Malware Speaks! Please Listen

If malware could speak, what a tale his thoughts could tell.

If you could have a conversation with one, or more, of the scourges that infest the Internet, you might be surprised at what could be learned from such an imaginary conversation. It might go something like this:

I might be malware, but in most cases I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

Take my good buddy LOP, for example, he’s been away for awhile, but he recently came back from vacation and he’s now infecting unsuspecting computer users’ machines with renewed vigor. Since LOP is a shift changer, and is often incompletely recognized by many tools – particularly newer forms of the infection, he’s having a hell of a good time.

The people he works for (some might call them cybercrooks – well, actually everyone calls them cybercrooks), are experts at convincing you to install malicious code like LOP.

LOP is a pretty neat piece of malware (his employers are pretty smart fellows), since he’s been designed, amongst other things, to display ads from a range of advertisers through pop-up windows, banner ads and so on.

Oh, and he’ll automatically switch your Internet Explorer home page to his own search engine. One he particularly likes is http://www.mp3search.com. When searches are made with this engine, the results that you see will be advertising pages that LOP chooses to display.

(Sample misdirected search)

Here’s what WOT has to say about mp3search.com. Click on the graphic to expand the image.

Just in case you decide that LOP is no longer welcome on your computer (that happens all the time), he will connect, every so often, to a web page from which new malware files will be downloaded – making it much more difficult to delete all of the active malicious files on your system.

I should tell you that LOP is extremely hard to get rid of, and just in case you try, you’ll have to deal with over 200+ changes to your Registry Keys. And in case that’s not enough bad news, you should know that LOP will invite lots of his malware friends over, so that they can party on your system.

But LOP has even more tricks up his sleeve. He can  monitor your system’s processes, and can even play with your security applications making them ineffective.

Since he’s a sporty fellow, once he’s done that, he’ll launch a Keylogger to capture your key strokes and just for fun, he’ll go on to scan your email contact list so that he can bug your friends. Hmm, maybe they’ll soon to be your ex friends.

LOP is definitely a hard worker (which is why his employers like him so much), so in his spare time he’s going to look around your operating system for vulnerabilities. You see, he knows that most people, haven’t installed the latest operating system updates, nor have they updated their security applications, like their supposed to.

Even if they have taken care of updating their operating system, it’s almost certain that they haven’t updated installed productivity applications, and LOP knows just how vulnerable these applications can be.

So, think carefully before you offer LOP, or any of his malware friends, that invitation. Once invited in, LOP will settle in for a long, long visit.

Thanks for the chat, but I have to get going. There are lots of unaware Internet users’ waiting to invite me into their computers. I know that many Internet users’ are kind of “click crazy”; so why should LOP be the only one to have some fun!

Oh, by the way, unless you paid attention to what I said, I’ll probably drop by your machine soon. You have a good day now.

This is an edited and revised copy of an article originally posted here July 14, 2009.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

BitDefender Warns Of iPhone Jailbreaking Malware Attack

iPhone “jailbreaking” – the user taking all-inclusive command of the device, which includes running non-approved Apple applications, is apparently not without risk.

Security researchers at BitDefender, the well known security application developer, have just uncovered a malware scheme, aimed at iPhone jailbreakers, that according to BitDefender “deploys a keylogger ……. which allows the malware creators to intercept the victim’s visited sites, usernames, passwords, and bank accounts information – such as pin number, bank account numbers, passwords, etc.”

Delivery of the Trojan, identified by BitDefender as Trojan.Generic.3010833, begins with the user’s positive response to an email which offers software designed to unlock an iPhone, as the following graphic illustrates.

Graphic courtesy of BitDefender.

The body of the email reads as follows:

“Our software is compatible with all firmwares (including the latest version) and will unlock 3G, 3GS, & 2G iPhone models within just a few minutes.

You can download the iPhone unlocking software from here: http://www.unlock……………. /iphone3gs-3g.exe”

Clicking on the link triggers an executable file download to the potential victim’s computer. Running the downloaded executable (and who’s not going to at this point), triggers the installation of a Trojan which according to BitDefender “attempts to change the preferred DNS server address for several possible internet connections on the user’s computer to 188.210……………..”

The following graphic illustrates BitDefender’s security application’s response to Trojan.Generic.3010833.

Graphic courtesy of BitDefender.

Regular readers here are very familiar with the following cautions, but they bear repeating.

