When Free Doesn’t Mean Free

This guest post is contributed by my Aussie mate, Jim Hillier. Jim is the resident freeware aficionado at Dave’s Computer Tips. A computer veteran with 30+ years experience who first started writing about computers and tech back in the days when freeware was actually free. His first computer was a TRS-80 in the 1980s, he progressed through the Commodore series of computers before moving to PCs in the 1990s. Now retired (aka an old geezer), Jim retains his passion for all things tech and still enjoys building and repairing computers for a select clientele… as well as writing for DCT, of course.

---

Remember the good old days when the “free” in freeware meant exactly that?

I started writing about freeware back in the days when Clif Sipe (aka Clif Notes) and Ian (Gizmo) Richards were pretty much the freeware gurus. Those were the halcyon days when innovation was rife and there was always some new and exciting freeware to write about and discuss. When good old Spybot Search & Destroy was pretty much the only antimalware – long before anyone had even heard of Malwarebytes Anti-Malware – and the awful Adobe Acrobat was the ubiquitous PDF reader.

I still vividly recall when Ian Richards first wrote about a new program called “Sandboxie” back in 2004. Sandboxie intrigued me no end and I thought it was the greatest thing since sliced bread… still do. However, back in those days, the concept of an “isolated virtual environment” was pretty much unheard of and trying to explain it, even to experienced users, was no easy chore. Alas, Gizmo’s original Freeware Newsletter is no more and Clif Sipe has long retired to a well-deserved easier life.

Fast forward to today and the freeware scene has changed dramatically. Not only has just about every avenue for freeware innovation been well and truly covered, creating a scarcity of material for freeware writers, but the entire concept of “free” has also taken on a whole new meaning.

Today, it seems very little is actually free and there is usually some sort of trade off involved  –  limited features, upgrade nag screens, download wrappers, advertising modules, bundled PUPs, toolbars, etc. Writing a freeware review today is as much about the potential safety and bundling issues as the actual program. While I can’t blame developers for seizing the opportunity to monetize all the work involved with developing and maintaining their software, I do wish they would be totally transparent about it, plus perhaps consider a system of opt-in rather than opt-out.

The trend has become so prevalent that it has actually spawned a whole new category of freeware tools – such as Unchecky and  AdwCleaner –  which are specifically designed to help users deal with bundling and PUPs (Potentially Unwanted Programs). A pretty scary indication of just how predominant this practice has become. Even the once pristine Open Source software has been sullied by SourceForge’s flirtation with DevShare, an adware supported download wrapper which was eventually discontinued after SourceForge changed hands in 2016.

There are still developers who remain true to the original spirit of freeware of course. Nir Sofer and his excellent collection of free portable NirSoft tools and utilities readily spring to mind. Unfortunately though, true unadulterated freeware is fast becoming as scarce as rocking horse manure and, sadly, today’s users need to approach all so-called freeware with a heightened sense of “let the downloader beware”.

Beat Obama’s Bandits With TrueCrypt Free (Open-Source) Encryption

The so called “War on Terror” has long since lost its luster and should be appropriately reclassified as The War of Terror. The U.S. has been singularly impudent in terrorizing the terrorists but instead, it has managed to terrorize the rest of the world using a system of surveillance schemes that have gone off the board. Chalk one up for Al Qaeda – the only winners in this debacle.

In the meantime, Americans continue to live in fear – trading away freedoms for security in a war that is simple unwinnable. Obama, despite his assurances that he would “fight terrorism while maintaining our civil liberties” has been a principle mover in this assault on democracy.

And, the master of the reversal has more –

Obama, in a 2008 election sound bite, drew a sharp contrast with the Bush administration which he proclaimed, offered Americans “a false choice between the liberties we cherish and the security we demand.” And for good measure – for stooping “to spy on citizens who are not suspected of a crime.” It’s a surreal world we live in, is it not?

But why be satisfied with my ramblings? Here’s the video.

As America continues its slide into Fascism (eagerly joined in the venture by Canada, Australia, the U.K. and countless other self-advertised “democracies”), the justified expectation held by these governments is – you – yes, you – will take no active part in expressing your outrage at the escalating intrusions into your private life. Sadly, the undermining of democracy, or more to the point, democracy as we though we knew it, continues apace.

As a consequence (hardly the only consequence, of course), encryption technology is once again in the spotlight. And no, using encryption does not mean that one has something to hide.

Sophisticated and  aware computer users know, that financial data and other confidential information, can easily be subject to intrusive viewing by those not authorized to do so.

Putting Obama and his bad boys aside, here are some examples of how this might occur:

Internet malware attack: Increasingly, statistics reinforce the fact that financial data continues to be targeted by hackers/information thieves, for the purpose of identity theft.

Contrast that reality with these facts; there is no such thing as a totally secure Internet connected computer. All Internet connected computers are subject to attack and compromise.

