"Security" software breaks Windows

It gets fun again - my life I mean; the rest of this blog post is dead serious, please make no mistake.

For years I have recommended NOT TO USE products from Webroot. I remember too many bad experiences with and infections on computers that were presumably "protected by Webroot".

In NBC's words:

An antivirus service used by tens of thousands of businesses and millions of home users shut down an untold number of computers around the world Monday after it mistakenly identified core parts of Microsoft Windows as threats, the company confirmed.

Similar events have occurred in the past; sadly they are much more common than we would like and the public hardly knows about it. Some well known companies in the "computer security" or "anti virus" business have had similar snafus. Here is a quote from a blog post at Bleepingcomputer.com:

... Such mishaps have been reported for years to include major anti-virus/security vendors such as Panda, avast, AVG, BitDefender, Kaspersky, Malwarebytes, McAfee and Symantec. In most cases when these issues occur, the anti-virus vendors and security tool developers take quick action to correct the problem and provide support to those users who have been affected.

To call such blunders a "mishap" is not a euphemism, IMHO it is outright glossing over or covering up a major blunder.

Things like this should not happen and they don't need to happen, they are major avoidable blunders. In every case we can only speculate about the "why" and I don't like to speculate.

What does all the above tell us? IMHO very simple:

Do not trust a single word in high gloss, pretty brochures.
Do not believe the words in computer related advertisements on TV.

What you find in high gloss publications is mostly marketing hype and likely not really trustworthy. And when certain "security" software seemingly out-of-the-blue suddenly is being hyped over the moon in TV advertisements it IMHO is time to run for the hills. It tells me that very likely a marketing campaign has to cover up some so called "mishap".

-----

So far I have used the acronym IMHO three times in this blog post. Generally there are always at least two ways to look at something, as we say around computers YMMV. If you have a different opinion - or maybe simply think I am a dumba.s then I ask you to please leave a comment, state your case or blow off steam below. 

Thank you in advance.

AVG and McAfee - Not Safe

Again, please give up on so-called "security" products from AVG and McAfee.

As reported here they are not safe!

Should you not know what to replace them with then give me a call at four.one.four-seven.one.nine-two.nine.seven.seven. I look forward to hearing from you.

Stay safe!

Wrong, Every Step She Took Wrong

Original text of email I got from a long ago customer:

Recently our Microsoft Essentials "little house"  has been erratic in its stability.  We have done full scans and quick scans with it staying green for a short period of time changing to orange and then eventually to red.

I googled this question and received an answer that Microsoft is not updating this since last year - so the definitions are not really up to date.  Is this true?
It was suggested that I get AVG Anti Virus which is Free.  I did do this and it  appears to be doing the job with the green circles, etc. 

On that same page there is a area where I can check to "fix performance".  It is a PC Analyzer - After doing this, the report was: many errors in various areas and they said it could be fixed for fee/one time and/or I could get a program for 1 year.  I would not need one for one year but I would like take advantage of the free analyzing of this performance.  Do you think I should do this and is AVG a good solution if indeed Microsoft has stopped updating?

... [I] realize we will have to update to windows 10 when they force us to do so.  If we do not do this will they charge us?

 And here is the original text of my reply, please judge for yourself:

Thanks for asking. If you remember I do not express myself politically correct so please brace yourself for some rough truths:

• The "little house" you refer to represents Microsoft Security Essentials which was your anti virus program until you installed AVG.
• ANY anomaly with your anti virus should have rang a LOUD alarm bell.
• If it has not updated since last year your computer potentially was not protected against common viruses.
• AVG is a program that I urge my customers to stay away from!
• It installs really crappy programs, that is how AVG (the company) makes money nowadays.
• PC Analyzer IMHO is known malware.
• I bet you that almost ALL the errors that you get shown are false messages meant to scare you into installing even more useless programs.
• Keep going with these silly suggestions and soon your computer will likely not be usable any longer.
• No, DO NOT take "advantage" of the "free" solution that you mention, it will make it only worse.

I believe I still could fix the situation and hopefully repair your computer. I guarantee that the free solution will not work to your satisfaction. 

