Tag Archives: Antimalware

Microsoft Security Essentials: Microsoft’s Free Anti-virus Hits v4.0

Microsoft has released a new version of Microsoft Security Essentials, the free anti-virus/anti-malware program for Windows PCs. The MSE 4.0 release is available via the Microsoft Download Center and the MSE Web site and also made available to existing customers automatically through the Microsoft Update service.

image

Interestingly, this version has been in beta since late 2011, and the last released version was 2.1. There is no indication of the need to skip v3 and the jump to v4; the latest build being 4.0.1526.0. The participants in the beta program who are subscribed to automatic updates will be upgraded to the final release of the latest version of Microsoft Security Essentials after they agree to a new license agreement. You can also do a manual upgrade from v2.1 or the beta release without uninstalling the previously installed version.

Microsoft Security Essentials provides real-time protection for your home or small business PCs (up to 10)  that guards against viruses, spyware, and other malicious software. MSE is designed to be simple to install and easy to use. It runs quietly in the background without annoying notifications or interruptions. It is available as a free download from Microsoft for genuine Windows users, in both x86 and x64 editions.

AVG Premium Security Protects You against Identity Theft

AVG has launched a new product called AVG Premium Security, which boasts of an unique Identity Alert component. Over the past few months we have witnessed numerous large scale data thefts of varying severity. Although the Sony PSN hacking incident grabbed the limelight, there were numerous other small, but perhaps more damaging, incidents. A helpful netizen even created a service that can automatically alert you if your online identity is compromised.

AVG’s Identity Alert component also performs a similar function, but probably more thoroughly. AVG claims that it scours the web, including chatrooms, forums, and criminal webpages to check if your identity has been compromised by monitoring your e-mail address and debit and credit card numbers.

When you combine the shocking security lapses we have seen out of very high profile and respected brands such as Sony, Epsilon and Citigroup in the past few months with the liability shift toward consumers, it is clear that identity theft protection tools are no longer a nice to have,said J.R Smith, CEO, AVG Technologies. Banks and corporations are at an important tipping point, showing strong indications that they will no longer simply cover losses,- expecting the online users to share equal responsibility in taking appropriate security measures that ultimately protect each other from malicious attacks.

Besides the Identity Alert component, AVG Premium Security includes AVG Internet Security and AVG Quick Tune. Internet Security features anti-virus, anti-spyware, AVG Protective Cloud Technology, and the AVG Community Protection Network. Quick Tune is basically a stripped down version of AVG PC Tuneup. It offers disk defragmenter, junk file removal, registry cleaner, and broken shortcut remover.

With its new offering, AVG is hoping to compete with Kaspersky Pure, Norton 360 and other similar products. The Identity Alert module helps AVG differentiate itself from its competitors, and the suite itself is competitively priced at $69.99. However, it might also be an overkill for most users. In my humble opinion, as long as you take the basic precautions like not reusing passwords, a simple firewall and antivirus is likely to suffice.

Microsoft Safety Scanner Scans Your PC For Virus, Spyware and Malicious Software

Over the past couple of years or so, I have used Microsoft Security Essentials as my only virus and malware protection tool. The Free Antivirus tool from Microsoft is definitely worth installing on your PC.

Microsoft Safety Scanner

If you are someone who does not like to install Antivirus on your PC or just want to check whether your current Antivirus is really working well, a new tool from Microsoft will come in handy.

Microsoft Safety Scanner is a free security software from Microsoft which provides users with on-demand scanning while allowing users to remove viruses, spywares, Trojans and another malicious software from their PC. Safety Scanner works along with your current Antivirus software, so you don’t have to uninstall your current AV protection to use it.

One of the bad things about Microsoft Safety Scanner is that it expires every 10 days. Users will have to download a new version to scan your system every ten days which could be annoying considering that it is around 70MB in size. A simple definition update should be added so that users don’t have to download new versions every 10 days.

Users must also note that unlike traditional Antivirus systems the Safety Scanner does not provide continuous protection and should not be used as a replacement for traditional Antivirus software. Microsoft Security Scanner should only be used to additionally scan your PC. If you intend to replace your current Antivirus you might check out our Free Antivirus section to find a suitable alternative.

