Got A Rootkit Infection? – Find Out With These Four Free Rootkit Detectors

Earlier this week, in my Daily Net News column, I posted the following –

Microsoft is telling Windows users that they’ll have to reinstall the operating system if they get infected with a new rootkit that hides in the machine’s boot sector. A new variant of a Trojan Microsoft calls “Popureb” digs so deeply into the system that the only way to eradicate it is to return Windows to its out-of-the-box configuration.

That’s truly scary stuff – rootkits are not your common everyday piece of malware. As a reminder to regular readers that rootkits can be hunted down and eradicated, I’m reposting an edited version of an article first published in December of last year.

Rootkits use any number of techniques to hide, including concealing running processes from monitoring programs, and hiding files, and system data, from the operating system.

In other words, the rootkit files and processes will be hidden in Explorer, Task Manager, and other detection tools. It’s easy to see then, that if a threat uses rootkit technology to hide, it is going to be difficult to find.

So, scanning for Rootkits occasionally, is good practice, and if you have the necessary skills to interpret the results of a Rootkit scan, Tizer Rootkit Razor, appears to be a good choice to help you do this. I should be clear however, this tool is not “one-click simple” to decipher, and users need to be particularly mindful of false positives.

Since the false positive issue, is always a major consideration in using tools of this type, you should be aware that tools like this, are designed for advanced users, and above.

Here’s a reasonable test to determine if you have the skills necessary to use this application effectively. If you’re not capable of using, and interpreting, an application such as HiJackThis for example, it is unlikely that using this program would prove to be beneficial. On the other hand, if you can interpret the results of a  HiJackThis scan, you’re probably “good to go”.

The user interface is dead simply – functional and efficient, as the following screens from my test system indicate. BTW, no Rootkits were found during this test. Or, after scanning with the additional tools listed below.

Fast facts:

Main Screen: This page displays information related to your operating system and memory usage.

Smart Scan: This feature automatically scans all the critical areas in the system and displays hidden objects, making things easier for the user.

NOTE: The user is provided with a feature to fix the hidden object (if any).

Process Scan: This module scans processes currently running on the machine. A process entry will be highlighted in red if it is a hidden rootkit. The user can click on an individual process to display any hidden modules loaded by the process.

NOTE: The user is provided with the option to terminate processes and delete modules.

Registry Scan: This module scan is for hidden registry objects.

Smart Scan: A smart scan will scan the critical areas of the registry.

Custom View: This module provides a virtual registry editor view, hence enables the user to navigate through the registry and check for hidden keys or values. (Hidden keys/values will be highlighted)

Kernel Module Scan: This module scans for loaded drivers in the memory. A module entry will be highlighted in red if it is hidden.

NOTE: The user is provided with a feature to unload and delete a driver module from memory.

Services Scan: This module scans all installed services on the local machine. A particular service entry will be highlighted if it is hidden.

NOTE: The user is provided with start, stop, pause, and resume features. They may also change the startup type of service.

SPI Scan: This module lists all the LSPs installed in the system. This is read only information.

NOTE: The user can check for any unauthorized LSP installed.

SSDT Scan: This module scans for any altered value in the System Service Descriptor Table (SSDT). The process of alteration is termed as “Hooking.”

NOTE: The user can restore the altered value to its original value.

Ports Scan: This module will scan all open TCP and UDP ports. A particular port entry will be highlighted if it is hidden.

NOTE: The user is provided with the option to terminate the connection.

Thread Scan: This module will enumerate all running processes. The user can click on a particular process to view and scan all threads running in context of that process. Any hidden threads will be highlighted in red.

NOTE: The user is provided with the option to terminate a thread.

File/Object Scan: This module will scan for any hidden files in the system. The user selects a location on the computer to scan.

Click here to read about Tizer Rootkit Razor’s features, in comparison with other anti-rootkit applications.

System requirements: Windows XP, Vista, Win 7

Download at: Tizer Secure

Note: registration required.

If you think you might have hidden malware on your system, I recommend that you run multiple rootkit detectors. Much like anti-spyware programs, no one program catches everything. To be safe, I occasionally use each of the rootkit detectors listed below, on my machines.

Microsoft Rootkit Revealer

Microsoft Rootkit Revealer is an advanced root kit detection utility. Its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. According to Microsoft, Rootkit Revealer successfully detects all persistent rootkits published at http://www.rootkit.com, including AFX, Vanquish and Hacker Defender.

IceSword

IceSword is a very powerful software application that will scan your computer for rootkits. It also displays hidden processes and resources on your system that you would be unlikely to find in any other Windows Explorer like program. Because of the amount of information presented in the application, please note that IceSword was designed for more advanced users.

