For $19.95 Malwarebytes Anti-Malware PRO Munches Your Malware

Twenty bucks might buy you a beer or three, which would soon be flushed away – water under the bridge – so to speak. But, that same $20 will allow you to install Malwarebytes Anti-Malware on your computer – with a lifetime license no less.

Malwarebytes Anti-Malware has a justified reputation as a first class security application – based on it’s ability to identify and remove adware, Trojans, key-loggers, home page hijackers, and other malware threats.

Both the free version, and the commercial version, deserve the significant kudos regularly offered by seasoned security technologists. This application definitely munches on malware!

The free version of this outstanding application has always made my recommendation list as an integral part of a  layered security approach. But, since real time protection is disabled in the free version, I do not recommend the freeware version of Malwarebytes as a stand alone primary security application. Additionally, scheduled scanning, and scheduled updating are also disabled in the free version.

Malwarebytes Anti-Malware PRO:

A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run – for both less experienced and expert users alike, as the following screen captures indicate.

Select preferences.

Choose a scan type.

And – quick as a bunny – you’ve got the results. Malwarebytes Anti-Malware really is a speed demon.

A supplementary log is handy for a quick review.

Malwarebytes Anti-Malware PRO Features include:

Flash – Lightning fast scan speeds

Thorough – Full scans for all drives

Works Well With Others – Cooperative functionality

Puts YOU first! – Priority database updates

Puts Malware in the Slammer – Quarantine function holds threats and lets you restore at your convenience

Talk to the hand – Ignore list for both the scanner and Protection Module

For Your Pleasure – Customizable settings enhance performance

Lock It Down – Password protect key program settings

Chameleon – Gets Malwarebytes running when blocked

Toolbox – Extra utilities to help remove malware manually

Nitty Gritty – Command line support for quick scanning

RPP, Yeah You Know Me – Realtime Proactive Protection Module

Hablamos Everything! – Multi-lingual support (Klingon still in beta)

Support for XP, Vista, 7, and 8 (32-bit and 64-bit)

Systems Requirements: Windows Vista, Windows 7, Windows 8 (32 bit and 64 bit), Windows XP Service Pack 2 or later. Internet Explorer 6 or newer.

Multi-lingual support: English, Arabic, Bosnian, Bulgarian, Catalan, Chinese Simplified, Chinese Traditional, Croatian, Czech, Danish, Dutch, Estonian, Finnish, French, German, Greek, Hebrew, Hungarian, Italian, Latvian, Lithuanian, Macedonian, Norwegian, Polish, Portuguese (Brazil), Portuguese (Portugal), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Vietnamese.

Download at: MalwareBytes

As a full fledged security application, with all of its features unlocked; real-time protection, scheduled scanning, and scheduled updating, Malwarebytes’ Anti-Malware is a terrific value at $19.95 USD. Malwarebytes products come with a 30 day money-back guarantee.

Reader comments from previous MalwareBytes reviews –

G – I would definitely place Malwarebytes at the top of the list. I have had it find nasties when others have failed. I run it once a week on all of my machines.

Liam O’ Moulain – I’ve been using MBAM since you first recommended it sometime ago. I’m very satisfied.

Ranjan – Same case here as G. It took out a spyware which KIS is unable to detect even till now.. Many malware removal experts, in fact most, also recommend it.. So, it definitely deserves a place in one’s toolbox…

Kingpin – What can say!MBAM Pro is best that has happened to me. Like I said before I have the Pro version on all my 3 systems. MBAM Pro hasn’t let me down yet. The speed of scanning all files is pretty good too. On my regular system it plays along well with SAS Pro.

Mal – Not much to add, I have been using it a while now, great app. And I use SAS as well. Usually run them both just before I shutdown the computer for the night.

Checkout Your Internet Risk Factor With OPSWAT’s Free Security Score

Not an imaginary conversation.

Me – How are you handling all the crazy new cyber threats currently being thrown at us on the Internet?

She – I’m cool! I’ve got the best Anti-virus program there is (her reference – the neighbourhood geek.)

Me – Good to hear that. So, what are you doing to take care of the rest?

She – What rest?

Rinse, wash and repeat this conversation a thousand times – and, the “rest” almost always becomes the new focus of attention. As it should – it’s here, in an often murky area (at least to a typical user), that, that user, runs a major risk of stumbling.

Security – both physical and electronic – isn’t about eliminating all risk – if it was, you and I (on the physical side), wouldn’t cross the road. Similarly, in Internet security, we can’t eliminate all the risks – short of unplugging the connection. Instead, a more realistic approach requires that we focus our attention on eliminating as many known risks as possible (just as we do in the physical world.)

In other words – we need to engage with the proactive side of Internet security rather than continuing to focus on the reactive side – the, “I’ve got the best Anti-virus program there is” side.