Additionally, you may also want to read the following articles related to :

Download Microsoft Safety Scanner

Beware of the Fake System Tool

malware[Windows]

The other day, I spotted a warning at the Microsoft Malware Protection Center. They presented some great information about a piece of malware called    Winwebsec,  which is more commonly seen as “System Tool“. Apparently it’s popping up more often now, so I decided to put out a warning to our readers.

I’ve actually run into this one before, while fixing some of my friends and family’s computers. It wasn’t much trouble to get rid of at the time, but I’ve read that some of the newer versions are more difficult to remove.

An infected computer will start getting fake warnings like the one shown here. These warnings are very realistic. Their purpose is to try to fool you into buying some more fake software that will make things even worse for you.

system-tool-fakealert

I looked around and I found one or two good articles that tell you how to remove the fake System Tool, but I decided to put together my own little guide.  Below you’ll find a slideshow that I’ve put together. It will give you a better idea of what to look for and some suggestions on how to remove this Fake System Tool.

If you can’t see the slideshow here, you can view it at Google.  For those interested, here are some cool technical details about this infectious fake.

Spybot Portable – a Great Way to Search and Destroy Spyware

spybot-sd-icoBack in 2000, a software engineer, Patrick Kolla, created the basis of a tool for dealing with spyware. This tool, later named Spybot Search and Destroy, was one of the first effective freeware apps for the removal of many kinds of adware and malware that were infecting PCs. Since then, millions of people all over the world have used it at one time or another. To this day, many people consider it an essential part of their PC defenses.

Patrick’s work on Spybot hasn’t stopped, and it’s been updated several times over the years. Today Spybot-S&D can repair or remove:

  • Bad registry keys
  • Winsock LSPs
  • ActiveX objects
  • Browser Hijackers
  • BHOs (Browser Helper Objects)
  • Tracking cookies
  • Trackerware
  • Homepage hijackers
  • Keyloggers
  • Trojans
  • Adware
  • Spyware
  • Rootkits
  • other kinds of malware

Here’s a screenshot of Spybot as it scanned my laptop yesterday.

spybot-sd-portable

Typically, I use Spybot as a secondary scanner, to catch things that my antivirus and other defenses have missed. However, the TeaTimer portion of Spybot can be installed to watch over your computer continuously in the background.

Another great feature of Spybot, is it’s ability to add immunizationsagainst some common weaknesses in Internet Explorer and other areas of your PC.

Spybot can be updated every time you use it, by clicking the update icon. Always check for new updates before running a scan.

I prefer to have most of the programs on my PC, set up as portable applications. I was happy to find that Spybot is also available as a portable app.

arrow-down-double-3Download Spybot S&D Portable

earth-globeSpybot S&D Home Page (full installed version)

Techie Buzz Verdict:

Spybot is one of those apps that have proved themselves over years and years of use. It’s always been free, and it’s probably saved millions of people headaches from re-installing their OS after an infection. It deserves to be highly recommended.

techiebuzzrecommendedsoftware1

Techie Buzz Rating: 4/5 (Excellent)

Fake Antivirus Tools from Microsoft – Don’t be fooled

No! Microsoft is not offering fake antivirus tools. However, a new warning from Microsoft’s Windows Security Blog tells the frightening story of a new threat that disguises itself as Microsoft Security Essentials (MSE). As many of you know, MSE is Microsoft’s free antivirus suite. I recommend it, and even Fred Langa recommends it.

How Does it Work?

