Tag Archives: Freeware

When Free Doesn’t Mean Free

This guest post is contributed by my Aussie mate, Jim Hillier. Jim is the resident freeware aficionado at Dave’s Computer Tips. A computer veteran with 30+ years experience who first started writing about computers and tech back in the days when freeware was actually free. His first computer was a TRS-80 in the 1980s, he progressed through the Commodore series of computers before moving to PCs in the 1990s. Now retired (aka an old geezer), Jim retains his passion for all things tech and still enjoys building and repairing computers for a select clientele… as well as writing for DCT, of course.


Remember the good old days when the “free” in freeware meant exactly that?

wps_clip_image-26653

I started writing about freeware back in the days when Clif Sipe (aka Clif Notes) and Ian (Gizmo) Richards were pretty much the freeware gurus. Those were the halcyon days when innovation was rife and there was always some new and exciting freeware to write about and discuss. When good old Spybot Search & Destroy was pretty much the only antimalware – long before anyone had even heard of Malwarebytes Anti-Malware – and the awful Adobe Acrobat was the ubiquitous PDF reader.

I still vividly recall when Ian Richards first wrote about a new program called “Sandboxie” back in 2004. Sandboxie intrigued me no end and I thought it was the greatest thing since sliced bread… still do. However, back in those days, the concept of an “isolated virtual environment” was pretty much unheard of and trying to explain it, even to experienced users, was no easy chore. Alas, Gizmo’s original Freeware Newsletter is no more and Clif Sipe has long retired to a well-deserved easier life.

Fast forward to today and the freeware scene has changed dramatically. Not only has just about every avenue for freeware innovation been well and truly covered, creating a scarcity of material for freeware writers, but the entire concept of “free” has also taken on a whole new meaning.

wps_clip_image-4246

Today, it seems very little is actually free and there is usually some sort of trade off involved  –  limited features, upgrade nag screens, download wrappers, advertising modules, bundled PUPs, toolbars, etc. Writing a freeware review today is as much about the potential safety and bundling issues as the actual program. While I can’t blame developers for seizing the opportunity to monetize all the work involved with developing and maintaining their software, I do wish they would be totally transparent about it, plus perhaps consider a system of opt-in rather than opt-out.

The trend has become so prevalent that it has actually spawned a whole new category of freeware tools – such as Unchecky and  AdwCleaner –  which are specifically designed to help users deal with bundling and PUPs (Potentially Unwanted Programs). A pretty scary indication of just how predominant this practice has become. Even the once pristine Open Source software has been sullied by SourceForge’s flirtation with DevShare, an adware supported download wrapper which was eventually discontinued after SourceForge changed hands in 2016.

There are still developers who remain true to the original spirit of freeware of course. Nir Sofer and his excellent collection of free portable NirSoft tools and utilities readily spring to mind. Unfortunately though, true unadulterated freeware is fast becoming as scarce as rocking horse manure and, sadly, today’s users need to approach all so-called freeware with a heightened sense of “let the downloader beware”.

Advertisements

2 Comments

Filed under downloads, Freeware, Software, Technicians Advise

Beat Obama’s Bandits With TrueCrypt Free (Open-Source) Encryption

The so called “War on Terror” has long since lost its luster and should be appropriately reclassified as The War of Terror. The U.S. has been singularly impudent in terrorizing the terrorists but instead, it has managed to terrorize the rest of the world using a system of surveillance schemes that have gone off the board. Chalk one up for Al Qaeda – the only winners in this debacle.

In the meantime, Americans continue to live in fear – trading away freedoms for security in a war that is simple unwinnable. Obama, despite his assurances that he would “fight terrorism while maintaining our civil liberties” has been a principle mover in this assault on democracy.

And, the master of the reversal has more –

Obama, in a 2008 election sound bite, drew a sharp contrast with the Bush administration which he proclaimed, offered Americans “a false choice between the liberties we cherish and the security we demand.” And for good measure – for stooping “to spy on citizens who are not suspected of a crime.” It’s a surreal world we live in, is it not?