GMER

This freeware tool is essentially a combination of Sysinternals’ Rootkit Revealer and Process Explorer. The program can list running processes, modules and Windows services, in addition to scanning for the presence of rootkits.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Tech Thoughts Daily Net News – June 30, 2011

Gmail Implements New Features to Help Curb Phishing – The company introduced three new features late Tuesday that it claims will inform users of the origins of certain emails so they can protect themselves from social engineering and phishing attacks. They will help users identify e-mail messages sent to them through forwarding services and using spoofed (faked) sender addresses, according to a post on the Google mail blog.

Get WonderFox DVD Ripper 2.5 (Win) for free – From now until July 3, you can get WonderFox DVD Ripper free of charge, no strings attached. Regular price: $39.95. Just enter your name and e-mail address, then click Send Email. Developer WonderFox Soft promises you’ll receive your registration code within 48 hours.

Mobile Payments: Don’t Buy Into It – The main issue is security, and that’s largely because cell phones are simply not very secure, at least not yet. Mobile payments, says Ira Winkler, author of the book “Spies Among Us” and president of Internet Security Advisors Group, “are a disaster waiting to happen.”

Beware: Avira Partners With Ask And UniBlue – Avira recently made two business decisions that may have a huge impact on the company’s public perception. The Ask Toolbar will be rolled out to all free users soon, the UniBlue promotion has already taken place for users in the United States. Probably the biggest issue that users have with the Ask Toolbar is that Avira suggested to clean that toolbar if found on PCs in the past, according to information posted on DSL Reports. (submitted by Michael F.)

Google Docs Android app is a mobile office must-have – The official Google Docs app for Android has finally been released. Despite one drawback, Jack Wallen calls the app a major win for the Android platform.

Facebook’s Fake Friends Epidemic – A few weeks ago I got a Facebook friend request from a cute young blonde thing named Marjorie. I did not know Marjorie from Adam, but she was certainly enthusiastic about friending me. She even initiated a chat session before I had a chance to respond. In fact, she continues to chat me periodically at random, even though we are not officially “friends.” When I asked why, she says she just “wants 2 b yr frnd.”

British Hackers Take Down Al-Qaeda Websites – A group of British hackers today took down al-Qaeda’s communication network and websites, preventing the terrorist organization from posting online messages and videos.

Google Voice: a cheapskate’s guide to cheap VOIP – In this article, we look at how you can make and receive Google Voice phone calls from any old wired phone you may have lying around your house.

Company News:

Apple Responds to Final Cut Pro X Backlash – With Pro videographers up in arms over changes to Apple’s premier video-editing app, Apple has responded with some words of comfort.

Larry Page’s new Google: Will it get derailed by the FTC? – A new FTC probe into Google’s business practices is coming. But, the inevitable government scrutiny could assist new CEO Larry Page in one big way.

Microsoft admits Patriot Act can access EU-based cloud data – At the Office 365 launch, Gordon Frazer, managing director of Microsoft UK, gave the first admission that cloud data — regardless of where it is in the world — is not protected against the USA PATRIOT Act.

Blue Jeans Network attempts to bridge enterprise, consumer videoconferencing – Santa Clara, Calif.-based Blue Jeans Network on Wednesday announced the launch of a cloud-based multi-party video conferencing service it calls “Any(ware)” videoconferencing. The company says it wants to make the technology accessible to anyone at any time, from any device, and to do so it’s attempting to bridge the gap between enterprise solutions from Cisco, Polycom and others and consumer options from Skype and Google.

Off Topic (Sort of):

10 wording blunders that make you look stupid – Last year, I put together “10 grammar mistakes that make you look stupid.” Some readers vehemently disagreed with my comments (including a couple of folks who pointed out that grammar should have been grammatical in the title). But most of them had their own deep-seated language peeves to share. Peeves enough to reach to the moon and back.

45 million U.S. individuals manipulate their identities – When does a little white lie become fraud? An estimated 45 million people in the U.S. have deliberately manipulated their identities in applications for credit, cell phone service, auto loans or other credit transactions, according to ID Analytics.

Overworked America: 12 Charts that Will Make Your Blood Boil – In the past 20 years, the US economy has grown nearly 60 percent. This huge increase in productivity is partly due to automation, the internet, and other improvements in efficiency. But it’s also the result of Americans working harder—often without a big boost to their bottom lines. Oh, and meanwhile, corporate profits are up 20 percent.

Violent Video Game Debate: Where Do We Go From Here? – In the wake of today’s landmark Supreme Court decision, California can’t ban the sale of these types of games to children. What will the next step be for both sides of the debate?

Today’s Quote:

“The men the American public admire most extravagantly are the most daring liars; the men they detest most violently are those who try to tell them the truth.”

–    H. L. Mencken

Today’s Free Downloads:

System Spec 2.95 – With System Spec you can see, save and print a complete spec of your PC. This standalone, system information utility can also perform various windows functions. Additional advanced info includes CPU, drives, applications, display, memory, networking, internet, CD / DVD drives and more.

