"Security" software breaks Windows

It gets fun again - my life I mean; the rest of this blog post is dead serious, please make no mistake.

For years I have recommended NOT TO USE products from Webroot. I remember too many bad experiences with and infections on computers that were presumably "protected by Webroot".

In NBC's words:

An antivirus service used by tens of thousands of businesses and millions of home users shut down an untold number of computers around the world Monday after it mistakenly identified core parts of Microsoft Windows as threats, the company confirmed.

Similar events have occurred in the past; sadly they are much more common than we would like and the public hardly knows about it. Some well known companies in the "computer security" or "anti virus" business have had similar snafus. Here is a quote from a blog post at Bleepingcomputer.com:

... Such mishaps have been reported for years to include major anti-virus/security vendors such as Panda, avast, AVG, BitDefender, Kaspersky, Malwarebytes, McAfee and Symantec. In most cases when these issues occur, the anti-virus vendors and security tool developers take quick action to correct the problem and provide support to those users who have been affected.

To call such blunders a "mishap" is not a euphemism, IMHO it is outright glossing over or covering up a major blunder.

Things like this should not happen and they don't need to happen, they are major avoidable blunders. In every case we can only speculate about the "why" and I don't like to speculate.

What does all the above tell us? IMHO very simple:

Do not trust a single word in high gloss, pretty brochures.
Do not believe the words in computer related advertisements on TV.

What you find in high gloss publications is mostly marketing hype and likely not really trustworthy. And when certain "security" software seemingly out-of-the-blue suddenly is being hyped over the moon in TV advertisements it IMHO is time to run for the hills. It tells me that very likely a marketing campaign has to cover up some so called "mishap".

-----

So far I have used the acronym IMHO three times in this blog post. Generally there are always at least two ways to look at something, as we say around computers YMMV. If you have a different opinion - or maybe simply think I am a dumba.s then I ask you to please leave a comment, state your case or blow off steam below. 

Thank you in advance.

"Free" Security programs - For A Price

I stumbled over this article on How-To-Geek.

I wan to save you the hassle and time to read this lengthy article your self and will quote a few selected and IMHO most relevant snippets.

My stance toward the remaining "free" security programs as well as the well known commercial offerings is known; I have expressed this here repeatedly. So let's begin:

1. Free antivirus applications aren’t what they used to be. Free antivirus companies are now bundling adware, spyware, toolbars, and other junk to make a quick buck.... At one point, free antivirus was just advertising, pushing users to upgrade to the paid products. Now, free antivirus companies are making money through advertising, tracking, and junkware installations.
    
2. Comodo ... change[s] your web browser’s search engine to Yahoo! and bundles the GeekBuddy paid tech support software. It also bundles other Comodo products you might not want, including changing your DNS server settings to Comodo’s servers and installing “Chromodo,” a Chromium-based browser made by Comodo. ... As the Comodo-affiliated PrivDog software contained a massive security hole similar to the one Superfish had, there’s a good chance you don’t want a bunch of other Comodo-developed software and services thrown onto your computer.
    
3. Lavasoft’s Ad-Aware pushes “Web Protection” that will “secure your online search” by setting SecureSearch as your web browser’s homepage and default search engine. Despite the name, this isn’t actually a security feature. Instead, it just switches your web browser to use a branded search engine that actually uses Yahoo! in the background — this means it’s powered by Bing.
   If you prefer Bing, that’s fine — just use the full Bing website. You’ll have a better experience than using Lavasoft’s rebranded, stripped-down search engine.
    
4. Avira encourages you to install “Avira SafeSearch Plus.” This is just a rebranded version of the Ask Toolbar, redirecting your search results through a rebranded version of Ask.com’s search engine. If you wouldn’t want the Ask Toolbar installed, you wouldn’t want this rebranded version of it installed either.
    
5. ZoneAlarm also wants you to enable “ZoneAlarm Search” as your browser’s default homepage and search engine, along with installing a ZoneAlarm toolbar that is - once again - a rebranded version of the Ask Toolbar.
    
