Tag Archives: Microsoft Security Essentials

Best Free Security Applications – An 18 Month Review

imageWithout a doubt, the most popular question that comes my way, in one form or another is – which antivirus application(s) would you recommend?

The question comes up so often, I’ve chosen to post the answer every six months, or so. Here’s round 3 – regular readers will notice I’ve stuck with the “tried and true” applications – applications which continue to maintain a strong presence in their specific class.

My response:

Let me answer this by telling you what I run on my principal home machine. But, before I do, let’s talk a bit about Host Intrusion Prevention Systems (HIPS) since, as you’ll see, more and more security applications are including HIPS – or a combination of HIPS, and behavior based blocking components.

There’s not much point in reinventing the wheel, so I’ll go with this description of HIPS/behavior blocking, from About.com:

A host intrusion prevention system (HIPS) monitors each activity a program attempts and (depending on configuration) prompts the user for action or responds based on predefined criteria. Conversely, behavior blockers monitor and profile whole program behavior. When a collection of behaviors tips the scale, the behavior blocker will (depending on configuration) alert the user or take action against the entire program based on predefined criteria.

Though they sound similar, HIPS is application-level control (i.e. this program is allowed to do X but not Y), whereas behavior blocking is more cut and dry – the entire application is either good (allowed) or it is not.

Fortunately, many of these types of products combine both.

Got that? Good.   Smile

Despite the fact that I’m provided with a free license for all the security applications I test, I have chosen to run with the following applications.

Microsoft Security Essentials (free) – an all-in-one antimalware application.

Immunet FREE Antivirus – a free Cloud based companion antimalware application.

ThreatFire (free) – this application is built around a Host Intrusion Prevention System (HIPS), and behavior based blocking combination.

WinPatrol (free) – another HIPS application with considerable additional functionality. WinPatrol is the elder statesman of this application class and, it just keeps on getting better. A must have application.

PC Tools Firewall Plus (free) – PC Tools Firewall Plus is advanced Firewall technology designed for typical users, not just experts.  The “plus” refers to a HIPS component. Generally, if the ThreatFire HIPS component is triggered on my machine, PC Tools Firewall Plus is triggered as well.

Commercial application:

Zemana AntiLogger – In my view simply the best keylogger defense available.  AntiLogger includes a System Defense module that works similarly to HIPS – to protect the whole system.

Each of these applications has been reviewed (some several times), on my site. You can follow the links below to specific review articles.

Microsoft Security Essentials

Immunet Protect

ThreatFire

WinPatrol

PC Tools Firewall Plus

Zemana AntiLogger

Finally, additional Browser protection is a critical ingredient in overall system protection. I recommend that you read the following article here – Updated: An IT Professional’s Must Have Firefox and Chrome Add-ons.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Advertisements

13 Comments

Filed under Anti-Malware Tools, Browser add-ons, downloads, Free Security Programs, HIPS, Windows Tips and Tools

NirLauncher – 100+ Free Utilities In One Download

imageIf you’re  a Geek, then I’ll wager that you’ve got at least one of NirSoft’s incredibly useful small utilities on your Hard Drive – or, on a Flash Drive. If you’re not yet familiar with NirSoft’s  collection of free tools, then you’re in for a treat.

NirSoft offers over 100 freeware utilities ranging from Password Tools, Network Monitoring Tools, to System Tools and more. All are available as individual downloads, or you can download all 100+ applications in one neat package – NirLauncher

In order to start using NirLauncher, extract the files in the package to your Flash Drive, or your Hard Drive. After you have extracted the package, simply run the executable file – NirLauncher.exe

Once you’ve launched NirLauncher, you can then launch any utility you choose from the GUI. You’ll notice, in the following graphic, that the tools are grouped by function.

Clicking any graphic on this page will expand it to its original size.

A total of 106 Utilities.

image

Password recovery utilities illustrated.

image

Fast facts:

NirLauncher can be used from USB flash drive without the need to install.