Process Lasso 5.0.0.30 – Process Lasso is a software that will improve system responsiveness and stability. Process Lasso is a unique new technology intended to automatically restrain running processes that are consuming too many CPU cycles.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Why Comment Spammers Shouldn’t Use Google Translate

Comment spam has the potential to be dangerous – if it’s allowed to be blindly posted. I’ve written a number of articles dealing with the hows/whys of comment spam in the past, so I won’t belabor the point. If you wish you can checkout – Comment Spam Is Dangerous BS!

By its very nature, comment spam is a pain in the ass – but, I have to admit – there are those rare moments when I get my morning coffee up my nose, when the unintentional humor of a spam comment catches me unaware.

The following comment on Close Security Holes In Windows With Microsoft Baseline Security Analyzer,  from a Chinese spammer (juangonzaloangel), caused one of those “coffee up my nose” moments. I’ve deleted the web links hidden in the comment.

Undeniably think for which you suggested. The best good reason were via the internet easy and simple matter to find out. I say to you, My spouse and i surely have irritated when people take into consideration anxieties they accomplish never understand. Anyone was able to click all the toe nail with the top part in addition to explained out of whole thing without needing unwanted effect , persons could take an indication. Will probably be time for read more. Bless you.

Not to put to fine a point on it – this is a major Google Translate FAIL. One would think, that if a spammer went to all the trouble of writing a complex spam comment, he’d a least get it right.  But hey, it did accomplish something positive – I started my day with a great big laugh. 

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

MachStudio Pro 2 – Price Cut From $4000 To Zero!

A product price reduction is one thing, but reducing the product price from $4000 to zero, zilch, nada – well, that’s a whole other thing. In a rather surprising move, StudioGPU, the developers of MachStudio Pro 2 (which has an excellent reputation in the 3-D industry), has done just that. Sort of beats a Wal-Mart rollback hands down!

If serious animation is your thing, and you have the hardware to support it – then rush on over to StudioGPU, and download their flagship product – MachStudio Pro 2.

I should point out; this application is not a toy – this is the real thing; designed by artists for artists, and shaped by the actual demands of a production environment.

Sample screen captures from video productions available at the developer’s site.

Fast facts:

• Real-time rendering on your desktop — say good-bye to expensive render farms.
• Groundbreaking levels of interactivity giving the power back to the artist instead of the pipeline.
• Provides revolutionary workflow allowing manipulation of cameras, lighting, ambient occlusion, animation, and materials in real-time.
• Seamless interoperability with most leading CG software programs including Autodesk Maya and 3ds Max .
• Resolution independent, allowing renders at any resolution and format (e.g. 1080P, 720P, 16:9, 4:3, NTSC, PAL and even 2K and beyond).
• Render as final frame, or as passes for additional compositing work.
• Generate higher quality CGI results for less time and money.

System requirements:

Windows 7 – 32 bit or 64 bit, Vista Business – 32 bit or 64 bit (SP1 or higher).

Minimum Hardware Requirements:

• Intel Pentium 4 or higher, AMD Athlon 64, or AMD Opteron processor
• 2 GB RAM
• 2 GB of available disk space
• 1 GB DirectX 11 compliant video card (tested w/ ATI and NVIDIA)

Download at: StudioGPU

If you’ve got a creative streak, and you have a drive to create imaginary worlds populated with imaginary characters, then this is a terrific opportunity to harness the power of your computer with the magic of MachStudio Pro 2.

Checkout the video at the developer’s site.

I’m not an artist, a movie producer or director, but I’ve been playing with animation creative software since the days of Autodesk’s ground breaking 3-D applications in the 1980s. You can be sure, I’ve already downloaded MachStudio Pro 2.

Special thanks to Michael F., who brought this to my attention.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Tech Thoughts Daily Net News – June 29, 2011

Office 365 vs. Google Docs Showdown: Feature by Feature – With Tuesday’s launch of Office 365, Microsoft is ready to go head-to-head with Google on its own turf. How do the Web-based Microsoft tools stack up against Google’s?

Eight Tips for Creating Bulletproof Passwords – Strong passwords are an important way to protect your corporate and private data from theft – and to avoid joining the more than nine million Americans victimized by identity theft each year.

Users Clueless About Malware, Careless About Security Measures: Survey – A pair of surveys focusing on end-users found some worrying patterns and misconceptions about Internet safety and poor security practices.

Google takes down 93,000 scam ads – Google has revealed that it took down more than 93,000 ads linking to scam sites from July to December last year, in response to requests from U.K. consumer protection authorities.

Google Guns for Facebook with Google+ Social Network – Google is trying its hand again at social networking, introducing on Tuesday a service called Google+. Currently available only to a small group of testers, its aim is to enable sharing between small groups of people. Google+ appears to be the rumored Google Circles social networking service that was the buzz of the South by Southwest Conference back in March.

