Tag Archives: Security Software

MSE Fail’s AV-Test Certification; Microsoft Challenges the Testing Methodology

Microsoft’s antivirus product, Microsoft Security Essentials has once again failed AV-Test’s criteria for Certification. MSE was able to garner a score of 10 out of a possible 18, while a score of at least 11 was needed to obtain the certification.

The area where MSE failed was on detecting zero day attacks. MSE detected only around 78% of the attacks, whereas the industry standard is 91%. The test included 24 other security solutions out of which two other products also failed to obtain the certification. While Bit Defender Internet Security, Kaspersky Internet Security and Norton Internet Security got the highest ratings, AhnLab and PC Tools Internet Security failed.

Obviously, Microsoft was not happy with the test results and challenged AV-Test’s results in a blog post,

Our review showed that 0.0033 percent of our Microsoft Security Essentials and Microsoft Forefront Endpoint Protection customers were impacted by malware samples not detected during the test. In addition, 94 percent of the malware samples not detected during the test didn’t impact our customers.

AV-Test reports on samples hit/missed by category. We report (and prioritize our work) based on customer impact.

AV-Test’s test results indicate that our products detected 72 percent of all “0-day malware” using a sample size of 100 pieces of malware. We know from telemetry from hundreds of millions of systems around the world that 99.997 percent of our customers hit with any 0-day did not encounter the malware samples tested in this test.

AV-Test’s test results indicate that our products missed 9 percent of “recent malware” using a sample size of 216,000 pieces of malware. We know from telemetry that 94 percent of these missed malware samples were never encountered by any of our customers.

You can read the full response here.

How to Setup and Run Windows Defender Offline Version

Windows_Defender_iconMicrosoft has added another weapon to its arsenal in its fight against malware: an offline version of the Windows Defender software. The software, which is in beta at the moment, scans and removes various forms of malware like its desktop counterpart. But the advantage of the Offline version is that it can be run from an external media such as a CD or USB drive, even when the OS is not running. This makes it easier to remove certain rootkits and advanced malware which otherwise is difficult to remove when the OS is running. Like the version found in Windows 8, Windows Defender comes with both anti-spyware as well as anti-virus solutions.

Here’s a step by step guide on how to setup and run Windows Defender Offline beta.

1) First, download the 32-bit or 64-bit installer of Windows Defender from here, depending on the version of Windows you have.

2) Once the download is finished, open the installer. Click Yeson the UAC window if prompted. Next, you will see the window  below  . Click Next.

clip_image002

3) Now select the media, in which you want to install the tool and click Next.

clip_image004

I recommend installing on a USB drive because, if you install it on a USB drive, you will be able to update the definitions later. If you use a CD/DVD, it will become obsolete pretty soon when new updates are released.

4) You will have to reformat the USB now. Make sure that you don’t have any important data in it before proceeding.

clip_image006

5) Finally, the installer will download the necessary files (about 215MB in size) and setup the USB drive. Click Finishonce the setup is complete.

clip_image008

6) To scan your computer, restart your computer with the USB drive connected. Make sure that USB booting is enabled in your BIOS. Once that is set, you can boot from your USB drive. If you have a dual boot setup, you will have to choose the OS to be scanned. Select the desired Operating System and click OK.

clip_image010

7) Next, you will be taken to the Windows Defender interface. As you can see from the  screenshot  below , it is pretty similar to the Microsoft Security Essentials UI. You can select to do either a Quick Scan, a Complete Scan or even scan specific areas. Just select the desired option and click Scan now.

clip_image012

clip_image014

To update Windows Defender Offline Tool,

just click the installer you used earlier and it will automatically download and install all available updates.

clip_image016

Microsoft Security Essentials Beta Opens for Public

Microsoft has made the beta for the new version of Microsoft Security Essentials (MSE) available for public widely. Earlier, the beta was only available for a limited number of beta testers.

MSE Beta

The download isn’t straightforward though. You need to click the Download Now link on the Microsoft Security Essentials homepage that would take you the MSE beta page on Microsoft Connect (Windows Live ID required). The current beta build is version 4.0.1111.0. The beta is available both as 32-bit edition (8.87 MB) and 64-bit edition (11.04 MB). The software supports Windows XP with Service Pack 3, Windows Vista with Service Pack 1 or 2, and Windows 7 with Service Pack 1.

SNAGHTML8083d1

This latest version includes the following new features and enhancements to better help protect your PC:

  • Cleans highly impacting malware infections automatically, with no required user interaction
  • Enhanced performance
  • Simplified UI
  • New and improved protection engine

While, Microsoft Connect is used to engage with beta testers by encouraging participation in surveys to report results or submitting bugs, the MSE Beta page doesn’t have those available at this moment though.