NirLauncher package includes a variety of tools, including utilities to recover lost passwords, to monitor your network, to view and extract cookies, cache, and other information stored by your Web browser, to search files in your system, and more…

For every utility in the package, you can easily run it, view the help file, or jump to the Web page of the utility.

When installed on a USB flash drive, the configuration of every utility is saved into a .cfg file on the flash drive.

On x64 systems, NirLauncher automatically runs the x64 version of the utility, when there is a specific x64 version.

NirLauncher allows you to add additional software packages – including SysInternals Suite. Please see the download page for additional information.

System requirements: Windows 2000 up to Windows 7.  NirLauncher also works on x64 systems.

Download at: Nirsoft – scroll down to the bottom of the page.

Available languages: Dutch, French, German, Italian, Japanese, Polish, Russian, Simplified Chinese, Spanish, Traditional Chinese.

The false positive issue:

I recently came across a forum comment (on another site), made by a regular reader, who made the comment that he occasionally gets a malware warning on applications I recommend.

He’s right, and here’s why.

Many of the applications I test and recommend, are designed to be used by sophisticated users and often, these applications dig deep into the operating system replicating the behavior of hacking tools on the one hand – and malware on the other hand.

Some of the applications in NirLauncher are a perfect example of this. A number of the recovery utilities are in fact, hacking tools. Any application which can recover a hidden password is, by its very nature, a hacking tool.

You can see from the following graphic, that on installing NirLauncher my primary AV, Microsoft Security Essentials, went into overdrive to warn me of 5 potential threats contained in the NirLauncher package. This is exactly what Microsoft Security Essentials is designed to do.

Here’s what I said in a previous article dealing with false positives:

Antimalware applications are not immune from false positives. In fact, false positives are more common than many users realize. Just one example – some AVs are notorious for seeing extractor files in application setup files as a Trojan.

image

Since I was well aware that the warnings were false positives – all items were allowed.

image

Here’s what NirSoft has to say on the false positive issueAntivirus companies cause a big headache to small developers.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

9 Comments

Filed under 64 Bit Software, Computer Tools, downloads, Freeware, Integrated Solutions, PC Tools, Portable Applications, Software, System Utilities, Utilities

Microsoft Security Essentials –“Here I Come To Save The Day”

imageOh, the embarrassment of it all! I haven’t had to deal with a malware issue (other than self infecting in AV product testing), for more than 2 years – until this past week. No big deal, except perhaps, for the way I got infected – that old, old, old, malware attack vector – an infected search engine result.

The manipulation of search engine results, exploiting legitimate pages, and the seeding of malicious websites among the top results returned by search engines in order to infect users with malware, continues to be a major threat to system security. And, why not? It bloody well works!

Over the years, I’ve written more than a few articles on search engine malware – the last – Search Engine Malware – The Same Old, Same Old – this past August.

From that article:

Here’s how the cyber crooks do it:

Cyber-crooks can exploit vulnerabilities on the server hosting the web page to insert an iFrame, (an HTML element which makes it possible to embed another HTML document inside the main document). The iFrame can then activate the download of malicious code.

When a potential victim visits one of these infected sites the likelihood of the downloading of malicious code onto the computer by exploiting existing vulnerabilities is high.

So there I was, happily bouncing along the Internet highway Googling a phrase I had read on another blog. Choosing the first Google return proved to be a very bad idea indeed, since I immediately stepped into an infected iFrame.

But thankfully, all was not lost – Microsoft Security Essentials (which incorporates antivirus, antispyware and rootkit protection), halted the malware – Trojan:JS/BlacoleRef.K – in its tracks!

image

So what’s the lesson here?

A couple really – AV settings are very important. In this case, as per the following screen shot – nothing moves into, or out of this machine, without being scanned. Microsoft Security Essentials makes it so simple – no esoteric choices.

image

The second lesson – a MOST important lesson – absolutely, positively, without fail, come hell or high water, ensure that AV definitions are updated at least daily. Preferably, more often.