Lost or stolen Laptop: How often have we read the following – 200,00 (insert your own number here), bank account numbers, Social Insurance Numbers, names, addresses and dates of birth were on a laptop stolen/lost earlier this week.

In too many of these cases, negligently, the data is unencrypted. Certainly Laptop theft or loss is not restricted to organizations; it can just as easily happen to you.

Lost or stolen USB drive: Since USB flash drives are so portable, you can take a drive virtually anywhere. Just like most items that are portable and that you carry with you, this type of drive can be lost, or stolen.

To reduce or eliminate the security threat of sensitive data exposure then, the most prudent course of action is data encryption. Essentially, data encryption is a secure process for keeping your sensitive and confidential information private. It’s a process by which bits of data are mathematically jumbled with a password-key. The Encryption process makes the data unreadable unless, or until, decrypted.

It happens to us all: Just this past week, I lost not only my house keys (first time ever) – but the USB key attached to the keychain. If you guessed that the drive was encrypted – take a bow.  

TrueCrypt:

TrueCrypt is an outstanding free open source software application for establishing and maintaining an on-the-fly-encrypted volume. On-the-fly encryption simply means that data are automatically encrypted, or decrypted, just before they are loaded or saved – without any user intervention. The program automatically and transparently encrypts in real time.

No data stored on an encrypted volume can be read (decrypted) without the correct password/key file or correct encryption keys. The entire file system is encrypted (i.e., file names, folder names, contents, free space, Meta data, etc.).

Files can be copied to and from a mounted TrueCrypt volume just like they are copied to/from any normal disk (for example, by simple drag-and-drop operations). When you turn off your computer, the volume will be dismounted and files stored in the volume will be inaccessible and encrypted. You may of course, manually dismount the volume.

TrueCrypt offers a number of options – you can store your encrypted data in files, partitions, or on a portable storage device such as a USB flash drive.

Installation is simple and straightforward – no gotchas here. Lots of steps – but easy steps.

If you choose “Keyfiles”, be sure you understand the ramifications. This is an extra security step which has limited application for a home user. You do not need to select this option.

And – Win 8’s File Explorer reports that the volume has been setup successfully. If you expand the graphic below (click), you’ll also notice my first TrueCrypt volume on this HD from May 9, 2006.

Indicative of this application’s popularity is the fact that it is downloaded tens of thousands of times each day, across the Internet.

Fast Facts:

Creates a virtual encrypted disk within a file and mounts it as a real disk

Encrypts an entire hard disk partition or a storage device such as USB flash drive

Encryption is automatic, real-time (on-the-fly) and transparent

Provides two levels of plausible deniability, in case an adversary forces you to reveal the password – Hidden volume – No TrueCrypt volume can be identified (volumes cannot be distinguished from random data)

Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS

Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts

Pipelined operations increasing read/write speed by up to 100% (Windows)

I’ve been using TrueCrypt for a number of years, and I have developed a lot of confidence in this outstanding application. If you determine that encryption of your sensitive data is a priority, I highly recommend that you give TrueCrypt a try.

How effective is TrueCrypt? If you have any doubts as to how effective TrueCrypt really is, then read this article. FBI hackers fail to crack TrueCrypt:

The FBI has admitted defeat in attempts to break the open source encryption used to secure hard drives seized by Brazilian police during a 2008 investigation.

System Requirements: Win 8, Win 7, Vista, XP, Mac OS X, and Linux.

Download at: TrueCrypt

The Tool Designed To Fool – We Don’t Want No Stinkin’ Toolbar! (Revisited)

In today’s Tech Thoughts Daily Net News column, you’ll find a link to Ed Bott’s – How Oracle installs deceptive software with Java updates. So, what’s new here? Not as much as you might think – unfortunately.

I first posted on the issue of unwanted Toolbars – or, PUPS (potentially unwanted programs) – in March 2010. Based on the indignation shown by the majority of commenters – it just might be worth another read.

—————————————————————————————————

MEMO TO: SNEAKY FREEWARE DEVELOPERS

You give me your software for free as a marketing tool, with the hope of course, that I’ll upgrade to the commercial version of your application.

That’s cool, that’s smart, (it cost you nothing by the way) – nevertheless, I’m appreciative.

But you don’t stop with just the free use of your application, you piggyback a toolbar, or some other non-essential item, as part of the install package. Listen, I understand, you want to install a toolbar because you get paid by the toolbar developer. Even that’s OK – but you do it in such a sneaky way that it really pisses me off, and that’s not OK.

Worse, if I don’t like your application and uninstall it, you open your Internet site, following the uninstall, using my Internet Browser – even if I don’t give you permission by allowing the connection. In my view, that’s a form of hacking. You need to take a refresher course in ethics.

