CyTRAP Labs – Wincurity – smarter protection

add/remove button missing in add/remove programs – what to do?

For some programs one has to uninstall the old version as is the case with Java Runtime Environment (see CASEScontact.org advisory CT110115)

Here we explain how registry entries can be changed to be able to uninstall unnecessary programs even if the change/remove buttons have disappeared from Add Remove Programs.

ProblemUser wants to remove some programs from the computer.Going to the Add/Remove Programs section of the Control Panel, the Change/Remove button that usually appears for each program that was installed is missing. Put differently,change/remove buttons have disappeared from Add Remove Programs.
What must be done to get these buttons back in order to uninstall the programs that one no longer needs?

how can this be fixed?

This problem may occur if the uninstaller for a program incorrectly removes registry entries that are used by Windows and the Add/Remove Programs tool.

For this tip, you will be working in your Registry Editor, so before you begin, make sure you’re comfortable using it. The Registry Editor is not a tool to just play around with. However, following the steps below it will be fine. Moreover, first do it for one pgrogram only and check if it works, before doing it for many more – better safe than sorry.

Add/remove button missing in add/remove programs
1	Go to Start, Run and type regedit into the box.Click OK and the Registry Editor will open for you.
2	Then navigate to this location:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Now look for the program name you want to remove from your PC
3	In the right pane (right window), double click the NoRemove choice (REG_DWORD)- set the value to 0 (zero).If it happens to be set to 1, the Remove button will not be available.
4	Back in the right pane, double click the NoModify option (REG_DWORD):- set it to 0 (zero).If this happens to be set to 1, the Change button will not be available.
5	Once you changed those two values for one program, click OK and close everything else out.
6	top bar, click File – Exit
7	Thereafter go back to the Control Panel and look through your list of programs. The one program were you changed the values should have again the Change/Remove buttonsOne can now remove that unnecessary program from the computer.

Now, after having finished the above for one program, one can go through the above procedure again but this time do it for several of the programs one wishes to remove or get the Windows Add/Remove Program buttons back.

Thereafter go back to the Control Panel and look through your list of programs. All of the Change/Remove buttons should be back for you and you can then continue removing all those unnecessary programs from your computer. No more missing buttons.

Download Add – Remove Pro

This is a quick and reliable alternative to standard Windows Add/Remove Program. It’s a fast, secure, and convenient way to remove unneeded applications and improve your computer efficiency. The program can also remove system and hidden applications, programs that could not be removed by Add/Remove Program. The user interface is easy-to-use, modern, and multilingual (more than 15 languages supported).change/remove buttons have disappeared from Add Remove Programs

Things to consider – more help

removing Java Runtime Environment from computer causes problems – how to check – KISS – keep it simple stupid

if add/remove button for Java or any other program in Control Panel’s Add/Remove Programs is missing – check here on how to get it back and FIXED – quick: - CyTRAP Labs tip – What is causing missing change/remove program buttons in Windows?

There is no key in the Registry Editor under HKLM/Software/Microsoft/Windows/Current Version/ Uninstall that relates to Java or another program- check here on how to get it FIXED – quick: - CyTRAP Labs tip – how to re-install a program such as Java Runtime Environment if no key in Registry Editor – relates to Java or that particular program?

Stay ahead, register yourself for the newsletter Wincurity (once a month) or get each post via e-mail right here:

Your email:

 

Windows Vista and Windows XP are used on most computers. We all know that unless we do some housecleaning, however, these operating systems will start to work slower and slower.
Here we have a tool that helps you do your houseclaining chores faster while keeping your notebook smoothly. This post explains why you should install the nCleaner on your PC, what it does and how it makes your life easier.

We need a tool to fix things in Windows or Windows Vista. One tool I have been using is nCleaner

This tool requires less than 1MB on your hardrive but gives you an advanced system and application cleaner.

Like your apartment that needs cleaning, so does your PC or notebook. Care starts with maintenance and cleanup.

Help that makes you get done with your cleaning chores faster using nCleaner such as:

finding junk left behind by programs the you may have uninstalled,

reg (registry) cleaner,

free space shredder,

tweak manager,

startup manager, and

many more

Just remember, the tool can be used freely for non-commercial use …. not otherwise because as it says:

You are NOT allowed to use nCleaner for any commercial purposes. You are not allowed to use nCleaner to get any kind of profit. If you want to license nCleaner for any commercial purpose please contact us.

