For $19.95 Malwarebytes Anti-Malware PRO Munches Your Malware

Twenty bucks might buy you a beer or three, which would soon be flushed away – water under the bridge – so to speak. But, that same $20 will allow you to install Malwarebytes Anti-Malware on your computer – with a lifetime license no less.

Malwarebytes Anti-Malware has a justified reputation as a first class security application – based on it’s ability to identify and remove adware, Trojans, key-loggers, home page hijackers, and other malware threats.

Both the free version, and the commercial version, deserve the significant kudos regularly offered by seasoned security technologists. This application definitely munches on malware!

The free version of this outstanding application has always made my recommendation list as an integral part of a  layered security approach. But, since real time protection is disabled in the free version, I do not recommend the freeware version of Malwarebytes as a stand alone primary security application. Additionally, scheduled scanning, and scheduled updating are also disabled in the free version.

Malwarebytes Anti-Malware PRO:

A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run – for both less experienced and expert users alike, as the following screen captures indicate.

Select preferences.

Choose a scan type.

And – quick as a bunny – you’ve got the results. Malwarebytes Anti-Malware really is a speed demon.

A supplementary log is handy for a quick review.

Malwarebytes Anti-Malware PRO Features include:

Flash – Lightning fast scan speeds

Thorough – Full scans for all drives

Works Well With Others – Cooperative functionality

Puts YOU first! – Priority database updates

Puts Malware in the Slammer – Quarantine function holds threats and lets you restore at your convenience

Talk to the hand – Ignore list for both the scanner and Protection Module

For Your Pleasure – Customizable settings enhance performance

Lock It Down – Password protect key program settings

Chameleon – Gets Malwarebytes running when blocked

Toolbox – Extra utilities to help remove malware manually

Nitty Gritty – Command line support for quick scanning

RPP, Yeah You Know Me – Realtime Proactive Protection Module

Hablamos Everything! – Multi-lingual support (Klingon still in beta)

Support for XP, Vista, 7, and 8 (32-bit and 64-bit)

Systems Requirements: Windows Vista, Windows 7, Windows 8 (32 bit and 64 bit), Windows XP Service Pack 2 or later. Internet Explorer 6 or newer.

Multi-lingual support: English, Arabic, Bosnian, Bulgarian, Catalan, Chinese Simplified, Chinese Traditional, Croatian, Czech, Danish, Dutch, Estonian, Finnish, French, German, Greek, Hebrew, Hungarian, Italian, Latvian, Lithuanian, Macedonian, Norwegian, Polish, Portuguese (Brazil), Portuguese (Portugal), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Vietnamese.

Download at: MalwareBytes

As a full fledged security application, with all of its features unlocked; real-time protection, scheduled scanning, and scheduled updating, Malwarebytes’ Anti-Malware is a terrific value at $19.95 USD. Malwarebytes products come with a 30 day money-back guarantee.

Reader comments from previous MalwareBytes reviews –

G – I would definitely place Malwarebytes at the top of the list. I have had it find nasties when others have failed. I run it once a week on all of my machines.

Liam O’ Moulain – I’ve been using MBAM since you first recommended it sometime ago. I’m very satisfied.

Ranjan – Same case here as G. It took out a spyware which KIS is unable to detect even till now.. Many malware removal experts, in fact most, also recommend it.. So, it definitely deserves a place in one’s toolbox…

Kingpin – What can say!MBAM Pro is best that has happened to me. Like I said before I have the Pro version on all my 3 systems. MBAM Pro hasn’t let me down yet. The speed of scanning all files is pretty good too. On my regular system it plays along well with SAS Pro.

Mal – Not much to add, I have been using it a while now, great app. And I use SAS as well. Usually run them both just before I shutdown the computer for the night.

Easily Recover Deleted Photos And More – Open Source TestDisk & PhotoRec

Summary: When it’s time to recover deleted files from an SD Card, Hard Drive, Flash Drive, etc., this powerful portable recovery application, (despite its command line type interface), makes deleted file recovery just about as simple as it gets.

In previous reviews, I’ve covered more than a few file recovery tools,  some of which have lived up to the developers’ claims – but, most have not. PhotoRec, part of the bundled package included in TestDisk – despite it’s name – is capable of recovering 390 types of files, according to the developer.

In the following review, I’ll describe how easy it was to recover deleted photos from my camera’s SD Card and, deleted music files from my iPod. As you’ll see, this application is not wizard driven – but, despite that, it’s still very easy to use.

First up was a recovery attempt on a camera.

On launching the application, the connected camera was immediately identified.

Selecting the drive was a simple matter of cursoring down, and pressing the Enter key.

In just a few minutes (under 3 minutes), PhotoRec identified and recovered 121* previously deleted photos.

* Much to my surprise, the application actually recovered 241 previously deleted photos. I’m not complaining.      All recovered files were saved to the recovery directory (a sub-directory of the directory the application is running from) – as shown below.

Here’s a recovered shot (August 2012), of my BlackBerry Playbook in its Bluetooth keyboard case. As an aside – Tablets are super duper consumption devices – but, for real work, a physical keyboard is a must for me.

Next up – music file recovery from my iPod.