1. You unintentionally visit a website that places a drive-by download known as FakePAV, onto your computer.

2. Once it runs, you’ll get this bogus warning in your web browser. (images from WindowsTeamBlog)

fakepav1

3. Clicking on Clean computeror Apply actionswill initiate a fake attempt to clean your PC. It will report that it failed and then ask you to Scan Online.

fakepav2

4. After it performs a simulated scan, you’ll be offered this list of Antivirus and Antimalware tools.

fakepav3

5. Clicking on any of the Free Installbuttons starts another install for persistent and more intrusive fake antivirus software.

fakepav4

The final look of this fake antivirus software can take many forms, such as Red Cross Antivirus, Peak Protection 2010, AntiSpy Safeguard, Major Defense Kit or Pest Detector. These apps give you even more false warnings and try to scare you into buying more protection. Applications like these are also known as ScareWare.

red-cross-fake-av peak-protection-fake-av

antispy-fake-av major-defense-fake-av

pest-detector-fake-av

What should you do to protect yourself?

My recommendation is to use good, up-to-date antivirus software. Enable any anti-phishing options in your web browser. I also recommend the free URL filtering service offered by OpenDNS.

What should you do if you are already infected?

The first tool I use on infected computers is MalwareBytes. If that doesn’t do the trick, Keith Dsousa wrote about an application which will Remove Fake Antivirus from Your System. If all else fails and the PC is really trashed, I’ve got an article describing how to Run Antivirus on a PC That Will Not Boot.

If you need good free advice on what to do, there are several malware removal forums that will take you step by step through a recovery process. Bleeping Computer, Major Geeks and especially Temerc Countermeasures are three good ones.

AVG Anti-Virus Free Edition 2011 is Now Available

avg-logo On September 28th, AVG announced the release of their 2011 suite of anti-virus and anti-malware programs. Included with this release is the ever popular free edition of AVG Anti-virus and the free LinkScanner application.

Even though AVG’s offerings have slipped some in the AV testing results, it’s still a great option for protecting home PCs. The addition of the LinkScanner, which warns you about your current web pages, bad links in web pages and risky links in email, seriously improves your chances of staying trouble-free.

As an added bonus to the entire web community, AVG has also unveiled AVG Threat Labs, a search engine which gives short reports on the safety of any web site or link.

A quick look at AVG Anti-Virus Free edition:

While installing, watch out for AVG’s offer to install a toolbar and change your home page to Yahoo. I said no to that. Be sure to uncheck those check-boxes if you feel the same way.

avg-install-3rd-party-options

Next, be prepared to wait. After the initial agreements, AVG will download about 130mb of data, to finish the install. With lots of others downloading the same data, you may not get a good download speed. I was definitely bored at this point.

After the download and install, the last screen will ask for your name and email address. If you are shy, you could type anything you want in there. You’ll also want to be aware of the very last check-box, which is set to allow AVG to collect anonymous information to help them improve the product. Uncheck it if you are paranoid.

Finally, here’s your first peek at the new AVG interface.

avg-main-interface

As you can see, the main two functions, Scan and Update, are on the left. Naturally, a free product is an opportunity to advertise, and you’ll see an Upgrade button and a large ad at the bottom. I don’t mind, but some people might.

I’m not going to go into any details on how to use AVG, it’s like most other anti-virus apps. Install it, do a few scans now and then, but mostly forget about it until a problem pops up.

AVG LinkScanner

During the installation of the anti-virus, I choose the Quick Install method. If you choose to customize your installation, you can select not to install some of the services such as LinkScanner. In previous versions of LinkScanner, there were some problems in certain web browsers, but those issues have been largely fixed. I recommend allowing it to install with the anti-virus. You can always disable it later if needed.

If you are using some other anti-virus product, you can install LinkScanner all by itself. There’s also a version for the Mac now.

Here’s what AVG says about the LinkScanner:

LinkScanner ® keeps you safe wherever you go online by actively checking links and web pages in real time the only time it matters – before you click that link. LinkScanner ® also places safety ratings next to your search results, allowing you to assess the safety of a site before visiting it.

The service it offers is similar to that offered by McAfee’s SiteAdvisor and WOT (Web of Trust), which I also recommend. I don’t believe it’s necessary to run more than one of these at a time, so pick one and try it out.

