Category Archives: Computer Audit Applications

Lift The Hood On Your PC – Take a Peek With These 5 Free System Information Utilities

imageIf you think developing information, including diagnostics, on your computer’s operating system and hardware is a tough task, you can relax. Here are 5 small, free applications, that make it easy to probe your computer system and create a detailed profile which can include hardware, installed software – motherboard, CPU and GPU specs, remaining drive space, and your operating system security hotfixes – and a lot more.

Belarc Advisor 8.2.7.14:

Belarc Advisor is a free program that automatically generates a detailed audit report of the hardware and software on your computer. It records essential information such as, operating system and processor details, the amount of RAM installed, and drive specifications.

image

The report also includes a comprehensive list of the software installed on your system, as well as software license numbers and product keys. In addition, it lists the status of the Microsoft hotfixes on your system. If any hotfixes need reinstalling, you will be advised of this.

The results are displayed in a formatted HTML report. The report is clearly formatted for ease of understanding and divided into appropriate categories. Hyperlinks within the report allow you to quickly navigate to different parts of the document, find out more about a particular hotfix entry, or see where a listed software product is installed.

All of your PC profile information is kept private on your PC and is not sent to any web server.

System Requirements: Windows 8, Windows 7, Vista, 2003, XP. Both 32-bit and 64-bit Windows support.

Download at: MajorGeeks

LookInMyPC 2.10.3.158

LookInMyPC is a free application which, like Belarc Advisor, records essential information such as, operating system and processor details, the amount of RAM installed, drive specifications and so on. But, it digs much, much, deeper.

image

The following graphic shows a very small (I do mean very small) portion of a scan result, run on my test platform. The data shown here is pretty standard stuff.

image

System requirements: Windows 2000, XP, 2003/8, Vista, Windows 7, Windows 8.

Download at: MajorGeeks

A portable version is also available.

SIW (System Info) 2011.10.29i

SIW is an advanced System Information utility that analyzes your computer and gathers detailed information about system properties and settings and displays it in a very comprehensive manner.

image

The data generated is divided into major categories:

Software Information: Operating System, Software Licenses (Product Keys / Serial Numbers / CD Key), Installed Software and Hotfixes, Processes, Services, Users, Open Files, System Uptime, Installed Codecs, Passwords Recovery, Server Configuration.

Hardware Information: Motherboard, CPU, Sensors, BIOS, chipset, PCI/AGP, USB and ISA/PnP Devices, Memory, Video Card, Monitor, Disk Drives, CD/DVD Devices, SCSI Devices, S.M.A.R.T., Ports, Printers.

Network Information: Network Cards, Network Shares, currently active Network Connections, Open Ports.

Network Tools: MAC Address Changer, Neighborhood Scan, Ping, Trace, Statistics, Broadband Speed Test

Miscellaneous Tools: Eureka! (Reveal lost passwords hidden behind asterisks), Monitor Test, Shutdown / Restart.

Real-time monitors: CPU, Memory, Page File usage and Network Traffic.

System requirements: Windows 7, Vista, XP, 2000

Download at: MajorGeeks

Speccy 1.17.340

Speccy (from our good friends over at Piriform – the CCleaner guys), is not quite as comprehensive as the applications described previously. Even so, you can count on this free application to provide you with detailed statistics on every piece of hardware in your computer. Including CPU, Motherboard, RAM, Graphics Cards, Hard Disks, Optical Drives, Audio support. Additionally Speccy adds the temperatures of your different components, so you can easily see if there’s a problem.

Typical info screens.

image

image

image

System requirements: Windows 8, Windows 7, Vista and XP (32-bit and 64-bit)

Download at: MajorGeeks

PC Wizard 2012.2.10

PC Wizard has been designed for hardware detection but, it really shines in analysis and system benchmarking. It will analyze and benchmark CPU performance, Cache performance, RAM performance, Hard Disk performance, CD/DVD-ROM performance, Removable/FLASH Media performance, Video performance, and MP3 compression performance.

Typical info screens.

image

image

image

System requirements: Windows 8, Windows 7, Vista, XP (32-bit and 64-bit)

Download at: MajorGeeks

9 Comments

Filed under 64 Bit Software, Computer Audit Applications, Diagnostic Software, downloads, Freeware, Geek Software and Tools

Check Your Windows System For Vulnerabilities With Microsoft’s Free Baseline Security Analyzer

imageIf you’re a regular reader here, this post will serve as a reminder that scanning for system vulnerabilities from time to time, is a prudent practice.