But why be satisfied with my ramblings? Here’s the video.

image

As America continues its slide into Fascism (eagerly joined in the venture by Canada, Australia, the U.K. and countless other self-advertised “democracies”), the justified expectation held by these governments is – you – yes, you – will take no active part in expressing your outrage at the escalating intrusions into your private life. Sadly, the undermining of democracy, or more to the point, democracy as we though we knew it, continues apace.

As a consequence (hardly the only consequence, of course), encryption technology is once again in the spotlight. And no, using encryption does not mean that one has something to hide.

Sophisticated and  aware computer users know, that financial data and other confidential information, can easily be subject to intrusive viewing by those not authorized to do so.

Putting Obama and his bad boys aside, here are some examples of how this might occur:

Internet malware attack: Increasingly, statistics reinforce the fact that financial data continues to be targeted by hackers/information thieves, for the purpose of identity theft.

Contrast that reality with these facts; there is no such thing as a totally secure Internet connected computer. All Internet connected computers are subject to attack and compromise.

Lost or stolen Laptop: How often have we read the following – 200,00 (insert your own number here), bank account numbers, Social Insurance Numbers, names, addresses and dates of birth were on a laptop stolen/lost earlier this week.

In too many of these cases, negligently, the data is unencrypted. Certainly Laptop theft or loss is not restricted to organizations; it can just as easily happen to you.

Lost or stolen USB drive: Since USB flash drives are so portable, you can take a drive virtually anywhere. Just like most items that are portable and that you carry with you, this type of drive can be lost, or stolen.

To reduce or eliminate the security threat of sensitive data exposure then, the most prudent course of action is data encryption. Essentially, data encryption is a secure process for keeping your sensitive and confidential information private. It’s a process by which bits of data are mathematically jumbled with a password-key. The Encryption process makes the data unreadable unless, or until, decrypted.

It happens to us all: Just this past week, I lost not only my house keys (first time ever) – but the USB key attached to the keychain. If you guessed that the drive was encrypted – take a bow.   Smile

TrueCrypt:

TrueCrypt is an outstanding free open source software application for establishing and maintaining an on-the-fly-encrypted volume. On-the-fly encryption simply means that data are automatically encrypted, or decrypted, just before they are loaded or saved – without any user intervention. The program automatically and transparently encrypts in real time.

No data stored on an encrypted volume can be read (decrypted) without the correct password/key file or correct encryption keys. The entire file system is encrypted (i.e., file names, folder names, contents, free space, Meta data, etc.).

Files can be copied to and from a mounted TrueCrypt volume just like they are copied to/from any normal disk (for example, by simple drag-and-drop operations). When you turn off your computer, the volume will be dismounted and files stored in the volume will be inaccessible and encrypted. You may of course, manually dismount the volume.

TrueCrypt offers a number of options – you can store your encrypted data in files, partitions, or on a portable storage device such as a USB flash drive.

Installation is simple and straightforward – no gotchas here. Lots of steps – but easy steps.

image

image

image

image

image

If you choose “Keyfiles”, be sure you understand the ramifications. This is an extra security step which has limited application for a home user. You do not need to select this option.

image

image

image

image

image

And – Win 8’s File Explorer reports that the volume has been setup successfully. If you expand the graphic below (click), you’ll also notice my first TrueCrypt volume on this HD from May 9, 2006.

image

Indicative of this application’s popularity is the fact that it is downloaded tens of thousands of times each day, across the Internet.