In just a few moments (less than a minute), PhotoRec identified and recovered *105 previously deleted tunes.

* The application actually recovered 106 previously deleted tunes.

But, can they be played? You bet!

Fast facts:

Fix partition table, recover deleted partition.

Recover FAT32 boot sector from its backup.

Rebuild FAT12/FAT16/FAT32 boot sector.

Fix FAT tables.

Rebuild NTFS boot sector.

Recover NTFS boot sector from its backup.

Fix MFT using MFT mirror.

Locate ext2/ext3/ext4 Backup SuperBlock .

Undelete files from FAT, exFAT, NTFS and ext2 filesystem.

Copy files from deleted FAT, exFAT, NTFS and ext2/ext3/ext4 partitions.

System requirements: Windows (NT4, 2000, XP, 2003, Vista, 2008, Windows 7 (x86 & x64), Linux, FreeBSD, NetBSD, OpenBSD, SunOS and MacOS X. (Reviewed on Win 8 x32)

Download at: Cgsecurity.org

You may only need this application a time or two – but, wouldn’t it be nice to have it sitting in your USB toolbox when you do? The answer is – YES.  

Beat Obama’s Bandits With TrueCrypt Free (Open-Source) Encryption

The so called “War on Terror” has long since lost its luster and should be appropriately reclassified as The War of Terror. The U.S. has been singularly impudent in terrorizing the terrorists but instead, it has managed to terrorize the rest of the world using a system of surveillance schemes that have gone off the board. Chalk one up for Al Qaeda – the only winners in this debacle.

In the meantime, Americans continue to live in fear – trading away freedoms for security in a war that is simple unwinnable. Obama, despite his assurances that he would “fight terrorism while maintaining our civil liberties” has been a principle mover in this assault on democracy.

And, the master of the reversal has more –

Obama, in a 2008 election sound bite, drew a sharp contrast with the Bush administration which he proclaimed, offered Americans “a false choice between the liberties we cherish and the security we demand.” And for good measure – for stooping “to spy on citizens who are not suspected of a crime.” It’s a surreal world we live in, is it not?

But why be satisfied with my ramblings? Here’s the video.

As America continues its slide into Fascism (eagerly joined in the venture by Canada, Australia, the U.K. and countless other self-advertised “democracies”), the justified expectation held by these governments is – you – yes, you – will take no active part in expressing your outrage at the escalating intrusions into your private life. Sadly, the undermining of democracy, or more to the point, democracy as we though we knew it, continues apace.

As a consequence (hardly the only consequence, of course), encryption technology is once again in the spotlight. And no, using encryption does not mean that one has something to hide.

Sophisticated and  aware computer users know, that financial data and other confidential information, can easily be subject to intrusive viewing by those not authorized to do so.

Putting Obama and his bad boys aside, here are some examples of how this might occur:

Internet malware attack: Increasingly, statistics reinforce the fact that financial data continues to be targeted by hackers/information thieves, for the purpose of identity theft.

Contrast that reality with these facts; there is no such thing as a totally secure Internet connected computer. All Internet connected computers are subject to attack and compromise.

Lost or stolen Laptop: How often have we read the following – 200,00 (insert your own number here), bank account numbers, Social Insurance Numbers, names, addresses and dates of birth were on a laptop stolen/lost earlier this week.

In too many of these cases, negligently, the data is unencrypted. Certainly Laptop theft or loss is not restricted to organizations; it can just as easily happen to you.

Lost or stolen USB drive: Since USB flash drives are so portable, you can take a drive virtually anywhere. Just like most items that are portable and that you carry with you, this type of drive can be lost, or stolen.

To reduce or eliminate the security threat of sensitive data exposure then, the most prudent course of action is data encryption. Essentially, data encryption is a secure process for keeping your sensitive and confidential information private. It’s a process by which bits of data are mathematically jumbled with a password-key. The Encryption process makes the data unreadable unless, or until, decrypted.

It happens to us all: Just this past week, I lost not only my house keys (first time ever) – but the USB key attached to the keychain. If you guessed that the drive was encrypted – take a bow.  

TrueCrypt:

TrueCrypt is an outstanding free open source software application for establishing and maintaining an on-the-fly-encrypted volume. On-the-fly encryption simply means that data are automatically encrypted, or decrypted, just before they are loaded or saved – without any user intervention. The program automatically and transparently encrypts in real time.

No data stored on an encrypted volume can be read (decrypted) without the correct password/key file or correct encryption keys. The entire file system is encrypted (i.e., file names, folder names, contents, free space, Meta data, etc.).

Files can be copied to and from a mounted TrueCrypt volume just like they are copied to/from any normal disk (for example, by simple drag-and-drop operations). When you turn off your computer, the volume will be dismounted and files stored in the volume will be inaccessible and encrypted. You may of course, manually dismount the volume.

TrueCrypt offers a number of options – you can store your encrypted data in files, partitions, or on a portable storage device such as a USB flash drive.

Installation is simple and straightforward – no gotchas here. Lots of steps – but easy steps.

If you choose “Keyfiles”, be sure you understand the ramifications. This is an extra security step which has limited application for a home user. You do not need to select this option.