Security vendor applauds LulzSec attacks – In an unexpected move for a security company, SecurEnvoy today said that cyber break-ins and advanced malware incidents, such as the recent DDoS attack by LulzSec, should actually be welcomed and their initiators applauded.

Thousands of Tumblr accounts compromised – Tumblr users have been targeted with an aggressive phishing campaign in the last week or so and are still being lured into entering their login credentials for access to adult content. And it seems that the scheme is working very well – GFI researchers have accessed one of the dropzones for the stolen credentials and have discovered a massive amount of data.

Hackers publish stolen PayPal login credentials – LulzSec has been assimilated back into Anonymous, but their AntiSec campaign keeps going. It seems that their final wish has been granted for now, and other hacking groups continued the work they have started.

(Not so) Crazy Microsoft Rumors: Windows 8 to RTM in April 2012 – It’s (not so) crazy Microsoft rumors time again. Today’s single-sourced — but trusted — tip claims that Windows 8 will RTM in April 2012.

Company News:

Alcatel Leaps Ahead With 400-gigabit Routing Chip – Alcatel-Lucent is charting a course to the next generation of carrier routers with new silicon that is focused today on delivering services from the edge of a network but could also power a massive packet engine for the core.

Encrypted voice calling for the iPhone – Cellcrypt Mobile for iPhone provides voice call encryption for commercially available off-the-shelf cell phones using government-certified security through an easy-to-use downloadable application that makes highly secure calling as easy as making a normal phone call.

John The Ripper Expedites Password Auditing – Chances are that if you’ve tested password security in the last decade, you have heard of John the Ripper. John the Ripper is an open source password cracker that is used by security researchers to help audit, crack and test password security.

Google: 500,000 Android devices activated each day – More than 500,000 Android devices are activated each day worldwide, Google Android chief Andy Rubin said.

Off Topic (Sort of):

Hot Gadgets: Summer Guide 2011 – From an extra-rugged smartphone to the perfect grilling fork, these 10 high-tech toys are ideal for summer.

D-Day and the battle for Normandy (photos) – In June, 1944, American, British, and Canadian forces invaded France. CNET takes in the incredible history.

Anti-Virus Pioneer Evgeny Kaspersky: ‘I Fear the Net Will Soon Become a War Zone’ – Kaspersky Lab founder says his computer was almost infected twice recently, once via a flash card and another, due to an infected website in a hotel.

US Inequality Quiz – Twenty-two questions. Here’s one of the shorter ones. “True or False: The US has higher social mobility than the Scandinavian countries.” Answers with a little help from Paul Krugman, Arianna Huffington, Ha-Joon Chang.

Where It All Began: The 10 Original Software Companies – You know about IBM, but do you know the rest?

Today’s Quote:

“Ninety-eight percent of the adults in this country are decent, hard-working, honest Americans. It’s the other lousy two percent that get all the publicity. But then – we elected them.”

–    Lily Tomlin

Today’s Free Downloads:

FreePrintable.net: Independence Day; Character Reference Letters – FreePrintable.net offers thousands of printable documents & templates.

Freemake Video Converter: CNET Downloads Exclusive – This popular and highly rated program can convert video files between virtually any format. And did we mention it’s free?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

SpringPublisher Free Version – Design And Output Business Cards And More

One of the very first freeware applications that I remember downloading, when the Sun first rose on the Internet, was a business card design application. Now, here I am, many years later, reviewing for the first time exactly that – a business card design application.

SpringPublisher 2.1 is a freeware application (upgradeable to a pro version), which allows a user to design and print a Business Card, Flyer, Postcard, and Letterhead with ease. The learning curve is … well, there is no learning curve really. If you can use a word processor; you’re good to go.

The following screen shots represent a walkthrough in designing a business card with SpringPublisher. Clicking on any graphic will expand it to it’s original size. Since these shots were captured on a 22 inch screen, they are very large.

You can create a blank project or alternatively, you may choose to use the Template Library to create a project from a template. In the following example, I’ll work with the template option.

For this walkthrough I’ve chosen the business card style indicated by the hand icon. I should point out, that the “style” you choose can be carried forward into additional projects, including – Letterhead, Postcard and Flyer.

Expanding the following screen shot to its original size will give you an opportunity to carefully study the GUI. I think you’ll find the GUI uncomplicated, easy to follow, and self explanatory.

Clicking on any element within the template opens an edit input box (text, image, shape). In the following example, I’ve just completed work in the address, telephone, email address, etc., edit box. You’ll notice, I’ve replaced the suggested graphic with something a little fancier.

The completed business card is shown below.

But then, since I’m into simple – I replaced the background color with plain white. Which meant, it was necessary to replace the “company name” color with black – very easy to do with the “select color” command.