Don’t click links in emails. If they come from a known source, type them on the browser’s address bar. If they come from an untrusted source, simply ignore them.

Don’t open emails that come from untrusted sources.

Don’t run files that you receive via email without making sure of their origin.

Keep your computer protected. Install a security solution and keep it up-to-date.

BTW, BitDefender offers a host of highly regarded free security applications which you can checkout here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Download Free SpyShelter Anti-Keylogger

A software Keylogger, or system monitor, is a small program (not always malware, I should point out), that monitors every keystroke a user types on a computer’s keyboard.

Keyloggers are a particularly sinister type of malware, and are notorious for disabling Firewalls and anti-malware tools. This is a type of malware that I pay particular attention to, and make a special effort to guard against.

Since I test a lot of applications, I am continually amazed at the number of programs that request access to my keyboard, and screen, during installation. Unless there are valid reasons for this type of access, I don’t allow it. Surprisingly, in most cases the application installs correctly. Curious!

Regular reader Charles L. recently gave me a great tip on a freeware anti-logger application – SpyShelter Personal, which is also available in a paid version, SpyShelter premium.

SpyShelter is an anti-keylogging, anti-spyware program that protects your data from Keylogging and spy programs: known, unknown, and under-development.

It detects and block dangerous and malicious programs, to help ensure that your data cannot be stolen by cyber criminals.

The free version includes the following features:

• System protection (HIPS)
• Anti keylogger
• AntiScreenCapture
• AntiClipboardCapture

Setup is a snap, since the user interface follows the familiar tabbed menu system.

SpyShelter Fast facts:

Proactively scans when any spy program, Keylogger or Trojan attempts to store your private information.

Compatible with other well-known security products such as anti-virus and firewall software.

Protect your passwords, chat, credit card.

Fast algorithm process does not slow down your computer when scanning for dangerous items.

SpyShelter needs only a small amount of hardware and system resources.

Doesn’t need to check a signature database.

Simple, easy-to-use, intuitive GUI.

System requirements: Windows XP, Vista, Win 7 (32&64 bit).

Languages: English, German, Spanish, Italian, French, Polish, Croatian, Serbian, Chinese, Turkish, Czech, Macedonian, Brazilian(Portuguese)

Download at: SpyShelter.com

____________________________________________________

There are additional remedies for this type of malware threat, including –

SnoopFree Privacy Shield (free):

SnoopFree Privacy Shield (which I’ve been running for years), is a free application that guards your keyboard, screen, and open windows from all such spy software.

It makes it virtually impossible for any spy program to work on your computer since SnoopFree Privacy Shield’s protection works against spy software in real time. Unfortunately, this application works on Windows XP only.

Download at: Download.com

Zemana AntiLogger (commercial):

Since my personal home machines now run on Windows 7, I can no longer protect against Keyloggers using SnoopFree Privacy Shield, so I had to find an alternative. Zemana AntiLogger, is a competitively priced anti-keylogger application that I have come to rely on since I installed it 6 months ago.

This is an impressive application, particularly the system defense function which intercepts proposed changes to system files NOT picked up by other security applications on my systems.

Since I use a Webcam extensively for communicating, the active Webcam protection offered by Zemana AntiLogger, is of special importance to me.

Zemana AntiLogger is compatible with Windows XP, Vista and Win 7.

This application is not freeware, but is very well priced at $34.00 USD. You can download a 15 day trial version at: Zemana

We’re now half way through 2010, and as predicted, this year has being a banner year for cyber-criminals. Being prepared and being aware, while not a panacea, will continue to be a key element in mitigating risk exposure. If Keylogger protection is a concern, you should consider adding an anti-logger application to your security toolbox.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Download SUPERAntiSpyware Free – New True 64 Bit Edition

The long awaited 64 bit version of SUPERAntiSpyware is here. According to Director of Business Development, Mike Duncan –

“Version 4.38.1004 includes a blended 32/64-bit installer and true NATIVE 64-bit support. Our 64-bit support is the result of careful development and will allow SUPERAntiSpyware to remove actual 64-bit infections. Many other products claim to remove actual 64-bit infections, but will only remove 32-bit infections on 64-bit systems.

Additionally, version 4.38 includes our new “SUPERSetup” installer for lightening quick installations in Normal OR Safe Mode.  We’ve also built in command line switches for auto-deployment/registration and silent deployment.  In the spirit of continually improving SUPERAntiSpyware’ overall performance, the new version will also yield faster load times and faster definition parsing/updating times.”