You might be surprised to learn, that on the day I stumbled, while MSE recognized the intruder, the vast majority of AVs did not – as per the following VirusTotal report (partially reproduced here).

image

Since it was preposterous to assume that MSE had in fact eradicated the Trojan (paranoia has its upside don’t you know?    Smile), I then ran a full scan with Kaspersky Rescue Disk – a free Linux-based antimalware application (a live CD), which scans from the outside looking in. Malware generally can’t hide if it’s not running.

The result? The Kaspersky Rescue Disk scan was clean. MSE had in fact, sent Trojan:JS/BlacoleRef.K to malware hell. Yes!!

I suppose there’s one more lesson that can be dug out of this experience, and that is – those tech journalists who absolutely insist that “pay for” antimalware applications are superior to all free AVs (often, without ever having tested the damn product in real world conditions), should take a step back and reconsider their speculative approach to antimalware application ratings.

Worth repeating: Despite the fact that I’m provided with a free license for all the security applications I test (and then some), I have chosen to run with the following FREE  applications.

Microsoft Security Essentials (free) – an all-in-one antimalware application.

Immunet Protect – a free Cloud based companion antimalware application.

ThreatFire (free) – this application is built around a Host Intrusion Prevention System (HIPS), and behavior based blocking combination.

WinPatrol (free) – another HIPS application with considerable additional functionality. WinPatrol is the elder statesman of this application class and, it just keeps on getting better. A must have application.

PC Tools Firewall Plus (free) – PC Tools Firewall Plus is advanced Firewall technology designed for typical users, not just experts.  The “plus” refers to a HIPS component. Generally, if the ThreatFire HIPS component is triggered on my machine, PC Tools Firewall Plus is triggered as well.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

16 Comments

Filed under Anti-Malware Tools, Cyber Crime, downloads, Free Anti-malware Software, Freeware, Immunet Protect, Microsoft, Software, trojans, Windows Tips and Tools

Best Free Security Applications – The Hot Naked Truth!

imageWithout a doubt, the most popular question that comes my way, in one form or another is – which antivirus application(s) would you recommend?

This question is asked so often; I think it’s probably a good idea to answer it in a post every six months, or so.

My response:

Let me answer this by telling you what I run on my principal home machine. But, before I do, let’s talk a bit about Host Intrusion Prevention Systems (HIPS) since, as you’ll see, more and more security applications are including HIPS – or a combination of HIPS, and behavior based blocking components.

There’s not much point in reinventing the wheel, so I’ll go with this description of HIPS/behavior blocking, from About.com:

A host intrusion prevention system (HIPS) monitors each activity a program attempts and (depending on configuration) prompts the user for action or responds based on predefined criteria. Conversely, behavior blockers monitor and profile whole program behavior. When a collection of behaviors tips the scale, the behavior blocker will (depending on configuration) alert the user or take action against the entire program based on predefined criteria.

Though they sound similar, HIPS is application-level control (i.e. this program is allowed to do X but not Y), whereas behavior blocking is more cut and dry – the entire application is either good (allowed) or it is not. Fortunately, many of these types of products combine both.

Got that? Good.   Smile

Despite the fact that I’m provided with a free license for all the security applications I test, I have chosen to run with the following applications.

Microsoft Security Essentials (free) – an all-in-one antimalware application.

Immunet Protect – a free Cloud based companion antimalware application.

ThreatFire (free) – this application is built around a Host Intrusion Prevention System (HIPS), and behavior based blocking combination. I’m currently testing a new HIPS application – NoVirusThanks EXE Pro – and I’ve been more than impressed to see ThreatFire step in and prevent any system changes by NoVirusThanks – until I approve those changes.

WinPatrol (free) – another HIPS application with considerable additional functionality. WinPatrol is the elder statesman of this application class and, it just keeps on getting better. A must have application.

PC Tools Firewall Plus (free) – PC Tools Firewall Plus is advanced Firewall technology designed for typical users, not just experts.  The “plus” refers to a HIPS component. Generally, if the ThreatFire HIPS component is triggered on my machine, PC Tools Firewall Plus is triggered as well.

When the NoVirusThanks EXE Pro review is posted shortly, you’ll see screen capture evidence of this.