The question about "they" ( I assume you mean Microsoft?) charging you only Microsoft can answer and they, MS, has been asked the same thing thousands of times; so far MS has only replied with marketing blah-blah; we just do not know. My personal suspicion is yes, no later than January 2020 when in MS's view Windows 7 comes to the end of it's supported lifetime.

In case my replies offended you I apologize, that was and is not my intention at all.

For my readers here: No further comment from my side; please come to your own conclusion and PLEASE, don't make similar or the same mistakes.

Stay safe.
 

"Free" Security programs - For A Price

I stumbled over this article on How-To-Geek.

I wan to save you the hassle and time to read this lengthy article your self and will quote a few selected and IMHO most relevant snippets.

My stance toward the remaining "free" security programs as well as the well known commercial offerings is known; I have expressed this here repeatedly. So let's begin:

1. Free antivirus applications aren’t what they used to be. Free antivirus companies are now bundling adware, spyware, toolbars, and other junk to make a quick buck.... At one point, free antivirus was just advertising, pushing users to upgrade to the paid products. Now, free antivirus companies are making money through advertising, tracking, and junkware installations.
    
2. Comodo ... change[s] your web browser’s search engine to Yahoo! and bundles the GeekBuddy paid tech support software. It also bundles other Comodo products you might not want, including changing your DNS server settings to Comodo’s servers and installing “Chromodo,” a Chromium-based browser made by Comodo. ... As the Comodo-affiliated PrivDog software contained a massive security hole similar to the one Superfish had, there’s a good chance you don’t want a bunch of other Comodo-developed software and services thrown onto your computer.
    
3. Lavasoft’s Ad-Aware pushes “Web Protection” that will “secure your online search” by setting SecureSearch as your web browser’s homepage and default search engine. Despite the name, this isn’t actually a security feature. Instead, it just switches your web browser to use a branded search engine that actually uses Yahoo! in the background — this means it’s powered by Bing.
   If you prefer Bing, that’s fine — just use the full Bing website. You’ll have a better experience than using Lavasoft’s rebranded, stripped-down search engine.
    
4. Avira encourages you to install “Avira SafeSearch Plus.” This is just a rebranded version of the Ask Toolbar, redirecting your search results through a rebranded version of Ask.com’s search engine. If you wouldn’t want the Ask Toolbar installed, you wouldn’t want this rebranded version of it installed either.
    
5. ZoneAlarm also wants you to enable “ZoneAlarm Search” as your browser’s default homepage and search engine, along with installing a ZoneAlarm toolbar that is - once again - a rebranded version of the Ask Toolbar.
    
6.  Panda {Free Antivirus] attempts to install their own browser security toolbar as well as change your browser’s search engine to Yahoo, and its home page to “MyStart,” which is powered by Yahoo. To Panda’s credit, they at least don’t attempt to trick you by offering you a renamed Yahoo search engine or home page.
    
7. avast!’s installer also tries to install additional software you might not want. We’ve seen Dropbox offered here in the past, but avast! attempted to install the Google Toolbar when we tried installing it.
   Programs like the Google Toolbar and Dropbox are high-quality software you might actually want, so avast! comes out looking very good compared to the other options here. But even avast! has done done some questionable things in the past — witness the avast! browser extension inserting itself into your online shopping.
    
8. AVG has its own suite of obnoxious utilities, including the AVG Security Toolbar, AVG Rewards, AVG Web TuneUp, and SecureSearch.
    
9. BitDefender offers a stripped-down free antivirus. ... BitDefender is still pursuing the strategy of attempting to upsell you to the paid product.
    
10. MalwareBytes doesn’t attempt to install any extra junk on your computer, although the free version doesn’t offer real-time protection. To their credit, MalwareBytes is offering a free tool that’s useful for manual scans - it even picks up and detects [and removes!] much of the adware other programs install - and encouraging you to pay for a more full-featured product.
    This tool could be quite useful in combination with another antivirus, like Microsoft’s free Windows Defender or Microsoft Security Essentials solution. But it’s not a standalone free antivirus you can depend on, as it lacks the real-time scanning.

 Not too nice a situation out there, right? You either pay up or you have to live mostly with junk you did not want in the first place.


Don't despair, a good, time proven free solution is available since about 2009.

