Tag Archive for: Security-Essentials

Another Tool for the Cleaning Toolbox

10 Jul 2011
July 10, 2011

Like many who are responsible for curing the PCs of friends and family, I’ve been leaning on the 1-2 combo punch of Malwarebytes Anti-Malware (free) and SUPERAntiSpyware (also free) for the past year or so. Between the two of them — and judicious use of Safe Mode scanning — I’ve been able to cure most ailments that come my way.

[tip: did you know about the SUPERAntiSpyware portable version? I keep a copy on my utility USB stick updated every week or so. Handy!]

On a typical infection each will find things the other doesn’t so I don’t mind running both. Face it: the “good guys” in the fixing business are always behind the “bad guys” in the infecting business. I don’t really expect any one tool to do everything.

But I sure hate it when I still have an infected machine after repeated runs of both apps!

I now have one more tool to add to the mix: Microsoft’s System Sweeper. This is a beta product that I first learned about from the Security Now podcast (episode 303). There are downloads for 32 and 64 bit machines. Just download the proper one, run the installer and it will burn a CD image or create a bootable USB drive for you. Pop that into the infected machine and have it boot from the System Sweeper media.

When it runs you have something that looks a lot like Microsoft’s Security Essentials but it isn’t relying on the infected machine’s Operating System. Face it, Safe Mode is nice but sometimes it just isn’t good enough. Especially when you’re going after root kits! This fixes that problem and doesn’t rely on the victim’s operating system.

In the past month I’ve had System Sweeper finish the job on every machine I’ve tried it on. Brilliant little application and I now have a USB stick dedicated to it. Highly recommended.

 

 

 

Lose the old AV and Anti-Stuff!

03 Mar 2011
March 3, 2011

A McAfee logo with a slash through itJust a quick public safety announcement: When doing maintenance on other people’s PCs, take a moment and check out what they’re running for antivirus, anti-spyware, anti-malware, anti-whatever-we-call-it.

Lately I’ve seen a handful of machines running versions of McAfee first installed 4 or 5 years ago. No offense McAfee, but that old stuff is slow! Twice this month just uninstalling the old crusty McAfee and replacing it with the free Microsoft Security Essentials dramatically sped up the PC. We’re talking a perceived doubling of speed!

Here’s another example: I booted up a very slow XP machine this afternoon. I mean really slow. Like, it took 10 minutes before it was usable kind of slow. 1 GB and a Centrino chipset; not current, but they ran well for their time. Not this one.

Took a peek at the task manager and noticed that one process was using 300 MB of ram — and 99% of the CPU. A quick search showed that it was part of Ad-Aware. More research showed that was installed back in 2007 (4 years ago!) and hadn’t been updated since. Clearly it wasn’t happy with life anymore. Killed the process and uninstalled it. Like a shot of caffeine to a coffee junkie in the morning.

There are just two examples. I don’t mean to single companies out with this as in both examples the installed versions were definitely out of date and not current. And that’s the point: Don’t leave that old stuff laying around.

 

Microsoft Security Essentials beta

13 Aug 2010
August 13, 2010

Microsoft Security Essentials beta It has been a while since I mentioned Microsoft’s Security Essentials antivirus application. This is what I’ve standardized on for the family and friend home machines that I “manage” for them. Simple, light-weight and has worked very well for us over the past year. Pretty easy to forget about it since it is definitely one of the least intrusive AV apps I’ve ever used.

And I’m OK with that.

The beta of the newest version has been available for a month or two now. You need to register or log-in first at connect.microsoft.com (free), but once there you can add the beta and download it.

What’s new?

This Beta version of Microsoft Security Essentials includes these new features and enhancements to better help protect your computer from threats:

  1. Windows® Firewall integration: Microsoft Security Essentials setup allows you to turn on Windows Firewall.
  2. Enhanced protection from web-based threats: Microsoft Security Essentials has enhanced integration with Internet Explorer® which helps prevent malicious scripts from running and provides improved protection against web based attacks.
  3. New and improved protection engine: The updated engine offers enhanced detection and cleanup capabilities and better performance.

I’ve only been running it a week and really haven’t noticed any major difference. As they say, it does just what it says on the tin.

I did run into one minor issue after I upgraded to the beta: The right-click “Scan with…” menu option was no longer there. Turns out that’s a known issue and the first listed workaround worked just fine for me. Problem solved.

If you’re looking for a Windows AV program and don’t mind getting it for free, MSE is one to try. No ads, no banners and no nags. Seems to have a small footprint as well.

A Brief Tussle with Personal Security

22 Mar 2010
March 22, 2010

I was over at my folks’ house yesterday when my Dad walked out of their office asking, “Who rebooted the computer?” Well, nobody had, but after he logged in we noticed they had a new unwelcome guest installed: Personal Security. (cue the “Boo Hiss” sounds)

Personal Security virusThis is another one of those fake antivirus apps like Cyber Protection (last battle) or Antivirus 2009. It looks like an AV app. Acts like an AV app, even presents its own copy of the Microsoft Security Center. Then you’re told that this is just a trial version but boy, you sure have a lot of viruses. If you want to fix all the viruses it has found (heh…) you’ll have to pay for the full version.

What a load of crap.

It even creates an Uninstall entry, but if you try to run it you get another message about it being a trial edition. No uninstall is possible.

Last time I fought one of these apps someone (Nathan?) pointed out that I should consider using System Restore as part of my tool set to fix these things. So I gave it a shot on this one. First I rebooted into Safe Mode (just because it seemed wise). Then I popped into the System Restore app and chose a save-point from the previous day and turned it loose. Rebooted and… no sign of Personal Security any more.

Just to be safe I ran a full scan (again from Safe Mode) using Malware Bytes Anti-Malware and nothing showed up.

I still haven’t figured out how it landed on the parents’ computer – or, more importantly, how it got past Microsoft’s Security Essentials. At about the same time, SE did block a Koobface dropper so I wonder if the attack was a new wrinkle on that? If so, I need to make sure all software on their computer is current. Next step is to install Secunia’s Personal Software Inspector (PSI) and see what’s out of date.