I’ve been around the Internet for a few decades, so it’s not often I get caught in your schemes to install unwanted software on my machines, but less experienced users are often caught in your carefully laid traps.

Here’s a sample of the outrage a typical user, who got trapped by unethical behavior, feels – a comment on my site left by an outraged reader, several days ago, following her installation of Miro.

I thought I’d give this a try, since I watch Hulu quite a bit, and I’m sooo angry I did. Miro installed Bing Search toolbar, which I didn’t want or agree to install (using firefox) and it wiped out all my default search engines for Firefox.

Now I’m trying to figure out how to get Firefox back to normal. Beware!!!!!!!! I don’t trust companies that install things without your consent or knowledge.

In this particular instance it’s true that the EULA covers this situation, but here’s the question. Why does an average user need to read a Eula in order to find an alternative installation solution?

An accusation of unethical behavior doesn’t begin to cover this case – sleazy; vulgar; dishonest; sordid; are much more appropriate.

You, the unethical developer, are not alone in attempting to profit by toolbar inclusion in freeware applications. More and more, high profile developers who offer a stripped down version of their commercial applications as freeware, are involving themselves in this highly questionable practice.

So here’s a question for the “ethical” freeware providers. How many toolbars do you think an average user needs? Ten? Twenty? Thirty………….. Just so you know, a Google search for “toolbar”, returns 167 Million results!

I can already hear your answer “ but the user can uncheck the appropriate box when installing the application”. Right! Unless you’re detached from the real world (and, you may well be), you’re more than aware that a typical user does not uncheck this box. Then, over time, the user is at a loss to explain why their machine has slowed to a crawl.

Could it be because your toolbar, along with twenty others, all installed in a furtive way, become active at startup – ya think!!

So, just stop with the crapware already. If you’re pissing me off, just consider what you’re doing to an average user.

Trap Malware With Toolwiz TimeFreeze

Back in April, I reviewed and highly recommended, a suite of freeware utility applications – Toolwiz Care. Having tested the application extensively, at the end of the day, it was no great leap in logic to say –  “This application is feature packed, and includes a wide range of tools that an average computer user should find powerful, efficient, and effective.”

One of the components included in this super suite is Time Freeze (recently released by the developer’s as a stand alone application) – a “one click simple” virtual system which, when active, virtualizes the operating system. In other words, a copy of the operating system is generated, and it’s within this “copy” – or sandbox, if you like – that all activity takes place. Keep in mind – the operating system is virtualized, only when Time Freeze is active.

So, why bother running in a virtualized environment, you might wonder? The answer is pretty simple – in most circumstances, there’s no real benefit. In fact, running virtualized may create a slight time lag in system response. There are, of course, particular circumstances in which running a virtual machine offers major  advantages – but, those circumstances (since I’ve covered this aspect numerous times in the past), are outside the scope of this review.

Instead, I’ll focus on the security aspect of running in virtual mode with Time Freeze when connected to the Internet. And, there can be significant security benefits.

Let’s assume, for example, that while surfing the Internet you fall victim to a drive-by download (more common than you might realize), while visiting an infected web site. Running in “real” mode would mean that you now have a significant problem on your hands. You can, if you like, believe that your AV application will protect you from the consequences – but, don’t count on it.

The same scenario, while running in virtual mode, will have an entirely different outcome. Since, in virtual mode – it’s a copy of the operating system which is facing the Internet – all system and application changes are restricted to the virtual environment. In other words – it’s the copy which has been infected. Simply rebooting the system does away with the copy, and with it – the infection.

Toolwiz Time Freeze, of all the virtual solutions I’ve reviewed over the past few years, has to be the simplest. It’s easy to use, non intrusive, and after initial setup, requires a minimum of user intervention – perfect for the average user.

Installation was hassle free – it was just a matter of  following the on-screen instructions.

Since the application place a small toolbar (shown below), on the Desktop – launching the application is a snap.

A quick click on the toolbar and, a click on “Start TimeFreeze”…………

… and, you’re in business.

Backing out of the application is equally as easy. At which time, you will have the option of saving any changes made to the system – or not. Not saving changes will require a reboot.

Fast facts:

Start up system protection. Prevents malicious threats being made and doing harm to your computer. It puts the actual system under protection and creates a virtual environment for system partition.

Simply reboot to restore your system to the previous state.

Don’t reboot to accept all the changes. It will take several minutes to save the changes to your real system.

Folder Protection – Help you to prohibit the changing of files by others.

Helps you to prohibit accessing the protected folders by others.

Protects your files from being infected by viruses or stolen by trojans.

Very easy switch between virtual & real system.

To enter virtual system, no need to reboot computer. To return to real system, just exit System Protection.