6.  Panda {Free Antivirus] attempts to install their own browser security toolbar as well as change your browser’s search engine to Yahoo, and its home page to “MyStart,” which is powered by Yahoo. To Panda’s credit, they at least don’t attempt to trick you by offering you a renamed Yahoo search engine or home page.
    
7. avast!’s installer also tries to install additional software you might not want. We’ve seen Dropbox offered here in the past, but avast! attempted to install the Google Toolbar when we tried installing it.
   Programs like the Google Toolbar and Dropbox are high-quality software you might actually want, so avast! comes out looking very good compared to the other options here. But even avast! has done done some questionable things in the past — witness the avast! browser extension inserting itself into your online shopping.
    
8. AVG has its own suite of obnoxious utilities, including the AVG Security Toolbar, AVG Rewards, AVG Web TuneUp, and SecureSearch.
    
9. BitDefender offers a stripped-down free antivirus. ... BitDefender is still pursuing the strategy of attempting to upsell you to the paid product.
    
10. MalwareBytes doesn’t attempt to install any extra junk on your computer, although the free version doesn’t offer real-time protection. To their credit, MalwareBytes is offering a free tool that’s useful for manual scans - it even picks up and detects [and removes!] much of the adware other programs install - and encouraging you to pay for a more full-featured product.
    This tool could be quite useful in combination with another antivirus, like Microsoft’s free Windows Defender or Microsoft Security Essentials solution. But it’s not a standalone free antivirus you can depend on, as it lacks the real-time scanning.

 Not too nice a situation out there, right? You either pay up or you have to live mostly with junk you did not want in the first place.


Don't despair, a good, time proven free solution is available since about 2009.

For now over 13 years I "fix" my customer's home computers by removing all sorts of viruses and other malicious or obnoxious software. Most of my customers call themselves "computer illiterate". All of them have lived safely with mostly little or no manual effort.

The only malware infections happen now when someone "falls" for a social engineering trick; that is in effect when the customer for a moment was inattentive. And hat is just a human weakness, I know from my very own experience.

If you want to know details about this solution plese drop me a personal email; thank you.

"Tests" of Security Software

Again it is a customer question that triggers new information on this blog; Thank you Frank C.

The customer asked what I think about the results of a test of Security Software in Consumer Reports' June 2014 issue.

I am not subscribed to Consumer Reports and the contents of their publication is not available online. Luckily the customer had attached a pdf file of the article. Without permission from CR I can not publish it here.

Needless to say that Microsoft Security Essentials/Windows Defender ended up on one of the last places in the rankings. That is very relevant to me because all my home customers use either one of these anti virus programs.

Here is my reply, almost verbatim from the email.

Thank you for the question. A few points in no special order as a reply.

Who actually ran these tests?
And who financed them?
Consumer Reports certainly does not have a proper test lab; that takes years to develop and a big lot of money to finance and run.

I have seen dozens and dozens of "tests" that were paid for by manufacturers of "security software".
And guess what, the result was always that their specific product ended up on top of the list.

Microsoft Security Essentials and Windows Defender on Windows 8 are not "security" programs, they are classic anti virus programs. Anti virus programs protect against getting virus infected files on your computer. And in my limited experience of 12 years and ca. 6000 distinct home customers these two programs do an excellent job at that.

To compare the two MS programs 1:1 against security suites is ridiculously wrong and done to dupe the un-informed into wrong conclusions.

Security suites try to supervise every click and input in web pages.

An endeavor that brings additional computing burdens but is doomed to fail because most errors are or are a result of an EBKAC (Error Between Keyboard And Chair).
Please see an irreverent remark below.

Most security suites are a very noticeable additional work load even for well equipped computers.

Just today I had been called to "slow" computer. After removing the PuPs the machine was still sluggish. After removing an older version of Norton Internet Security (about 4 years old)  the computer suddenly worked just fine. It was a BIG perceivable difference; I have seen that many, many times. This effect is not specific to Norton, it applies to many brands of security suites; in my experience especially (but not limited) to AVG, Avast, Norton, McAfee and Trend Micro.

Many of these "tests" do not talk about the curse of free security suites, that is false positives. Erroneously marking a benign program as malicious leaves the non-geek home user clueless and helpless.