Download the program here: nCleaner

Please stay abreast the latest developments – sign up – it is free:

Also of interest:
Sign up to get these tips, free tools, etc. via e-mail Your email:	sign up to our alerts about zero-day exploits and newsletters here
CASEScontact follow us on Twitter

Windows Vista has a firewall included but it will not stop E.T from reporting home to Redmond. The question you must ask is “Would you let a fox guard your hen house?”
This post explains why you should install the Online-Armor firewall including the pros and cons of doing so, step-by-step.

The last couple of weeks we brought you:

CyTRAP Labs quicktip – checking your Windows Vista firewall settings

CyTRAP Labs quicktip – replacing Window Vista firewall – what one should avoid

These posts gave you some tips regarding your Windows Vista firewall as well as which ropes to skip when trying to install a new firewall. Today I explain a few things you may want to consider when installing your firewall.
what not to do

Before you turn off the Windows Vista firewall you need to make sure that you have installed the latest version of Windows Vista on your PC. For instance, I purchased another PC last week from Toshiba and, unfortunately, the latest Windows Vista with SP1 was not installed. In turn, I downloaded the SP 1 fix from here:

check if update is needed SP1 for Windows Vista – March 2008

It will take some time to download this program and make sure that:

- before downloading – please turn off power saving on your notebook – because it will interrupt the download and you will have to start again (imagine you have 40 megabytes and must start anew… tedious).

Once you have updated your Windows Vista you can go ahead and install a firewall. This procedure prevents you from having to uninstall your firewall after having downloaded and installed SP 1 – happened to me – because the firewall had problems to work properly.

FACTS ABOUT Online-Armor

We chose Online-Armor for now because it runs smooth, does not take too many system resources and has a user-interface that makes it easy for you to teach the firewall what you want it to do. Again remember these things and be cautious:

a) your software-based firewall learns – it is wise to be careful and restrictive with telling the firewall to establish a rule…. let it ask you each time so you know which program wants to send infos out from your PC and why

b) if in doubt say no when asked, do it step-by-step and do not rush your decision when the firewall asks you to make a decision

Our choice, including details and where to download it for your PC is listed below.

cost	free
software	Online Armor 3.0.0.190 or later
release date	2008-08
platforms	Windows 2000/XP/2003 Server/Vista
author	Tall Emu – Sydney, Australia
languages	English, German, French AND many more
size of download	12.7 MBs, depending on version downloaded
download	free Online Armor firewall – latest version download
more information	FAQ and more Info about free Online Armor firewall

Make sure you uninstall the firewall that was pre-installed on your PC, such as Norton or McAfee.

Yes your new PC has a firewall pre-installed from some software vendor, before activating it might be wise to get rid of it unless it is better than Online-Armor, which will not be the case for 95% of them.

No, nearly all of the firewalls that were pre-installed on your new PC by the manufacturer are not as good as Online-Armor according to various benchmark tests including our own. Most importantly, they require more system resources and, thereby, slow down your PC in those cases were you run several programs at once (e.g., Word, Thunderbird, Firefox, etc.) Worst is that they do many things without asking you first for permission. Big brother watching you….

We advice you to uninstall such programs before installing Online-Armor.

Installing the firewall

As the screeshot below shows, the Online Armor firewall makes it easy for you to follow instructions and install the package. The Safety Check Wizard guides you through the set-up.

Just make sure you have 10 minutes, uninterrupted please…. focus on this job and do it carefully and wisely. Mistakes made will haunt you… Do not rush through it.

The screen below shows what the answers will likely be if you have a new PC and Windows Vista SP 1 installed.

Does not mean you did anything wrong nor that something is amiss, instead you will have to instruct the firewall and tell it what you want it to do in case …. some program like Microsoft Office wants to execute something.

When you proceed from the above screen, Online-Armor than guides you through some question and answer routines. For instance, your hardware manufacturer has set up some programs to start automatically. I had one program called desktop SMS start each time I booted the PC even though I did not want it to.

I instructed Online-Armor not to permit it being started, tested the SMS program once or twice and than just uninstalled it. However, until I did that Online Armor prevented the program to be launched automatically during the boot up of the system.

The above screen makes it easy for you to tell the program what you want it to do. In many cases, you want the firewall to stop certain programs from starting up when you boot the system. They slow down the boot process and use up system resources. So what you do not need for sure each time you start a work session should not be launched that simple.

Incidentally, the above indicates that today’s firewalls are far more than just firewalls but act as intrusion detection systems and help you to take charge over which programs may start and which ones may not on your notebook without your explicit consent.