To help you assess the overall state of security on your computer (and close any open windows in Windows), Microsoft provides a free scanning tool – Microsoft Baseline Security Analyzer (MBSA), which will scan your system, and provide you with a report on your machine’s security – based on Microsoft’s security recommendations.

It’s important to remember that changes in system configuration may require additional use of MBSA in order to check the new configuration for compliance. This is particularly true when installing applications, or adding new optional components, which may install programs that have not been updated with the latest fixes.

For reference purposes, I’ve gathered the following statistics from the Iolo  Threat Center as of October 14, 2011. This data is in line with the data obtained from more comprehensive studies we’ve seen over the last several years.

image

October 14, 2011.

PCs without active virus protection: 56.16%
PCs without active firewall protection: 36.11%
Average number of security flaws: 29.44

If we contrast this data with Iolo’s Global System Status Details as of March 26, 2011, it appears as if we’re on a slippery slope.

March 26, 2011.

PCs without active virus protection: 53.42%
PCs without active firewall protection: 20.88%
Average number of security flaws: 13.56

_________________________________________________________

MBSA includes both a graphical and a command line interface, that can perform local or remote scans of Microsoft Windows systems. For this post I’ll focus on the graphical interface.

MBSA is capable of scanning not only a stand-alone system, but multiple systems as well.

image

The GUI is straightforward, and as you can see in the following screen capture – checkbox simple.

image

Scanning Options:

For each scan, the following options can be enabled, or disabled, as needed, in the MBSA user interface:

Check for Windows administrative vulnerabilities – scans for security issues such as Guest account status, file-system type, available file shares, and members of the Administrators group.

Check for weak passwords –  checks computers for blank and weak passwords during a scan.

Check for Internet Information Services (IIS) administrative vulnerabilities.

Check for SQL administrative vulnerabilities – checks for the type of authentication mode, account password status, and service account memberships.

Check for security updates (missing updates) – scans for missing security updates for the products published to the Microsoft Update site only.

image

The two areas, in the report, you will find most useful as a home user, are:

Security misconfiguration (less secure settings and configurations).

Missing security updates and service packs (if any).

The report will provide you with specific steps to take, should the application find issues.

The following screen capture from my test machine, illustrates the partial results of a typical scan – click to expand to original size.

image

In this test scan, MBSA has discovered – “2 service packs or update rollups are missing”. Clicking on – “Result details” brought up the following dialogue box and, as you can see, both IE 9 and Win 7 Service Pack 1, are not installed.

image

Microsoft didn’t leave me hanging though. Instead, simply clicking “How to correct this”,  brought up the following Microsoft help page which lays out an easy solution.

image

The following screen capture illustrates a portion of the report covering Administrative Vulnerabilities. In this area, you may find reminders that Microsoft may not necessarily agree with your personal preferences. Certainly, a number of mind rated a caution.

Should you find similar cautions following your scan, there’s no need to worry. Clicking on “How to correct this” for additional information, will help you determine if your personal preferences are safe. You may feel comfortable with your choices, despite Microsoft’s advice to the contrary.

Remember, you’re the boss.   Smile

image

In order to run a scan with MBSA, you may need the IP address of your computer – an easy way to obtain this is here.

System Requirements: Windows 2000; Windows 7; Windows Server 2003; Windows Server 2008; Windows Server 2008 R2; Windows Vista; Windows XP; Windows XP Embedded. (32 bit and 64 bit).

Available languages: English, German, French, Japanese.

Download at: Microsoft

Note: Microsoft recommends viewing the readme.html file, before running MBSA the first time. If you are a regular reader here, I don’t think this is necessary, but….

7 Comments

Filed under 64 Bit Software, Computer Audit Applications, downloads, Freeware, Microsoft, Security Rating Applications, Windows Tips and Tools

Free FileHippo Update Checker – Excellent Alternative To Secunia PSI

I gotta love the regular readers here – they definitely keep me on my toes. Based on a recent article – Not Running Secunia PSI? Why Not? – a number of readers had the same question (both in comments and privately); what about FileHippo Update Checker? Rightfully so – FileHippo Update Checker is an outstanding application in its own right.

Luckily (whew!), I had reviewed and recommended this solid freebie back in May, 2010. Based on reader feedback, I’ve edited this previous article (including updated graphics), and reposted it here.

Free FileHippo Update Checker – A Very Cool Tool

image One of the most frequently repeated pieces of advice on this site is – “Keep all applications (including your operating system) patched, and up to date”. Sounds like good, practical advice – and it is. But as those of us involved in computer security know; this is advice that is not always followed.

Experienced users are generally aware that free, automated applications, are readily available for download, that take the burden out of updating and patching.