Avast especially has last year broken quite a few computers with insufficiently tested updates.

AFAIK only one of the programs in the CR test can even detect Poweliks, the worst and best hidden virus currently around.

AFAIK the only AV program that currently detects Poweliks is MS's Security Essentials/Defender! Although I use third party tools to remove it completely and terminally.

Re. EBKAC errors:IMHO no software in the world can protect irresponsible people from themselves.

We need to pay attention to the details and we need to heed #6 of my 10 commandments for safe computing.

Frank, please do not take the last paragraph personally; it only reflects general observations that I make all too often.

Please let me know in the comments what you think; thank you in advance

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

Hacked Passwords

Currently it happens way too often that passwords of email accounts get hacked. The compromised accounts get used to send out spam emails that will one way or another make money for the crooks behind this scam.  Mainly affected are accounts that end with

• @yahoo.com
• @hotmail.com
• @aol.com
• @att.net
• @sbcglobal.net

AT&T and SbcGlobal accounts are affected because AT&T subcontracted Yahoo to technically handle their email accounts. This is true for our local area. In other parts of the country other email accounts may be affected as well.

Affected accounts are used to send out spam email that look mostly like that:

this is rather awesome http://www.eudonews.net/biz/?read=6036326

The leading text and readable part of the link can be different but so far the general format has been similar. I expect that sooner or later (I am afraid sooner) the crooks will replace the leading text with more intriguing and/or salacious creations.

Again and again I have to say: Even when such an email seems to come from someone you know DO NOT CLICK on the link! The sender address in an email is NOT trustworthy, it can easily be faked to show whatever the crook wants you to see!

The links always lead to known malicious and untrustworthy websites. One way or another the crooks make money, lots of money. Some gang that recently got busted had collected about 14Million dollars.

The accounts could get hacked because the passwords were too short, simple, easy or any combination thereof.

In April 2011 I wrote an article about "Passwords too simple - What to do about it". It still is valid!

Just as an example: A collector of classic cars uses the password "fordbuff". Eight character length is by some technicians considered to be a fairly good password. BUT see this from passwordmeter.com:

Had he chosen "I am a Ford buff" it looks like this:

And now look at the result for "Driving 2 Fords":

Impressive differences, aren't they? And where come these differences from? Example two contains capital letters and special characters (spaces), example three contains an additional number.

If you have not yet done so please read my April 2011 article about "Passwords too simple - What to do about it". It still is valid! 

And another possible reason for your account passwords being hacked may be that you have a password sniffing virus on your machine. Do you already run Microsoft Security Essentials or are you still on Avast, AVG or Avira, "the other" free anti-virus programs? 

Conclusion: A simple little sentence with a number somewhere in it is way better than any single word!

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

Out Of My Support

As of this writing it has been almost eight months that I don't use or recommend

• Avast 
• AVG (since a looong time already!)
• Ad-Aware
• Spybot Search & Destroy and
• Spywareblaster

any more.

This is not because they are any "bad" but because there is something better or at least as good out there, Microsoft Security Essentials (MSE). IMHO it is for my customers the better solution and it is MUCH easier to use.

I have talked about this fact since at least October 2009 every time I was on WTKM radio (first Monday of every month at 10:00AM on 104.9 FM).

Since January 15th 2010 I have a long and detailed article about the change on my blog. This article describes detailed step by step instructions for switching to MSE.

In the blog's table of contents you can easily find all my other articles about MSE.

The short of all this is that I can not answer questions about the five programs mentioned above any longer. I simply don't use these programs any more and thus don't know the answers to questions concerning the most current versions.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.
 

Renewing the avast! license key

Every time they turn on the computer many of my customers are getting now a small alarmingly red window from avast! anti virus in the right bottom corner of the screen. It looks like this:


avast! Home Edition Free has a license key that is valid for one year; 'your' year will be over soon. The problem that some people have is with the screen they get after clicking on "Click here to remedy that situation.