Fast Facts:

Creates a virtual encrypted disk within a file and mounts it as a real disk

Encrypts an entire hard disk partition or a storage device such as USB flash drive

Encryption is automatic, real-time (on-the-fly) and transparent

Provides two levels of plausible deniability, in case an adversary forces you to reveal the password – Hidden volume – No TrueCrypt volume can be identified (volumes cannot be distinguished from random data)

Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS

Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts

Pipelined operations increasing read/write speed by up to 100% (Windows)

I’ve been using TrueCrypt for a number of years, and I have developed a lot of confidence in this outstanding application. If you determine that encryption of your sensitive data is a priority, I highly recommend that you give TrueCrypt a try.

How effective is TrueCrypt? If you have any doubts as to how effective TrueCrypt really is, then read this article. FBI hackers fail to crack TrueCrypt:

The FBI has admitted defeat in attempts to break the open source encryption used to secure hard drives seized by Brazilian police during a 2008 investigation.

System Requirements: Win 8, Win 7, Vista, XP, Mac OS X, and Linux.

Download at: TrueCrypt

14 Comments

Filed under downloads, Encryption Software, Freeware, Interconnectivity, Open Source, Software, Utilities

The Tool Designed To Fool – We Don’t Want No Stinkin’ Toolbar! (Revisited)

In today’s Tech Thoughts Daily Net News column, you’ll find a link to Ed Bott’sHow Oracle installs deceptive software with Java updates. So, what’s new here? Not as much as you might think – unfortunately.

I first posted on the issue of unwanted Toolbars – or, PUPS (potentially unwanted programs) – in March 2010. Based on the indignation shown by the majority of commenters – it just might be worth another read.

—————————————————————————————————

MEMO TO: SNEAKY FREEWARE DEVELOPERS

imageYou give me your software for free as a marketing tool, with the hope of course, that I’ll upgrade to the commercial version of your application.

That’s cool, that’s smart, (it cost you nothing by the way) – nevertheless, I’m appreciative.

But you don’t stop with just the free use of your application, you piggyback a toolbar, or some other non-essential item, as part of the install package. Listen, I understand, you want to install a toolbar because you get paid by the toolbar developer. Even that’s OK – but you do it in such a sneaky way that it really pisses me off, and that’s not OK.

Worse, if I don’t like your application and uninstall it, you open your Internet site, following the uninstall, using my Internet Browser – even if I don’t give you permission by allowing the connection. In my view, that’s a form of hacking. You need to take a refresher course in ethics.

I’ve been around the Internet for a few decades, so it’s not often I get caught in your schemes to install unwanted software on my machines, but less experienced users are often caught in your carefully laid traps.

Here’s a sample of the outrage a typical user, who got trapped by unethical behavior, feels – a comment on my site left by an outraged reader, several days ago, following her installation of Miro.

I thought I’d give this a try, since I watch Hulu quite a bit, and I’m sooo angry I did. Miro installed Bing Search toolbar, which I didn’t want or agree to install (using firefox) and it wiped out all my default search engines for Firefox.

Now I’m trying to figure out how to get Firefox back to normal. Beware!!!!!!!! I don’t trust companies that install things without your consent or knowledge.

In this particular instance it’s true that the EULA covers this situation, but here’s the question. Why does an average user need to read a Eula in order to find an alternative installation solution?

An accusation of unethical behavior doesn’t begin to cover this case – sleazy; vulgar; dishonest; sordid; are much more appropriate.

You, the unethical developer, are not alone in attempting to profit by toolbar inclusion in freeware applications. More and more, high profile developers who offer a stripped down version of their commercial applications as freeware, are involving themselves in this highly questionable practice.

image

So here’s a question for the “ethical” freeware providers. How many toolbars do you think an average user needs? Ten? Twenty? Thirty………….. Just so you know, a Google search for “toolbar”, returns 167 Million results!

I can already hear your answer “ but the user can uncheck the appropriate box when installing the application”. Right! Unless you’re detached from the real world (and, you may well be), you’re more than aware that a typical user does not uncheck this box. Then, over time, the user is at a loss to explain why their machine has slowed to a crawl.

