and the e-book will sync to all your devices where you have the app installed. Recently this came in handy for me as I found myself sitting in a doctor’s office waiting room for over an hour. I didn’t have my Kindle device on me at the time, but did have my iPod touch and was able to conti nue reading Daymond John’s "The Brand Within" not missing a beat. Plus, you don’t need to be online as long as you sync the app ahead of time. You can no longer use the excuse that you don’t have time to read because Amazon has given us the opportunity to read anytime, anywhere, on almost any device.

The other great thing about the Kindle app is that your notes and highlights are also synced across all of your devices. If you read something that is useful for your business while reading your Kindle on the beach, highlight it or type a note. Later when you’re in the office and your Kindle is home you can access your note/highlight on your pc or mac. I have found the Kindle app extremely helpful for keeping my reading notes organized, which allows me to be more effective in applying what I learn into my business, especially when part of my business is writing articles!