The ultimate security-tools list: Fall edition

Topic

New Reply

---

On Security

The ultimate security-tools list: Fall edition

By Tracey Capen Keeping hackers at bay is arguably the most important task on any PC. For most Windows Secrets readers, that’s obvious, but it’s amazing how many personal-computer users I know who rarely think about their system security. You probably know a few, too. If there’s a silver lining to the recent spate of ransomware attacks and corporate-data thefts, it might be that Windows users (and possibly a few Mac users) are thinking more about digital security. Although Windows Secrets can’t compel all PC users to lock down their systems, our ultimate security-tools list makes a good reference for best-of-breed security applications.

---

The full text of this column is posted at windowssecrets.com/top-story/the-ultimate-security-tools-list-fall-edition/ (opens in a new window/tab).

Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.

Reply | Quote

Replies

Secunia Personal Software Inspector (site) was for years a go-to application for keeping your software up to date. But Secunia was acquired by Flexeria last fall, and, ironically, the last PSI update appears to be Dec. 3, 2015. As a security product for individual Windows users, PSI seems to be dead.

Secunia PSI is a scanner that uses a remote database located on it’s own server (‘Cloud-based’ at Secunia/Flexeria), not one that’s installed locally as part of the installed software.

This means that the front end, the software installed, doesn’t need to be updated anywhere near as frequently as the database does. W10 1511 was released shortly before the last Secunia update, which might ‘only’ have been a patch required to improve compatibility with 1511.

It isn’t perfect, for instance, it doesn’t appear to differentiate between the current Firefox ESR (45.4.0.6092) and the Release version of Firefox (49.0.0.6103), but as ESR is much more commonly used in, and intended for, the Corporate sector (and that’s Secunia CSI’s area), it might be intentional.

PSI can also be quite useful for detecting old and vulnerable software that you’d forgotten, or didn’t know had been installed.

Don’t write it off just yet, it still has it’s uses.

Reply | Quote

Secunia PSI … Don’t write it off just yet, it still has it’s uses.

+1
And come to think of it, I have stuck with version 2.0.0.4003 since about 2012(?) because I just hated the interface of version 3; it needed so many more clicks to get “down to the nitty gritty” that I passed the version updates since then.

And version 2 still works strongly down to very recent alerts about missing Windows Updates. One week I had “forgotten” my weekly manual check of WU…

And since about 10:00AM this morning it reminds me of an out-of-date Firefox 48.0.2! Version 49.0 was released sometimes this last night only. What other “outdated” software works that well?

Reply | Quote

Tracey:
Great article about ransomware and the potential problems in protecting yourself.
I have a couple of question:
1. What about a software product that is “suppose” to stop ransomware called…Cryptoprevent (https://www.foolishit.com/cryptoprevent-malware-prevention/) and wonder if this is a valuable addition to one’s security or if this is more hype than actual benefit.
2. I use Eset. In speaking with them, they say that they can stop ransomware. Any ideas if this is true?
3. I only make image backups of my computer. The backup drives are connected to the PC. Will ransomware be able to discover and encrypt the image backup file as well? Or am I protected from this file image being encrypted by ransomware.
Again, thanks for the valuable article.
SG

Reply | Quote

If the back-up drive is connected to the PC at the time of infection it will be encrypted.

Reply | Quote

If the back-up drive is connected to the PC at the time of infection it will be encrypted.

Yes, it could be.

The idea of imaging to an external device such as a hard drive is so it cannot be infected, so should be disconnected using the safe to disconnect option available by clicking on the system tray icon arrow – and the beauty of restoring from an external drive is that you boot up with a repair disk which is outside of Windows, to select that option of Restore with an image I created earlier.

Now to get back to the article –

FYI – the free version of CCleaner also monitors, which I disable.

I wouldn’t recommend CryptoPrevent because it seems to take over your machine.

I used it once and it stopped me from using a Control Panel command.