And – Win 8’s File Explorer reports that the volume has been setup successfully. If you expand the graphic below (click), you’ll also notice my first TrueCrypt volume on this HD from May 9, 2006.

Indicative of this application’s popularity is the fact that it is downloaded tens of thousands of times each day, across the Internet.

Fast Facts:

Creates a virtual encrypted disk within a file and mounts it as a real disk

Encrypts an entire hard disk partition or a storage device such as USB flash drive

Encryption is automatic, real-time (on-the-fly) and transparent

Provides two levels of plausible deniability, in case an adversary forces you to reveal the password – Hidden volume – No TrueCrypt volume can be identified (volumes cannot be distinguished from random data)

Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS

Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts

Pipelined operations increasing read/write speed by up to 100% (Windows)

I’ve been using TrueCrypt for a number of years, and I have developed a lot of confidence in this outstanding application. If you determine that encryption of your sensitive data is a priority, I highly recommend that you give TrueCrypt a try.

How effective is TrueCrypt? If you have any doubts as to how effective TrueCrypt really is, then read this article. FBI hackers fail to crack TrueCrypt:

The FBI has admitted defeat in attempts to break the open source encryption used to secure hard drives seized by Brazilian police during a 2008 investigation.

System Requirements: Win 8, Win 7, Vista, XP, Mac OS X, and Linux.

Download at: TrueCrypt

OPSWAT’s Security Score Beta – NOT Ready for Primetime

The concept behind OPSWAT’s  Security Score (currently in Beta) – that is – active PC monitoring with a view to insuring the security status of the machine is in good order – has obvious value. In this case unfortunately, the execution could do with a shake-up. Let’s take a quick walkthrough.

As a security professional it came as more than just a mild surprise to see my test bed (a Win 8 reinstall just 2 days ago), pop out of this application with a dismal security score of 60/100, as shown in the following graphic. Yikes!!

BTW, I ran a series of identical tests – the results – identical – 60/100.

 

No, no, no – it won’t get away with it.  

Firewall:

The lack of response, in the application, to the Windows Firewall – I’m assuming that the Windows Firewall has not been certified by OPSWAT – is a head-shaker.

If I can make the argument that the majority of computer users are not particularly “PC savvy”, I suspect that a “Not Detected” notification might be cause for panic.

The reality – as the following graphic illustrates; Windows Firewall is up and running.

I’ll take 5 points back, thank you!

Hard Disk Encryption: Sorry – but, I don’t do full disk encryption. However, since I do encrypt selected files/folders (a much better choice for most users in my view), using what has long been considered the premier free encryption application available – TrueCrypt (shown below) – I’ll take my 10 points back, thank you.

Patch management: Now I’m insulted – sort of. I’m a bear for patch management!  

Secunia PSI, a free patch management application (again, perhaps the premier example of such software), begs to differ with OPSWAT’s  Security Score. This application, as it has for many years, runs in the background on all my machines.

I’ll take my 10 points back, thank you.

Todays score:

Public File Sharing: Yes, I do run a torrent application on this machine but, not all file sharing is illegal. To the contrary – virtually all file sharing is legal.

I’ll take my 5 points back, thank you.

Antivirus score – 18/30: During the system reinstall on this machine, on the recommendation of super user and regular reader Bob Gostischa, I installed avast! Free Antivirus (substituting for AVG Free – a great app too). Much to my delight, incidentally.

avast! Free Antivirus, has been, and continues to be, an exceptional free application ( a quarter of a Billion downloads on CNET alone, speaks to that) – so, an OPSWAT certification of “Bronze” puzzles me. I’m not suggestion that popularity equates to an effective solution – we all know better.

Equally however, many of us do know that avast! Free Antivirus is a very effective solution.

Since OPSWAT suggests that the user may well be better off substituting the installed security application with an OPSWAT certified higher level product, let me counter-suggest that the developer provide access to an explanation of the certification process and, the testing methodology.

In this particular case, OPSWAT’s assessment of avast! Free Antivirus falls short of the generally accepted view as to this application’s effectiveness. I know that, and I suspect that you do as well – but, a typical computer user may not.

avast! Free Antivirus – My new number one.

I’ve long been a fan and a strong supporter of OPSWAT, and continue to be – with good reason – the company provides a series of superb free products which techies have come to rely on. AppRemover, as well as Metascan Online and Secure Virtual Desktop.

Yep – I realize this application is in Beta – but, there are Betas and then there are Betas. In the past few years, we have gotten quite use to the “Beta” that for all practical purposes, represents a fully functioning product. This is not one of them. Nice presentation, but…………….

I like the idea – so c’mon guys, hurry with a fix.

I have no doubt that this application will be brought up to the standard we have come to expect from OPSWAT. But, in its current state of Beta, this application provides neither accurate, nor complete information. Incidentally, I awarded myself a 10 point bonus just for the sheer aggravation.  

If you want to take this one out for a test drive, you can download the application here. If you do so, I’d be interested in hearing about the results.

Tomorrow Is World Backup Day – So, Are You Going To? Backup, That Is.