Luckily, there’s a terrific little application – OPSWAT’s Security Score – that in a matter of just a few seconds, evaluates and sets out the “rest” – and, should the application determine that a security issue needs to be addressed, helpful tips/hints are provided.

Regular readers may remember that I first reviewed this application several months ago, and while I agreed in principal with the concept, the execution (in my view), was not up to standard. OPSWAT has since revised and expanded the application in such a way, that Security Score should be considered a “must have” addition to a security toolbox. Particularly for those users who are less familiar with the ever changing cyber threat landscape.

Let me backtrack just a little and put up a graphic from the first run through with Security Score, in April. As you can see, the application teased out a score of 60/100. A less than impressive score for a security professional.

Good News:

The issues which prevented Security Score from digging into the system in order to provide an authentic result have been addressed and, are reflected in the following graphic – June 7, 2013.

The above graphic indicates an encryption raw score of zero which reflects the fact that I choose not to use Windows BitLocker.

However, as I wrote in my previous review – “I don’t do full disk encryption. I do however, encrypt selected files/folders (a much better choice for most users in my view), using what has long been considered the premier free encryption application available – TrueCrypt. Still, it’s good to see that the application addresses an issue which often escapes the notice of less experienced users.

Since application and operating system patches are often neglected by average users, a key component in Security Score measures the users adherence to a patch management routine.

Often not considered as part of a layered security approach, system/file backup is, in fact, a key element in any such process. You’ll note from the following graphic that Security Score has picked up on my use of a number of backup schemes including Google Drive…..

and Microsoft’s SkyDrive.

As the following graphic indicates, I’ve been marked down slightly on AV coverage since the application cannot be aware that I substitute full on-board AV scans with weekly scans using a Linux Live CD.

Given the conditions that we are now forced to deal with on the Internet – active PC monitoring with a view to insuring the security status of the machine is in good order is not just a preference or a recommendation – it’s an absolute necessity.

Sure, you can do all that this application does, manually. Choosing this route however, one could increase the risk of possible shortcomings in an otherwise acceptable security strategy. So, do yourself a favor and install OPSWAT’s Security Score. Better yet, introduce your friends/relatives/co-workers, to this neat freebie – we’ll all be the better for that.

Download at: OPSWAT

How OPSWAT calculates your security score:

OPSWAT’s score calculation is based on security industry and market research reports, over ten years of expertise in the security field, and feedback from leading security technology vendors on the relative importance of the categories and status of security software.

OPSWAT’s Security Score Beta – NOT Ready for Primetime

The concept behind OPSWAT’s  Security Score (currently in Beta) – that is – active PC monitoring with a view to insuring the security status of the machine is in good order – has obvious value. In this case unfortunately, the execution could do with a shake-up. Let’s take a quick walkthrough.

As a security professional it came as more than just a mild surprise to see my test bed (a Win 8 reinstall just 2 days ago), pop out of this application with a dismal security score of 60/100, as shown in the following graphic. Yikes!!

BTW, I ran a series of identical tests – the results – identical – 60/100.

 

No, no, no – it won’t get away with it.  

Firewall:

The lack of response, in the application, to the Windows Firewall – I’m assuming that the Windows Firewall has not been certified by OPSWAT – is a head-shaker.

If I can make the argument that the majority of computer users are not particularly “PC savvy”, I suspect that a “Not Detected” notification might be cause for panic.

The reality – as the following graphic illustrates; Windows Firewall is up and running.

I’ll take 5 points back, thank you!

Hard Disk Encryption: Sorry – but, I don’t do full disk encryption. However, since I do encrypt selected files/folders (a much better choice for most users in my view), using what has long been considered the premier free encryption application available – TrueCrypt (shown below) – I’ll take my 10 points back, thank you.

Patch management: Now I’m insulted – sort of. I’m a bear for patch management!  

Secunia PSI, a free patch management application (again, perhaps the premier example of such software), begs to differ with OPSWAT’s  Security Score. This application, as it has for many years, runs in the background on all my machines.

I’ll take my 10 points back, thank you.

Todays score:

Public File Sharing: Yes, I do run a torrent application on this machine but, not all file sharing is illegal. To the contrary – virtually all file sharing is legal.

I’ll take my 5 points back, thank you.

Antivirus score – 18/30: During the system reinstall on this machine, on the recommendation of super user and regular reader Bob Gostischa, I installed avast! Free Antivirus (substituting for AVG Free – a great app too). Much to my delight, incidentally.

avast! Free Antivirus, has been, and continues to be, an exceptional free application ( a quarter of a Billion downloads on CNET alone, speaks to that) – so, an OPSWAT certification of “Bronze” puzzles me. I’m not suggestion that popularity equates to an effective solution – we all know better.

Equally however, many of us do know that avast! Free Antivirus is a very effective solution.

Since OPSWAT suggests that the user may well be better off substituting the installed security application with an OPSWAT certified higher level product, let me counter-suggest that the developer provide access to an explanation of the certification process and, the testing methodology.