This simple walkthrough doesn’t begin to test the power built into this application. The “fast facts” will provide a better overall picture of what can be accomplished with a little creativity.

Fast facts:

Enables you to add images, texts, vector shapes, logos and arrange them as you like.

Provides various image effect: shadows, opacity, rotation, and more.

Allows you to download high quality templates from the template store.

Makes it easy for you to print your artworks either with your own printer or in professional print shops.

Generates high resolution artwork with a maximum output of 350 dpi.

System requirements: Windows 2000, XP, Vista, Win 7

Download at: Developer’s site (SpringPublisher)

I haven’t used this type of application in years, so I’m not surprised to see that  SpringPublisher is a major step up from what I recall from back in the day. There are just enough tools and selections available  that customization possibilities are considerable – very impressive for a freeware application.

Along with your appearance (that great big smile  ), your firm handshake (the dead fish handshake is a no-no), your business card can tell a tale. Make sure it’s the one you want to convey. SpringPublisher is a terrific little application which can help you experiment in developing a card which expresses who you are.

The professional version, with Template Store credits and high-quality output is available from the publisher at $23.95(USD).

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Tech Thoughts Daily Net News – June 28, 2011

Rootkit Infection Requires Windows Reinstall, Says Microsoft – Microsoft is telling Windows users that they’ll have to reinstall the operating system if they get infected with a new rootkit that hides in the machine’s boot sector.

Lifehacker: Memory Restart Tells You When Firefox’s Memory Usage Gets Too High (and Restarts It For You) – Firefox still has trouble managing memory sometimes, and if you open a lot of tabs or leave it open for a long time, it can slow down to a crawl. Despite this issue, many people still use Firefox for its other advantages. If that’s you, you can at least keep a lid on slowdowns with Memory Restart. Memory Restart display’s Firefox’s memory usage in the add-on bar, and gives you the option to automatically restart Firefox when that usage gets past your comfortable level.

How to Fix a Windows Infection Using Linux – If you use Linux on your company’s desktop or server computers, you’re already familiar with many of the security advantages the open source operating system offers over its Windows and Mac rivals. What many people don’t realize, however, is that Linux can also be used to rescue a computer that has been crippled by malware.

Supreme Court Strikes Down California’s Violent Video Game Law – The Supreme Court on Monday struck down a controversial California law that banned the sale of violent video games to minors.

Has the Mozilla Foundation lost its collective mind? – After a long downward trend in quality for the Firefox browser, the Mozilla Foundation has decided to add insult to injury by eliminating the ability to at least stick with an older version until extensions are updated to the newest — and to do so after only three months of release status for version 4.

Malvertising: Adverts that bite – Malvertising is insidious. Follow all the rules and still get caught. Is there anything we can do?

10 iPad Security Facts You Can’t Afford to Ignore – How secure is the iPad? It’s got the edge on Android and Windows tablets, but these top 10 facts will help you understand the security risks iPads face.

Anonymous Picks up Slack as LulzSec Calls it Quits – Fifty days of hacking ends with a final data dump, but Lulzsec urges the world to watch Anonymous in action next.

Security is Broken – If the events of the last few months have served any purpose, it’s to illustrate once again that security is broken. This isn’t a new sentiment and few of the problems plaguing users and enterprises today are new, either. In this video, longtime security consultant and writer Rik Farrow outlines the missteps that got us into this situation and what can be done to alleviate it. Oh, and this talk was created in 2006.

Company News:

Microsoft convinces another Android vendor to sign a patent protection deal – Microsoft has added another Android backer to the list of those signing with Redmond for patent protection: General Dynamics.

GSV Capital Corp fund values Facebook at $70 billion – Investment group GSV Capital Corp. has picked up a significant number of shares in Facebook, but its valuation of the social networking site has garnered more buzz.

Pogoplug Puts a NAS in your PC – Cloud Engine’s latest Pogoplug software can turn your PC or MAC into a NAS device of sorts. It’s a user-friendly storage solution and very inexpensive way to share and stream files across your home network or remotely.

Google gets most requests for user data from U.S. – The search giant received 14,201 requests from 25 countries for private user information in the second half of 2010. The U.S. accounted for 32 percent of all requests.

Sony Joins the Music Cloud – Sony has joined the busy, cloud-based music market with Music Unlimited (powered by Qriocity). The service has a substantial 7-million song library from the big four labels, competitively priced monthly plans, and plenty of ways to listen.

Off Topic (Sort of):

10 Things You Shouldn’t Be Able to Buy Online – Are you in the market for human urine? How about some snake venom? Some of the stuff available online–and perfectly legal to buy in much of the United States–will give even the most brazen Web surfers the willies.