The free version of this award winning program, is used by millions of people worldwide (30 Million at last count), to protect their computers. And why not? SUPERAntiSpyware is well known for its high malware detection rate.

A simple, intuitive, and easy to use interface makes SUPERAntiSpyware straightforward to setup, customize, and run, for both less experienced and expert users alike.

One extra feature in this anti-malware product is particularly appealing; a repair function, which allows the user to recover settings frequently wrecked by malware, and which are often not recoverable despite removal of the malware process.

These settings include Internet connections, lost desktops, the ability to edit the registry and  access to the task manager which is often knocked out by a malware attack.

I’ve been using SUPERAntiSpyware as a secondary scanner for years, and I have no hesitation in stating that this application deserves its reputation as a first class security application. SUPERAntiSpyware is fast, efficient, and effective, and I highly recommend that you add it to your security toolbox, as a secondary line of defense.

Note: Be sure to manually update the definition database, before running a scan.

Fast facts:

Quick, Complete and Custom Scanning of Hard Drives, Removable Drives, Memory, Registry, Individual Folders and More! Includes Trusting Items and Excluding Folders for complete customization of scanning!

Detect and Remove Spyware, Adware, Malware, Trojans, Dialers, Worms, KeyLoggers, Hijackers and many other types of threats.

Repair broken Internet Connections, Desktops, Registry Editing, Task Manager and more with our unique Repair System! Spyware applications often disable system components to prevent removal – SUPERAntiSpyware resets and restores these items in seconds.

Quarantine items detected and removed for complete protection. Items in the quarantine may be restored to your computer if desired.

Detailed scan logs with complete information about detected and removed threats and their locations within your computer. Scan logs allow you to review scheduled scan results at any time.

Multi-Dimensional Scanning – SUPERAntiSpyware is a next generation scanning system that goes beyond the typical rules based scanning methods. Our Multi-Dimensional Scanning system detects existing threats as well as threats of the future by analyzing threat characteristics in addition to code patterns.

Process Interrogation Technology – SUPERAntiSpyware features our unique Process Interrogation Technology (PIT) that allows threats to be detected no matter where they are hiding on your system. Many new types of threats utilize “Rootkits” or “Kernel Drivers” to hide themselves to avoid detection by standard anti-spyware applications. SUPERAntiSpyware’s Process Interrogation Technology locates even the toughest of threats.

Frankly, I wouldn’t be without SUPERAntiSpyware in my anti-malware arsenal. This application kills tough malware – dead.

System Requirements: Windows 2000, XP, Media Center, Vista, Windows 2003, Windows 7.

Download at: Download.com

BTW, if you are currently running an older version of SUPERAntiSpyware it’s important to update to version 4.38.1004.

Important note: As a full fledged security application, with all of its features unlocked; real-time protection, scheduled scanning, and scheduled updating, SUPERAntiSpyware Professional Edition is very well priced at $29.95 USD.

On purchase, SUPERAntiSpyware offers a 30-day unconditional money back guarantee, if you are dissatisfied for any reason.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Free Malwarebytes – Is it the Best Secondary Malware Scanner?

Depending on a single security applications to provide broad scale protection, is an absolute “non-starter”. A single security applications does not, and never has had the ability to do this, despite the commonly help belief to the contrary.

Part of the layered security  process (stacking security solutions, one on top of the other, to cover the gaps that exist in the protection capabilities of even the most sophisticated security applications), consists of supplementing the primary AV application with an on-demand malware application.

In other words, an AV application that does not start with Windows but instead, is available for manual scanning.

Actually, there’s no harm in installing more than one antimalware application to be used as a secondary scanner – doing so can be advantageous. However, be sure NOT to allow more than one primary application to autostart, in order to prevent potential conflicts.

Virtually all free security applications are programmed to autostart after installation, so be aware of this, and make the necessary adjustments using MSConfig.

I run Malwarebytes’ Anti-Malware every day, as a secondary malware scanner, since I have absolutely no faith that a single security application offers adequate protection.

The free version of this speed demon (it’s faster at scanning than any anti-malware program I’ve tested in the last 2 years), is used by millions of people worldwide to protect their computers.

It’s important to note that the real time protection module is disabled in the free version of Malwarebytes’ Anti-Malware. Actually, this is perfect for your purpose.