I have some bad news – sad news – for you this morning. Those graduation pictures you treasured, the pictures of your toddler’s first steps, this year’s income tax return which was just about ready to be filed, that resume you just finished updating – GONE – ALL GONE.

Your Hard Drive just quit overnight – never to be booted again. I know I should feel some measure of sympathy for you – but, I don’t.

I’m not trying to be a big meanie* here but, it seems to me, that you are the architect of your own misfortune. A little pre-planning to safeguard your irreplaceable data; documents, digital photos, email messages, personal and business related work, and important private data – could have saved you considerable distress.

If only you had a backup – but, you don’t – do you? I suspect that it’s little consolation but, you’re not alone. Despite the importance of Hard Drive and individual file backups, most computer technicians will tell you that typically, computer users’ do not backup their irreplaceable data.

It’s a little late to tell you this but, if you had been one of the few, out of the ordinary, computer users, who regularly and faithfully backup, you would have had some work ahead of you – but, you would have recovered your data.

All of the above of course, is an imaginary scenario – in fact, your system did boot up his morning. But, that’s hardly cause for complacency.

Redundant information: Just like death and taxes are a certainty, the fact that your computer’s Hard Drive will crash one day and refuse to respond, is every bit as certain.

If you don’t yet have a backup plan, it’s time you thought seriously about developing one. The effort involved in learning how to protect your data, by developing and implementing a backup plan in today’s computing age, is minimal. Much easier than it was, even as little as two or three years ago.

The best backup strategy includes imaging your Hard Drives and partitions, since that allows you to restore your important data, your complete operating system, as well as your installed applications, user settings, etc.

There are loads of free applications out in the wild blue that, used properly and regularly, will speed to the rescue. One of the best free program – one that I have no difficulty recommending is – EASEUS Todo Backup.

This is a brilliant application which will allow you to backup, recover your backups, image your Hard Drives, clone your Hard Drives, and a host of additional features. All of this, in a “follow the bouncing ball” simple, user interface.

If there’s an easier way to backup critical data, I have yet to find it.

The user interface has been designed so that a user with minimum computing experience, should have no difficulty.

The following screen captures illustrate the simple process of backing up a particular folder.

In this case, I choose the task name, selected the folder to be backed up, selected the backup media/location, and …..

Done!

Bonus: You can copy backup images to your personal cloud for data double protection. More info here.

A ton of options so that you can set the parameters of the task to suit your particular needs.

Recovery, is point and click simple.

Additional functions and features are available under the “Tools” menu.

In the following example I’ve run a check on the test backup to verify readability.

Finding that an image file is unreadable when called upon, ranks with one of life’s low points – well, sort of.   

A quick initial check is a prudent move.

You’ll have the option of creating a system boot disk. You should do so.

The “emergency disk” will allow you to boot into EASEUS Todo Backup and then choose from a number of options.

  Fast facts:

System Backup and Recovery – One-click system backup. Backs up entire system state including the operating system and installed applications on-the-fly without interrupting your work to get the system up in time after crash.

File and Folder Backup – Backs up specified files, network shared files, files in use, folders or file types in case of virus attack, hard disk failure, or deletion by accident, etc.

Disk & partition Backup – Full backup disk(s)/partition(s), dynamic volume(s), or GPT disk(s)/volume(s) to image. It ensures PC security and instant data recovery in case of any data loss.

Incremental Backup – Provide alternatives to perform full backups each time by offering incremental backup. To capture changes saving time & disk space.

Backup Schedule – To run backup automatically at a predefined time. By scheduling a backup task, your system and important data can be backed up now, daily, weekly, monthly.

Disk Clone Tool – Clone or transfer all the data on a hard disk to another. Clone disk is especially useful to upgrade your hard drive to a new one without reinstalling operating systems and applications.

System requirements: Windows 2000, XP, Vista, Win 7, Win 8. (32 bit, 64 bit).

Download at: EASEUS

If you’re looking for a free application to handle all of your backup needs, I don’t think you’ll be disappointed in EASEUS Todo Backup. Give it a try.

* In recent years, I’ve written 20+ articles on the importance of backing up critical data and, it distresses me somewhat that they have been amongst the least read articles I’ve written.

Good buddy TeX, summed up the backup issue neatly in a comment to a previous backup article sometime back, when he wrote – There are so many good programs out there for backing up, the problem is getting people to take that whole step seriously. It’s like dying,  “That always happens to someone else” theory.

It’s a point worth considering.

For additional reading on this important task, you might consider dropping by the World Backup Day site – DON’T BE AN APRIL FOOL. Backup your files. Check your restores.

Free Security Software Downloader – Download Multiple Security Apps And Tools In One Go

If you’re into helping your less experienced friends/relatives deal with computer issues, then I think you’ll find that Security Software Downloader (SSDownloader) is a terrific way to help those less experienced users install the freeware security applications that you know, through experience, are a “must have”.

Talk about small!

Security Software Downloader is a tiny open source executable (669KB) – designed specifically as a bulk download manager which focuses on security applications and, security related specialty tools.

A quick walkthrough –

The tab based user interface – Free Antivirus, Security Suites (Trial Versions), Malware Removal, Firewalls, and Other Tools, is uncomplicated and checkbox simple.