System requirements: Windows XP, Vista, Win 7, Win 8（32 bit and 64 bit）

Download at: Major Geeks

FAQ for Toolwiz Time Freeze

A word of caution: There are no perfect solutions – this application will not protect you against rootkits. Developing safe surfing habits remains your best protection against malware infection.

A further word of caution: Although I’ve had no difficult with this application, there have been reports of system crashes caused by Toolwiz Time Freeze. It’s always good practice to occasionally create a Restore Point – just in case.

This just in: Jim Hillier over at Daves Computer Tips reports the following:

Hey Bill –

I was using Time Freeze pretty regularly to test software for review purposes. I actually stopped using Time Freeze because of persistent issues. Occasionally, after the reboot process, a random service would be stopped. It was no big deal, just go into Services and re-start whichever service had been affected. Then finally, after a reboot, the OS would not load at all. I tried everything to get the OS to boot but no go. I can only assume that this time an essential system service had been stopped. I ended up having to restore a recent image.

So, you may be better off avoiding this application.

Who’s Phoning Home On Your Internet Connection? Find Out With CurrPorts and, Process and Port Analyzer

There’s not much point (from a cybercriminal’s perspective), in infecting a computer with malware unless the information which it’s been designed to capture, ends up in the nasty hands of the criminal.

Generally speaking then, it’s reasonable to say that the most important function of malware (again, from a cybercriminals perspective) is to “phone home” with the information it’s been designed to steal. It’s hardly surprising that much of the malware infecting the Internet does just that.

You can, if you like, trust that your AV solution will tip you off to any nasty behavior occurring in the background. But, as a follower of  the “better safe than sorry” school of thought, trusting in any AV solution to safeguard my systems in all instances, just doesn’t compute with me. There are no perfect AV solutions.

All to often, “new” malware has already rampaged through the Internet (despite the best AV providers have to offer), before average users become aware. As a result, I’ve long made it a practice to monitor my open ports and Internet connections frequently, throughout a browsing session.

At first glance you might think port checking is time consuming and not worth the effort. But it is worth the effort, and it’s not time consuming – it often takes no more than a few seconds. More to the point, in my view, it is a critical component of the layered defense approach to Internet security that regular readers of this site are familiar with.

There are a number of free real-time port analyzers available for download, and the following is a brief description of each. If you are familiar and comfortable with using the Windows command structure, then you may want to try the command line utility Netstat, which displays protocol statistics and current TCP/IP connections. This utility and the process, are covered later in this article.

But first:

CurrPorts (this is the port tool I use daily), allows you to view a list of ports that are currently in use, and the application (keep in mind, that malware, for all practical purposes – is an application) that is using those ports. You can close a selected connection as well as terminating the process using it.

In addition, you can export all, or selected items, to an HTML or text report. Additional information includes the local port name, local/remote IP address, highlighted status changes and more.

Shown in this screen capture – Browser is not running. No remote connections. Looks like I’m safe.

Shown in this screen capture – Browser is running. Thirty remote connections, all of which are legitimate.

Fast Facts:

View current active ports and their starting applications

Close selected connections and processes

Save a text/ HTML report

Info on local port name, local/remote IP address, highlighted status changes

Download at: NirSoft (you’ll need to cursor down the page to the download link).

Next up:

Process and Port Analyzer is a real time process, port and network connections analyzer which will allow you to find which processes are using which ports. A good little utility that does what it says it will do.

Fast Facts:

View currently running processes along with the full path and file which started it

View the active TCP Listeners and the processes using them

View the active TCP and UDP connections along with Process ID

Double click on a process to view the list of DLL’s

Download at: http://sourceforge.net

Netstat:

Windows includes a command line utility which will help you determine if you have Spyware/Botware running on your system. Netstat displays protocol statistics and current TCP/IP connections.

I use this utility as a test, to ensure that the anti-malware tools and Firewall running on my systems are functioning correctly, and that there are no open outgoing connections to the Internet that I am not aware of.

How to use Netstat:

You should close all open programs before you begin the following process if you are unsure which ports/connections are normally open while you are connected to the Internet. On the other hand, if you are familiar with the ports/connections that are normally open, there is no need to close programs.

There are a number of methods that will take you to a command prompt, but the following works well.

Click Start>Run>type “cmd” – without the quotes>click OK> this will open a command box.

In Windows 8 – type “cmd” at the Metro screen.

From the command prompt, type Netstat –a (be sure to leave a space), to display all connections and listening ports.

You can obtain additional information by using the following switches.

Type Netstat -r to display the contents of the IP routing table, and any persistent routes.

The -n switch tells Netstat not to convert addresses and port numbers to names, which speeds up execution.

The Netstat -s option shows all protocol statistics.

The Netstat-p option can be used to show statistics for a specific protocol or together with the -s option to show connections only for the protocol specified.

The -e switch displays interface statistics.

Running Netstat occasionally is a prudent move, since it allows you to double check which applications are connecting to the Internet.