One particular application that I have reviewed and recommended a number of times – that does just that is, Secunia Personal Software Inspector (PSI), which constantly monitors a system for insecure software installations, notifies the user when an insecure application is installed, and then provides the user with detailed instructions for updating the application, when available.

Like all applications, PSI is not perfect. The most common complaint seems to be, that after updating applications it may still report that specific applications are out-of-date, or pose a threat.

Regular reader, and IT pro, Georg L., from Vienna, Austria, has pointed out that an alternative to PSI, which is compatible with x64 systems, and which does a comparable job of checking your installed software for critical updates, and security fixes, is FileHippo’s free Update Checker.

Following Georg’s recommendation, I sparked up an older test machine, and downloaded and installed Update Checker. The test scan took only a matter of seconds. Less than 3 seconds in this test – virtually in the blink of an eye!

The updated Browser screen shot below, illustrates the results obtained following the Update Checker test scan.

image

For testing purposes I clicked on the green download arrow which opened the following download applet, so that I could update one of my favorite free utilities – CDBurnerXP

image

I must admit, I was pleasantly surprised when I noticed FileHippo’s Update Checker returned results for Beta Updates as well – as the following screen capture indicates. For those users who like to test Beta software, this is a definite bonus.

image

It’s important to understand that all software of this type may well have shortcomings of one type, or another. FileHippo’s Update Checker, for example, does not support all programs.

This should not be surprising, given the enormous quantity of available applications. The most popular applications, of course (the ones you are most likely to have installed), are covered.

From the developer’s site:

We work hard to include as many programs as we can in the Update Checker, but we currently cannot detect them all. This can be for various reasons, including: technical issues, publisher limitations or lack of consistent version numbering. However, we’re constantly advancing our detection methods and working with publishers to improve this.

Note: The Update Checker will not send any personal information back to FileHippo.com. The only information collected is a list of programs and their versions, along with the operating system details to help with processing.

Additionally, none of this information is linked to your IP address; the logs are deleted after processing.

Recommendation: I was quite impressed with this application’s speed, and thoroughness. A definite practical alternative to Secunia Personal Software Inspector.

If you’re inclined to do so – download both applications, take them for a spin, and form your own opinion. You’ll have a little bit of fun!

System requirements: Windows 7, Vista, XP, 2003, 2000, ME or 98. (both 32 and 64 bit where applicable). Microsoft .NET Framework 2.0 (the installer will prompt you and download it automatically).

Download at: FileHippo

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

3 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Application Vulnerabilities, Cloud Computing Applications, Computer Audit Applications, Cyber Crime, Don't Get Hacked, downloads, Freeware, Recommended Web Sites, Software, System Security, Utilities, Windows Tips and Tools

Not Running Secunia PSI? Why Not?

imageDespite the fact that burglaries are at an all-time high in my neighborhood, and despite the fact that the Police regularly caution residents to lock both windows and doors when not at home, one of my close neighbors always leaves at least one window open while she’s out. I have to say – it just boggles my mind.

Throughout the summer she is out of town every weekend and, you guessed it – she still leaves at least one window wide open. Her behavior, not to put too fine a point on it – is idiotic. If you’ve ever wondered why your home owners insurance policy is more expensive than it needs to be, it’s partially due to lamebrains like my neighbor.

Computer systems running insecure and unpatched applications are analogous to the open window in my neighbor’s house, and are a common gateway used by cyber-criminals to infect unaware users’ machines. Worse, unlike the aftereffects of a home burglary, which are rather self evident, a compromised computer can often remain undetected.

As important as it is, that you secure your computer by implementing a layered security approach, it’s equally as important that you close any “open windows” in your operating system, by keeping your installed applications current and up-to-date. And, Secunia, the leading provider of Vulnerability Intelligence, can help you do just that with its free application – Secunia Personal Software Inspector (PSI).

Since PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application, when available – installing this small free application will assist you in ensuring that your software installations are relatively secure. I say “relatively”, since there is no perfect system.

The following screen captures illustrate, just how easy it is to take that extra step toward a more secure computing experience, using PSI. Click on any graphic to expand to its original size.