Four common misconceptions about employee rights – People often confuse “unfair” with “unlawful” in the working world. If an employer does something you think is a terrible practice, it doesn’t necessarily make it illegal. Here are some common misconceptions about employee rights.

Protect your computer and phone from illegal police searches – Can police officers enter your home to search your laptop? Do you have to give law enforcement officials your encryption keys or passwords? If you are pulled over when driving, can the officer search your cell phone? The Electronic Frontier Foundation (EFF) has answers to these questions in their new “Know Your Digital Rights” guide, including easy-to-understand tips on interacting with police officers and other law enforcement officials.

Apps and accessories that let you ditch your remote control – Several companies are scheming of ways to turn your smartphone into a smart remote for your television.

Your Cable Box Is An Extreme Energy Hog – Worried about high utility bills? Your cable or satellite box may be to blame. And if your box is a digital video recorder, that’s even worse.

Today’s Quote:

“There is no truth. There is only perception.”

–    Gustave Flaubert

Today’s Free Downloads:

3DMark Basic – As a free tool that can gauge the worthiness of your graphics card, 3DMark Basic does the job and takes little time or effort to run–and it might point out, as it did for me, an easily correctable oversight that was hindering performance.

RogueKiller – RogueKiller is a tool written in C, which scans the processes running, and kill those who are malicious. Author developed this tool after seeing that some rogues blocked the execution of disinfection programs, and some programs (eg Rkill) appeared ineffective in killing the rogue process.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Returnil System Safe 2011 Free –Virtualization With Added Antimalware Protection

System virtualization is a very cool technology which, if used correctly, has the power to control malware intrusion through the use of a ‘”virtual” environment, rather than operating in a “real” environment.

Running virtualized while surfing the Internet makes sense, and since it does, we’ve reviewed a number of these applications in the last year or two, including -Shadow Defender, Returnil Virtual System (a previous version of the application currently being reviewed), Sandboxie, GeSWall, Wondershare Time Freeze, Free BufferZone Pro, and more – including virtualized Browser add-ons.

A quick overview of Returnil System Safe 2011 Free:

Returnil System Safe clones your computer’s System Partition and boots the PC into a controlled virtual environment, rather than native Windows. Since the OS operates virtually, the “real” OS cannot be compromised by malware, malicious software, etc. Should the virtual OS become compromised, a simple restart will return the machine to its original state.

Returnil System Safe 2011 Free is compatible with both 32 bit and 64 bit Windows systems. As a value added bonus, Returnil System Safe 2011 Free incorporates an Anti-malware and Anti-spyware component.

Installation is uncomplicated and should run error free. All of the following screen captures can be expanded to the original size, by clicking on the graphic.

Pay particular attention to the registration screen. Should you choose not to register the application, certain product features will not be available past 30 days.

If you plan on continuing to run the application past the 30 day mark, it seems sensible to register. Registration will be confirmed as per the following screen shot.

Setting the Virus Guard real-time protection is simple and straightforward.

You will have the option of automatically starting the application on Windows startup but, I caution against this. Once the application is running, any changes (including downloads, for example, cannot be saved). You will, of course, be guided by your own needs.

The following screen capture explains this restriction.

Instead of an autostart, launch the application manually as needed – surfing the Web, for example.

Fast facts:

  Overall Product

• New an improved interface
• Clear protection status of your system
• Manage main features from one screen

Virus Guard (Anti-malware and Anti-spyware)

• Real-time protection – define your own shield sensitivity
• Quick Scan – light on resources and effective
• Full Scan – thorough scan of pre-defined areas on your computer
• Scan is dynamically adjustable to user workload (less resource intensive)

Virtual Mode

• Protect your system – Virtualize it!
• Virtual Mode Always On or just in current session
• Ability to save files via File Manager (paid version only)
• Powerful anti-execute protection

System Restore (System Rollback)

• Repair infections with ease
• Restore your system to a previously known/clean state
• Recover individual infected files
• Do not ever worry about losing your data

System Requirements: Windows XP, Vista, Server 2003, Server 2008,  Windows 7 (all – 32 and 64-bit).

Supported Languages: English, German, Japanese, Korean, Chinese (Simplified), Russian, Portuguese (Brazil), Dutch, Polish, Bulgarian, Finnish.

Download at: Download.com

Overall assessment:

Compared to previous free versions of Returnil, this version suffers from a major lack of functionality – with the focus primarily directed towards a user upgrade. There’s nothing intrinsically wrong with that of course – that’s marketing. But, this market driven position ignores the fact that free competitive products offer more substantial features and benefits.