In this particular case, OPSWAT’s assessment of avast! Free Antivirus falls short of the generally accepted view as to this application’s effectiveness. I know that, and I suspect that you do as well – but, a typical computer user may not.

avast! Free Antivirus – My new number one.

I’ve long been a fan and a strong supporter of OPSWAT, and continue to be – with good reason – the company provides a series of superb free products which techies have come to rely on. AppRemover, as well as Metascan Online and Secure Virtual Desktop.

Yep – I realize this application is in Beta – but, there are Betas and then there are Betas. In the past few years, we have gotten quite use to the “Beta” that for all practical purposes, represents a fully functioning product. This is not one of them. Nice presentation, but…………….

I like the idea – so c’mon guys, hurry with a fix.

I have no doubt that this application will be brought up to the standard we have come to expect from OPSWAT. But, in its current state of Beta, this application provides neither accurate, nor complete information. Incidentally, I awarded myself a 10 point bonus just for the sheer aggravation.  

If you want to take this one out for a test drive, you can download the application here. If you do so, I’d be interested in hearing about the results.

Ransomware! – How A Layered Security Approach Can Defeat It

My Australian mate, Mal Cowan, steps into the breech when his good friend gets infected with one of the most difficult to remove pieces of malware currently ripping up the Internet – ransomware. Follow Mal, in this guest writer article, as he spins up his skill set and puts the hammer to a ransomware payload cybercrime.

Recently, I received a frantic call from a good friend.  He informed me that when he booted his computer, there was a message supposedly from Australian Law Enforcement, stating that his PC had been involved in illegal activity and, distributing pornographic material.

Freak-out time – The malware had taken a photo of him via his webcam and placed it in the top  middle of the Law Enforcement notice.

Note: This scam is not restricted to Australia. The graphic below provides ample evidence that this type of ransomware is a global issue.

Graphic courtesy of F-Secure.

Immediately, I knew what this program was – Ransomware.  Tech and blog sites have been full of news of this scourge in the past few months.

At first look, there was a full screen message – complete with an official looking logo from the Australian Federal Police.  The computer’s IP address had been logged, and there was indeed a photo of my friend, along with the messages outlined above.

The clincher? The message stated that he had to pay a fine to unlock his computer.

First, I tried to start Task Manager to stop the malware process.  That did not work – it simply would not load.  The computer was well and truly locked.

Next, I tried to restart the computer in Safe Mode.  No luck.  The message appeared again.  Still frozen.

Then, I inserted Kaspersky Rescue Disk (a fantastic Linux based recovery disk made for just this type of situation), and restarted the computer.

Selecting boot options before Windows started, I loaded Kaspersky and updated the malware database via the Internet.  The wonderful thing about Kaspersky is, it scans the infected machine without Windows running, so anything nasty cannot hide.

After a three hour scan, Kaspersky came up with 50 Trojan detections (one of the biggest I have ever seen).  It was able to eliminate all but one of them.

I crossed my fingers and restarted Windows.  Instead of the message, there was just a big white screen – still locked.  Kaspersky had obviously made a dent, but I needed something more.

Before leaving for my friends house, I had loaded up a USB stick with Hitman Pro Kickstart.  Hitman Pro is a wonderful true cloud antivirus scanner using multiple AV engines, with an excellent detection rate.

Recently, it also added a feature in which one can create a bootable USB stick that can bypasses the infected boot process.  The catch is – this must be done on an uninfected machine (which is why I used my personal computer to create it).

I inserted the USB stick into the slot, restarted the machine, and went to boot options (the F12 key on the infected machine) and selected “Boot from USB”.

Hitman Pro Kickstart came through.  It booted straight into the Windows environment without a hitch, and then proceeded to run a scan (an Internet connection is required).  I was a bit dismayed when the scan came back clean, as I knew Kaspersky had not been able to eliminate one threat.

But now, I was past the ransomware Trojan and able to start other antimalware applications.  Malwarebytes was next.  I updated it and proceeded to run a full scan.  Bingo.  It nailed a few more Trojans that had got past Kaspersky and Hitman Pro, and after deleting these nasties and rebooting the computer normally again, a further scan with Hitman Pro, Malwarebytes and AVG, the computer came up clean.

The point of my story really is quite simple.  NOBODY can rely on one antivirus/antimalware application to catch all malware.  The ransomware obviously got past the onboard, realtime antivirus (which was not AVG, I installed that afterwards).  Kaspersky detected most of the infections, Hitman Pro helped me boot into the Windows environment, and Malwarebytes cleaned up the rest.  AVG came up with a clean scan after I uninstalled the old antivirus.

How did my friend get infected?  Who knows.  There are so many exploits that this Trojan could have used that I don’t have a clue.  The computer is a family machine, used mostly by children for online games and such.