During the install process, you will have an opportunity to select “Auto Updates”. I suggest that you take advantage of this feature.

image

Again, during the install process, you will have an opportunity to select “full changes in the tray icon”. If you have selected “Auto Updates”, as per the previous window, you should select this option.

image

The settings menu provides a full range of adjustments so that you can configure the application to more accurately meet your specific needs.

image

The following screen capture illustrates a security scan in progress. The full scan took under two minutes to complete.

image

According to the scan results, my test machine is 12% more secure compared to non-users of PSI in my local area. This is no cause for celebration though, since the test machine is running two insecure applications. One of which, VLC Media Player, has been a recent target of cyber criminals. Ouch!

image

The following screen capture shows the full test results and you can readily see, that both Adobe Flash Player and the previously mentioned VLC, are both insecure. Adobe Flash Player, dramatically so. Double ouch!

image

Additional data on an insecure program can be gathered by double clicking on the program, as shown in the following screen shot.

image

Quick facts:

Secunia PSI is free for private use.

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how to resolve it.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

System requirements: Windows 7, Vista SP 1 or later, XP SP 3 (32 & 64 bit).

Watch: How to install and use the Secunia PSI 2.0

Download at: Secunia

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

Link: Secunia Online Software Inspector. In the last 24 hours, fully 19% of applications checked by this online tool, were insecure.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

15 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Application Vulnerabilities, Cloud Computing Applications, Computer Audit Applications, cybercrime, Don't Get Hacked, downloads, Freeware, Recommended Web Sites, Secunia, Software, System Security, Utilities, Windows Tips and Tools

Close Security Holes In Windows With Microsoft Baseline Security Analyzer

imageIntrusion detection systems do a good job in protecting physical environments against desperados, burglars, and trespassers. But, creating an access point by leaving a window or a door open, obviously reduces the efficiency of such a system.

Computer intrusion detection systems are no different – leaving a window open in Windows (if you’ll pardon the expression), can result in an illegal intrusion that can often remain undetected.

To help you assess the overall state of security on your computer (and close any open windows in Windows), Microsoft provides a free scanning tool – Microsoft Baseline Security Analyzer 2.2 (MBSA), which will scan your system and provide you with a report on your machine’s security, based on Microsoft security recommendations.

For reference purposes, I’ve gathered the following statistics from the Iolo  Threat Center. The Global System Status Details are based on 86,098 samples accumulated by Iolo since March 26, 2011. This data is in line with the data obtained from more comprehensive studies we’ve seen over the last several years.

PCs without active virus protection: 53.42%
PCs without active firewall protection: 20.88%
Average number of security flaws: 13.56

MBSA includes both a graphical and a command line interface, that can perform local or remote scans of Microsoft Windows systems.

Scanning Options:

For each scan, the following options can be enabled, or disabled, as needed, in the MBSA user interface:

Check for Windows administrative vulnerabilities – scans for security issues such as Guest account status, file-system type, available file shares, and members of the Administrators group.

Check for weak passwords –  checks computers for blank and weak passwords during a scan.

Check for Internet Information Services (IIS) administrative vulnerabilities.

Check for SQL administrative vulnerabilities – checks for the type of authentication mode, account password status, and service account memberships.

Check for security updates (missing updates) – scans for missing security updates for the products published to the Microsoft Update site only.

The two areas, in the report, you will find most useful as a home user, are:

Security misconfiguration (less secure settings and configurations).

Missing security updates and service packs (if any).

The report will provide you with specific steps to take, should the application find issues.

The following screen capture from my test machine, illustrates the partial results of a typical scan – click to expand to original size.

image

In order to run a scan with MBSA, you may need the IP address of your computer – an easy way to obtain this is here.

System Requirements: Windows 2000; Windows 7; Windows Server 2003; Windows Server 2008; Windows Server 2008 R2; Windows Vista; Windows XP; Windows XP Embedded. (32 bit and 64 bit).

Download at: Microsoft

Note: Microsoft recommends viewing the readme.html file, before running MBSA the first time. If you are a regular reader here, I don’t think this is necessary, but….

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

3 Comments

Filed under 64 Bit Software, Application Vulnerabilities, Computer Audit Applications, Don't Get Hacked, downloads, Freeware, Geek Software and Tools, Microsoft, Software, System Security, Windows Tips and Tools

What’s In Your PC? Take A Look With Free LookInMyPC

image Do you have a detailed profile of your computer system which includes details on hardware and installed software? What do you know about your computer’s motherboard, CPU and GPU, remaining drive space, or your operating system’s security hotfixes?

To effectively maintain your computer, and proactively deal with problems that may occur, you can make the diagnostic process much easier if you have specific and accurate details of your computer.

If you need help from a computer support group, from a tech support line, or from a computer knowledgeable friend, you will need to provide specific and accurate details of your computer. Without these details, it can be very difficult for even the most knowledgeable computer tech to be time efficient.

So it is important for you to create a detailed profile of your computer system before problems occur, and retain a printed copy of the report. Normally, creating such a profile can be very time intensive. But there are time saving solutions.