If you find there are application connections to the Internet, or open ports, that you are unfamiliar with, a Google search should provide answers.

Steve Gibson’s website, Shields Up, is a terrific source of information where you can test all the ports on your machine as well as testing the efficiency of your Firewall. I recommend that you take the Firewall test; you may be surprised at the results!

Comodo Cleaning Essentials – An Aggressive On-Demand Malware Scanner

This past week, Neil J. Rubenking, PC Magazine’s lead analyst for security, in his article – The Best Free Antivirus for 2012 – included Comodo Cleaning Essentials.  Earlier this year, I took this freebie application for a test run and wrote up my impressions. Curiously, this post had both Twitter and Facebook referrals but, limited response from regular readers.

Comodo Cleaning Essentials is a tough application when used in the fight against malware, and in the event you missed this post, I’ve republished it here.

Comodo Cleaning Essentials

Comodo’s recently released portable Comodo Cleaning Essentials (freeware), is an interesting breed of applications within applications – an aggressive on-demand malware scanner (the core application), combined with several system tools – a variation of Windows Task Manager (Killswitch), and an Autorun Analyzer.

Users who are familiar with Sysinternals Process Explorer will have little difficulty getting down to work with Comodo’s Autorun Analyzer. Or, for that matter, Killswitch – an impressive Windows Task Manager replacement.

For now, I’ll focus on the on-demand malware scanner. All graphics in the following review can be expanded to their original size.

Simple, straightforward, and easy to understand GUIs are the standard – and, Comodo Cleaning Essentials meets that standard.

For my initial test run, I did not hold back in terms of the volume of information the application had to deal with – as illustrated in the following graphic. I should add – I set the selectable heuristics at “low level”. Users may choose to bump up  this setting.

Updating of the database is an automatic process, as illustrated.

Following application launch, my first reaction was – Get It Done! Thirty six minutes in, and memory scanning had not yet been completed. SLOW!

Three hours plus. Yawn – I’M WAITING!!!!!!!!

Waiting still – at the four hour plus mark. At this point I exited the application (2 Million objects scanned), since drive E: is malware free. As well, the 49 threats found by the scanner were all false positives – not a bad thing necessarily. More on this to follow.

Comodo Cleaning Essentials is no slouch at eating up the clock cycles – as illustrated in the following screen shot.

I jumped ahead here a little bit here, and ran a comparable scan with Microsoft Security Essentials which, as you can see in the following graphic, is not a system resource hog.

MSE test run – using the same test parameters.

The MSE scan completed in just under three hours. Keep in mind however – MSE is not portable, and is designed to act as a first line of defense against malware penetration.

Comodo Cleaning Essentials on the other hand, has been crafted as a “real world – everything is messed up” solution. Especially valuable in circumstances where malware has blocked access to onboard AVs.

The false positive issue.

No doubt, warnings and cautions generated by antimalware scanners, can often be a major frustration – time consuming and just a pain in the butt. On the other hand, scanning a HD which has been overrun by malware, demands the use of an aggressive tool – and, Comodo Cleaning Essentials certainly qualifies as “aggressive”. Simply put – you can’t have your cake and eat it too.

Autorun Analyzer:

As mentioned earlier, this component is a Process Explorer takeoff – with a number of worthwhile additional features.

The following screen capture (showing all entries), indicates 3 possible unsafe entries which, on investigation proved to be benign. Still, better safe than sorry. So, I take no issue with warnings which prove to be a “false alarm”. I’m all in favor of a “give me the bad news philosophy” – I’ll determine the relevancy of the information provided.

KillSwitch:

As a Windows Task Manager Replacement, KillSwitch has it in spades. The following screen shots illustrate just a few of the enhancements.

Over the years, I’ve happily been able to convince more than a few readers to occasionally spot check their network connections, using stand alone applications such as CurrPorts.  KillSwitch includes this capability – a very good move in my estimation.

Finally (at least for this report), KillSwitch includes a “Quick Repair” tool which, in the right circumstance, could be invaluable. Sorry, for this review I couldn’t find any items on this test platform to repair.  

Fast facts: 

Classifies the threat level of all objects and processes currently loaded into memory and highlights those that are not trusted

Allows the admin to terminate, delete or suspend every untrusted item with a single click.