Once you start seeing link ratings in a web search, you’ll understand how it can keep you out of trouble.

linkscanner-ratings

download AVG Free Download AVG Anti-Virus 2011 Free Edition

download LinkScanner Download AVG LinkScanner

arrow-right-double Visit AVG Threat Lab to find out if sites or links are risky


Techie Buzz Verdict:

AVG’s free anti-virus products have always been good. However, due to recent results in AV testing, I’ve lost some of my faith in it. It’s still good, but not as good as some of the other free AV applications. However, the LinkScanner tool and the new AVG Threat Lab site have my hearty recommendations.

On a final note, my wife is a loyal AVG user and it’s always kept her safe. If you’ve been using AVG, and it’s been working well for you, there’s no reason not to upgrade to the 2011 version right now.

Techie Buzz Rating: 3/5 (Good)


What is the Best Free Online Virus Scanner?

[Windows Only]

security-high-2 The other day, I was reading a newsletter from Windows Secrets. At one point, Fred Langa recommended three different online scanners for detecting malware. He said Three free sites to try are: McAfee’s Freescan, Trendmicro’s HouseCall, and Symantec’s Security Check.

Fred is a trusted source to me. I’ve been reading PC advice from him since years ago, when he wrote the Langa List newsletter. However, I decided to try out Fred’s recommendations, because I’ve never been a big fan of online scanners. If there’s a good scanner out there, I want to know about it.

McAfee Freescan

First, I took a look at McAfee’s service. The foremost objection that I had to this service, is that it requires Internet Explorer. It also runs as an ActiveX application, which is another thing I’ve never liked. The scan seemed to be slow, but it seems to do a good job of detecting infections.

The last item that I believe it fails in, is that it can only detect infections. It cannot remove them. I wouldn’t waste my time here again.

mcafee-free-scan

Symantec Security Check

Next, I tried out Symantec’s service. You might be more familiar with their well known Norton security products. My initial impression of Symantec’s scanner suffered a big drop because it also requires Internet Explorer. However, I was impressed by the nice looking interface.

As nice as it looks, it can only detect malware, and you’re out of luck if you expect it to actually fix any problems. Adding to that, it gave me one false detection on a piece of software which I know is completely safe. Clicking on the Fix Nowbutton only sends you to Symantec’s site to read all about their premium anti-virus software.

The final failure that keeps me from returning, is that it told me that my computer had no antivirus software, even though I was using Microsoft Security Essentials. Hmmm, nice sales tactic, but it only works on foolish people. (Sorry! I mean those less knowledgeable about PCs.)

norton-security-scan6

TrendMicro Housecall

At last, TrendMicro has unchained itself from Internet Explore. It works in any browser, and the scanner is offered as an installer EXE file. The scanning is typically slow, just as I saw with the other two services. However, another bright spot is that it can actually FIXsome of the problems it finds. Housecall is actually a service I could recommend.

The only drawback is that you have to save the installer file, or go back to the website if you want to scan with it in the future.

housecall

Conclusion:

Of these three services, Housecall won easily. Some time back, I also reviewed ESET online scanner and it was just as good as Housecall, maybe better. Check it out.

I would only recommend an online scanner like these as a follow-up after cleaning a PC that was badly infected. Typically, I depend on MalwareBytes to clean up serious infections. If your current antivirus and antimalware software has failed, it’s not likely an online scanner will do you any good.

On the other hand, scanning with an online service like these won’t hurt, and it could pick up something your current software has missed. There are also several other online scanners that I haven’t tried yet. Do you use any online scanners that you’d recommend? Let us know in the comments below.

A Review of Emsisoft Free Emergency Kit

icon120_free

[Windows Only]  Emsisoft isn’t a big name in the anti-virus, anti-malware industry, but they are well respected and they’ve been offering great products since 2003. When I first ran into them, they were offering one of the best anti-trojan scanners, named A-Squared. Recently, they’ve come out with a new bundle of anti-malware called Emsisoft Emergency Kit, and it’s completely free.

The first feature of this software kit that I liked, was the fact that it’s also portable. This means that the files making up this bundle can be copied to a CD or a USB flash drive, so that it can be used easily on any PC. All you have to do is download the Zip file and extract it to any drive you want. Below is a screen shot of the files included in this package.

em-kit-files

To start up Emergency Kit, simply double click the start.exefile.   This launches a selection screen and you can choose one of the four main programs included in the kit.

em-kit-selection

Below is a list of the programs in the kit and a brief description for each.