For now over 13 years I "fix" my customer's home computers by removing all sorts of viruses and other malicious or obnoxious software. Most of my customers call themselves "computer illiterate". All of them have lived safely with mostly little or no manual effort.

The only malware infections happen now when someone "falls" for a social engineering trick; that is in effect when the customer for a moment was inattentive. And hat is just a human weakness, I know from my very own experience.

If you want to know details about this solution plese drop me a personal email; thank you.

AVG + Google Chrome = TROUBLE

Happy and healthy New Year to everybody!
... It's the first post in 2016 ...

The title describes the newest formula for disaster.

For years I have advised against using Google Chrome as your primary web browser.

For years I have advised against using AVG's free "security" programs.

Now this combination has become a wide open barn door for malicious software and/or viruses to take over your computer. You can read more about the details here.

If you use AVG I recommend to uninstall it and instead rely on Microsoft's Defender respectively Security Essentials in Windows 7. If you run into problems when you uninstall AVG you find AVG's special removal programs here. Take care to download the correct "bittedness" version for your version of Windows.

I you use Google Chrome I recommend to install Mozilla's Firefox browser; in Firefox you need to install two extensions or add-ons:

1. Adblock Plus and  
2. WOT (Web Of Trust)

After you install Firefox go to the Bookmarks manager (Bookmarks, Show All Bookmarks. Import and Backup, Import Data from Another Browser, select Google Chrome) and import bookmarks ONLY! When you have your bookmarks in Firefox please uninstall Google Chrome.

That plus some applied common sense is all you need to be and stay safe on the Internet.

If you want to do more against eventual advertisement malware and so called PUPs then download THE FREE version from here. Install Malwarebytes only AFTER you read this article about how to install and use it correctly.

Stay safe!

Hacked Passwords

Currently it happens way too often that passwords of email accounts get hacked. The compromised accounts get used to send out spam emails that will one way or another make money for the crooks behind this scam.  Mainly affected are accounts that end with

• @yahoo.com
• @hotmail.com
• @aol.com
• @att.net
• @sbcglobal.net

AT&T and SbcGlobal accounts are affected because AT&T subcontracted Yahoo to technically handle their email accounts. This is true for our local area. In other parts of the country other email accounts may be affected as well.

Affected accounts are used to send out spam email that look mostly like that:

this is rather awesome http://www.eudonews.net/biz/?read=6036326

The leading text and readable part of the link can be different but so far the general format has been similar. I expect that sooner or later (I am afraid sooner) the crooks will replace the leading text with more intriguing and/or salacious creations.

Again and again I have to say: Even when such an email seems to come from someone you know DO NOT CLICK on the link! The sender address in an email is NOT trustworthy, it can easily be faked to show whatever the crook wants you to see!

The links always lead to known malicious and untrustworthy websites. One way or another the crooks make money, lots of money. Some gang that recently got busted had collected about 14Million dollars.

The accounts could get hacked because the passwords were too short, simple, easy or any combination thereof.

In April 2011 I wrote an article about "Passwords too simple - What to do about it". It still is valid!

Just as an example: A collector of classic cars uses the password "fordbuff". Eight character length is by some technicians considered to be a fairly good password. BUT see this from passwordmeter.com:

Had he chosen "I am a Ford buff" it looks like this:

And now look at the result for "Driving 2 Fords":

Impressive differences, aren't they? And where come these differences from? Example two contains capital letters and special characters (spaces), example three contains an additional number.

If you have not yet done so please read my April 2011 article about "Passwords too simple - What to do about it". It still is valid! 

And another possible reason for your account passwords being hacked may be that you have a password sniffing virus on your machine. Do you already run Microsoft Security Essentials or are you still on Avast, AVG or Avira, "the other" free anti-virus programs? 

Conclusion: A simple little sentence with a number somewhere in it is way better than any single word!

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

Slow Computer? Boot Your bleeping Security Suite!

In the last three days I had three customers who were complaining about their slow computers. Customer number one had an older but fairly well equipped Windows XP machine with paid AVG, number two a Vista computer with Kaspersky Security Suite (paid) and number three was running Windows Vista Basic on a computer with limited main memory and Trend Micro Security Suite (paid).