Android Security Apps Benchmarked: Bit Defender Has the Highest Detection Rate, Symantec the Lowest

The growing sophistication and popularity of smartphone operating systems has handed malware developers new platforms for wreaking havoc. Apple by and large avoids malware scares by maintaining a tight grip over the iOS App Store. However, Android’s open nature makes it a much easier target. Although malware outbreaks on Android aren’t nearly as big of a problem as they are on Windows, over the past year, a few of them have succeeded in creating trouble. PCSL (PC Security Labs) from China has published a comparative study of some of the security solutions for Android currently available in the market.

PCSL used a sample database consisting of 90 malware to test the detection capabilities of Android antimalware/antivirus applications. The detailed report is yet to be published, but the chart below illustrates the overall results.

Android-Antivirus-Shootout

Bit Defender was the top performer followed by a Chinese solution called Qihoo 360. Somewhat surprisingly, reputed vendors such as Trend Micro, AVG, and Symantec performed miserably. One possible explanation might be that PCSL, which itself is based in China, used a sample set that contained a sizable proportion of malware of Chinese origin. I guess we will have to wait for the release of the full report to know more. Many familiar names including Lookout and ESET were also excluded from this shootout; however, PCSL has promised to include them in the next edition.

Kaspersky Antivirus 2012 and Internet Security 2012 Released

Kaspersky-2012Kaspersky Lab has released the 2012 editions of its reputed anti-malware products – Kaspersky Antivirus and Kaspersky Internet Security. Kaspersky Antivirus is the base offering which offers file antivirus, web antivirus, cloud scanning and proactive defense. Kaspersky Internet Security offers a more complete protection and has several additional features like firewall, sandboxing, and parental control.

To be honest the biggest change in the new version is the new user interface, which is nothing short of stunning. There isn’t a lot of new stuff, mostly because Kaspersky products are already packed to the brim with features. However, there are several improvements.

Kaspersky-Antivirus-2012-Dashboard

The focus of this release is on offering hybrid protection that harnesses the power of the cloud along with the local database and heuristics based security technologies to reduce the average protection delivery time. Kaspersky’s cloud protection relies on the Kaspersky Security Network (KSN), which has been a part of Kaspersky’s offerings for quite some time now. However, in the latest editions of its products, Kaspersky has done a better job at highlighting the cloud integration. KSN currently has more than 30 million voluntary members from 213 countries, and is capable of tackling advanced threats like zero-day exploits, phishing and spam. It also includes a File Advisor and a URL Advisor, which provides ratings on the trustworthiness of files and websites respectively.

Kaspersky-Antivirus-2012

The proactive defense module has also been improved. System Watcher module should be more efficient than before at analyzing activities performed by various processes and detecting malicious intent. Kaspersky is also promising better performance and improved compatibility with its latest release.

Kaspersky-Antivirus-2012-Scan

As I mentioned earlier, the changelog is pretty short and mostly unimpressive. However, Kaspersky is continuing its tradition of offering free upgrades to existing license holders. Just key in your existing activation code into the trial version, and your license will be automatically upgraded. You can download the free 30 day trial versions of Kaspersky Antivirus and Kapsersky Internet Security from here.

A Review of Emsisoft Free Emergency Kit

icon120_free

[Windows Only]  Emsisoft isn’t a big name in the anti-virus, anti-malware industry, but they are well respected and they’ve been offering great products since 2003. When I first ran into them, they were offering one of the best anti-trojan scanners, named A-Squared. Recently, they’ve come out with a new bundle of anti-malware called Emsisoft Emergency Kit, and it’s completely free.

The first feature of this software kit that I liked, was the fact that it’s also portable. This means that the files making up this bundle can be copied to a CD or a USB flash drive, so that it can be used easily on any PC. All you have to do is download the Zip file and extract it to any drive you want. Below is a screen shot of the files included in this package.

em-kit-files

To start up Emergency Kit, simply double click the start.exefile.   This launches a selection screen and you can choose one of the four main programs included in the kit.

em-kit-selection

Below is a list of the programs in the kit and a brief description for each.

• Emsisoft Emergency Kit Scanner

Search the infected PC for Viruses, Trojans, Spyware, Adware, Worms, Dialers, Keyloggers and other malign programs.

em-kit-scanner

• Emsisoft Commandline Scanner

This scanner contains the same functionality as the Emergency Kit Scanner but without a graphical user interface. The commandline tool is made for professional users and can be used perfectly for batch jobs.

• Emsisoft HiJackFree

HiJackFree helps advanced users to detect and remove Malware manually. With HiJackFree you can manage all active processes, services, drivers, autoruns, open ports, hosts file entries and many more. It’s a tool very similar to the old and much revered HiJackThis, except that it offers more information and the ability to consult an online analysis tool for advice.

hj-free-processes_220 hj-free-ports_220 hj-free-autoruns_220 hj-free-services_220 hj-free-addons_220 hj-free-hosts_220 hj-free-quarantine_220

• Emsisoft BlitzBlank

BlitzBlank is a tool for experienced users. BlitzBlank deletes files, Registry entries and drivers at boot time before Windows and all other programs are loaded.