So take back control with Online Armor, it works (no we neither have shares in the company nor any other business relationship with them )

EVALUATION SHEET ABOUT Online-Armor

advantages

Online Armor is a software-based firewall solution with a low requirement of resources and it has worked on some of our machines for years.The user-interface makes it easy to install and work with the tool – for novice as well as expert users alike.

disadvantages

Windows Vista may release an update that may require you to re-install the firewall. So install SP1 first and than you should be fine. Once you have let the program establish a rule based on your decision, it is not that easy to change your mind. This needs to be improved to make this program even better – screen that would allow to remove rule check mark and put one at – ask me each time the program starts…

If you prefer other choices, we have another one here:PC Tools Firewall Plus

The above choice is fine as well we just prefer Online-Armor which we think works a bit faster and has a slightly better user interface.

Get some test results here:

firewall challenge

The above lists one set of tests that might be helpful to you including links to those firewalls that cost. Nevertheless, Online-Armor is in the top 3 in these tests and ours and comes free.

For Windows XP users, see our free firewall choices here:

CT210001: Update 4 – Martina Hingis: Princess of the WTA & Angelina Jolie ==> they are already inside – best ways for using a firewall to protect your PC

Please stay abreast the latest developments – sign up – it is free:

Also of interest:
InfoSec – follow us on Twitter	sign up to our alerts about zero-day exploits and newsletters here
CASEScontact follow us on Twitter	What is Twitter good for

Windows Vista has a firewall included but it will not stop E.T from reporting home to Redmond. The question you must ask is “Would you let a fox guard your hen house?”
This post explains how to disable the Windows Vista firewall and which free options to choose to protect your PC effectively.

Last week we brought you:

CyTRAP Labs quicktip – checking your Windows Vista firewall settings

That post gave you some tips regarding your Windows Vista firewall. Today I explain a few things you may want to consider BEFORE replacing your Windows Vista firewall – the ropes to skip.

PROBLEM

While Windows Vista has a firewall, it does not stop your programs from reporting back to Redmond. In fact, it allows your PC to report back all kinds of information about your machine and what and how your are using your programs to get your jobs done. For Windows Vista I usually recommend turning off the default firewall, since it can also cause errors with a few of the popular programs you might also have installed on your PC.

Disabling the Disable the Windows Vista firewall is a first step (see last week’s post on how to do it properly). However, before you disable this firewall you have to be sure to have put another solution in place. Otherwise you are exposing your PC to unnecessary risks. I explain some of the questions you have to address beforehand below.

First Defence

The first line of defence is your router. The good thing is that it does not use system resources. Just ensure that the router you are looking for includes NAT firewalling. This basically means that the router ignores anything it did not request from the internet.
The bad thing is that if your PC gets infected by any spyware or malware, any traffic it attempts to send out will most likely be approved. Why? Because such traffic will look like legitimate traffic from your machine, so your router firewall won’t stop it.

SOLUTION

Basd on the above, you need a firewall that advices you about attempts made by outgoing traffic. For instance, you initiated a print job on Word. In return, your firewall asks if it is okay to let your computer contact the networked printer. If you approve, the command will go to the printer and you can pick up your print job in a minute or so at the printer.

Some people do not wish to be asked by the firewall about such outgoing traffic. Naturally, you can have your firewall establish a rule that means such outoing traffic is always approved. However, if you want to know what is happening on your machine and to be safe, don’t let your firewall establish too many rules. Rather click on yes a few times during the day than having to deal with the risk of malware using the same port as your networked printer to reach the internet…

what not to choose

Would you leave a fox to guard your prize chickens? Most certainly not, hence you should refrain from using a service like this one from Microsoft:

So you wanted to check your Firewall settings in Windows Vista

Click on Start > Control Panel > click on the logo as shown to the left.

If you click on this than you will get the large screenshot as listed below.

Therafter you are given the option to either de-activate or activate your Windows Vista firewall. Please remember, your Windows Vista firewall is activated by default.

If you click on off (circeled red) or Change Setting (highlighted with yellow) than you get the smaller screenshot.

Here, click the option called – off – that has the red button and x mark attached. This will to turn off the firewall.

Why would one turn off the Windows Vista firewall?

What is provided by Microsoft is a basic, simple, old fashion, traditional packet blocking, port-based firewall. Similar to other firewalls, users can create rules for applications, ports, interfaces and IP Address rules as well. Hence, the user can create a rule that restrics access by IP address and port to a particular service.

Unfortunately, the firewall does not inspect the packets sent and received by your computer. However, it does recognize various protocols, such as, IGMP, GRE, and ESP.