Could it be because your toolbar, along with twenty others, all installed in a furtive way, become active at startup – ya think!!

So, just stop with the crapware already. If you’re pissing me off, just consider what you’re doing to an average user.

17 Comments

Filed under Adware, Browser add-ons, Point of View

Trap Malware With Toolwiz TimeFreeze

Toolwiz CareBack in April, I reviewed and highly recommended, a suite of freeware utility applications – Toolwiz Care. Having tested the application extensively, at the end of the day, it was no great leap in logic to say –  “This application is feature packed, and includes a wide range of tools that an average computer user should find powerful, efficient, and effective.”

One of the components included in this super suite is Time Freeze (recently released by the developer’s as a stand alone application) – a “one click simple” virtual system which, when active, virtualizes the operating system. In other words, a copy of the operating system is generated, and it’s within this “copy” – or sandbox, if you like – that all activity takes place. Keep in mind – the operating system is virtualized, only when Time Freeze is active.

So, why bother running in a virtualized environment, you might wonder? The answer is pretty simple – in most circumstances, there’s no real benefit. In fact, running virtualized may create a slight time lag in system response. There are, of course, particular circumstances in which running a virtual machine offers major  advantages – but, those circumstances (since I’ve covered this aspect numerous times in the past), are outside the scope of this review.

Instead, I’ll focus on the security aspect of running in virtual mode with Time Freeze when connected to the Internet. And, there can be significant security benefits.

Let’s assume, for example, that while surfing the Internet you fall victim to a drive-by download (more common than you might realize), while visiting an infected web site. Running in “real” mode would mean that you now have a significant problem on your hands. You can, if you like, believe that your AV application will protect you from the consequences – but, don’t count on it.

The same scenario, while running in virtual mode, will have an entirely different outcome. Since, in virtual mode – it’s a copy of the operating system which is facing the Internet – all system and application changes are restricted to the virtual environment. In other words – it’s the copy which has been infected. Simply rebooting the system does away with the copy, and with it – the infection.

Toolwiz Time Freeze, of all the virtual solutions I’ve reviewed over the past few years, has to be the simplest. It’s easy to use, non intrusive, and after initial setup, requires a minimum of user intervention – perfect for the average user.

Installation was hassle free – it was just a matter of  following the on-screen instructions.

Since the application place a small toolbar (shown below), on the Desktop – launching the application is a snap.

image

A quick click on the toolbar and, a click on “Start TimeFreeze”…………

image

image

… and, you’re in business.

image

image

Backing out of the application is equally as easy. At which time, you will have the option of saving any changes made to the system – or not. Not saving changes will require a reboot.

image

Fast facts:

Start up system protection. Prevents malicious threats being made and doing harm to your computer. It puts the actual system under protection and creates a virtual environment for system partition.

Simply reboot to restore your system to the previous state.

Don’t reboot to accept all the changes. It will take several minutes to save the changes to your real system.

Folder Protection – Help you to prohibit the changing of files by others.

Helps you to prohibit accessing the protected folders by others.

Protects your files from being infected by viruses or stolen by trojans.

Very easy switch between virtual & real system.

To enter virtual system, no need to reboot computer. To return to real system, just exit System Protection.

System requirements: Windows XP, Vista, Win 7, Win 8(32 bit and 64 bit)

Download at: Major Geeks

FAQ for Toolwiz Time Freeze

A word of caution: There are no perfect solutions – this application will not protect you against rootkits. Developing safe surfing habits remains your best protection against malware infection.

A further word of caution: Although I’ve had no difficult with this application, there have been reports of system crashes caused by Toolwiz Time Freeze. It’s always good practice to occasionally create a Restore Point – just in case.