In the first screen grab, referencing “Free Antivirus”, I’ve selected three popular applications for download. Notice the languages which are available, as well as the OS “auto detect” feature. According to the developer – changing the language will automatically download your selection/s in the chosen language.

Total download time – 2:37.

The default download location is the Desktop. You will however, have a chance to select an alternative location.

For this test, I’ve bypassed the Trial Versions opportunity. Still, there’s a good selection of well know applications to choose from.

In this screen capture, you’ll note that I’ve focused on two tools which, I know from experience, can get the job done with a minimum of fuss.

From the “Other tools” menu, I’ve selected three more applications which have served me well in the past.

As each download is completed, a system notification area popup, tells the tale – as illustrated below.

Fast facts:

• Download the most popular free and paid security software with only one click.
• Don’t worry about OS or 32bit/64bit, the right version will be automatically downloaded.
• Stay up to date, the newest versions of the selected software will be downloaded.
• Choose what you want to download and you will see a notification as soon as your download/s finish.

System requirements: Windows XP, Vista, Win 7 (32 bit and 64 bit). Tested on Win 8.

Download at: Sourceforge

For those of us who are geek inclined, SSDownloader (especially given its small footprint), would make a nice addition to a Flash drive toolbox.

Download times will be system specific. In this case, I ran on a 1.7 MB/sec  connection.

It’s Banking Day at the Ranch and a Linux Live CD is in the Saddle!

I’ve maintained for years, that I treat my Windows machines as if they have already been compromised – a position that has left me open to some criticism. I’ll take the criticism – I’d rather be safe than sorry.

If you’re a regular reader of Tech Thoughts Daily Net News column then, you’re probably aware that the following items from last week (below the break), are not in the least unusual. In fact, notification of security breaches, or unpatched vulnerabilities that are weeks or months old, are now commonplace.

A legitimate question is – how likely were you to have been affected by any of the unpatched flaws – as noted below – or, the scores of similar long-standing vulnerabilities published in Tech Thoughts Daily Net News over the last few years?

I’ll grant you that “not very likely”, is a reasonable assumption. Still, the question remains – how do you know that you’re not already compromised by a yet to be disclosed vulnerability? Something to think about.

————————————————————————————————–

Eight-month WordPress flaw responsible for Yahoo mail breach: Bitdefender – A cross-site scripting flaw that saw some Yahoo email users lose control of their accounts has now been traced back to a WordPress installation that was not patched for at least eight months.

Serious security holes fixed in Opera – but Mac App Store users left at risk again – It should go without saying that if you use Opera, you should update to version 12.13 as soon as possible. But… what if you didn’t get your copy of Opera from the official website? What if, instead, you acquired your version of Opera for Mac from Apple’s Mac App Store?

Symantec denies blame after Chinese govt hacks The New York Times – After one of the world’s most famous newspapers points the finger at Symantec for failing to protect its network against a four-month long Chinese cyberattack, the security firm returns fire –

Symantec:

“Turning on only the signature-based anti-virus components of endpoint solutions alone are not enough in a world that is changing daily from attacks and threats. We encourage customers to be very aggressive in deploying solutions that offer a combined approach to security.”

I found Symantec’s response more than interesting. This is the first time that I can recall, that a major security vendor has gone on record and suggested that their product, as a stand alone solution, should not be expected to identify and contain each and every conceivable threat.

I couldn’t agree more and, I have made that point consistently, for years.

—————————————————————————————————

Initially, I had no intention of writing such a long introduction to a simple review – but, my continuing disappointment in the computer technology industry as a whole, whose overall response to an epidemic of criminal activity, runs along the same lines as that old time movie – Jaws – in which one of the plot lines revolves around keeping people in the water (despite the evident danger from a Great White shark) since to do otherwise, would be bad for business, got the better of me. Perhaps not the best analogy – but, it works for me.

I have a sign on the wall above my desk that reads – Bullshit in = Bullshit out. I can’t think of a more fitting epitaph for the current state of affairs in an industry rife with misinformation, misdirection, hype, and sheer outrageous bullshit.

I’m not a gloom and doom guy – but, market forces are such, that a little crystal ball gazing has convinced me that the status quo is as stable as the Rock of Gibraltar. In other words, if you want to be safe on the Internet, then accept the fact that you’re on your own.

—————————————————————————————————

It’s Banking Day at the Ranch and a Linux Live CD is in the Saddle!

While connected to the Internet, just like you, I face exposure to Trojans, spyware, viruses, phishing scams, identity theft, scam artists, schemers and cyber crooks lurking in the shadows, just waiting to make me a victim. Even so, the odds of me picking up a malware infection, or being scammed, are fairly low. Am I just lucky, or is it more than that?

To some extent I might be lucky – but, it takes much more than luck to stay safe on the Internet. For me – it really boils down to prevention. Preventing cybercriminals from getting a foothold by being vigilant and adhering scrupulously to fundamental security precautions, including –

A fully patched operating system.

A robust firewall.

Automatically updated anti-virus and anti-spyware software.

Increased Internet Browser protection through selected add-ons.

Encryption where necessary.

and, most importantly never forgetting to – Stop. Think. Click.