• Emsisoft Emergency Kit Scanner

Search the infected PC for Viruses, Trojans, Spyware, Adware, Worms, Dialers, Keyloggers and other malign programs.

em-kit-scanner

• Emsisoft Commandline Scanner

This scanner contains the same functionality as the Emergency Kit Scanner but without a graphical user interface. The commandline tool is made for professional users and can be used perfectly for batch jobs.

• Emsisoft HiJackFree

HiJackFree helps advanced users to detect and remove Malware manually. With HiJackFree you can manage all active processes, services, drivers, autoruns, open ports, hosts file entries and many more. It’s a tool very similar to the old and much revered HiJackThis, except that it offers more information and the ability to consult an online analysis tool for advice.

hj-free-processes_220 hj-free-ports_220 hj-free-autoruns_220 hj-free-services_220 hj-free-addons_220 hj-free-hosts_220 hj-free-quarantine_220

• Emsisoft BlitzBlank

BlitzBlank is a tool for experienced users. BlitzBlank deletes files, Registry entries and drivers at boot time before Windows and all other programs are loaded.

Here’s the Emergency Kit home page for more details and the download: http://www.emsisoft.com/en/software/eek/

Note: Another great tool from Emsisoft is the well known Online Armor firewall (free version).

. . . . . .

Techie Buzz Verdict:

I tried out Emsisoft Emergency Kit briefly and I was not disappointed. Even though most of the tools in this kit are for experienced users, the Scanner alone can help almost anyone. It’s not a small download, but it’s portable and most importantly, it’s free. I give it a big thumbs up.

techiebuzzrecommendedsoftware1

Techie Buzz Rating: 4/5 (Excellent)


SpywareBlaster – Low Impact Malware Protection

[Windows – all versions]

spyware-blaster-icon

Way back in the late 1990’s and early 2000’s, one of the first security apps I’d install on a PC was SpywareBlaster. These days, I don’t use it as often, however, it’s still excellent PC protection, especially if you are using Internet Explorer as your default web browser. Here’s what the website says about this application:

Multi-Angle Protection

Prevent the installation of ActiveX-based spyware and other potentially unwanted programs.
Block spying / tracking via cookies.
Restrict the actions of potentially unwanted or dangerous web sites.

No-Nonsense Security

SpywareBlaster can help keep your system secure, without interfering with the “good side” of the web. And unlike other programs, SpywareBlaster does not have to remain running in the background. It works alongside the programs you have to help secure your system.

spyware-blaster-main

Here’s a list of web browsers that can benefit from SpywareBlaster’s protection:

Internet Explorer
Mozilla Firefox
Netscape
Seamonkey
Flock
K-Meleon
and browsers that use the IE engine, including:
AOL web browser
Avant Browser
Slim Browser
Maxthon (formerly MyIE2)
Crazy Browser
GreenBrowser

SpywareBlaster does not have to run continuously in order to do it’s job. It simply applies a few registry settings to your PC and your browser that will help prevent drive-by downloads and bad ActiveX scripts. After you’ve installed SpywareBlaster, all you have to do is to enable the protection on the main screen.

spyware-blaster-all-protections

The free version of SpywareBlaster requires that you update it manually, however, there is a pro version that can update itself automatically. If you can remember to update it, the free version is fine for all users. The manual update process is very simple.

spyware-blaster-updates

There are a few other tools bundled in with SpywareBlaster, one of them is the System Snapshot. If you ever find yourself having a few problems with your web browser, restoring one of these snapshots may be an easy fix.

spyware-blaster-sys-snapshot

Another tool is Hosts Safe. Windows uses the HOSTS file to provide system shortcuts to various websites and some malware programs take control of this file to force your PC to places you’d never go on your own. You can create backup copies of your HOSTS file easily with this tool in SpywareBlaster and restore them later if needed.

spyware-blaster-hosts-safe

The last tool I’ll mention is a IE Settings section. As you can see, it offers two or three settings that can help you protect Internet Explorer.

spyware-blaster-ie-settings

Please note that SpywareBlaster is not a replacement for Firewall, Anti-Virus or Anti-Spyware tools. However, it’s normally quite safe to use it in addition to the tools you already have installed.