I call the resulting screen The Big Scare; it is nothing but unabashed marketing, sort of understandable that Alwil (the manufacturer of avast!) wants to make another buck. This is the scare screen:


Some people got so scared that they overlooked the tiny link in the bottom right corner that reads "No thanks, just register the free product".

When you click on this link your web browser comes up with the registration page for avast! which has recently changed. You will find the text "My registration key has expired, I need a new one".


Click on "My registration key has expired, I need a new one." You will get to the Registration form. Please fill in all fields correctly and click "Register for free license".

You will receive an email with a new license key; sometimes it takes quite some time until this mail arrives.

Open the registration email, highlight the new license key (ONLY the key please!) and copy it to the clipboard (Ctrl+C).

Double click the avast! AntiVirus icon on your desktop. You will see the avast! splash screen:


Click on "Registration" and you should see:


Place your cursor in the field labeled "Enter your license key" and paste (Ctrl+V) the license key into the field. It should look something like this:


Click OK and avast! will tell you that all is well again (for another 12 months).


As usual I welcome comments and suggestions right here in the blog.

Thank you in advance.

Licensing avast! 4Home

If avast! Home edition lost it's license key here is a description on how to repair that.

Click on the avast! icon on your desktop.
Click on Registration (second line from the bottom) and you should see this:



Click on Program Registration.
Your browser will come up with the avast registration web page.

Register either as a new user (if you never had a license key; check your My Documents folder!) or as a registered user who lost the license key.

When you get the email with the license key copy/paste the key into the highlighted field under "Enter your License Key" and click on OK.

As usual I welcome comments and suggestions right here in the blog.

Thank you in advance.

Can I manually update avast! anti virus?

Thanks for asking that question anyway. Actually it is fairly easy.

avast! is just as secure and regular a self-updater as AVG was. But if you want to do it manually here is the How-To:

1. Right click on the little "a" in the round, blue tray icon (right bottom corner of the screen).
2. In the context menu click "Updating". This opens a sub menu; it looks like this:

3. To update the virus definition database click on "iAVS Update".
4. To check for program updates click on "Program Update".

Seems easy enough, doesn't it?

Feel free to post any comment you might feel inclined to give.

Thank you in advance.

Switching to avast! anti virus

Instructions on how to switch from any anti virus to Avast!:

1. Go to this web page and click on the text "Download Latest Version" to download Avast!. Write down the location where this download will get stored! In Firefox you see this in the bottom frame of the small download window. If there is no location listed the download will likely end up on your desktop. It looks like this (I am not much of a painter…):

2. Go to Start, Control Panel, Add/Remove Programs. Find your current anti virus program in the list and click on Remove. If asked confirm removal of files in the virus vault (or quarantine), log files and so on.

3. Restart your computer! Ignore the security center warning that you have no virus protection; that is permissible since now you don’t do any other things.

4. Find program setupeng.exe, the one downloaded in #1. If you forgot the location of the download (or did not write it down) go back to step #1.

5. Double click setupeng.exe; this starts the installation of avast! Accept all defaults and allow the system restart at the end of the installation.

6. You should see this window; please read what it tells you (not here, when it is on the screen!).

7. Click on the marked link “avast! Home Registration page”. Do not yet click on OK.

8. Your web browser will show a page where you will find “I'm a new user and I need a registration key for avast! Home Edition”; click on this text.

9. Read the information on this page! Fill in the easy registration form and please use your correct email address! Click on the button Register.

10. Now you can click OK in the window from #6. Avast! will start.

11. Check your email for your avast! registration key. Highlight the registration key completely and copy it (Ctrl-C).

12. Double click the new avast! Antivirus icon on your desktop; you should see this: 13. Enter your avast! license code (Paste, Ctrl-V) into the highlighted field and click OK.

14. You can close the avast! user interface.

You can read FAQs about avast! on this web page. Alwil has also a web forum for user support where you can learn a lot; it is well worth to register there.

As of May 2008 I am as new to this program as you are. If you ask me about it please ask with comprehensive and precise information in your email, preferably including screenshots.

If you don’t know how to make screenshots try MWSnap from here.

Feel free to post any comment you may have.

Thank you in advance.