Despite all those security precautions though, there’s one connected activity that still concerns me – online banking. Regardless of the fact that I choose my Internet banking provider based partially on it’s low profile, I’m not entirely relying on this low profile as a guarantee that cybercriminals will not target my provider.

The inescapable fact remains; I am my own best protection while conducting financial transactions on the Internet. Frankly, I’m not convinced that financial institutions are where they need to be when it comes to protecting their online customers.

Despite my best efforts, it’s possible that malicious code may be installed on my computer – ready to pounce on my banking user account names, and passwords. Which is why, I have long made it a practice to conduct my financial affairs on the Internet via a self-booting Linux Live CD. Since a Linux Live CD is read-only media, the environment (running entirely in RAM), should be more secure than Windows.

I’m not suggestion that Linux systems are impervious to malware (I know better than to make that claim) – but, since the majority of malware is Windows specific, banking online through a Linux Live CD should offer a more secure environment.

If you can click a mouse – then, you’re good to go. It’s that easy. Today’s Linux distros are not your Granny’s Linux.

I’m not suggesting that you replace your Windows operating system and jump with both feet into Linux. That’s impractical. What is not impractical however is – running with Linux on those occasions when you do your Internet banking.

Recommended Linux Live CDs:

Puppy Linux – A complete operating system with suite of GUI apps, only about 70 – 140MB, and boots directly off the CD. I should point out that Puppy is my personal favorite.

Damn Small Linux – Damn Small Linux is a very versatile 50MB mini desktop oriented Linux distribution.

Fedora – Fedora is a fast, stable, and powerful operating system for everyday use built by a worldwide community of friends. It’s completely free to use, study, and share.

Ubuntu – Fast, secure and easy-to-use.

Lightweight Portable Security (LPS) – A Linux distro from the US Department of Defense. Lightweight Portable Security (LPS) creates a secure end node from trusted media on almost any Intel-based computer (PC or Mac). LPS boots a thin Linux operating system from a CD or USB flash stick without mounting a local hard drive.

Zemana AntiLogger – Free One Year License Today At Glarysoft Giveaway

Back in the day, when I had an interest in sponsoring giveaways, I sponsored a giveaway on behalf of  Zemana AntiLogger. Without a doubt, this was the most professional giveaway I have ever had the pleasure in sponsoring. Zemana set up a special page on their site, specifically designed for the sponsored giveaway which led to 2000+ downloads through that page.

I’ve long considered Zemana AntiLogger a must have security application for my Internet connected machines. In fact, I would never connect my web cam without first ensuring that Zemana AntiLogger was up and running. To drive home that point (and others), I’ve reviewed this application several times.

Today only, a one year license is available at no cost through Glarysoft  (the Glary Utilities folks). Rather than reinvent the wheel, it seems appropriate to rerun the following review which was initially posted January 9, 2010.

Take a read, see what you think – and, if you’re convinced that Zemana AntiLogger would be a worthwhile addition to your overall security structure then, take a run over to Glarysoft and download this super security application.

Note: During my initial testing of this application, I ran a series of Anti-Keylogger tests, including tests for web cam penetration. All test methods were defeated by Zemana AntiLogger.

____________________________________________________

Zemana AntiLogger – An Ounce of Prevention

Benjamin Franklin could have been talking about the Internet, and malware, when he reportedly said – “An ounce of prevention is worth a pound of cure.”

Curing a malware infection caused by today’s sophisticated malware is much more difficult than it has ever been, and I’m convinced, that removing the malware we’re going to have to contend with in 2010, will be incrementally harder still.

Even today, malware tends to write itself into multiple parts of the operating system, and in many cases it can hide its files, registry entries, running process and services, making the infection virtually impossible to find, and remove, without causing operating system damage.

In the coming year, an average computer user who has to deal with even more complex malware infections, will be left with little choice other than having the infected machine worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage.

We’ve previously discussed Keylogger malware here, and how to employ an ounce of prevention by using highly regarded SnoopFree Privacy Shield, a free application, which unfortunately, is compatible with Windows XP only.

Because Keyloggers, a particularly sinister type of malware, that monitors every keystroke a user types on a computer’s keyboard, are often executed as part of a rootkit, or a remote administration (RAT) Trojan horse, they can be extremely difficult to detect, and remove.

While it’s true, that many good quality malware and spyware detection tools should capture Keyloggers, and a properly configured Firewall should prevent all authorized connections, the reality is – this is NOT always the case. Keyloggers in fact, can disable Firewalls and anti-malware tools.

Since my personal home machines now run on Windows 7, I can no longer protect against Keyloggers using SnoopFree Privacy Shield, so I had to find an alternative. Unfortunately, I could not find a freeware substitute application. However, I did find a competitively priced application, Zemana AntiLogger, following a reader’s recommendation, which I’ve been testing for a week or so.

I was immediately impressed by this application, particularly the system defense function. The application intercepted proposed changes to system files NOT picked up by other security applications on my system.

Since I use a Webcam extensively for communicating, I was more than happy to see the active Webcam protection offered by Zemana AntiLogger, which was immediately apparent.