Zemana AntiLogger (paid) – In my view simply the best keylogger defense available.  AntiLogger includes a System Defense module that works similarly to HIPS – to protect the whole system.

As an illustration, the following screen capture shows the System Defense module blocked NoVirusThanks EXE Pro (the application I’m currently testing), until I gave permission.

image

Each of these applications has been reviewed (some several times), on my site. You can follow the links below to specific review articles.

Microsoft Security Essentials

Immunet Protect

ThreatFire

WinPatrol

PC Tools Firewall Plus

Zemana AntiLogger

Finally, additional Browser protection is a critical ingredient in overall system protection. I recommend that you read the following article here – Updated: An IT Professional’s Must Have Firefox and Chrome Add-ons.

Yes, the title of this article is more than a little off the wall. My blogging buddy TechPaul, made the point not too long ago, that manipulative key words like hot, naked, sex, boobs, nudity …….. well, you get the point – unfairly capture readers attention. I’m testing that theory.  Smile

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

10 Comments

Filed under Anti-Keyloggers, Anti-Malware Tools, Cyber Crime, Don't Get Hacked, downloads, Free Anti-malware Software, Free Firewalls, Free Security Programs, Freeware, HIPS, Malware Protection, Online Safety, Spyware - Adware Protection, System Security, Windows Tips and Tools

Free AntiMalware Software – And More – For Senior Computer Users

Looking at recent Internet usage statisticsimage, it seems obvious to me that older adults are now realizing that they don’t have to understand the “nitty gritty” of computer technology to send email-mail to friends and family, shop online, play games, make greeting cards, read book and film reviews, look into family genealogy, or find valuable health information on the Internet.

Here’s just one personal example of how older adults have jumped on the Internet bandwagon, and use it to great advantage.

Not too long ago, I ran into some older friends (in their 60s), who had recently gotten home after wintering in Florida. Throughout their time away (5 months, or so), they stayed in touch with their children, and grandchildren – virtually on a daily basis, using the free audio/video communication application, Skype. What a great use of technology!

Like the rest of us, Senior users are susceptible to cybercrime, and like the rest of us, need to protect their computers against the ever increasing exposure we all face to Trojans, Spyware, Viruses, Phishing Scams, and Identity Theft, while connected to the Internet.

Just for the record thought – statistically, it’s the deceptively named“tech savvy” generation, with their often misplaced confidence in their own abilities, who are more predisposed to malware infections and cyber criminal manipulation. Older users it seems, do know what they don’t know. My personal experience with a broad range of users, echoes these statistics.

For those that are members of this newly liberated group of Senior computer users, (who are not aggressive surfers), I’ve compiled a list of free anti-malware, and additional recommended applications, with simplicity of operation in mind – no manuals to digest, no tricky configuration to undertake; just install, and the applications will essentially do the rest.

But first:

Patch your operating system:

image

Download and install all available patches, and service packs – if applicable, by connecting to Windows Update. Security Gurus will tell you that 50% of unpatched, and unprotected systems, will be infected with malicious code within 12 minutes of being connected to the Internet. Believe it!

Recommended Security Solutions:

PC Tools Firewall Plus 7:

image

I’ve been running with this application for more than a year, and I must admit – I’m impressed with its performance. It installs easily, sets up quickly, and has not caused any conflicts despite my sometimes esoteric running requirements. The default settings are well thought out, and provide excellent protection for all users but particularly, less experience users.

Microsoft Security Essentials

image

Easy to set up and run, particularly for new users. The interface is positively simple – offering Quick Scan, Full Scan, or Custom Scan. Provides full real time protection against viruses, spyware, and other malicious software. Additionally, Microsoft Security Essentials is free for small businesses with up to 10 PCs.

Immunet Free Antivirus

image

Companion Antivirus: a superior community driven cloud based security application, which continues to gain increasing popularity – and rightfully so. In real time, Immunet keeps track of the state of security in the collective community (network), and should a member of the network (the community), encounter malware, you (as a member of the protected community), are instantly protected against the threat.