Download SpywareBlaster: Download.com

SpywareBlaster Website: javacoolsoftware.com

Techie Buzz Verdict:

SpywareBlaster is a great way to add an additional layer of security to your PC. I like the fact that it does not have to run continuously in the background in order to work. It’s been around for over 10 years and I’ve never seen any serious complaints about it. I can easily recommend it.

techiebuzzrecommendedsoftware1

Techie Buzz Rating: 4/5 (Excellent)

Is Cyberdefender a Scam?

no-go-ico On March 24, 2010, lawyers representing the Cyberdefender Corporation issued a ‘take-down’ notice to Allen Harkleroad. The take-down notice claims that Allen published false and potentially defamatory articlesabout their product and sales practices.

The Contenders:

Cyberdefender is advertised as an easy solution for PCs that are running slow or are infected with spyware or adware. You may have seen the television advertisements for MyCleanPC.com and DoubleMySpeed.com. Visits to both of those websites will prompt you to install Cyberdefender software. It looks like Cyberdefender is the owner of both of those sites.

Allen Harkleroad is a well known consumer advocate, who has taken on some pretty big names in business, such as Dell, AMD, ATI, UPS and FedEx, to name a few.

The Contention:

Allen claims that Cyberdefender is a scam and has posted several articles in his websites, supporting those claims. Here’s one of them:

Beware of MyCleanPC.com and DoubleMySpeed.com Same Scam, Same Company

Here is a copy of the legal take-down notice from Cyberdefender’s lawyers:

CyberDefender Corp, MyCleanPC, DoubleMySpeed and Catanese and Wells

At one point, Allen says that he:

I installed the MyCleanPC software on a fully patched Windows XP machine that I rarely used just to see what happen. Other than installing software I use nothing else had been installed and no software had been uninstalled on the machine. It does have anti virus software on it. The CyberDefender software found over 3,000errors on a machine that runs perfectly fine, never had software uninstalled and rarely was on the Internet.

I’ve heard others claim that Cyberdefender isn’t worth the asking price. I decided to try it myself. I used Microsoft Virtual PC, with a copy of the IE6 test virtual machine. This allows me to run a clean, new, fully patched copy of Windows XP. It doesn’t have anything installed on it, not even an anti-virus program. The advantage to using a virtual machine is that I don’t have to worry about messing up a real computer.

Below, I have created a short slide show, which gives the results of my simple test.

Go here if you can’t see the embedded slideshow.

Conclusion:

Let the buyer beware. If I see over 300 errors reported on a clean PC, I have serious doubts and would never buy the software.   What do you think about DoubleMySpeed and MyCleanPC? Would you buy them?


Microsoft Security Essentials 1.0 – the best security solution??

Microsoft Security Essentials 1.0 is one of the best security packages available according to the renowned anti-virus software tester AV-comparatives. These tests are performed periodically by AV-comparatives on the numerous security solutions available.

The security software are tested basically by subjecting them to a plethora of viruses,worms,trojans etc observing how many are detected and also on the number of false positives. Also one of the most important tests is the proactive threat detection test which judges a softwares ability to detect new malware.

It was able to detect 59% of the viruses,trojans and worms thrown showing a respectable detection rate in the proactive detection test. This security package however truly made its mark in the false positives test showing only three false positives while many paid products showed over fifteen.

Its greatest advantage is that its free unlike most other security products which are paid, and their free versions are not that good. To use Microsoft Security Essentials 1.0, the only requirement is to have a genuine Windows operating system. The rest is free.

For more information : click here

To download Microsoft Security Essentials 1.0

Quickly Scan Any File with 40 Different Antivirus Engines

VirusTotal-icoThere are several online services that will allow you to check files for viruses or malware by uploading the files from your computer. One reason you might use one of these services is that you have downloaded a new program and you want to know if it’s safe to install on your computer. One of the services that I use most often is called Virus Total’.