If you’re looking for a free virtualization application that offers a reasonably complete solution, then you should consider Free BufferZone Pro. You can read a full review here – Free BufferZone Pro – Maybe The Best Surfing Virtualization Application At Any Price

Update: July 1, 2011

Mike Wood, from Returnil, has clarified a number of issues in the response which follows:

Thanks for the review and write up. All feedback is welcomed and yours has been taken into account for future versions. Some feedback on a couple of things in the article:

1. “… this version suffers from a major lack of functionality “: In the older RVS 2010 versions, the Virus Guard was limited to Quick Scans only. We changed this in the 3.2x versions to include Full System scans in RSS Free. We also provide updates via the Cloud feature that are based on the unknown/malicious file and behavior data collection and server side analysis in our own engine/AI tech. RSS Free does have some limitations as far as premium features are concerned, but that is actually only for the System Restore and File Manager/Access Real disk features. The latter centers around being able to save content to the real System partition while in Virtual Mode and the former is centered on the additional tools we provide to the native Windows Shadow Copy service used for the SR feature.

Those using the Free version can still save content and data to disk; the key is in where that data is stored. In the free version you can still save content to non-system disks/partitions and also have access to the Virtual Disk which can be used as a convenience for those with single partition rigs (only a C:\ drive for example).

The features in the System Restore in the paid versions includes automatic antimalware scanning of restore points and backups prior to implementation as well as the ability to recover files from the previous machine state following a restore. Another feature of the SR is that it can monitor all forms of backups and will list them in the Full Restore option when activated so they can be scanned for malicious content as described above.

2. The discussion of layered security approaches: RSS Pro was designed from the outset to be a vertical layered security approach in a single application where each component part works to not only provide its core functionality, but also to cover the weaknesses in the other component parts. As the free version does have some feature limitations, it is more appropriately placed as a team player in a larger layered strategy that the user is implementing with an ability to cover System level virtualization (as opposed to BZ’s application layer approach), complimentary antimalware, and anti-execute so you can reduce the overall number of other security applications you need to make said strategy work.

The paid version takes this a step further and allows the user to have a layered strategy in a one-stop package that can reduce the need for additional programs in the mix other than a good firewall solution.

With Kind regards,

Mike

Returnil Support

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Tech Thoughts Daily Net News – June 27, 2011

Can You be Cyber-Stalked? The 30-Minute Google Challenge – What traces do you leave on the Web? Two PCWorld editors try to dig up dirt on their coworkers in under 30 minutes. What we uncovered might scare you a bit. Even if you’re a complete goody two-shoes, it’s hard for you to avoid leaving any tracks whatsoever on the Web. That said, we did identify a few precautions that can help you avoid the scrutinizing eyes of a snoop.

Internet myths putting Americans at risk – Americans’ knowledge of Internet security is scattered with misconceptions and fallacies that expose PC users to a slew of online threats, according to G Data Security. The report found that Americans are dangerously out-of-touch with the sophistication of today’s threat landscape.

Is Mozilla’s Firefox 5 a More Stable Browser Than Its Predecessor? – Mozilla looks to solve a myriad of complaints about Firefox 4 crashes with a Firefox 5 update made up mostly of bug fixes.

Mozilla to enterprise customers: “Drop dead” – The Mozilla Corporation shipped Firefox 5 this week, almost exactly three months after it shipped Firefox 4. Does that seem like an insane tempo? Ha! Fasten your seatbelts, because Mozilla plans to ship Firefox 6 in exactly six weeks, with Firefox 7 six weeks after that, and Firefox 8 … well, you get the idea. Not coincidentally, that release schedule perfectly matches up with browser archrival Google Chrome.

Free Downloads to Make Use of PC Idle Time – Stepping away from your PC? Don’t let it stop working for you–or for a lofty purpose. These eight freebies do everything from backup to scientific research, all while you’re not looking.

How to Embed a YouTube Video – Want to plant a YouTube vid in your Web site, blog, or the like? The process has changed a bit. Here s what you need to know.

USB 3.0: Great Technology, But Hard to Find – USB 3.0 offers data transfer speeds that are five times faster than USB 2.0, so why hasn’t it caught on?

Windows 7 Startup Repair Tool automatically diagnoses and fixes startup problems – In this edition of the Windows Desktop Report, Greg Shultz takes a look at the Windows 7 Startup Repair Tool and explains how it works to automatically troubleshoot and repair the operating system.

Company News:

Alas, poor RIM and BlackBerry, we knew them well – Jason Perlow delivers his eulogy for the dearly departed Research in Motion (RIM) and the BlackBerry product line.

Apple: Are TVs really its next big thing? – Apple’s TV prospects are moving to the front of the analyst chatter again—talk surfaces almost quarterly—and signals once again point to a big living room move.

Sony’s Xperia Active will track your wet fingers, pulse – Have an active lifestyle but have yet to find a phone that can keep up? Sony’s new Xperia Active may be your answer.