In all three cases the machines were between four and six years old, that is just on the border where I begin to evaluate the worth of investing money into an aging computer versus buying a new computer.

In all three cases the customers choose to have me try removing the installed "security suites" and replace them with Microsoft Security Essentials before they made their choice between fix old or buy new.

Number one was a no brainer; original words of the customer: "Wow; that box NEVER before worked that fast!". He still is using Windows XP and he is a happy camper.

Number two was trickier because his machine had over time caught about 340 pieces of malicious software, among others two very nasty Rootkit viruses, a couple of Trojan horse programs and it was missing half a ton of updates. The clean up and updating took some time, I removed Kaspersky and installed Microsoft Security Essentials and guess what, the customer said he'd happily pay me, give the computer to his daughter in college and asked me to advise him what to replace his computer with!

Number three is so happy they gave me an excellent tip in the form of home made dill pickles, yummy! Thank you Fred and Judy! They will keep using their computer until they can afford a new one. And I got an additional job from them, thanks for that too.

Why do I tell these stories? Because that's the reality out in the field of home computing, not what I witnessed last (Black) Friday in a local Best Buy store where almost every customer who talked to the Best Buy sales people about a computer got pestered to buy one of  Kaspersky's security suites.

All these by now massively complex programs in my opinion are not worth the money compared to Microsoft Security Essentials.

MSE "speaks" only understandable English,
MSE is absolutely unobtrusive,
MSE does not slow down your computer,
MSE does not block your computer while it is scanning,
MSE updates in the background when the computer is otherwise idle and on top of all
MSE is free, free as in no money!

Sounds like a no brainer to me.


As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

Out Of My Support

As of this writing it has been almost eight months that I don't use or recommend

• Avast 
• AVG (since a looong time already!)
• Ad-Aware
• Spybot Search & Destroy and
• Spywareblaster

any more.

This is not because they are any "bad" but because there is something better or at least as good out there, Microsoft Security Essentials (MSE). IMHO it is for my customers the better solution and it is MUCH easier to use.

I have talked about this fact since at least October 2009 every time I was on WTKM radio (first Monday of every month at 10:00AM on 104.9 FM).

Since January 15th 2010 I have a long and detailed article about the change on my blog. This article describes detailed step by step instructions for switching to MSE.

In the blog's table of contents you can easily find all my other articles about MSE.

The short of all this is that I can not answer questions about the five programs mentioned above any longer. I simply don't use these programs any more and thus don't know the answers to questions concerning the most current versions.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.
 

My take on AVG 8.x Free

You probably have gotten reminders from AVG to upgrade to version 8. All these reminders sound like that is a for pay version only. This is NOT true. Grisoft has the AVG 8.0 Free download on this web page. It is quite a trip to get there though.

Here is my admittedly personal scoop on AVG 8; no claims to completeness either.

· With the advent of version 8 of AVG Free the program has undergone a major transformation. Even the free version has added features. Some comments follow:

· Anti-Spyware: Resident program feature that adds memory usage and asks technical questions that most of my customers will not even want to read.

· Safe Search: Searching for these words on AVG’s web site does not bring up any explanation for this feature; curious to say the least.

· Practical experience shows that it adds a marker to Google search results; this marker was explained similar to this:
“In our tests this web site did not exhibit malicious behavior.”

· The above is totally inferior to McAfee’s Siteadvisor; that actually says something about the quality of downloads, spam emails and dangerous links.
And with this new AVG feature it clearly took longer to get the search results.

My conclusion: AVG is on the way to become (yet another?) program package like a “Swiss army knife”; too bad.

I will not install it on my customer’s machines any longer.

I recommend and will be replacing it with Alwil Software’s program “Avast! 4 Home”. You can read details about this software on this web page.

I know of two other free anti virus programs, Clamwin and Avira's AntiVir. Both do not screen incoming emails and Clamwin has no on-access scanning; thus both lack at least one must have feature. This is why I choose Alwil Software's avast! program.

In May 2008 I posted instructions on "Switching to avast! anti virus". Please refer to these instructions if you want to attempt the switch.

Good Luck.

Feel free to post any comment you may have.

Thank you in advance.