Here’s the Emergency Kit home page for more details and the download: http://www.emsisoft.com/en/software/eek/

Note: Another great tool from Emsisoft is the well known Online Armor firewall (free version).

. . . . . .

Techie Buzz Verdict:

I tried out Emsisoft Emergency Kit briefly and I was not disappointed. Even though most of the tools in this kit are for experienced users, the Scanner alone can help almost anyone. It’s not a small download, but it’s portable and most importantly, it’s free. I give it a big thumbs up.

techiebuzzrecommendedsoftware1

Techie Buzz Rating: 4/5 (Excellent)


SpywareBlaster – Low Impact Malware Protection

[Windows – all versions]

spyware-blaster-icon

Way back in the late 1990’s and early 2000’s, one of the first security apps I’d install on a PC was SpywareBlaster. These days, I don’t use it as often, however, it’s still excellent PC protection, especially if you are using Internet Explorer as your default web browser. Here’s what the website says about this application:

Multi-Angle Protection

Prevent the installation of ActiveX-based spyware and other potentially unwanted programs.
Block spying / tracking via cookies.
Restrict the actions of potentially unwanted or dangerous web sites.

No-Nonsense Security

SpywareBlaster can help keep your system secure, without interfering with the “good side” of the web. And unlike other programs, SpywareBlaster does not have to remain running in the background. It works alongside the programs you have to help secure your system.

spyware-blaster-main

Here’s a list of web browsers that can benefit from SpywareBlaster’s protection:

Internet Explorer
Mozilla Firefox
Netscape
Seamonkey
Flock
K-Meleon
and browsers that use the IE engine, including:
AOL web browser
Avant Browser
Slim Browser
Maxthon (formerly MyIE2)
Crazy Browser
GreenBrowser

SpywareBlaster does not have to run continuously in order to do it’s job. It simply applies a few registry settings to your PC and your browser that will help prevent drive-by downloads and bad ActiveX scripts. After you’ve installed SpywareBlaster, all you have to do is to enable the protection on the main screen.

spyware-blaster-all-protections

The free version of SpywareBlaster requires that you update it manually, however, there is a pro version that can update itself automatically. If you can remember to update it, the free version is fine for all users. The manual update process is very simple.

spyware-blaster-updates

There are a few other tools bundled in with SpywareBlaster, one of them is the System Snapshot. If you ever find yourself having a few problems with your web browser, restoring one of these snapshots may be an easy fix.

spyware-blaster-sys-snapshot

Another tool is Hosts Safe. Windows uses the HOSTS file to provide system shortcuts to various websites and some malware programs take control of this file to force your PC to places you’d never go on your own. You can create backup copies of your HOSTS file easily with this tool in SpywareBlaster and restore them later if needed.

spyware-blaster-hosts-safe

The last tool I’ll mention is a IE Settings section. As you can see, it offers two or three settings that can help you protect Internet Explorer.

spyware-blaster-ie-settings

Please note that SpywareBlaster is not a replacement for Firewall, Anti-Virus or Anti-Spyware tools. However, it’s normally quite safe to use it in addition to the tools you already have installed.


Download SpywareBlaster: Download.com

SpywareBlaster Website: javacoolsoftware.com

Techie Buzz Verdict:

SpywareBlaster is a great way to add an additional layer of security to your PC. I like the fact that it does not have to run continuously in the background in order to work. It’s been around for over 10 years and I’ve never seen any serious complaints about it. I can easily recommend it.

techiebuzzrecommendedsoftware1

Techie Buzz Rating: 4/5 (Excellent)

Online Home Tech Support with Comodo Cloud Scanner

[Windows all] Have you ever heard of a software company named Comodo? I first spotted them a few years ago, when they offered a free Firewall program. Even then, I knew it was a company worth watching. Each year, Comodo seems to be offering bigger and better security apps, and many of them are free for home users.

Here’s a peek at their free protection page:

comodo-free-products

As you can see, there isn’t much in the PC security field that they don’t cover. I’m sure that I could run a safe PC using only their free offerings.

The freebie I tried most recently is called Comodo Cloud Scanner. The description for this piece of software fooled me. Quote: Scan your PC to identify malware, junk files, registry errors and hidden processes. I assumed that it was simply a scanner that advised you about security risks and offered advice. I’ll show you what I ran into and why I was so surprised.

First I downloaded and installed the 10mb exe file. Here’s what the first screen looked like:

comodo-cloud-scan-01

I clicked the Scan Now button and waited while it cranked away. Here are the results I saw when it finished.

comodo-cloud-scan-02

Holy Cow! Over 3000 errors?