Less critical, is the disabling of scheduled scanning, and scheduled updating in the free version. (Rodzilla, a very frequent reader, and an expert user, is adamant that the lack of auto updating is a critical flaw – we have agreed to disagree on this point).

Each day, as I manually update the definition database I’ve noticed that typically, the definition database has been updated 3/5 times in the previous 24 hours. Since study after study indicate that new malware is created at the rate of 20,000, or more, new versions every single day, it’s easy to see that Malwarebytes’ is being proactive to these conditions.

A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run, for both less experienced and expert users alike as the following screen captures indicate.

Since real time protection is disabled, I do not recommend that you use this free version of Malwarebytes’ Anti-Malware as a stand alone primary security application, since it simply will not offer you adequate protection with this restriction. Instead, use it as I do, as an on-demand, secondary scanner.

Despite this real-time protection limitation in the free version, Malwarebytes’ Anti-Malware has an excellent reputation (shared by me), as a first class security application, for its ability to identify and remove adware, Trojans, key-loggers, home page hijackers, and other malware threats.

Fast facts:

Blazing speed on quick scanning

Full scans for all drives.

Daily database updates

Quarantine function

Additional utilities for manual malware removal

Multi-lingual support

Command line support for quick scanning

Context menu integration to scan files on demand

Systems Requirements: Windows 2000, XP, Vista, and Win 7 (32-bit and 64-bit).

Multi-lingual support: English, Albanian, Bulgarian, Catalan, Chinese Simplified, Chinese Traditional, Czech, Danish, Dutch, Finnish, French, German, Hungarian, Italian, Norwegian, Polish, Portuguese, Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Turkish.

Download at: Malwarebytes.org

Two quick tips:

Malwarebytes should be run in normal user mode, not safe mode.

I normally run “Quick Scan” and not deep scan since Malwarebytes concentrates on folders where malware is targeted in this mode. In quick scan mode, a scan generally takes seven minutes, or less, on my system.

Another great free alternative:

The free version of SUPERAntiSpyware despite it’s lack of real-time protection deserves its reputation as a first class security application, and it’s definitely worth considering adding to your security toolbox as a secondary line of defense.

You can read the review, and find the download link in my article “Knockout Malware With SUPERAntiSpyware Free Edition”, on this site.

Update: Here’s some welcome input from regular reader Georg Lechner –

“Malwarebytes’, recent iteration 1.46 – New users may find it easier to use Advanced System Care (recent version is 3.6.0) to control the autostart behavior of Malwarebytes’, using the Startup Manager, to be found under Admin Tools.

SUPERAntiSpyware just released its recent iteration 4.38.0.1004 – This version is 32 AND 64 bit, but the previous version must be deinstalled manually before installing this one on 64 bit machines (WIN 7).”

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Download SUPERAntiSpyware Free Edition – Kill Tough Malware

Yesterday, I mentioned that I run Malwarebytes’ Anti-Malware every day, as a secondary malware scanner, since there is no one anti-malware tool that is likely to identify and remove all of the Trojans, Spyware, Viruses, and other threats, we now face.

I also mentioned – there’s no harm in installing more than one antimalware application to be used as a secondary scanner, and that doing so, can be advantageous.

In addition to running a daily quick scan with Malwarebytes’, I run a daily quick scan using the free edition of SUPERAntiSpyware. The free edition of SUPERAntiSpyware ( updated February 18, 2010), is an excellent choice, as a (primary or additional), secondary malware scanner.

The free version of this award winning program, is used by millions of people worldwide to protect their computers. And why not? SUPERAntiSpyware is well known for its high malware detection rate.

A simple, intuitive, and easy to use interface makes SUPERAntiSpyware straightforward to setup, customize, and run, for both less experienced and expert users alike.

One extra feature in this anti-malware product is particularly appealing; a repair function, which allows the user to recover settings frequently wrecked by malware, and which are often not recoverable despite removal of the malware process.

These settings include Internet connections, lost desktops, the ability to edit the registry and  access to the task manager which is often knocked out by a malware attack.

Since SUPERAntiSpyware (Free Edition), does not provide real time protection against infection, I don’t recommend that you use this free version of as a stand alone security application since it simply will not offer you adequate protection. Instead, use it only as an on-demand scanner.

I’ve been using SUPERAntiSpyware as a secondary scanner for years, and I have no hesitation in stating that this application deserves its reputation as a first class security application. SUPERAntiSpyware is fast, efficient, and effective, and I highly recommend that you add it to your security toolbox, as a secondary line of defense.