You can go to start and type in the word firewall (search space – type the word firewall)

Doing this will show you the more hidden advanced version of the Windows Vista firewall as shown below.

When clicking on Outbound Rules you can see a whole set of rules and so forth. If you take the time, you can set them to fit your needs.

It is obvious that if you play with the “hidden” second firewall choice smartly, you might just be able to avoid having to use third-party software for your firewall. Unfortunately, this will require some technical skills and time – something most people may not have.

Hence, we will show you which free firewall you may want to install on your Windows Vista powered PC to:

- simplify things for you while, most importantly,

- protecting your data better and

- stopping Microsoft programs from calling home to Redmond if you do not wish this to happen – remember ET calling home….

We tell you how to get a handle on this nice and easy next week here:

CyTRAP Labs choice – free tool – replacing Window Vista firewall

PS. don’t shut off your Windows Vista firewall until you have installed a third-party firewall AND rebooted your PC to activate and make the new firewall run. So wait until next week when we tell you what works best for us and likely you as well.

In the past we have pointed out that some users have caused a bit of trouble on Twitter . Sometimes it can happen that you cannot login or your account is suspended.

While users can try to convince the Twitter geeks to give one a second chance, it can happen that you loose all followers and much more.

Why back up your followers

How about getting a program that helps you backup your followers, stores them in your Twitter safe and, as importantly, allows you to download your followers as a cvs file. As we know, this file can be imported into Open Office or Excel.

In case your Twitter account is lost, you can then just open a new Twitter account and get in touch with your followers

How TwitterSafe works

Login with your Twitter username and password since the TwitterSafe tool uses the Twitter API.

Click on Run Back button, download the CSV file it creates to your hard drive. Important buy viagra order cialis order viagra professional buy cialis professional is to repeat this procedure at regular intervals in order to keep your backup current.

Better do it now before you will be sorry when it might just happen that you experience a disaster using Twitter.

backup your followers with TwitterSafe

Microsoft has released 11 security bulletins
6 of these bulletings are ranked critical – by Microsoft, which means ‘can result in remote code execution’ 5 are important (this summary focuses on the critical ones only) CVE-2008-0120, CVE-2008-0121, CVE-2008-1455, CVE-2008-2245, CVE-2008-2254, CVE-2008-2255, CVE-2008-2256, CVE-2008-2257, CVE-2008-2258, CVE-2008-2259, CVE-2008-2463, CVE-2008-3003 CVE-2008-3004, CVE-2008-3005, CVE-2008-3006, CVE-2008-3018, CVE-2008-3019, CVE-2008-3020, CVE-2008-3021,
CVE-2008-3460,
If you have Automatic Update activated for your PC, these patches will be downloaded automatically.Does your automatic update work properly?If you are not sure if it does, check below, otherwise by mid-day 2008-08-13 the downloads should be on your machine….
Remember, installing the downloads might necessitate a reboot. Just wait until you stop working once you shut down your machine that will suffice to get them installed.

This vulnerabilities exposes you to a risk that we rate as follows:

CyTRAP Labs security risk barometer – 4 = critical
low	elevated	moderately critical	critical	severe
1	2	3	4	5

For more information and explanations about the CyTRAP Labs risk barometer you can visit here:CyTRAP Labs security risk barometer