This just in: Jim Hillier over at Daves Computer Tips reports the following:

Hey Bill –

I was using Time Freeze pretty regularly to test software for review purposes. I actually stopped using Time Freeze because of persistent issues. Occasionally, after the reboot process, a random service would be stopped. It was no big deal, just go into Services and re-start whichever service had been affected. Then finally, after a reboot, the OS would not load at all. I tried everything to get the OS to boot but no go. I can only assume that this time an essential system service had been stopped. I ended up having to restore a recent image.

So, you may be better off avoiding this application.

10 Comments

Filed under 64 Bit Software, downloads, Freeware, Software, System Utilities, Virtualization

Who’s Phoning Home On Your Internet Connection? Find Out With CurrPorts and, Process and Port Analyzer

imageThere’s not much point (from a cybercriminal’s perspective), in infecting a computer with malware unless the information which it’s been designed to capture, ends up in the nasty hands of the criminal.

Generally speaking then, it’s reasonable to say that the most important function of malware (again, from a cybercriminals perspective) is to “phone home” with the information it’s been designed to steal. It’s hardly surprising that much of the malware infecting the Internet does just that.

You can, if you like, trust that your AV solution will tip you off to any nasty behavior occurring in the background. But, as a follower of  the “better safe than sorry” school of thought, trusting in any AV solution to safeguard my systems in all instances, just doesn’t compute with me. There are no perfect AV solutions.

All to often, “new” malware has already rampaged through the Internet (despite the best AV providers have to offer), before average users become aware. As a result, I’ve long made it a practice to monitor my open ports and Internet connections frequently, throughout a browsing session.

At first glance you might think port checking is time consuming and not worth the effort. But it is worth the effort, and it’s not time consuming – it often takes no more than a few seconds. More to the point, in my view, it is a critical component of the layered defense approach to Internet security that regular readers of this site are familiar with.

There are a number of free real-time port analyzers available for download, and the following is a brief description of each. If you are familiar and comfortable with using the Windows command structure, then you may want to try the command line utility Netstat, which displays protocol statistics and current TCP/IP connections. This utility and the process, are covered later in this article.

But first:

CurrPorts (this is the port tool I use daily), allows you to view a list of ports that are currently in use, and the application (keep in mind, that malware, for all practical purposes – is an application) that is using those ports. You can close a selected connection as well as terminating the process using it.

In addition, you can export all, or selected items, to an HTML or text report. Additional information includes the local port name, local/remote IP address, highlighted status changes and more.

Shown in this screen capture – Browser is not running. No remote connections. Looks like I’m safe.

CurrPorts 2

Shown in this screen capture – Browser is running. Thirty remote connections, all of which are legitimate.

image

Fast Facts:

View current active ports and their starting applications

Close selected connections and processes

Save a text/ HTML report

Info on local port name, local/remote IP address, highlighted status changes

Download at: NirSoft (you’ll need to cursor down the page to the download link).

Next up:

Process and Port Analyzer is a real time process, port and network connections analyzer which will allow you to find which processes are using which ports. A good little utility that does what it says it will do.

image

Fast Facts:

View currently running processes along with the full path and file which started it

View the active TCP Listeners and the processes using them

View the active TCP and UDP connections along with Process ID

Double click on a process to view the list of DLL’s

Download at: http://sourceforge.net

Netstat:

Windows includes a command line utility which will help you determine if you have Spyware/Botware running on your system. Netstat displays protocol statistics and current TCP/IP connections.

I use this utility as a test, to ensure that the anti-malware tools and Firewall running on my systems are functioning correctly, and that there are no open outgoing connections to the Internet that I am not aware of.

image

How to use Netstat:

You should close all open programs before you begin the following process if you are unsure which ports/connections are normally open while you are connected to the Internet. On the other hand, if you are familiar with the ports/connections that are normally open, there is no need to close programs.

There are a number of methods that will take you to a command prompt, but the following works well.

Click Start>Run>type “cmd” – without the quotes>click OK> this will open a command box.

In Windows 8 – type “cmd” at the Metro screen.

From the command prompt, type Netstat –a (be sure to leave a space), to display all connections and listening ports.