I was surprised and a bit aggravated. The last time I saw results like this was when I was testing out some suspected scamware at MyCleanPC. Any time I see extreme results like this, I always suspect that someone is trying very hard to sell me a solution I don’t need.

At the bottom of the scan results, was this little button.

comodo-help-me

I thought about this for a few minutes. I was still angry about the results. I looked through the details of the results and they really weren’t security problems as I’d define them. Most of it was browser cache files, junk registry entries and cookies. That really pissed me off, and I decided that I had to see what kind of help they’d offer.

I clicked on the Help Me button and waited for a live connection to one of the Comodo people. A pretty basic looking chat window finally popped up and I was connected to Chris in New Jersey. Below is the dialog (I’m the subscriber):

 

image

Well, that explained it all to me. The scan is simply a ploy to get you into their online help service. I’m kind of wondering what results I’d get if I had used the Comodo System Cleaner before I had scanned. That test will have to wait on another day.

Techie Buzz Verdict:

The scan that Comodo Cloud Scanner performs on your system is very likely quite good. However, I hate the way they label the findings as Errors and Problems. The so called errors and problems they found are the stuff that happens on your PC as a simple result of using it every day.

I will give them credit for this much; the LivePCSupport service that Comodo provided to me was professional and very timely. If you need a good remote help service, I don’t think you will find many others that are priced this low. Since Comodo offers all of those free security applications, I’m sure they know how to use them to help people. I can’t praise the online service because I haven’t really used it, however, I wouldn’t be afraid to recommend it to a newbie who could really benefit from it. Fifty bucks isn’t too much for most people. Especially if it saves them hours of frustration.

Techie Buzz Rating: Scanner: 2/5 (Poor) / Online Service: 3/5 (Good)

How to Update Windows XP to Service Pack 3

Just as my fellow author, Amit, had warned you, Microsoft has ended support for PCs running Windows XP Service Pack 2 (SP2). According to figures I’ve seen at InformationWeek, as many as 45% of Windows XP machines will need to update to SP3 in order to stay secure.

If you are running a PC that has not been updated yet, there’s no need to panic. Computers running SP2 will continue to work as usual. The end of support for SP2 simply means that those computers will not receive the most current security fixes from Microsoft’s update website or the automated updates.

Since it’s very important to keep your Windows up to date, how can you find out if your machine needs to update to SP3?

The quickest and easiest way to find out is a keyboard shortcut: [Windows key] [Pause/Break]

keyboard-win-break

Another way to view your current Windows version is to right click on a My Computermenu entry or desktop icon and choose the Propertiesitem in the list.

computer-properties

As a result of either of these actions, you should see your computer’s properties as shown below.

system-props-shown

If it says Service Pack 2, then you should use one of the links below to update your PC to SP3. I’ve included four ways to update and a brief description of each method.

A. Windows Update Website
Yes, it’s as easy as visiting Microsoft, however, you will need to use Internet Explorer because Microsoft hates to see you use any other type of web browser.

B. Service Pack 3 Network Install
Despite what the title implies, you can download this single executable file and it will install SP3 easily on any XP machine that needs it. The file is a bit over 300mb in size.

C. Service Pack 3 Add-on for Multi-Lingual Users
If you use languages other than English, you may need this file in addition to the download Babove. It’s only about 9mb in size.

D. Service Pack 3 ISO / CD Image
You can download this ISO file (CD image) and burn it to a CD. This makes it possible for you to have a backup copy and to use it on any XP machine that needs it. The file is over 500mb in size.

E. You can also order a CD from Microsoft by using one of the location links below:
Asia / Europe and Africa / North America / South America

Now, I’m feeling better after writing this important public service announcement. I hope you feel better too, after you’ve updated your old Windows XP machines.


Microsoft Security Essentials 1.0 – the best security solution??

Microsoft Security Essentials 1.0 is one of the best security packages available according to the renowned anti-virus software tester AV-comparatives. These tests are performed periodically by AV-comparatives on the numerous security solutions available.

The security software are tested basically by subjecting them to a plethora of viruses,worms,trojans etc observing how many are detected and also on the number of false positives. Also one of the most important tests is the proactive threat detection test which judges a softwares ability to detect new malware.

It was able to detect 59% of the viruses,trojans and worms thrown showing a respectable detection rate in the proactive detection test. This security package however truly made its mark in the false positives test showing only three false positives while many paid products showed over fifteen.

Its greatest advantage is that its free unlike most other security products which are paid, and their free versions are not that good. To use Microsoft Security Essentials 1.0, the only requirement is to have a genuine Windows operating system. The rest is free.

For more information : click here

To download Microsoft Security Essentials 1.0