On-demand malware scanner quickly finds viruses, rootkits and hidden services

Extremely efficient malware removal routines thoroughly disinfect virus stricken endpoints

Detailed statistics and graphs allow admins to analyze and fine tune system activity to almost infinite levels of detail

Leverages Comodo’s huge whitelist database to accurately identify the trust status of every running process with minimal false positives

Integration with Comodo cloud scanning technology delivers instant behavioral analysis of unknown processes

Powerful system tools provide control over even the most obscure system settings

Simple interface for admins to manage trusted vendors list

Comprehensive event logs provide detailed overview of system activity on endpoint machines

Quick repair feature allows fast restoration of important Windows settings

Can replace the standard Windows Task Manager if required

Another indispensable addition to admin’s security toolkit to complement software such as Comodo Internet Security

Lightweight – requires no installation and can be run right from a USB stick

System Requirements: Windows 7 – 32 and 64 bit, Windows Vista – 32 and 64 bit, Windows XP – 32 and 64 bit

Download at: Comodo

I’m not suggesting that Comodo Cleaning Essentials is the perfect tool (if you find such a tool, please let me know     ), but, if you’re on the hunt for a lightweight, standalone security application – that doesn’t require installation – Comodo Cleaning Essentials deserves a close look.

A caveat: This application is not designed to be used by anyone other than highly knowledgeable, and well experienced users.

Comodo Cleaning Essentials – Fast It’s Not – Powerful It Is

Comodo’s recently released portable Comodo Cleaning Essentials (freeware), is an interesting breed of applications within applications – an aggressive on-demand malware scanner (the core application), combined with several system tools – a variation of Windows Task Manager (Killswitch), and an Autorun Analyzer.

Users who are familiar with Sysinternals Process Explorer will have little difficulty getting down to work with Comodo’s Autorun Analyzer. Or, for that matter, Killswitch – an impressive Windows Task Manager replacement.

For now, I’ll focus on the on-demand malware scanner. All graphics in the following review can be expanded to their original size.

Simple, straightforward, and easy to understand GUIs are the standard – and, Comodo Cleaning Essentials meets that standard.

For my initial test run, I did not hold back in terms of the volume of information the application had to deal with – as illustrated in the following graphic. I should add – I set the selectable heuristics at “low level”. Users may choose to bump up  this setting.

Updating of the database is an automatic process, as illustrated.

Following application launch, my first reaction was – Get It Done! Thirty six minutes in, and memory scanning had not yet been completed. SLOW!

Three hours plus. Yawn – I’M WAITING!!!!!!!!

Waiting still – at the four hour plus mark. At this point I exited the application (2 Million objects scanned), since drive E: is malware free. As well, the 49 threats found by the scanner were all false positives – not a bad thing necessarily. More on this to follow.

Comodo Cleaning Essentials is no slouch at eating up the clock cycles – as illustrated in the following screen shot.

I jumped ahead here a little bit here, and ran a comparable scan with Microsoft Security Essentials which, as you can see in the following graphic, is not a system resource hog.

MSE test run – using the same test parameters.

The MSE scan completed in just under three hours. Keep in mind however – MSE is not portable, and is designed to act as a first line of defense against malware penetration.

Comodo Cleaning Essentials on the other hand, has been crafted as a “real world – everything is messed up” solution. Especially valuable in circumstances where malware has blocked access to onboard AVs.

The false positive issue.

No doubt, warnings and cautions generated by antimalware scanners, can often be a major frustration – time consuming and just a pain in the butt. On the other hand, scanning a HD which has been overrun by malware, demands the use of an aggressive tool – and, Comodo Cleaning Essentials certainly qualifies as “aggressive”. Simply put – you can’t have your cake and eat it too.

Autorun Analyzer:

As mentioned earlier, this component is a Process Explorer takeoff – with a number of worthwhile additional features.

The following screen capture (showing all entries), indicates 3 possible unsafe entries which, on investigation proved to be benign. Still, better safe than sorry. So, I take no issue with warnings which prove to be a “false alarm”. I’m all in favor of a “give me the bad news philosophy” – I’ll determine the relevancy of the information provided.

KillSwitch:

As a Windows Task Manager Replacement, KillSwitch has it in spades. The following screen shots illustrate just a few of the enhancements.

Over the years, I’ve happily been able to convince more than a few readers to occasionally spot check their network connections, using stand alone applications such as CurrPorts.  KillSwitch includes this capability – a very good move in my estimation.

Finally (at least for this report), KillSwitch includes a “Quick Repair” tool which, in the right circumstance, could be invaluable. Sorry, for this review I couldn’t find any items on this test platform to repair.  

Fast facts: 

Classifies the threat level of all objects and processes currently loaded into memory and highlights those that are not trusted

Allows the admin to terminate, delete or suspend every untrusted item with a single click.