You can obtain additional information by using the following switches.

Type Netstat -r to display the contents of the IP routing table, and any persistent routes.

The -n switch tells Netstat not to convert addresses and port numbers to names, which speeds up execution.

The Netstat -s option shows all protocol statistics.

The Netstat-p option can be used to show statistics for a specific protocol or together with the -s option to show connections only for the protocol specified.

The -e switch displays interface statistics.

Running Netstat occasionally is a prudent move, since it allows you to double check which applications are connecting to the Internet.

If you find there are application connections to the Internet, or open ports, that you are unfamiliar with, a Google search should provide answers.

Steve Gibson’s website, Shields Up, is a terrific source of information where you can test all the ports on your machine as well as testing the efficiency of your Firewall. I recommend that you take the Firewall test; you may be surprised at the results!

12 Comments

Filed under 64 Bit Software, Don't Get Hacked, downloads, Freeware, Internet Safety Tools, Malware Protection, Software, Utilities

Comodo Cleaning Essentials – An Aggressive On-Demand Malware Scanner

imageThis past week, Neil J. Rubenking, PC Magazine’s lead analyst for security, in his article – The Best Free Antivirus for 2012 – included Comodo Cleaning Essentials.  Earlier this year, I took this freebie application for a test run and wrote up my impressions. Curiously, this post had both Twitter and Facebook referrals but, limited response from regular readers.

Comodo Cleaning Essentials is a tough application when used in the fight against malware, and in the event you missed this post, I’ve republished it here.

Comodo Cleaning Essentials

Comodo’s recently released portable Comodo Cleaning Essentials (freeware), is an interesting breed of applications within applications – an aggressive on-demand malware scanner (the core application), combined with several system tools – a variation of Windows Task Manager (Killswitch), and an Autorun Analyzer.

Users who are familiar with Sysinternals Process Explorer will have little difficulty getting down to work with Comodo’s Autorun Analyzer. Or, for that matter, Killswitch – an impressive Windows Task Manager replacement.

For now, I’ll focus on the on-demand malware scanner. All graphics in the following review can be expanded to their original size.

Simple, straightforward, and easy to understand GUIs are the standard – and, Comodo Cleaning Essentials meets that standard.

image

For my initial test run, I did not hold back in terms of the volume of information the application had to deal with – as illustrated in the following graphic. I should add – I set the selectable heuristics at “low level”. Users may choose to bump up  this setting.

image

image

Updating of the database is an automatic process, as illustrated.

image

Following application launch, my first reaction was – Get It Done! Thirty six minutes in, and memory scanning had not yet been completed. SLOW!

image

Three hours plus. Yawn – I’M WAITING!!!!!!!!

image

Waiting still – at the four hour plus mark. At this point I exited the application (2 Million objects scanned), since drive E: is malware free. As well, the 49 threats found by the scanner were all false positives – not a bad thing necessarily. More on this to follow.

image

Comodo Cleaning Essentials is no slouch at eating up the clock cycles – as illustrated in the following screen shot.

image

I jumped ahead here a little bit here, and ran a comparable scan with Microsoft Security Essentials which, as you can see in the following graphic, is not a system resource hog.

image

MSE test run – using the same test parameters.

image

The MSE scan completed in just under three hours. Keep in mind however – MSE is not portable, and is designed to act as a first line of defense against malware penetration.

Comodo Cleaning Essentials on the other hand, has been crafted as a “real world – everything is messed up” solution. Especially valuable in circumstances where malware has blocked access to onboard AVs.

image

The false positive issue.

No doubt, warnings and cautions generated by antimalware scanners, can often be a major frustration – time consuming and just a pain in the butt. On the other hand, scanning a HD which has been overrun by malware, demands the use of an aggressive tool – and, Comodo Cleaning Essentials certainly qualifies as “aggressive”. Simply put – you can’t have your cake and eat it too.