Just visiting a family friendly site can get your computer infected these days. It could have been worse.  It might have been an infection that actually encrypted the contents of the whole computer.  That’s a nightmare I am glad I didn’t have to deal with.

Thanks Mal.  

Free Security Software Downloader – Download Multiple Security Apps And Tools In One Go

If you’re into helping your less experienced friends/relatives deal with computer issues, then I think you’ll find that Security Software Downloader (SSDownloader) is a terrific way to help those less experienced users install the freeware security applications that you know, through experience, are a “must have”.

Talk about small!

Security Software Downloader is a tiny open source executable (669KB) – designed specifically as a bulk download manager which focuses on security applications and, security related specialty tools.

A quick walkthrough –

The tab based user interface – Free Antivirus, Security Suites (Trial Versions), Malware Removal, Firewalls, and Other Tools, is uncomplicated and checkbox simple.

In the first screen grab, referencing “Free Antivirus”, I’ve selected three popular applications for download. Notice the languages which are available, as well as the OS “auto detect” feature. According to the developer – changing the language will automatically download your selection/s in the chosen language.

Total download time – 2:37.

The default download location is the Desktop. You will however, have a chance to select an alternative location.

For this test, I’ve bypassed the Trial Versions opportunity. Still, there’s a good selection of well know applications to choose from.

In this screen capture, you’ll note that I’ve focused on two tools which, I know from experience, can get the job done with a minimum of fuss.

From the “Other tools” menu, I’ve selected three more applications which have served me well in the past.

As each download is completed, a system notification area popup, tells the tale – as illustrated below.

Fast facts:

• Download the most popular free and paid security software with only one click.
• Don’t worry about OS or 32bit/64bit, the right version will be automatically downloaded.
• Stay up to date, the newest versions of the selected software will be downloaded.
• Choose what you want to download and you will see a notification as soon as your download/s finish.

System requirements: Windows XP, Vista, Win 7 (32 bit and 64 bit). Tested on Win 8.

Download at: Sourceforge

For those of us who are geek inclined, SSDownloader (especially given its small footprint), would make a nice addition to a Flash drive toolbox.

Download times will be system specific. In this case, I ran on a 1.7 MB/sec  connection.

It’s Banking Day at the Ranch and a Linux Live CD is in the Saddle!

I’ve maintained for years, that I treat my Windows machines as if they have already been compromised – a position that has left me open to some criticism. I’ll take the criticism – I’d rather be safe than sorry.

If you’re a regular reader of Tech Thoughts Daily Net News column then, you’re probably aware that the following items from last week (below the break), are not in the least unusual. In fact, notification of security breaches, or unpatched vulnerabilities that are weeks or months old, are now commonplace.

A legitimate question is – how likely were you to have been affected by any of the unpatched flaws – as noted below – or, the scores of similar long-standing vulnerabilities published in Tech Thoughts Daily Net News over the last few years?

I’ll grant you that “not very likely”, is a reasonable assumption. Still, the question remains – how do you know that you’re not already compromised by a yet to be disclosed vulnerability? Something to think about.

————————————————————————————————–

Eight-month WordPress flaw responsible for Yahoo mail breach: Bitdefender – A cross-site scripting flaw that saw some Yahoo email users lose control of their accounts has now been traced back to a WordPress installation that was not patched for at least eight months.

Serious security holes fixed in Opera – but Mac App Store users left at risk again – It should go without saying that if you use Opera, you should update to version 12.13 as soon as possible. But… what if you didn’t get your copy of Opera from the official website? What if, instead, you acquired your version of Opera for Mac from Apple’s Mac App Store?

Symantec denies blame after Chinese govt hacks The New York Times – After one of the world’s most famous newspapers points the finger at Symantec for failing to protect its network against a four-month long Chinese cyberattack, the security firm returns fire –

Symantec:

“Turning on only the signature-based anti-virus components of endpoint solutions alone are not enough in a world that is changing daily from attacks and threats. We encourage customers to be very aggressive in deploying solutions that offer a combined approach to security.”

I found Symantec’s response more than interesting. This is the first time that I can recall, that a major security vendor has gone on record and suggested that their product, as a stand alone solution, should not be expected to identify and contain each and every conceivable threat.

I couldn’t agree more and, I have made that point consistently, for years.

—————————————————————————————————

Initially, I had no intention of writing such a long introduction to a simple review – but, my continuing disappointment in the computer technology industry as a whole, whose overall response to an epidemic of criminal activity, runs along the same lines as that old time movie – Jaws – in which one of the plot lines revolves around keeping people in the water (despite the evident danger from a Great White shark) since to do otherwise, would be bad for business, got the better of me. Perhaps not the best analogy – but, it works for me.

I have a sign on the wall above my desk that reads – Bullshit in = Bullshit out. I can’t think of a more fitting epitaph for the current state of affairs in an industry rife with misinformation, misdirection, hype, and sheer outrageous bullshit.