On-demand malware scanner quickly finds viruses, rootkits and hidden services

Extremely efficient malware removal routines thoroughly disinfect virus stricken endpoints

Detailed statistics and graphs allow admins to analyze and fine tune system activity to almost infinite levels of detail

Leverages Comodo’s huge whitelist database to accurately identify the trust status of every running process with minimal false positives

Integration with Comodo cloud scanning technology delivers instant behavioral analysis of unknown processes

Powerful system tools provide control over even the most obscure system settings

Simple interface for admins to manage trusted vendors list

Comprehensive event logs provide detailed overview of system activity on endpoint machines

Quick repair feature allows fast restoration of important Windows settings

Can replace the standard Windows Task Manager if required

Another indispensable addition to admin’s security toolkit to complement software such as Comodo Internet Security

Lightweight – requires no installation and can be run right from a USB stick

System Requirements: Windows 7 – 32 and 64 bit, Windows Vista – 32 and 64 bit, Windows XP – 32 and 64 bit

Download at: Comodo

I’m not suggesting that Comodo Cleaning Essentials is the perfect tool (if you find such a tool, please let me know     ), but, if you’re on the hunt for a lightweight, standalone security application – that doesn’t require installation – Comodo Cleaning Essentials deserves a close look.

A caveat: This application is not designed to be used by anyone other than highly knowledgeable, and well experienced users.

xplorer2 lite Freeware – Does Portable Too

You might think that your stuck with the Windows Explorer version that your particular version of Windows supports – but, your not. While the Windows 7 version of Explorer is an improvement over previous versions, it still falls short in several areas – for those of us who manage files on a daily basis.

A freeware Windows Explorer replacement* xplorer2 lite (last updated October 2011), offers a number of additional functions including dual panes, and folder tabs, which should make your file management tasks more efficient.

* during installation you may choose to replace Windows Explorer, or you may install xplorer2 lite side-by-side with Windows Explorer.

Typical Windows Explorer display – in this case Windows 7. (Click on graphic to expand).

xplorer2 lite display in dual pane mode – showing local disk E: (Windows 8), and local disk C: (Windows 7). Click on graphic to expand.

xplorer2 lite display in thumbnail mode.

A very cool tip of the day function helps users learn to take advantage of the great features in xplorer2 lite. Examples are shown below.

Fast facts:

Dual panes and folder tabs

Browse everywhere (all shell namespace)

Preview documents, pictures, music, video

Side by side views for easy file management

Filter and select with wildcards

Synchronize folders

System requirements: Windows All (32 & 64 bit) XP, Vista, 7

Languages supported: English, French, German, Japanese, Spanish, and more.

Download at: Developer’s site

xplorer2 lite edition portable version available at: SmithTechSoftware

A caveat – during installation you will be offered a Toolbar. Consider carefully as to whether installation is in your best interest.

Free LiberKey Version 5.5 – A Computer Toolbox On A Stick

LiberKey (which I’ve reviewed previously – version 4.1 – March 2010), is a compilation of freeware, and open source  portable applications, offered in three flavors that can be installed on, and run from, a USB drive.

Additionally, the application can just as easily be installed, and run, from a Hard Drive. In fact, for this updated test and review, that’s exactly what I choose to do – installing LiberKey to my F: drive. You might consider a similar solution – an install to a Flash drive and a further install to your HD.

Available applications cover a huge area of interest including Audio, Video, Graphics, Internet, Games, Security, Education, System, and more.

Basic suite: 13 Applications, Installed size: 120.51 MB

Standard suite: 83 Applications, Installed size: 561.61 MB

Ultimate suite:  144 Applications, Installed size: 711.47 MB

As an bonus, more applications can be added at a later date using LiberKey’s catalogue. Additionally, you have the option of building your own LiberKey platform.

There have been major changes since I first reviewed LiberKey. This time out, on launching the application, you will find that you are presented with a blank  LiberKey menu applet. I’m not convinced that this

You will then have the opportunity to select the most appropriate suite for your needs as per the following screen capture. I’m not convinced that this process is instinctive, but……

I choose the Ultimate edition adding (144 applications), which took approximately  11 minutes to download and install (in a single seamless process), to my Hard Drive. The same install to a Flash Drive, ate up roughly 30 minutes.

Following installation, you’ll notice that the Menu has been populated.

The portable application launcher is user friendly, and no learning curve is involved, as the following screen capture indicates. In this example, simply clicking on FastStone Image Viewer, brought up the application.

With so many applications to choose from, finding the right tool for the job could be a bit of a hassle. But, the developers have anticipated this and provided a pop out description of each application – making it easy to put your finger on just the right tool.

Fast facts:

Free.

Ready to use.

Portable applications.

Automatic online updates.

You can synchronize the display of the online catalog with your LiberKey.

This can help you to locate applications that could interest you.

System requirements: Windows 2000, XP, Vista, Win 7

Download at: LiberKey.com

The developers have put up a short install demo video you might find worthwhile viewing.

Security Precautions For Your New Christmas PC

We are now officially in the “Holiday Season”, (the “Christmas Season”, to we traditionalists), so along with those visions of sugar plum fairies dancing in your head, you just might have visions of a super hot, quad core beast, that you can rip the wrapping off – after Santa has dropped down your chimney.