Note: Be sure to manually update the definition database, before running a scan.

Fast facts:

Quick, Complete and Custom Scanning of Hard Drives, Removable Drives, Memory, Registry, Individual Folders and More! Includes Trusting Items and Excluding Folders for complete customization of scanning!

Detect and Remove Spyware, Adware, Malware, Trojans, Dialers, Worms, KeyLoggers, Hijackers and many other types of threats.

Repair broken Internet Connections, Desktops, Registry Editing, Task Manager and more with our unique Repair System! Spyware applications often disable system components to prevent removal – SUPERAntiSpyware resets and restores these items in seconds.

Quarantine items detected and removed for complete protection. Items in the quarantine may be restored to your computer if desired.

Detailed scan logs with complete information about detected and removed threats and their locations within your computer. Scan logs allow you to review scheduled scan results at any time.

Multi-Dimensional Scanning – SUPERAntiSpyware is a next generation scanning system that goes beyond the typical rules based scanning methods. Our Multi-Dimensional Scanning system detects existing threats as well as threats of the future by analyzing threat characteristics in addition to code patterns.

Process Interrogation Technology – SUPERAntiSpyware features our unique Process Interrogation Technology (PIT) that allows threats to be detected no matter where they are hiding on your system. Many new types of threats utilize “Rootkits” or “Kernel Drivers” to hide themselves to avoid detection by standard anti-spyware applications. SUPERAntiSpyware’s Process Interrogation Technology locates even the toughest of threats.

System Requirements: Windows 2000, XP, Media Center, Vista, Windows 2003, Windows 7. (According to the developer, SUPERAntiSpyware will work in 32-bit mode under 64-bit versions of Windows. A native 64-bit edition will be available later this year).

Download at: SUPERAntiSpyware

A free SUPERAntiSpyware Portable Scanner is also available.

Download at: SUPERAntiSpyware

Important note: Virtually all free security applications are programmed to autostart after installation, so be aware of this, and make the necessary adjustments using MSConfig.

As a full fledged security application, with all of its features unlocked; real-time protection, scheduled scanning, and scheduled updating, SUPERAntiSpyware is very well priced at $29.95 US.

On purchase, SUPERAntiSpyware offers a 30-day unconditional money back guarantee, if you are dissatisfied for any reason.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Download Malwarebytes’ Anti-Malware – A Must Have Free Secondary Malware Scanner

Depending on a single security applications to provide broad scale protection, is an absolute “non-starter”. A single security applications does not, and never has had the ability to do this, despite the commonly help belief to the contrary.

Part of the layered security  process (stacking security solutions, one on top of the other, to cover the gaps that exist in the protection capabilities of even the most sophisticated security applications), consists of supplementing the primary AV application with an on-demand malware application. In other words, an AV application that does not start with Windows but instead, is available for manual scanning.

Actually, there’s no harm in installing more than one antimalware application to be used as a secondary scanner – doing so can be advantageous. However, be sure NOT to allow more than one application to autostart, in order to prevent potential conflicts.

Virtually all free security applications are programmed to autostart after installation, so be aware of this, and make the necessary adjustments using MSConfig.

I run Malwarebytes’ Anti-Malware every day, as a secondary malware scanner, since I have absolutely no faith that a single security application offers adequate protection.

The free version of this speed demon (it’s faster at scanning than any anti-malware program I’ve tested in the last 2 years), is used by millions of people worldwide to protect their computers.

It’s important to note that the real time protection module is disabled in the free version of Malwarebytes’ Anti-Malware. Actually, this is perfect for your purpose. Less critical, is the disabling of scheduled scanning, and scheduled updating in the free version.

Each day as I manually update the definition database I’ve noticed that typically, the definition database has been updated 3/5 times in the previous 24 hours. Since study after study indicate that new malware is created at the rate of 20,000 new versions every single day, it’s easy to see that Malwarebytes’ is being proactive to these conditions.

A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run, for both less experienced and expert users alike.

Since real time protection is disabled, I would not recommend that you use this free version of Malwarebytes’ Anti-Malware as a stand alone primary security application, since it simply will not offer you adequate protection with this restriction. Instead, use it as I do, as an on-demand, secondary scanner.

Despite this real-time protection limitation in the free version, Malwarebytes’ Anti-Malware has an excellent reputation (shared by me), as a first class security application, for its ability to identify and remove adware, Trojans, key-loggers, home page hijackers and other malware threats.