I’m not a gloom and doom guy – but, market forces are such, that a little crystal ball gazing has convinced me that the status quo is as stable as the Rock of Gibraltar. In other words, if you want to be safe on the Internet, then accept the fact that you’re on your own.

—————————————————————————————————

It’s Banking Day at the Ranch and a Linux Live CD is in the Saddle!

While connected to the Internet, just like you, I face exposure to Trojans, spyware, viruses, phishing scams, identity theft, scam artists, schemers and cyber crooks lurking in the shadows, just waiting to make me a victim. Even so, the odds of me picking up a malware infection, or being scammed, are fairly low. Am I just lucky, or is it more than that?

To some extent I might be lucky – but, it takes much more than luck to stay safe on the Internet. For me – it really boils down to prevention. Preventing cybercriminals from getting a foothold by being vigilant and adhering scrupulously to fundamental security precautions, including –

A fully patched operating system.

A robust firewall.

Automatically updated anti-virus and anti-spyware software.

Increased Internet Browser protection through selected add-ons.

Encryption where necessary.

and, most importantly never forgetting to – Stop. Think. Click.

Despite all those security precautions though, there’s one connected activity that still concerns me – online banking. Regardless of the fact that I choose my Internet banking provider based partially on it’s low profile, I’m not entirely relying on this low profile as a guarantee that cybercriminals will not target my provider.

The inescapable fact remains; I am my own best protection while conducting financial transactions on the Internet. Frankly, I’m not convinced that financial institutions are where they need to be when it comes to protecting their online customers.

Despite my best efforts, it’s possible that malicious code may be installed on my computer – ready to pounce on my banking user account names, and passwords. Which is why, I have long made it a practice to conduct my financial affairs on the Internet via a self-booting Linux Live CD. Since a Linux Live CD is read-only media, the environment (running entirely in RAM), should be more secure than Windows.

I’m not suggestion that Linux systems are impervious to malware (I know better than to make that claim) – but, since the majority of malware is Windows specific, banking online through a Linux Live CD should offer a more secure environment.

If you can click a mouse – then, you’re good to go. It’s that easy. Today’s Linux distros are not your Granny’s Linux.

I’m not suggesting that you replace your Windows operating system and jump with both feet into Linux. That’s impractical. What is not impractical however is – running with Linux on those occasions when you do your Internet banking.

Recommended Linux Live CDs:

Puppy Linux – A complete operating system with suite of GUI apps, only about 70 – 140MB, and boots directly off the CD. I should point out that Puppy is my personal favorite.

Damn Small Linux – Damn Small Linux is a very versatile 50MB mini desktop oriented Linux distribution.

Fedora – Fedora is a fast, stable, and powerful operating system for everyday use built by a worldwide community of friends. It’s completely free to use, study, and share.

Ubuntu – Fast, secure and easy-to-use.

Lightweight Portable Security (LPS) – A Linux distro from the US Department of Defense. Lightweight Portable Security (LPS) creates a secure end node from trusted media on almost any Intel-based computer (PC or Mac). LPS boots a thin Linux operating system from a CD or USB flash stick without mounting a local hard drive.

Zemana AntiLogger – Free One Year License Today At Glarysoft Giveaway

Back in the day, when I had an interest in sponsoring giveaways, I sponsored a giveaway on behalf of  Zemana AntiLogger. Without a doubt, this was the most professional giveaway I have ever had the pleasure in sponsoring. Zemana set up a special page on their site, specifically designed for the sponsored giveaway which led to 2000+ downloads through that page.

I’ve long considered Zemana AntiLogger a must have security application for my Internet connected machines. In fact, I would never connect my web cam without first ensuring that Zemana AntiLogger was up and running. To drive home that point (and others), I’ve reviewed this application several times.

Today only, a one year license is available at no cost through Glarysoft  (the Glary Utilities folks). Rather than reinvent the wheel, it seems appropriate to rerun the following review which was initially posted January 9, 2010.

Take a read, see what you think – and, if you’re convinced that Zemana AntiLogger would be a worthwhile addition to your overall security structure then, take a run over to Glarysoft and download this super security application.

Note: During my initial testing of this application, I ran a series of Anti-Keylogger tests, including tests for web cam penetration. All test methods were defeated by Zemana AntiLogger.

____________________________________________________

Zemana AntiLogger – An Ounce of Prevention

Benjamin Franklin could have been talking about the Internet, and malware, when he reportedly said – “An ounce of prevention is worth a pound of cure.”

Curing a malware infection caused by today’s sophisticated malware is much more difficult than it has ever been, and I’m convinced, that removing the malware we’re going to have to contend with in 2010, will be incrementally harder still.

Even today, malware tends to write itself into multiple parts of the operating system, and in many cases it can hide its files, registry entries, running process and services, making the infection virtually impossible to find, and remove, without causing operating system damage.