Autorun Analyzer:

As mentioned earlier, this component is a Process Explorer takeoff – with a number of worthwhile additional features.

The following screen capture (showing all entries), indicates 3 possible unsafe entries which, on investigation proved to be benign. Still, better safe than sorry. So, I take no issue with warnings which prove to be a “false alarm”. I’m all in favor of a “give me the bad news philosophy” – I’ll determine the relevancy of the information provided.

image

KillSwitch:

As a Windows Task Manager Replacement, KillSwitch has it in spades. The following screen shots illustrate just a few of the enhancements.

image

Over the years, I’ve happily been able to convince more than a few readers to occasionally spot check their network connections, using stand alone applications such as CurrPorts.  KillSwitch includes this capability – a very good move in my estimation.

image

Finally (at least for this report), KillSwitch includes a “Quick Repair” tool which, in the right circumstance, could be invaluable. Sorry, for this review I couldn’t find any items on this test platform to repair.   Smile

image

Fast facts: 

Classifies the threat level of all objects and processes currently loaded into memory and highlights those that are not trusted

Allows the admin to terminate, delete or suspend every untrusted item with a single click.

On-demand malware scanner quickly finds viruses, rootkits and hidden services

Extremely efficient malware removal routines thoroughly disinfect virus stricken endpoints

Detailed statistics and graphs allow admins to analyze and fine tune system activity to almost infinite levels of detail

Leverages Comodo’s huge whitelist database to accurately identify the trust status of every running process with minimal false positives

Integration with Comodo cloud scanning technology delivers instant behavioral analysis of unknown processes

Powerful system tools provide control over even the most obscure system settings

Simple interface for admins to manage trusted vendors list

Comprehensive event logs provide detailed overview of system activity on endpoint machines

Quick repair feature allows fast restoration of important Windows settings

Can replace the standard Windows Task Manager if required

Another indispensable addition to admin’s security toolkit to complement software such as Comodo Internet Security

Lightweight – requires no installation and can be run right from a USB stick

System Requirements: Windows 7 – 32 and 64 bit, Windows Vista – 32 and 64 bit, Windows XP – 32 and 64 bit

Download at: Comodo

I’m not suggesting that Comodo Cleaning Essentials is the perfect tool (if you find such a tool, please let me know   Smile  ), but, if you’re on the hunt for a lightweight, standalone security application – that doesn’t require installation – Comodo Cleaning Essentials deserves a close look.

A caveat: This application is not designed to be used by anyone other than highly knowledgeable, and well experienced users.

9 Comments

Filed under Anti-Malware Tools, Comodo, downloads, Freeware, Malware Removal, System Utilities, Windows Task Manager Replacement

Comodo Cleaning Essentials – Fast It’s Not – Powerful It Is

imageComodo’s recently released portable Comodo Cleaning Essentials (freeware), is an interesting breed of applications within applications – an aggressive on-demand malware scanner (the core application), combined with several system tools – a variation of Windows Task Manager (Killswitch), and an Autorun Analyzer.

Users who are familiar with Sysinternals Process Explorer will have little difficulty getting down to work with Comodo’s Autorun Analyzer. Or, for that matter, Killswitch – an impressive Windows Task Manager replacement.

For now, I’ll focus on the on-demand malware scanner. All graphics in the following review can be expanded to their original size.