Fast facts:

Blazing speed on quick scanning

Full scans for all drives.

Daily database updates

Quarantine function

Additional utilities for manual malware removal

Multi-lingual support

Command line support for quick scanning

Context menu integration to scan files on demand

Quick summary: Discovered malware, including 3 Trojans, not found by SpyBot, or AVG, on a recent test on my test bed systems.

Systems Requirements: Windows 2000, XP, Vista, and Win 7 (32-bit and 64-bit).

Multi-lingual support: English, Albanian, Bulgarian, Catalan, Chinese Simplified, Chinese Traditional, Czech, Danish, Dutch, Finnish, French, German, Hungarian, Italian, Norwegian, Polish, Portuguese, Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Turkish.

Download at: Malwarebytes.org

Two quick tips:

Malwarebytes should be run in normal user mode, not safe mode.

I normally run “Quick Scan” and not deep scan since Malwarebytes concentrates on folders where malware is targeted in this mode. In quick scan mode, a scan generally takes seven minutes, or less, on my system.

Another great free alternative:

The free version of SUPERAntiSpyware despite it’s lack of real-time protection deserves its reputation as a first class security application, and it’s definitely worth considering adding to your security toolbox as a secondary line of defense.

You can read the review, and find the download link in my article “Knockout Malware With SUPERAntiSpyware Free Edition”, on this site.

Spyware Doctor with Anti-Virus 2010 – Free License Giveaway

As part of our continuing “Stay Safe on the Internet campaign”, PC Tools has generously provided us with 10 free licenses for Spyware Doctor with Anti-Virus, (retail value $49.95 U.S.).

To enter the contest to win a free license, simply add a comment at the end of this article. On January 15, 2010, all comments will be added to the online List Randomizer, and the first 10 names that come up, will win a free license for this award winning security application.

As with previous contests, you don’t need to write a paragraph – “enter me in the contest” is enough. Good luck!

After reading the following review of Spyware Doctor with Anti-Virus, I’m sure you’ll agree, this is a contest worth entering.

Spyware Doctor with Anti-Virus Review:

So how do you take the best and make it better? That’s a neat trick, but something PC Tools has managed to do with the release of Spyware Doctor with Anti-Virus.

Spyware Doctor, as a stand alone anti-malware application, has long had a rich reputation for effectiveness, and ease of use. With the addition of both an anti-virus component, and ThreatFire technology, PC Tools has taken PC security to a new level.

Regular readers will remember, I have often recommended the stand alone version of ThreatFire, as one of the top three necessary components to maximize PC security. Kudos to PC Tools, for including it in this new version of Spyware Doctor with Anti-Virus.

Experience has taught me that typical computer users are most interested in two areas when choosing an anti-malware application:

• Protection against current threats, and equally as important, protection against rapidly evolving new threats. During testing, I found  Spyware Doctor with Anti-Virus, excelled in detection; particularly in its active protection against phishing sites.
• Ease of use, with a limited learning curve; so that the inherent power of the application can be be brought to bear immediately. Those of us you have relied on the free version of Spyware Doctor Starter Edition, are familiar with its clear, simple, no nonsense user interface, and this new application continues that tradition.

Fast facts:

• IMPROVED ON-DEMAND DETECTION – Detects and thoroughly cleans an extremely diverse range of malware during on-demand and real-time scans.
• UPDATED BEHAVIOURAL PROTECTION – Leverages ThreatFire technology to detect and block zero-day malware based on its runtime behavior.
• NEW BROWSER EXPLOIT & SCAREWARE BLOCKING – Dynamically scans every webpage loaded in Internet Explorer to detect and block malicious exploits, such as iFrame & MDAC, that trigger drive-by-downloads of malware. Detects and blocks websites that scare visitors into buying scareware through fake antivirus scan pop-ups.
• NEW STATE AWARENESS MODES – Detects how you are using your PC and adjusts to minimize performance impact and reduce interruptions.

– Game Mode: all scheduled scans, smart updates and program alerts postponed when playing games, resulting in an interruption-free experience. Activated automatically when playing games in full-screen, otherwise manually switchable

– Power Saving Mode: no scheduled tasks run when powered by battery

– Idle Mode: automatically scans in background when PC is not in use to reduce the length of subsequent scans

• EMAIL GUARD – Detects and cleans infected email attachments at unencrypted POP3 and SMTP4 protocol layer (client independent).
• 24/7 Help – available in 10 languages. Select the most convenient option for you – reach our support staff by phone, email, live chat or web.