In the coming year, an average computer user who has to deal with even more complex malware infections, will be left with little choice other than having the infected machine worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage.

We’ve previously discussed Keylogger malware here, and how to employ an ounce of prevention by using highly regarded SnoopFree Privacy Shield, a free application, which unfortunately, is compatible with Windows XP only.

Because Keyloggers, a particularly sinister type of malware, that monitors every keystroke a user types on a computer’s keyboard, are often executed as part of a rootkit, or a remote administration (RAT) Trojan horse, they can be extremely difficult to detect, and remove.

While it’s true, that many good quality malware and spyware detection tools should capture Keyloggers, and a properly configured Firewall should prevent all authorized connections, the reality is – this is NOT always the case. Keyloggers in fact, can disable Firewalls and anti-malware tools.

Since my personal home machines now run on Windows 7, I can no longer protect against Keyloggers using SnoopFree Privacy Shield, so I had to find an alternative. Unfortunately, I could not find a freeware substitute application. However, I did find a competitively priced application, Zemana AntiLogger, following a reader’s recommendation, which I’ve been testing for a week or so.

I was immediately impressed by this application, particularly the system defense function. The application intercepted proposed changes to system files NOT picked up by other security applications on my system.

Since I use a Webcam extensively for communicating, I was more than happy to see the active Webcam protection offered by Zemana AntiLogger, which was immediately apparent.

Test Screens:

This is an example of a Zemana warning, triggered by my launching an anonymous proxy application which by design, injects code into my primary Browser. By checking an appropriate check box I established a rule, permitting this action in future.

This is an example of a Zemana warning, triggered by my updating both Microsoft Security Essentials and Malwarebytes definition databases which, in each case, will make changes to system files. Simply checking a check box establishes a rule, which will permit this action in future.

This is an example of a Zemana warning, triggered by a screen capture utility I was in the process of using. If this had been an illegal activity. I would of course, have received the same warning. Again, simply checking a check box establishes a rule, which will permit this action, by this utility, in future.

Fast facts:

Secure your Internet banking and financial transactions

Protect information in emails and Instant Messages

Protect keystrokes from spyware

Protect all screen images

Webcam Logger protection

System Defense

No need to download latest virus signatures

No need to know or detect the malware’s signature

No need to wait for updates from a virus lab

No need to scan files

Proactively looks for suspicious activity

Catches not just the usual suspects, but also sophisticated “zero day” malware

Prevents theft of data via secure connections (HTTPS / SSL)

Does not slow down your PC

Easy to download, install and use

Future-proof

System requirements: Windows XP with Service Pack 2 or higher (32bit and 64bit). Vista (32bit and 64bit). Windows 7 (32bit and 64bit). Windows 8 (32bit and 64bit).

If keylogger protection, and maintaining your privacy is a concern, you might consider adding this application to your security toolbox.

Download at: Glarysoft

Please note the following terms and conditions:

No free technical support. No free upgrades to future versions. Strictly non-commercial usage.

Malware Hunting? Checkout These 20 + Free Tools Designed To Destroy Tough Malware

Choosing and using the right tool, which has been designed specifically for the job at hand, is obviously a levelheaded approach. Still, I’ll wager that you can conjure up more than one occasion when you’ve encountered the “one tool for all purposes” mindset – the so-called “Birmingham Screwdriver” effect – “If it doesn’t work – hit it. If it still doesn’t work, use a bigger hammer.”

The Birmingham Screwdriver approach, taken by many AV solutions, may not always be the most appropriate approach to eradicating a tough malware problem – a specially designed application which targets specific classes of malware may be a better solution.

The following tools have been specifically designed to help skilled users better identify malware infections and then, eradicate (hopefully), those specific infections. These tools require advanced computer knowledge – unless you feel confident in your diagnostic skills, you should avoid them.

Just to be clear – not all of these tools are “one-click simple” to decipher, and users need to be particularly mindful of false positives.

Should you choose to add these applications to your antimalware toolbox, be aware that you will need the latest updated version for maximum impact.

Note: Many of the following tools have been tested and reviewed here previously.

Emsisoft HiJackFree

The program operates as a detailed system analysis tool that can help you in the detection and removal of Hijackers, Spyware, Adware, Trojans, Worms, and other malware. It doesn’t offer live protection but instead, it examines your system, determines if it’s been infected, and then allows you to wipe out the malware.

Runscanner

If you’re a malware hunter, and you’re in the market for a free system utility which will scan your system for running programs, autostart locations, drivers, services and hijack points, then Runscanner should make your shortlist. The developers of Runscanner describe this freeware utility as having been designed to “detect changes and misconfigurations in your system caused by spyware, viruses, or human error.”