Test Screens:

This is an example of a Zemana warning, triggered by my launching an anonymous proxy application which by design, injects code into my primary Browser. By checking an appropriate check box I established a rule, permitting this action in future.

This is an example of a Zemana warning, triggered by my updating both Microsoft Security Essentials and Malwarebytes definition databases which, in each case, will make changes to system files. Simply checking a check box establishes a rule, which will permit this action in future.

This is an example of a Zemana warning, triggered by a screen capture utility I was in the process of using. If this had been an illegal activity. I would of course, have received the same warning. Again, simply checking a check box establishes a rule, which will permit this action, by this utility, in future.

Fast facts:

Secure your Internet banking and financial transactions

Protect information in emails and Instant Messages

Protect keystrokes from spyware

Protect all screen images

Webcam Logger protection

System Defense

No need to download latest virus signatures

No need to know or detect the malware’s signature

No need to wait for updates from a virus lab

No need to scan files

Proactively looks for suspicious activity

Catches not just the usual suspects, but also sophisticated “zero day” malware

Prevents theft of data via secure connections (HTTPS / SSL)

Does not slow down your PC

Easy to download, install and use

Future-proof

System requirements: Windows XP with Service Pack 2 or higher (32bit and 64bit). Vista (32bit and 64bit). Windows 7 (32bit and 64bit). Windows 8 (32bit and 64bit).

If keylogger protection, and maintaining your privacy is a concern, you might consider adding this application to your security toolbox.

Download at: Glarysoft

Please note the following terms and conditions:

No free technical support. No free upgrades to future versions. Strictly non-commercial usage.

EULAlyzer – A Free Tool To Help “Uncomplicate” End User License Agreements

I’ve always considered that reading a EULA (End User License Agreement), is sort of like reading the phone book; and who reads a phone book?

I must admit that I get bored and distracted when reading EULA text; especially since I’m forced to read reams of small text, in a small window, which requires me to scroll continuously. I suspect, I’m not alone in this, and that most people just skim over the text; or more to the point – don’t bother reading the EULA at all.

However, there’s a downside risk in not reading the EULA carefully. By not reading the EULA carefully, we may let ourselves in for some unwelcome, annoying, and potentially dangerous surprises.

One of the most important aspects of any software license agreement is, the information it provides concerning the intentions of the software, and whether there are additional components bundled with the main application.

Additional components that could potentially display pop-up ads, transmit personal identifiable information back to the developer, or use unique tracking identifiers.

Not all software applications contain these additional components of course, but you need to be aware of those that do when you are considering installing an application.

Software developers who choose to employ these tools (to gather information for example), are generally not underhanded, and in most cases there is full disclosure of their intent contained in the EULA. But here’s the rub – virtually no one reads EULAs.

EULAlyzer, a free application from BrightFort (formerly: Javacool Software), the SpywareBlaster developer, can make reading and analyzing license agreements, while not a pleasure, at least not as painful.

This free application quickly scans a EULA, and points out words, statements, and phrases, that you need to consider carefully. Results are rated by “Interest Level” and organized by category, so it’s easy to zero-in on the issue that concern you the most.

Working similar to an anti-spyware program, EULAlyzer flags suspicious wording on a scale of 1 to 10 – based on how critical the disclosed information can be to your security, or privacy.

Let’s take a look at the license agreement for Piriform’s CCleaner.

You’ll note that there three areas of limited concern that have been flagged – as shown in the screen shot, below. Clicking on “Goto” icon will expand the related wording.

I’m very familiar with Piriform’s freeware applications – nevertheless, as is my habit, I read the EULA carefully.

Let’s take a look at the license agreement for GOM Audio Player.

Again, EULAlyzer has flagged a number of issues – but, in this case, these are issues that I considered very carefully before installation this application.

If you, like me, download freeware frequently, then you need to read the software license agreement carefully. EULAlyzer will make it easier for you to focus on the important aspects of the agreement.

There is no doubt that we could all use a little help in working our way through these wordy, but necessary agreements. The reality is, all software EULAs should be read carefully.

Fast facts:

Discover potentially hidden behavior about the software you’re going to install.

Pick up on things you missed when reading license agreements.

Keep a saved database of the license agreements you view.

Instant results – super-fast analysis in just a second.

EULAlyzer makes it simple to instantly identify highly interesting and important parts of license agreements, privacy policies, and other similar documents, including language that deals with:

Advertising

Tracking

Data Collection

Privacy-Related Concerns

Installation of Third-Party or Additional Software

Inclusion of External Agreements By Reference

Potentially Suspicious Clauses

and, much more…

System requirements: Windows XP, Vista, Win 7, Win 8.

Download at: Major Geeks

Malware Hunting? Checkout These 20 + Free Tools Designed To Destroy Tough Malware

Choosing and using the right tool, which has been designed specifically for the job at hand, is obviously a levelheaded approach. Still, I’ll wager that you can conjure up more than one occasion when you’ve encountered the “one tool for all purposes” mindset – the so-called “Birmingham Screwdriver” effect – “If it doesn’t work – hit it. If it still doesn’t work, use a bigger hammer.”

The Birmingham Screwdriver approach, taken by many AV solutions, may not always be the most appropriate approach to eradicating a tough malware problem – a specially designed application which targets specific classes of malware may be a better solution.