ThreatFire

image

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. This is one of the security applications that forms part of my own front line defenses.

SpyShelter Personal Free:

image

SpyShelter is free anti-keylogging, anti-spyware program that protects your data from Keylogging and spy programs: known, unknown, and under-development. It detects and blocks dangerous and malicious programs, to help ensure that your data cannot be stolen by cyber criminals.

Firefox 4.0.1

image

While Firefox is not technically an anti-malware application per se, with the most effective security add-ons, including NoScript, Adblock Plus and BetterPrivacy installed, it effectively acts as one.

Firefox 4.0.1 includes hundreds of improvements over previous versions.

WOT

image

Web of Trust, a browser add-on which offers Internet users active preventive protection against Web-based attacks, online scams, identify theft, and unreliable shopping sites.

WinPatrol 20.5.2

image

With WinPatrol, in your system tray, you can monitor system areas that are often changed by malicious programs. You can monitor your startup programs and services, cookies and current tasks. Should you need to, WinPatrol allows you to terminate processes and enable, or disable, startup programs. There are additional features that make WinPatrol a very powerful addition to your security applications.

Keep in mind, malware itself is only part of the problem. The method used to deliver the malware – social engineering – is the most significant problem currently, for an average user. Social engineering, is a sure winner for the bad guys.

Cyber-criminals are increasingly relying on social engineering to create an opportunity designed to drop malicious code, including rootkits, password stealers, Trojan horses, and spam bots on our computers.

Overcoming the instinctive human response to social engineering (and we all have it), to just “click” while surfing the Internet, will prove to be challenging . This instinctive response, will pose one of the biggest risks to your online safety and security.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

17 Comments

Filed under Anti-Keyloggers, Anti-Malware Tools, Cyber Criminals, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Firefox, Firefox Add-ons, Free Firewalls, Freeware, Internet Safety for Seniors, Malware Protection, New Computer User Software Tools, PC Tools, Skype, Software, Spyware - Adware Protection, Windows Tips and Tools

Free NirLauncher – 100+ Utilities In One Neat Portable Package

imageIf you’re  a Geek, then I’ll wager that you’ve got at least one of NirSoft’s incredibly useful small utilities on your Hard Drive – or, on a Flash Drive. If you’re not yet familiar with NirSoft’s  collection of free tools, then you’re in for a treat.

NirSoft offers over 100 freeware utilities ranging from Password Tools, Network Monitoring Tools, to System Tools and more. All are available as individual downloads, or you can download all 100+ applications in one neat package – NirLauncher

In order to start using NirLauncher, extract the files in the package to your Flash Drive, or your Hard Drive. After you have extracted the package, simply run the executable file – NirLauncher.exe

Once you’ve launched NirLauncher, you can then launch any utility you choose from the GUI. You’ll notice, in the following graphic, that the tools are grouped by function.

Clicking any graphic on this page will expand it to its original size.

A total of 106 Utilities.

image

Password recovery Utilities.

image

Fast facts:

NirLauncher can be used from USB flash drive without the need to install.

NirLauncher package includes a variety of tools, including utilities to recover lost passwords, to monitor your network, to view and extract cookies, cache, and other information stored by your Web browser, to search files in your system, and more…

For every utility in the package, you can easily run it, view the help file, or jump to the Web page of the utility.

When installed on a USB flash drive, the configuration of every utility is saved into a .cfg file on the flash drive.

On x64 systems, NirLauncher automatically runs the x64 version of the utility, when there is a specific x64 version.

NirLauncher allows you to add additional software packages – including SysInternals Suite. Please see the download page for additional information.

System requirements: Windows 2000 up to Windows 7.  NirLauncher also works on x64 systems.

Download at: Nirsoft – scroll down to the bottom of the page.

The false positive issue:

I recently came across a forum comment (on another site), made by a regular reader, who made the comment that he occasionally gets a malware warning on applications I recommend.

He’s right, and here’s why.