HijackThis

HijackThis is a free utility which heuristically scans your computer to find settings that may have been changed by homepage hijackers, spyware, other malware, or even unwanted programs. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer. The program doesn’t target specific programs, but instead it analyses registry and file settings, and then targets the methods used by cyber-crooks. After you scan your computer, HijackThis creates a report, and a log file (if you choose to do so), with the results of the scan.

RKill

RKill is a program developed at BleepingComputer.com – “It was created so that we could have an easy to use tool that kills known processes that stop the use of our normal anti-malware applications. Simple as that. Nothing fancy. Just kill known malware processes so that anti-malware programs can do their job.”

Emsisoft BlitzBlank

BlitzBlank is a tool for experienced users and all those who must deal with Malware on a daily basis. Malware infections are not always easy to clean up. In more and more cases it is almost impossible to delete a Malware file while Windows is running. BlitzBlank deletes files, Registry entries and drivers at boot time before Windows and all other programs are loaded.

McAfee Labs Stinger

Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.

Specialty Removal Tools From BitDefender

28 special removal tools from Bitdefender.  On the page – click on “Removal Tools”.

Microsoft Malicious Software Removal Tool

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

NoVirusThanks

NoVirusThanks Malware Remover is an application designed to detect and remove specific malware, Trojans, worms and other malicious threats that can damage your computer. It can also detect and remove rogue security software, spyware and adware. This program is not an Antivirus and does not protect you in real time, but it can help you to detect and remove Trojans, spywares and rogue security software installed in your computer.

Norton Power Eraser

Symantec describes Norton Power Eraser in part, as a tool that “takes on difficult to detect crimeware known as scareware or rogueware. The Norton Power Eraser is specially designed to aggressively target and eliminate this type of crimeware and restore your PC back to health.”

FreeFixer

FreeFixer is a general purpose removal tool which will help you to delete potentially unwanted software, such as adware, spyware, Trojans, viruses and worms. FreeFixer works by scanning a large number of locations where unwanted software has a known record of appearing or leaving traces. FreeFixer does not know what is good or bad so the scan result will contain both files and settings that you want to keep and perhaps some that you want to remove.

Rootkit Tools:

If you think you might have hidden malware on your system, I recommend that you run multiple rootkit detectors. Much like anti-spyware programs, no one program catches everything.

IceSword

IceSword is a very powerful software application that will scan your computer for rootkits. It also displays hidden processes and resources on your system that you would be unlikely to find in any other Windows Explorer like program. Because of the amount of information presented in the application, please note that IceSword was designed for more advanced users.

GMER

This freeware tool is essentially a combination of Sysinternals’ Rootkit Revealer and Process Explorer. The program can list running processes, modules and Windows services, in addition to scanning for the presence of rootkits.

Special mention 1:

MalwareBytes – In addition to its superb free AV application, MalwareBytes offers a basket full of specialty tools. The following application descriptions have been taken from the site.

Chameleon

Malwarebytes Chameleon technology gets Malwarebytes running when blocked by malicious programs.

Malwarebytes Anti-Rootkit BETA

Malwarebytes Anti-Rootkit removes the latest rootkits.

FileASSASSIN

FileASSASSIN can eradicate any type of locked files from your computer.

RegASSASSIN

RegASSASSIN removes malware-placed registry keys in two simple steps – just reset permissions and delete! This powerful and portable application makes hard-to-remove registry keys a thing of the past.

Special mention 2:

A Rescue Disk (Live CD), which I like to think of as the “SWAT Team” of antimalware solutions – is an important addition to your malware toolbox. More often than not, a Live CD can help you kill malware DEAD!

Avira AntiVir Rescue System – The Avira AntiVir Rescue System a Linux-based application that allows accessing computers that cannot be booted anymore. Thus it is possible to repair a damaged system, to rescue data or to scan the system for virus infections.

Kaspersky Rescue Disk – Boot from the Kaspersky Rescue Disk to scan and remove threats from an infected computer without the risk of infecting other files or computers.

Microsoft Security Essentials – Breaking Up Is Hard To Do – But, It’s Over; You’re Gone

Sadly, Microsoft Security Essentials and I have had a falling out. We’re through – it’s over – that’s it. It’s broken the cardinal rule I’ve long established for all my applications – trust that it will perform as advertised.

It’s been replaced in my affection by another – one that lives up to its billing –  AVG AntiVirus Free 2013. Microsoft Security Essentials no longer does.

Frankly, I’ve avoided AVG’s products for years – with good cause I think. Applications that are slow, cumbersome, updates that crash systems ….. have a way of ending up in file 13 (the garbage), around here. In the past, AVG’s products were known for all of that, and more. It had its defenders of course, but I was not one of them.

As MSE has slowly lost its touch, AVG has bounded ahead. It’s sleek; it’s fast; it’s free – and, in the latest AV-Test.org’s (see AV-Test.org’s full results here), it pummels MSE – again.