Virus Total is a free, independent service that will analyze uploaded files with around 40 different antivirus engines. Here is the current list:

AhnLab (V3)
Antiy Labs (Antiy-AVL)
Aladdin (eSafe)
ALWIL (Avast! Antivirus)
Authentium (Command Antivirus)
AVG Technologies (AVG)
Avira (AntiVir)
Cat Computer Services (Quick Heal)
ClamAV (ClamAV)
Comodo (Comodo)
CA Inc. (Vet)
Doctor Web, Ltd. (DrWeb)
Emsi Software GmbH (a-squared)
Eset Software (ESET NOD32)
Fortinet (Fortinet)
FRISK Software (F-Prot)
F-Secure (F-Secure)
G DATA Software (GData)
Hacksoft (The Hacker)
Hauri (ViRobot)
Ikarus Software (Ikarus)
INCA Internet (nProtect)
K7 Computing (K7AntiVirus)
Kaspersky Lab (AVP)
McAfee (VirusScan)
Microsoft (Malware Protection)
Norman (Norman Antivirus)
Panda Security (Panda Platinum)
PC Tools (PCTools)
Prevx (Prevx1)
Rising Antivirus (Rising)
Secure Computing (SecureWeb)
BitDefender GmbH (BitDefender)
Sophos (SAV)
Sunbelt Software (Antivirus)
Symantec (Norton Antivirus)
VirusBlokAda (VBA32)
Trend Micro (TrendMicro)
VirusBuster (VirusBuster)

They keep those engines up to date with the latest virus signatures, and they also offer detailed results from each engine in their reports. Virus Total is available in nearly two dozen languages.

To use this service, you simply visit the web page, click on the file upload button, select the file and wait for it to upload. Once the file is uploaded, you will often have to wait a few minutes for the scan results to appear. If you think that sounds pretty easy to do, you are correct. However, Virus Total now offers an even easier method, the Virus Total Uploader.

After you install the Virus Total Uploader [Windows Only] on your PC, you can right click on a file, then Send tothe Virus Total site.

virus-total-uploader-context-sendto-menu

After a few seconds, your web browser will open up to show you the results of the antivirus tests from Virus Total.

That’s not the only trick that the Uploader has for you. When you launch it from your Start menu, you’ll see three other upload options in it’s interface:

virus-total-uploader-main-interface

  • upload a file by choosing it’s process name
  • select a file by browsing to it’s location
  • type in the URL of a file on the web

Go to the Virus Total Uploader page to get it.

Techie Buzz Verdict:

Having a good antivirus program installed on your PC is a must have. The ability to double check files using 40 different antivirus engines is not required, but it sure is nice to have. If you’d like to try this application, I recommend it.

techiebuzzrecommendedsoftware1

Techie Buzz Rating: 4/5 (Excellent)

How to Find Out Who Is Spying On You

spying-on-you[Windows Only] Today, I found out that my computer at work had a trojan infection. Most of my co-workers would never have noticed the bug, but a little luck and the right tools made my discovery possible. Since I discovered the infection early, I was able to quickly  remove the malware. Do you know if evil computers are connecting to your PC? If you really want to find out, I recommend that you try two utilities from NirSoft.

Download and Install:
CurrPorts and IPNetInfo are both portable applications that are offered as ZIP files. You can unpack these ZIP files anywhere on your hard drive or even onto a flash drive to use them. CurrPorts and IPNetInfo work best if you put the files from both programs into the same folder. After I downloaded and unpacked them,   I ended up with the following files in my CPorts folder.

currports-file-list

Run CurrPorts:
You can run CurrPorts by launching the cports.exe file. It will scan your computer and display a list of processes on your PC that are using the network and internet connections. The list contains the following columns of information on each connection.

Process Name *
Process ID
Protocol
Local Port
Local Port Name
Local Address
Remote Port
Remote Port Name
Remote Address *
Remote Host Name
State
Process Path *
Product Name
File Description
File Version
Company
Process Created On
User Name
Process Services
Process Attributes
Added On
Module Filename
Remote IP Country
Window Title

Search the information:
The most important columns to pay attention to are the columns described below.