The following tools have been specifically designed to help skilled users better identify malware infections and then, eradicate (hopefully), those specific infections. These tools require advanced computer knowledge – unless you feel confident in your diagnostic skills, you should avoid them.

Just to be clear – not all of these tools are “one-click simple” to decipher, and users need to be particularly mindful of false positives.

Should you choose to add these applications to your antimalware toolbox, be aware that you will need the latest updated version for maximum impact.

Note: Many of the following tools have been tested and reviewed here previously.

Emsisoft HiJackFree

The program operates as a detailed system analysis tool that can help you in the detection and removal of Hijackers, Spyware, Adware, Trojans, Worms, and other malware. It doesn’t offer live protection but instead, it examines your system, determines if it’s been infected, and then allows you to wipe out the malware.

Runscanner

If you’re a malware hunter, and you’re in the market for a free system utility which will scan your system for running programs, autostart locations, drivers, services and hijack points, then Runscanner should make your shortlist. The developers of Runscanner describe this freeware utility as having been designed to “detect changes and misconfigurations in your system caused by spyware, viruses, or human error.”

HijackThis

HijackThis is a free utility which heuristically scans your computer to find settings that may have been changed by homepage hijackers, spyware, other malware, or even unwanted programs. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer. The program doesn’t target specific programs, but instead it analyses registry and file settings, and then targets the methods used by cyber-crooks. After you scan your computer, HijackThis creates a report, and a log file (if you choose to do so), with the results of the scan.

RKill

RKill is a program developed at BleepingComputer.com – “It was created so that we could have an easy to use tool that kills known processes that stop the use of our normal anti-malware applications. Simple as that. Nothing fancy. Just kill known malware processes so that anti-malware programs can do their job.”

Emsisoft BlitzBlank

BlitzBlank is a tool for experienced users and all those who must deal with Malware on a daily basis. Malware infections are not always easy to clean up. In more and more cases it is almost impossible to delete a Malware file while Windows is running. BlitzBlank deletes files, Registry entries and drivers at boot time before Windows and all other programs are loaded.

McAfee Labs Stinger

Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.

Specialty Removal Tools From BitDefender

28 special removal tools from Bitdefender.  On the page – click on “Removal Tools”.

Microsoft Malicious Software Removal Tool

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

NoVirusThanks

NoVirusThanks Malware Remover is an application designed to detect and remove specific malware, Trojans, worms and other malicious threats that can damage your computer. It can also detect and remove rogue security software, spyware and adware. This program is not an Antivirus and does not protect you in real time, but it can help you to detect and remove Trojans, spywares and rogue security software installed in your computer.

Norton Power Eraser

Symantec describes Norton Power Eraser in part, as a tool that “takes on difficult to detect crimeware known as scareware or rogueware. The Norton Power Eraser is specially designed to aggressively target and eliminate this type of crimeware and restore your PC back to health.”

FreeFixer

FreeFixer is a general purpose removal tool which will help you to delete potentially unwanted software, such as adware, spyware, Trojans, viruses and worms. FreeFixer works by scanning a large number of locations where unwanted software has a known record of appearing or leaving traces. FreeFixer does not know what is good or bad so the scan result will contain both files and settings that you want to keep and perhaps some that you want to remove.

Rootkit Tools:

If you think you might have hidden malware on your system, I recommend that you run multiple rootkit detectors. Much like anti-spyware programs, no one program catches everything.

IceSword

IceSword is a very powerful software application that will scan your computer for rootkits. It also displays hidden processes and resources on your system that you would be unlikely to find in any other Windows Explorer like program. Because of the amount of information presented in the application, please note that IceSword was designed for more advanced users.

GMER

This freeware tool is essentially a combination of Sysinternals’ Rootkit Revealer and Process Explorer. The program can list running processes, modules and Windows services, in addition to scanning for the presence of rootkits.

Special mention 1:

MalwareBytes – In addition to its superb free AV application, MalwareBytes offers a basket full of specialty tools. The following application descriptions have been taken from the site.

Chameleon

Malwarebytes Chameleon technology gets Malwarebytes running when blocked by malicious programs.

Malwarebytes Anti-Rootkit BETA

Malwarebytes Anti-Rootkit removes the latest rootkits.

FileASSASSIN

FileASSASSIN can eradicate any type of locked files from your computer.

RegASSASSIN

RegASSASSIN removes malware-placed registry keys in two simple steps – just reset permissions and delete! This powerful and portable application makes hard-to-remove registry keys a thing of the past.

Special mention 2:

A Rescue Disk (Live CD), which I like to think of as the “SWAT Team” of antimalware solutions – is an important addition to your malware toolbox. More often than not, a Live CD can help you kill malware DEAD!

Avira AntiVir Rescue System – The Avira AntiVir Rescue System a Linux-based application that allows accessing computers that cannot be booted anymore. Thus it is possible to repair a damaged system, to rescue data or to scan the system for virus infections.

Kaspersky Rescue Disk – Boot from the Kaspersky Rescue Disk to scan and remove threats from an infected computer without the risk of infecting other files or computers.