Simple, straightforward, and easy to understand GUIs are the standard – and, Comodo Cleaning Essentials meets that standard.

image

For my initial test run, I did not hold back in terms of the volume of information the application had to deal with – as illustrated in the following graphic. I should add – I set the selectable heuristics at “low level”. Users may choose to bump up  this setting.

image

image

Updating of the database is an automatic process, as illustrated.

image

Following application launch, my first reaction was – Get It Done! Thirty six minutes in, and memory scanning had not yet been completed. SLOW!

image

Three hours plus. Yawn – I’M WAITING!!!!!!!!

image

Waiting still – at the four hour plus mark. At this point I exited the application (2 Million objects scanned), since drive E: is malware free. As well, the 49 threats found by the scanner were all false positives – not a bad thing necessarily. More on this to follow.

image

Comodo Cleaning Essentials is no slouch at eating up the clock cycles – as illustrated in the following screen shot.

image

I jumped ahead here a little bit here, and ran a comparable scan with Microsoft Security Essentials which, as you can see in the following graphic, is not a system resource hog.

image

MSE test run – using the same test parameters.

image

The MSE scan completed in just under three hours. Keep in mind however – MSE is not portable, and is designed to act as a first line of defense against malware penetration.

Comodo Cleaning Essentials on the other hand, has been crafted as a “real world – everything is messed up” solution. Especially valuable in circumstances where malware has blocked access to onboard AVs.

image

The false positive issue.

No doubt, warnings and cautions generated by antimalware scanners, can often be a major frustration – time consuming and just a pain in the butt. On the other hand, scanning a HD which has been overrun by malware, demands the use of an aggressive tool – and, Comodo Cleaning Essentials certainly qualifies as “aggressive”. Simply put – you can’t have your cake and eat it too.

Autorun Analyzer:

As mentioned earlier, this component is a Process Explorer takeoff – with a number of worthwhile additional features.

The following screen capture (showing all entries), indicates 3 possible unsafe entries which, on investigation proved to be benign. Still, better safe than sorry. So, I take no issue with warnings which prove to be a “false alarm”. I’m all in favor of a “give me the bad news philosophy” – I’ll determine the relevancy of the information provided.

image

KillSwitch:

As a Windows Task Manager Replacement, KillSwitch has it in spades. The following screen shots illustrate just a few of the enhancements.

image

Over the years, I’ve happily been able to convince more than a few readers to occasionally spot check their network connections, using stand alone applications such as CurrPorts.  KillSwitch includes this capability – a very good move in my estimation.

image

Finally (at least for this report), KillSwitch includes a “Quick Repair” tool which, in the right circumstance, could be invaluable. Sorry, for this review I couldn’t find any items on this test platform to repair.   Smile

image

Fast facts: 

Classifies the threat level of all objects and processes currently loaded into memory and highlights those that are not trusted

Allows the admin to terminate, delete or suspend every untrusted item with a single click.

On-demand malware scanner quickly finds viruses, rootkits and hidden services

Extremely efficient malware removal routines thoroughly disinfect virus stricken endpoints

Detailed statistics and graphs allow admins to analyze and fine tune system activity to almost infinite levels of detail

Leverages Comodo’s huge whitelist database to accurately identify the trust status of every running process with minimal false positives

Integration with Comodo cloud scanning technology delivers instant behavioral analysis of unknown processes

Powerful system tools provide control over even the most obscure system settings

Simple interface for admins to manage trusted vendors list

Comprehensive event logs provide detailed overview of system activity on endpoint machines

Quick repair feature allows fast restoration of important Windows settings

Can replace the standard Windows Task Manager if required

Another indispensable addition to admin’s security toolkit to complement software such as Comodo Internet Security

Lightweight – requires no installation and can be run right from a USB stick

System Requirements: Windows 7 – 32 and 64 bit, Windows Vista – 32 and 64 bit, Windows XP – 32 and 64 bit

Download at: Comodo

I’m not suggesting that Comodo Cleaning Essentials is the perfect tool (if you find such a tool, please let me know   Smile  ), but, if you’re on the hunt for a lightweight, standalone security application – that doesn’t require installation – Comodo Cleaning Essentials deserves a close look.

A caveat: This application is not designed to be used by anyone other than highly knowledgeable, and well experienced users.

4 Comments

Filed under Anti-Malware Tools, Comodo, downloads, Freeware, Malware Removal, System Utilities, Windows Task Manager Replacement