Process Name is the name of the program or service on your PC that is making the connection.

Process Path tells you where the program or service is located on your hard drive. It’s important to know this location if you suspect that you have a spyware, virus or trojan infection.

Remote Address is a set of numbers that is often called the “IP Address”. This address is needed to identify the computers connected to you by the internet.

Many of the connections you’ll see won’t even have a remote address and you don’t have to pay as much attention to them. In order to unclutter the list and concentrate on the remote IP addresses, you can use the Options menu and uncheck the item labeled “Display Items without Remote Address“.

currports-display-options

Identify WHO IS connecting:
Now that you have some IP addresses displayed, you can find out more about them by using NifSoft’s IPNetInfo utility. When you right click on any remote address shown in CurrPorts, you can find out more about it by choosing the IPNetInfo option. IPNetInfo will pop up and give you the WHOIS information if it’s able to.

currports-with-ipnetinfo

Here’s an example of the WHOIS info for a Google page in Internet Explorer.

ipnetinfo-report

IPNetInfo.exe can be run all by itself by launching the ipnetinfo.exe file. When it’s running this way, you will have to paste in the IP Addresses manually to initiate WHOIS searches.

Stop the Spies:
Once you’ve identified all the owners of those remote IP addresses, you should have a better idea about who they are. You can usually find out more about them by using the company name in an internet search. If you are still suspicious that the IP addresses you are seeing are from the bad guys, you can check in several places to find out if they are on a watch list. I recommend that you search for malicious addresses at hpHosts. Just paste the remote IP address into the search box.

If you’ve identified a connection you don’t want, you can right click on entries in CurrPorts and either “Close” the connection or “Kill” the process on your PC. If you have a process running on your machine that continues to connect to IPs that are suspect, you should probably save an HTML report as shown below, then run an Anti-Virus and Anti-Spyware scan. I recommend using MalwareBytes or one of the other good free spyware removers. If that doesn’t do the trick, get some help from one of the Anti-Spyware forums. I always visit Temerc.com‘s forums when I need help.

If you wish to ask me about some of your remote connections, you can select one or more items in CurrPorts, click on “View” > “HTML Report – Selected Items”. When the report pops into your web browser, you can copy and paste the information into the comments below this article. You can also save the report from your browser using the File > Save menu.

V

Have a good day and surf safely!

New Free Virus Removal Tool from McAfee – Fake Alert Stinger

flying_wasp [Windows Only] McAfee is well known for it’s antivirus software, and you usually have to pay for their protection. They offer the free Stinger tool to help people clean out PCs that have been crippled by virus and trojan attacks.

fake-alert-scanner

There is no installation required. Just download it and run it. It works on all Windows PCs as far as I know.

I normally download a fresh copy of Stinger onto a USB flash drive or CD before I go off to help my friends with bug problems.

In addition to the standard Stinger, there’s a new version of Stinger out now called FakeAlert Stinger. It’s designed to specifically target multiple varieties of the FakeAlert trojans, such as, Kryptik, AVP Security, Fakespypro, Winwebsec, Antivirus Soft and XPSpy.

FakeAlert applications are a form of ScareWare that pop up fake warnings which attempt to trick you into running their scans and buying their premium products. It’s a huge money-making scam that’s been very effective against new PC users.

Download McAfee Stinger and FakeAlert Stinger

Notes: There are many other antivirus and anti-malware tools that can help you clean up an infected PC. Last year, Keith wrote about an application which will Remove Fake Antivirus from Your System. If all else fails and the PC is really trashed, I’ve got an article describing how to Run AntiVirus on a PC That Will Not Boot.

Techie Buzz Verdict:

techiebuzzrecommendedsoftware1 There are two versions of McAfee Stinger. Both are very good, and there’s no reason not to use both of them when you need to clean up an infected PC. I have used Stinger for years and I’ve never had an issue with it. I only wish it was Open Source, so that more people could contribute to it’s effectiveness.

Techie Buzz Rating: 4/5 (Excellent)