I have always been a strong proponent of free security software, but with the increasing challenges we now face on the Internet, I’m finding that, by and large, the free versions of security applications are not up to the task of protecting an average, or typical user.

Free security applications, with their built-in limitations, are best suited to those who have a “better than average” understanding, of operating systems, security systems, and who have a heightened awareness of the hidden traps on the Internet. Even with an enhanced skill set, technically astute users are still finding that staying safe on the Internet is more difficult than ever.

In the last two years, I have only recommend two “pay for” applications and Spyware Doctor with Anti-Virus, has now become the third.

Spyware Doctor with Anti-Virus, offers all of the protection that a top notch anti-malware application should, in an easy installation package leading to a “dead simple” interface, and then does what it sets out to do – protects the user efficiently, against the epidemic of malware and additional dangers circulating on the Internet, waiting to trap the under protected, and the unaware.

System requirements: Windows 7 (32bit, 64bit), Windows Vista SP1+ (32bit, 64bit), Windows XP SP2+ (32bit).

You may Buy Spyware Doctor with Anti-Virus direct from PC Tools, ($49.95 direct, for three licenses), or you may download a free, limited, older version, at PC Tools.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

SnoopFree Privacy Shield – Free Keylogger Protection

Keylogger malware, delivered by Trojans, and often incorporating rootkit technology, seems to be on the increase lately; much of it focusing on stealing victims’ banking credentials, including passwords. MMORPG (online multiplayer games), appear to be particular targets; especially WOW (World of Warcraft).

This type of malware is designed to remain undetected, and to be as stealthy as possible so that it can get on with its designated task, which most often results in identity theft and the compromising of the victim’s financial data.

Keyloggers are one of the most sinister types of malware; the type of malware that I pay particular attention to, and make a special effort to guard against.

A software keylogger, or system monitor, is a small program (not always malware, I should point out), that monitors every keystroke a user types on a computer’s keyboard.

This type of application does not necessarily require physical access to the user’s computer. It can be downloaded by someone who wants to monitor activity on a particular computer, or it can be downloaded unwittingly, as malware and executed as part of a rootkit, or a remote administration (RAT) Trojan horse.

Keyloggers are not restricted to software applications however, and are available as a connected hardware device designed for legitimate purposes.

From Wikipedia:

Hardware keyloggers are used for keystroke logging by means of a hardware circuit that is attached somewhere in between the computer keyboards and the computer, typically inline with the keyboard’s cable connector.

More stealthy implementations can be installed or built into standard keyboards, so that there’s no device visible on the external cable. Both types logs all keyboard activity to their internal memory, which can subsequently be accessed, for example, by typing in a secret key sequence.

A hardware keylogger has an advantage over a software solution; because it is not dependent on installation on the target computer’s operating system, it will not interfere with any program running on the target machine and also cannot be detected by any software. However its physical presence may be detected, for example if it’s installed outside the case as an inline device between the computer and the keyboard. Some of these implementations have the ability to be controlled and monitored remotely by means of a wireless communication standard.

A malware keylogger typically consists of two files: a dynamic link library (DLL) file (which does all the recording) and an executable file (.EXE) that installs the DLL file and triggers it to work. The keylogger program records each keystroke and uploads the information over the Internet.

Luckily, there are remedies for this type of malware threat.

SnoopFree Privacy Shield is a free powerful application that guards your keyboard, screen, and open windows from all such spy software. It makes it virtually impossible for any spy program to work on your computer since SnoopFree Privacy Shield’s protection works against spy software in real time.

I have been using this application for quite some time on my Windows XP machine, (unfortunately it only works on XP), and I have been amazed at the number of programs that have requested access to my keyboard and screen, particularly programs that I was in the process of installing.

Since I test a lot of applications on this particular machine, I see this type of program behavior frequently. Unless there are valid reasons for this type of access, I don’t allow it. Surprisingly, in most cases the application installs correctly. Curious!

If you’re serious about keylogger protection and maintaining your privacy, then you should consider adding this free application to your security toolbox. If you need more convincing, take a look at the “comments” page on CNET.

System Requirements: Unfortunately, this application works on Windows XP only.