So if you’ve been good this year, and Santa does drop off that new screaming machine, no doubt you’ll want to put it through its paces right away. But before you test drive this new machine, there are some fundamental precautions you need to take.

Patch your operating system:

Download and install all available patches, and service packs – if applicable, by connecting to Windows Update. Security Gurus will tell you that 50% of unpatched, and unprotected systems, will be infected with malicious code within 12 minutes of being connected to the Internet. Believe it!

Install a Firewall:

Windows 7 comes with a vastly improved Firewall – substantially better than in previous versions of the operating system. Still, many techies consider third party applications more effective.

There are a number of free firewalls that are worth considering. The following are three that do the job particularly well. (Choose only one)

Comodo Firewall Pro:

Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I ran with this application for 18 months during a long term test, and I felt very secure.

PC Tools Firewall Plus:

PC Tools Firewall Plus is my Firewall of choice. It installed easily, set up quickly, and did not caused any conflicts on my test machine despite my sometimes esoteric running requirements. The default settings are well thought out, and provide excellent protection for less experience users.

ZoneAlarm Free Firewall:

ZoneAlarm’s default settings are well thought out, and provide excellent protection for less experience users particularly. Experienced users on the other hand, can tinker to their hearts content, customizing and tweaking the application to meet their specific requirements.

Install anti-virus software:

There is no doubt that an unprotected computer will become infected by viruses and malware within minutes of first being connected to the Internet. There are many free versions of anti-virus software available, and the programs listed below have a well justified reputation. (Choose only one – although Immunet Protect will run successfully as a companion application).

Avira AntiVir Personal:

This anti-virus program offers comprehensive protection with an easy to use interface. In the time that I have been testing Avira I have been impressed with its performance, and I have come to rely on it as my primary anti-virus program on an XP Pro system. I highly recommend this one.

Panda Cloud Antivirus:

I’ve been testing the Beta version of Panda Cloud Antivirus since the end of April 2009, off and on, and I’ve been pleasantly surprised with it’s performance, particularly the light use of system resources. This application is definitely not a resource hog, and I found it outstanding at recognizing and blocking malware threats.

Immunet Free Antivirus:

Immunet Protect is a lightweight cloud based antivirus application, (available in both a free, and a fee version), designed to add a layer of protection while working in partnership with the most popular antimalware solutions. You’ll find Immunet straightforward to install, and easy to run without complication.

Install Anti-spyware and Adware Software:

It’s not only a virus that can put your computer down for the count, but a multitude of nasties freely floating on the Internet. Listed below are a number of free programs that offer very good protection against malware.

Microsoft Security Essentials:

Microsoft Security Essentials, which incorporates antivirus, antispyware and rootkit protection, all under one roof, was released by Microsoft as a free  replacement application for Windows Live OneCare. Microsoft Security Essentials is easy to set up and run, particularly for new users. And, the interface is positively simple offering Quick Scan, Full Scan, or Custom Scan.

Spybot Search and Destroy:

Spybot Search & Destroy can detect and remove a multitude of adware files and modules from your computer. Spybot also can clean program and Web-usage tracks from your system, which is especially useful if you share your computer. Modules chosen for removal can be sent directly to the included file shredder, ensuring complete elimination from your system.

ThreatFire:

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. I highly recommend this one!

Additional security protection:

Web of Trust (WOT):

WOT is a free Internet Browser add-on which tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

SpywareBlaster:

SpywareBlaster prevents ActiveX-based spyware, adware, dialers, and browser hijackers from installing on your system by disabling the CLSIDs (a system used by software applications to identify a file or other item), of spyware ActiveX controls. As well, SpywareBlaster can block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Firefox, and other browsers.

WinPatrol:

With WinPatrol, in your system tray, you can monitor system areas that are often changed by malicious programs. You can monitor your startup programs and services, cookies and current tasks. Should you need to, WinPatrol allows you to terminate processes and enable, or disable, startup programs. There are additional features that make WinPatrol a very powerful addition to your security applications.

SpyShelter:

SpyShelter is an anti-keylogging, anti-spyware program that protects your data from Keylogging and spy programs: known, unknown, and under-development. It detects and blocks dangerous and malicious programs, to help ensure that your data cannot be stolen by cyber criminals.

Note: Keep in mind however, that even the best layered protection strategy will not make up for lack of experience, and intuitiveness, when surfing the Internet. So, I’ll repeat what I have said here, many times – “knowledge, awareness, and experience are critical ingredients in the escalating battle, against cybercriminals.”

This list is not exhaustive by any means, but it is a good place to start.

A final note: You may find that your new PC is loaded with preinstalled “trial” software. This is the type of thing that drives users buggy, since trying to figure out how to get rid of trialware is not as easy as it should be. But don’t fret.

Take a look at – Free PC Decrapifier – Bloatware Begone! – a free application designed to specifically uninstall these annoyances

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.