Many of the applications I test and recommend, are designed to be used by sophisticated users and often, these applications dig deep into the operating system replicating the behavior of hacking tools on the one hand – and malware on the other hand.

Some of the applications in NirLauncher are a perfect example of this. A number of the recovery utilities are in fact, hacking tools. Any application which can recover a hidden password is, by its very nature, a hacking tool.

You can see from the following graphic, that on installing NirLauncher my primary AV, Microsoft Security Essentials, went into overdrive to warn me of 5 potential threats contained in the NirLauncher package. This is exactly what Microsoft Security Essentials is designed to do.

Here’s what I said in a previous article dealing with false positives:

Antimalware applications are not immune from false positives. In fact, false positives are more common than many users realize. Just one example – some AVs are notorious for seeing extractor files in application setup files as a Trojan.

image

Since I was well aware that the warnings were false positives – all items were allowed.

image

Here’s what NirSoft has to say on the false positive issueAntivirus companies cause a big headache to small developers.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Comments Off on Free NirLauncher – 100+ Utilities In One Neat Portable Package

Filed under 64 Bit Software, Computer Tools, downloads, flash drive, Freeware, Geek Software and Tools, Portable Applications, Software, System Utilities, USB, Utilities, Windows Tips and Tools

Stay Malware Free (Hopefully!) – Scan With A “Live CD” Regularly

imageI’m regularly asked how often I scan my primary personal machine for malware. The answer is – as part of a layered security approach, I have a formal schedule which I stick to without fail.

Once a day, I quick scan the system drive with both Microsoft Security Essentials, and Malwarebytes’ Antimalware – making sure the databases are updated and current.

Running a quick scan with both these applications, takes less than 5 minutes. For example: Malwarebytes’ – 150,000 objects – 2 minutes and 30 seconds. Microsoft Security Essentials – 30,000 items – 1 minute and 18 seconds.

Much of today’s malware though, can be extremely difficult to identify and remove – despite a user relying on frontline antimalware applications to do the job. So, I don’t see any advantage in running full scans on a live system – instead, once a week I run a Linux-based antimalware application (a live CD), which scans from the outside looking in. Malware generally can’t hide if it’s not running.

I’ve come to rely on the following free live CDs, which I regularly alternate, to ensure (hopefully), I’m operating in a malware free zone.

Panda SafeCD

Click to see larger images

This useful utility comes in handy when you need to clean a malware infected machine. Or, as in my case, to ensure a machine is not infected. It is particularly useful for detecting and disinfecting malware infections which give regular AV products running within Windows a hard time.

Features include: Automatic detection and removal of all types of malware. Boot from CD or USB stick. Supports using updated signature files. Supports 13 languages. Supports both FAT and NTFS drives.

The download consists of an ISO. You can either burn this to a CD/DVD or alternatively, create a Boot USB stick by using something like the Universal Netboot Installer (UNetbootin).

Kaspersky Rescue Disk 10

image

Kaspersky Rescue Disk 10, is designed to scan and disinfect x86 and x64-compatible computers that have been infected. Particularly useful when the infection is at such level that it is impossible to disinfect the computer using anti-virus applications, or malware removal utilities, running under the operating system.

Note: Kaspersky Rescue Disk 10 can be run from a USB device.

Avira AntiVir Rescue System

image

Avira AntiVir Rescue System is a Linux-based application that allows you to access a system that cannot be booted anymore. Not only will this application scan the system for infections, but it can be used to repair a damaged system, or rescue data.

If you’re looking for an uncomplicated, reasonably quick booting alternative antimalware scanner/rescue CD, which will update the definition database automatically (assuming you’re connected to the Internet), any one of these freebies will do the job nicely.

In the constantly evolving world of cybercrime, all users are well advised to scan their computers regularly with an antimalware application that does not rely on the native operating system.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

24 Comments

Filed under 64 Bit Software, Anti-Malware Tools, downloads, Free Anti-malware Software, Freeware, Kaspersky, Linux, Malware Removal, Malwarebytes’ Anti-Malware, Panda Security, Software, USB, Windows Tips and Tools