what Microsoft Patch Tuesday has in store for us this month
operating system affected	Windows (XP, Windows Vista, Windows Server),
affected software	Microsoft Access 2000, 2002, 2003 Microsoft Internet Explorer 5.1, 6, 7$ Microsoft Excel 2002, 2002, 2003, 2007 Microsoft Office Powerpoint 2000, 2002, 2003, 2007 Microsoft Office Powerpoint Viewer 2000, 2002, 2003, 2007 Microsoft Office 2000 Service Pack 3 Microsoft Office XP Service Pack 3 Microsoft Office 2000 Service Pack 2
risk	6 security bulletins rated critical BY Microsoft (click on link – click on Login as guest – click on link again, access to free definition/explanations) were released …the risk rating given for these vulnerabilities by CyTRAP Labs is a 4 (four out of five levels) = CRITICAL – orange
how long did this vulnerability remain unpatched since it was publicly disclosed ==> zero-day alert	these vulnerabilities have been known for a while (several months), however, none were actively exploited.
patch prioritization – client side impact	users and administrators are urged to roll out this patch as soon as possible, once it has been verified that it does not break any internal applications.
where is the patch?	will be downloaded using Automatic Update, update is detected by the MBSA: CyTRAP Labs tip – using the Microsoft Baseline Security Analzyer called MBSA
what should one do?	If your Automatic Update is functioning properly, you are covered. CyTRAP Labs tip – how to make sure the latest security patch is installed
how can I check that I do have the latest version installed	find out more information how cou can check that this update is installed as well on your PC or server here:
not patching the vulnerability could cause what kind of damage to my PC?	could be exploited by attackers to execute arbitrary code on the user’s machine BETTER patch NOW
Once updated, what do you need to do?	These updates will require a restart for your PC.
Where can you get the overall summary Microsoft has issued?	full version of the Microsoft Security Bulletin Summary for August 2008
where can one get details about each of the patches released on this month’s Microsoft Patch TuesdayWe list the critical ones only – there were 5 important ones as well	- Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954) – Microsoft Security Bulletin MS08-046 – CRITICAL- Cumulative Security Update for Internet Explorer (953838) Microsoft Security Bulletin MS08-045 – CRITICAL - Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617) Microsoft Security Bulletin MS08-041 – CRITICAL- Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066) Microsoft Security Bulletin MS08-043 – CRITICAL - Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785) Microsoft Security Bulletin MS08-051 – CRITICAL - Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090) Microsoft Security Bulletin MS08-044 – CRITICAL
release date from vendor	2008-06-12 – Pacific Standard Time
why is this a reminder and not an alert?	security alert or reminder – that’s the question
did CASEScontact.org release an advisory about these vulnerabilities earlier?	No we did not issue a zero-day alert
CASEScontact.org release a zero-day advisory	NO we did not issue a zero-day advisory see also patched zero-day archive)
Common Vulnerabilities and Exposures (CVE) project has assigned the following numbers to these vulnerabilities that were patched by Microsoft	CVE-2008-0120, CVE-2008-0121, CVE-2008-1455, CVE-2008-2245, CVE-2008-2254,CVE-2008-2255, CVE-2008-2256, CVE-2008-2257, CVE-2008-2258, CVE-2008-2259, CVE-2008-2463, CVE-2008-3003 CVE-2008-3004, CVE-2008-3005, CVE-2008-3006, CVE-2008-3018, CVE-2008-3019, CVE-2008-3020, CVE-2008-3021, CVE-2008-3460,

Please make sure that your PC is patched – thank you.
Also of interest:
CyTRAP Labs: security reminder – 2008-04-08 – Patch Tuesday – Microsoft	CyTRAP Labs: security reminder – 2008-06-10 – Patch Tuesday – Microsoft
CyTRAP Labs: security reminder – 2008-07-08 – Patch Tuesday – Microsoft	why benchmark

Please stay abreast the latest developments:appear here in this part of cyberspace.

Also of interest:
InfoSec – follow us on Twitter	sign up to our alerts about zero-day exploits and newsletters here
CASEScontact follow us on Twitter	What is Twitter good for

Microsoft has released 4 security bulletins – none of these are are ranked critical – by Microsoft.

Does your automatic update work properly? If you are not sure if it does, check below, otherwise by cialis cheap cialis buy cialis purchase cialis viagra order viagra order viagra order cialis professional buy levitra mid-day 2008-07-09 the downloads should be on your machine…. remember, installing the downloads might necessitate a reboot.

Just wait until you stop working once you shut down your machine that will suffice to get them installed.

This vulnerabilities exposes you to a risk that we rate as follows:

CyTRAP Labs security risk barometer – 3 = moderately critical
low	elevated	moderately critical	critical	severe
1	2	3	4	5

For more information and explanations about the CyTRAP Labs risk barometer you can visit here:CyTRAP Labs security risk barometer

Where can you get the overall summary Microsoft has issued?

full version of the Microsoft Security Bulletin Summary for July 2008

where is the patch?

will be downloaded using Automatic Update, update is detected by the MBSA: CyTRAP Labs tip – using the Microsoft Baseline Security Analzyer called MBSA

what should one do?

If your Automatic Update is functioning properly, you are covered. CyTRAP Labs tip – how to make sure the latest security patch is installed

More information that you should check out regarding Microsoft vulnerabilities and patches can be found here:

Also of interest:
CyTRAP Labs: security reminder – 2008-05-13 – Patch Tuesday – Microsoft	CyTRAP Labs: security reminder – 2008-06-10 – Patch Tuesday – Microsoft
the mission of ComMetrics	why benchmark

Please stay abreast the latest developments:

Sign up it is free:
InfoSec – follow us on Twitter	sign up to our alerts about zero-day exploits and newsletters here
CASEScontact follow us on Twitter	What is Twitter good for