One such solution is LookInMyPC – a free program that automatically generates a detailed audit report of the hardware and software on your computer. It records essential information such as, operating system and processor details, the amount of RAM installed, drive specifications, and much, much, more.

You may get one or more security warnings (as illustrated below), during the install, since this applications digs deep into the system.

image

image

The graphic below indicates just how deep this application digs.

image

image

The following graphic shows a very small (I do mean very small) portion of a scan result, run on my test platform. The data shown here is pretty standard stuff.

image

But, in this portion of the report, the data shown is more complex and could be helpful (along with a huge amount of additional available data), in system diagnostics.

image

A number of features keeps this application a cut above the average:

The results are displayed in your Web Browser in a formatted HTML report. The report is clearly formatted for ease of understanding and divided into appropriate categories. Hyperlinks within the report allow you to quickly search for additional information.

As well, the report can be zipped, and then forwarded as an email attachment to your favorite “tech support” person.

System requirements: Windows 2000, XP, 2003/8, Vista and Windows 7.

Download at: LookInMyPC

A portable version is also available.

I have been using this program for some time, and find it invaluable for troubleshooting, and diagnostics.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

6 Comments

Filed under Computer Audit Applications, Diagnostic Software, downloads, Freeware, Geek Software and Tools, Portable Applications, Software, USB, Utilities

You Can Be A Computer Detective Too, With OSForensics Beta

imageThe CSI TV franchise is great entertainment – but that’s what it is – entertainment. Nevertheless, the investigative techniques, despite the fact they are, in the main, pure science fiction – are pretty convincing.

One area where television productions, like this, and movies for that matter, generally get it right is – computer forensic investigation. While this type of investigation, with the investigators fingers flying across the keyboard, appears to be complex, in fact – the process is generally driven by software that is well organized, and logically constructed.

If you would like to try your hand at being a computer “Sherlock Holmes”, then checkout OSForensics Beta (latest release February 4, 2011), a menu driven forensic application that will allow you to identify, extract, document, and interpret data, on your computer.

The GUI is laid out in a functional and logical step by step process – easy to understand and navigate.

image

I won’t cover all of the capabilities of OSForensics ( I don’t want to spoil all your investigative fun), but as an example, the application can scan a system for evidence of recent activity, including accessed websites, USB drives, wireless networks, recent downloads, website logins and website passwords.

image

Just one example – in the screen shot below, you can see that the application has captured my login password (blacked out for privacy), for my Hotmail account.

OSF

The deleted file recovery function is particularly powerful and the application provides a graphical view of the allocation of the deleted file clusters on the physical disk.

image

Fast facts:

Search for Emails – An additional feature of being able to search within files is the ability to search email archives. The indexing process can open and read most popular email file formats (including pst) and identify the individual messages.

Recover Deleted Files – After a file has been deleted, even once removed from the recycling bin, it often still exists until another new file takes its place on the hard drive. OSForensics can track down this ghost file data and attempt to restore it back to useable state on the hard drive.

Uncover Recent Activity – Find out what users have been up to. OSForensics can uncover the user actions performed recently on the system, including but not limited to:

Opened Documents

Web Browsing History

Connected USB Devices

Connected Network Shares

Collect System Information – Find out what’s inside the computer. Detailed information about the hardware a system is running on:

CPU type and number of CPUs

Amount and type of RAM

Installed Hard Drives

Connected USB devices, and much more.

View Active Memory – Look directly at what is currently in the systems main memory. Attempt to uncover passwords and other sensitive information that would otherwise be inaccessible. Select from a list of active processes on the system to inspect. OSF can also dump their memory to a file on disk for later inspection.

Extract Logins and Passwords – Recover usernames and passwords from recently accessed websites in common web browsers, including Internet Explorer, Firefox, Chrome and Opera.

While the application is designed as a forensic recovery tool, I can think of a number of uses for this application (since it can be run from USB drive), over and above its expressed purpose. I’m sure you can too.

System requirements: Windows XP, Vista, Win 7, Server 2000, 2003, 2008 (32bit and 64bit support – 64bit recommended). Minimum 1GB of RAM. (4GB+ recommended), 30MB of free disk space – can be run from USB drive.

Download the beta at: PassMark Software

There are a number of worthwhile additional free tools which can be used in conjunction with OSForensics. Checkout the developer’s site here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under Beta Software, Computer Audit Applications, Computer Forensic Tools, Computer Tools, Deleted File Recovery, Freeware, Geek Software and Tools, Software, System Utilities