In fact, for the second testing cycle in a row – Microsoft Security Essentials has failed certification as an effective security application.

Quick overview of AVG AntiVirus Free’s salient score points. Click graphic to expand.

Courtesy – AV-Test.org.

I’ve been running with AVG AntiVirus Free 2013 on a primary home system (a Windows 8 machine), since September 5, of last year. The verdict? I’m impressed – very impressed.

As you can see from the following screen shot, AVG AntiVirus Free offers substantial protection – not quite up to the standard of the company’s paid applications – but, more than enough (in my view), that an aware user should feel comfortable.

Keep in mind, that an educated user understands the limitations of relying on a single security application and, is conversant with the principal of layered security.

Windows 8 users will notice that the GUI (as shown below) owes a little something to Windows 8’s Metro (or whatever MS is calling it these days) GUI.

Multiple choices are available in the settings menu so that users can tweak and massage the application to meet their specific needs. I must admit – that was a major positive for me.

Running a scan: As is my practice – I run a complete scan on my machine’s boot drive every day. And a full scan on all attached drives, weekly.

Running a scan: 60 GB SSD – particulars as shown below.

Scanning time – just under 5 minutes with “High Priority” set.

Slip in a USB device – and….

System requirements: Windows 8, Windows 7, Windows Vista, Windows XP.

Download at: AVG

A Major Bonus – From the site:

It’s not just the software that’s free. So too is phone access to our team of support experts 24/7, 365 days a year (USA, UK, Canada). Kudos to AVG!!

You’ll notice a basket-full of additional free AVG products on the download page – you just might find something that fills a gap in your overall security plan.

Whether you’re an experienced user, or you consider yourself “average”, I recommend that you spend some time scouting around the application’s GUI – there’s lots to be discovered here. All of it good. 

Sandboxie! – Think INSIDE The Box!

Wouldn’t it be terrific if, following a mistake which led to malware making its way on to your computer, you could wave a magic wand, utter the words – “get thee gone” – and, quick as you like – no more malware infection?

Luckily, you can do just that. You don’t have to be a mage or a magician – you don’t have to deliver a magic enchantment – but, you do need to be running a sandbox based isolation application.

And that, brings me to Sandboxie (last updated December 16, 2012) – the King of isolation applications in Geek territory. Rather than geek you into the land of nod – today’s review is what I like to refer to as a “soft review”.

Simply put, Sandboxie, when active, creates a virtual environment (of a sort), on a computer by redirecting all system and application changes, to an unused location on a Hard Drive. These changes can be permanently saved to disk or, completely discarded.

A case in point for isolating web surfing:

While surfing the Net, an inexperienced user mistakenly accepts an invitation to install a scareware application but realizes, after the fact, that this is a scam. Operating in a “real” environment, the damage, unfortunately, would already have been done.

Operating in an isolated environment with Sandboxie active; the system changes made by this parasite could be completely discarded – since the attack occurred in a – “I’m not really here” environment .

An obvious part of reviewing an application is, providing a technical breakdown of just how an application gets the job done – or, in some cases how/why an application doesn’t quite get it done.

It’s not often that I get caught between the proverbial “rock and a hard place” in terms of illustrating an application’s aptitude in getting the task accomplished. In this case however, Ronen Tzur, Sandboxie’s developer, has taken the expression – a picture is worth a thousand words – and definitely run with it.

From the site: Introducing Sandboxie

Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.

The red arrows indicate changes flowing from a running program into your computer. The box labeled Hard disk (no sandbox) shows changes by a program running normally.

The box labeled Hard disk (with sandbox) shows changes by a program running under Sandboxie. The animation illustrates that Sandboxie is able to intercept the changes and isolate them within a sandbox, depicted as a yellow rectangle. It also illustrates that grouping the changes together makes it easy to delete all of them at once.

Fast facts:

Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.

Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don’t leak into Windows.

Secure E-mail: Viruses and other malicious software that might be hiding in your email can’t break out of the sandbox and can’t infect your real system.

Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox.

The developer has provided a clear and concise Getting Started tutorial – which includes:

How to to use Sandboxie to run your applications.

How the changes are trapped in the sandbox.

How to recover important files and documents out of the sandbox.

How to delete the sandbox.

System requirements: Windows XP, Vista, Win 7 (32 and 64 bit), Win 8 (32 and 64 bit).

Available languages: English, Albanian, Arabic, Chinese (Simplified and Traditional), Czech, Danish, Estonian, Finnish, French, German, Greek, Hebrew, Indonesian, Italian, Japanese, Korean, Macedonian, Polish, Portuguese (Brazil and Portugal), Russian, Spanish, Swedish, Turkish, and Ukrainian.

Download at: Sandboxie

A Caveat: You may run with Sandboxie free of charge – but, once past the initial 30 days, you will be reminded that a lifetime licensed version is available for € 29 (approximately $38 USD at today’s conversion rate).