New Adobe Tools Aim to Enhance Mobile App Making – Adobe is enhancing support for mobile app development with Flash Builder 4.5 and Flex 4.5 software. Features in both offerings enable the developing and deploying of mobile apps on Android, Apple iOS and RIM’s BlackBerry tablet OS. Developers can leverage a single platform to build apps across multiple mobile operating systems.

Short Story of the Week:

Paul Andrew Russell’s – Rules

Jimmy Swinson never did as he was told. As a child, if his parents told him not to touch something he would go ahead and touch it. At first, Jimmy’s flagrant disregard of the rules, any rules, was a source of amusement. His parents found it funny. Their friends found it funny. However, as Jimmy got older it became less so.

Off Topic (Sort of):

How To Avoid Getting Hit By A Train – Nothing to say about this one. Nil. Nada. Just watch it. Doesn’t take long.

10 flagrant grammar mistakes that make you look stupid – Sending a less-than-perfect e-mail to a friend is one thing; mistakes aren’t really a problem. But if you want to craft an error-free message that reflects your professionalism, be on the lookout for these common grammatical slip-ups.

Death In The Pot – Brief history of food-poisoning, accidental and intentional. Mushrooms a frequent player in both categories. Golden age of poisoners was in the early 19th century, before doctors discovered how to test for arsenic in the body.

Got Twitter? You’ve Been Scored – IMAGINE a world in which we are assigned a number that indicates how influential we are. This number would help determine whether you receive a job, a hotel-room upgrade or free samples at the supermarket. If your influence score is low, you don’t get the promotion, the suite or the complimentary cookies. This is not science fiction. It’s happening to millions of social network users. (submitted by Michael F.)

Today’s Quote:

“If you don’t know where you are going, any road will take you there.”

–    Lewis Carroll

Today’s Free Downloads:

Shutdown Timer – Shutdown Timer’s name belies its versatility. The application waits for any of a number of trigger conditions, and will execute an operation once it occurs. It can indeed shut down your computer, but it can also lock it, run a script or program you choose, or even wake it from sleep.

SlimCleaner – Who do you listen to about cleaning your PC, checking it for malware, and making it run all-around faster? Free utility SlimCleaner is powered in part by the cloud and community intelligence. This software from Slimware Utilities (makers of SlimComputer and SlimDrivers) includes a variety of modules that will clean your PC, uninstall software, help you decide whether to remove certain programs from running on startup, and more.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Bill Mullins, latest, news, security, tech, Tech Thoughts, downloads

Close Security Holes In Windows With Microsoft Baseline Security Analyzer

Intrusion detection systems do a good job in protecting physical environments against desperados, burglars, and trespassers. But, creating an access point by leaving a window or a door open, obviously reduces the efficiency of such a system.

Computer intrusion detection systems are no different – leaving a window open in Windows (if you’ll pardon the expression), can result in an illegal intrusion that can often remain undetected.

To help you assess the overall state of security on your computer (and close any open windows in Windows), Microsoft provides a free scanning tool – Microsoft Baseline Security Analyzer 2.2 (MBSA), which will scan your system and provide you with a report on your machine’s security, based on Microsoft security recommendations.

For reference purposes, I’ve gathered the following statistics from the Iolo  Threat Center. The Global System Status Details are based on 86,098 samples accumulated by Iolo since March 26, 2011. This data is in line with the data obtained from more comprehensive studies we’ve seen over the last several years.

PCs without active virus protection: 53.42%
PCs without active firewall protection: 20.88%
Average number of security flaws: 13.56

MBSA includes both a graphical and a command line interface, that can perform local or remote scans of Microsoft Windows systems.

Scanning Options:

For each scan, the following options can be enabled, or disabled, as needed, in the MBSA user interface:

Check for Windows administrative vulnerabilities – scans for security issues such as Guest account status, file-system type, available file shares, and members of the Administrators group.

Check for weak passwords –  checks computers for blank and weak passwords during a scan.

Check for Internet Information Services (IIS) administrative vulnerabilities.

Check for SQL administrative vulnerabilities – checks for the type of authentication mode, account password status, and service account memberships.

Check for security updates (missing updates) – scans for missing security updates for the products published to the Microsoft Update site only.

The two areas, in the report, you will find most useful as a home user, are:

Security misconfiguration (less secure settings and configurations).

Missing security updates and service packs (if any).

The report will provide you with specific steps to take, should the application find issues.

The following screen capture from my test machine, illustrates the partial results of a typical scan – click to expand to original size.

In order to run a scan with MBSA, you may need the IP address of your computer – an easy way to obtain this is here.

System Requirements: Windows 2000; Windows 7; Windows Server 2003; Windows Server 2008; Windows Server 2008 R2; Windows Vista; Windows XP; Windows XP Embedded. (32 bit and 64 bit).

Download at: Microsoft

Note: Microsoft recommends viewing the readme.html file, before running MBSA the first time. If you are a regular reader here, I don’t think this is necessary, but….

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.