Download at: Download.com

If anyone knows of a similar free application that works on Vista and above, I would appreciate you letting me know

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Spyware Doctor with Anti-Virus 2010 – Worth the Money?

So how do you take the best and make it better? That’s a neat trick, but something PC Tools has managed to do with the release of Spyware Doctor with Anti-Virus.

Spyware Doctor, as a stand alone anti-malware application, has long had a rich reputation for effectiveness, and ease of use. With the addition of both an anti-virus component, and ThreatFire technology, PC Tools has taken PC security to a new level.

Regular readers will remember, I have often recommended the stand alone version of ThreatFire, as one of the top three necessary components to maximize PC security. Kudos to PC Tools, for including it in this new version of Spyware Doctor with Anti-Virus.

Experience has taught me that typical computer users are most interested in two areas when choosing an anti-malware application:

• Protection against current threats, and equally as important, protection against rapidly evolving new threats. During testing, I found  Spyware Doctor with Anti-Virus, excelled in detection; particularly in its active protection against phishing sites.
• Ease of use, with a limited learning curve; so that the inherent power of the application can be be brought to bear immediately. Those of us you have relied on the free version of Spyware Doctor Starter Edition, are familiar with its clear, simple, no nonsense user interface, and this new application continues that tradition.

Fast facts:

• IMPROVED ON-DEMAND DETECTION – Detects and thoroughly cleans an extremely diverse range of malware during on-demand and real-time scans.
• UPDATED BEHAVIOURAL PROTECTION – Leverages ThreatFire technology to detect and block zero-day malware based on its runtime behavior.
• NEW BROWSER EXPLOIT & SCAREWARE BLOCKING – Dynamically scans every webpage loaded in Internet Explorer to detect and block malicious exploits, such as iFrame & MDAC, that trigger drive-by-downloads of malware. Detects and blocks websites that scare visitors into buying scareware through fake antivirus scan pop-ups.
• NEW STATE AWARENESS MODES – Detects how you are using your PC and adjusts to minimize performance impact and reduce interruptions.

– Game Mode: all scheduled scans, smart updates and program alerts postponed when playing games, resulting in an interruption-free experience. Activated automatically when playing games in full-screen, otherwise manually switchable

– Power Saving Mode: no scheduled tasks run when powered by battery

– Idle Mode: automatically scans in background when PC is not in use to reduce the length of subsequent scans

• EMAIL GUARD – Detects and cleans infected email attachments at unencrypted POP3 and SMTP4 protocol layer (client independent).
• 24/7 Help – available in 10 languages. Select the most convenient option for you – reach our support staff by phone, email, live chat or web.

I have always been a strong proponent of free security software, but with the increasing challenges we now face on the Internet, I’m finding that, by and large, the free versions of security applications are not up to the task of protecting an average, or typical user.

Free security applications, with their built-in limitations, are best suited to those who have a “better than average” understanding, of operating systems, security systems, and who have a heightened awareness of the hidden traps on the Internet. Even with an enhanced skill set, technically astute users are still finding that staying safe on the Internet is more difficult than ever.

In the last two years, I have only recommend two “pay for” applications and Spyware Doctor with Anti-Virus, has now become the third.

Spyware Doctor with Anti-Virus, offers all of the protection that a top notch anti-malware application should, in an easy installation package leading to a “dead simple” interface, and then does what it sets out to do – protects the user efficiently, against the epidemic of malware and additional dangers circulating on the Internet, waiting to trap the under protected, and the unaware.

System requirements: Windows 7 (32bit, 64bit), Windows Vista SP1+ (32bit, 64bit), Windows XP SP2+ (32bit).

You may Buy Spyware Doctor with Anti-Virus direct from PC Tools, ($39.95 direct, for three licenses), or you may download a free, limited, older version, at PC Tools.

And now for some extra special news:

Regular readers are familiar with the free application licenses we occasionally give away here on Tech Thoughts. Once again, we are in a position to do just that. PC Tools has generously provided us with 10 licenses for Spyware Doctor with Anti-Virus.

To enter the contest, simply add a comment at the end of this article. On January 8, 2010, all comments will be added to the online List Randomizer, and the first 10 names that come up, will win a free license for this award winning security application.

As with previous contests, you don’t need to write a paragraph – “enter me in the contest” is enough. Good luck!

Stay tuned – in the next week or so, we will be reviewing PC Tools Internet Security Suite 2010 and we will be offering 10 free license in a similar contest give away.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.