You can get the free version of inSSIDer which is known as inSSIDer 3 from http://www.techspot.com/downloads/5936-inssider.html

Reply | Quote

PSI can also be quite useful for detecting old and vulnerable software that you’d forgotten, or didn’t know had been installed.

Don’t write it off just yet, it still has it’s uses.

+1
And come to think of it, I have stuck with version 2.0.0.4003 since about 2012(?) because I just hated the interface of version 3; it needed so many more clicks to get “down to the nitty gritty” that I passed the version updates since then.
And version 2 still works strongly down to very recent alerts about missing Windows Updates. One week I had “forgotten” my weekly manual check of WU…

+1

I also use the 2.0.0.4003 version of PSI for the same reason as eikelein. Although it has not been updated since 18 Oct 2011 it still works because Secunia keeps the database up to date. Please do not write off a useful application like PSI just because the the program is great as is and doesn’t NEED an update to the UI.

Reply | Quote

Secunia PSI is a scanner that uses a remote database located on it’s own server (‘Cloud-based’ at Secunia/Flexeria), not one that’s installed locally as part of the installed software.

This means that the front end, the software installed, doesn’t need to be updated anywhere near as frequently as the database does. W10 1511 was released shortly before the last Secunia update, which might ‘only’ have been a patch required to improve compatibility with 1511.

It isn’t perfect, for instance, it doesn’t appear to differentiate between the current Firefox ESR (45.4.0.6092) and the Release version of Firefox (49.0.0.6103), but as ESR is much more commonly used in, and intended for, the Corporate sector (and that’s Secunia CSI’s area), it might be intentional.

PSI can also be quite useful for detecting old and vulnerable software that you’d forgotten, or didn’t know had been installed.

Don’t write it off just yet, it still has it’s uses.

I agree it is a good tool the latest update is 3.0.0.11002 on 2/2/2016 The new web sucks up there is an update.

Reply | Quote

The version number stated above for the most recent Secunia PSI appears to contain a typo; it is 3.0.0.1105, digitally signed on 2016.02.02 at 05:53:56 (https://secunia.com/support/download/).

Reply | Quote

Mr Capen,

Your list is missing some of the most important. Like WinPatrol, WinPrivacy, WinAntiRansom by Bret Lowry after taking over WinPatrol from Bill Pytlovany. They are very strong and efficient programs. Plus do not see Microsoft Security Essentials within the list and heard Windows Defender OFF-Line has been removed from µSoft’s website, I do not use it anyway.

"Infinite CREATOR" cast "Loving Light" upon thee
TIA, CU L8R, 'd' "LoneWanderer"
"Only you can control your future." Dr. Seuss
NOT a leader,
NOT a BLIND follower,
Join US and LIVE this LIFE as ONE!
Original author Unknown

Reply | Quote

Another great tool that was missed is CryptoPrevent by FoolishIT.

This one:
-blocks many common infection vectors (running executables from temporary or data directories, misnamed/renamed files like: file.pdf.exe, etc.)
-uses windows built-in group-policy settings, and so i) is low overhead; it set rules and is done no background application is left running, and ii) runs well with any other anti-malware application (it is currently on every PC in my house running fine with Emsisoft, MalwareBytes (MBAM), Kaspersky, ZoneAlarm)
-it protects all user accounts on the system
-works even on “home” versions of windows where microsoft offers no way to set group-policies
-rules can be adjusted and it supports white-listing to support applications that run in non-standard ways like running from data directories. I only saw one application that did this (BitTorrent) so I removed it.
-extremely good pricing (free version needs manual updates, but for $15 you get lifetime access and auto-updates)

The tool is here:
https://www.foolishit.com/cryptoprevent-malware-prevention/

Technical info here:
https://www.foolishit.com/cryptoprevent-malware-prevention/technical-information/

Note: I am just a very happy customer (and fan of clever solutions), I have no financial interest in the company.

-brino

Reply | Quote

Since InSSIDer free is just a back-level product, I went on to Acrylic WiFi, which does much the same job but is maintained.

Similarly AdBlock is becoming rather dubious with regard to allowing paid-for advertising, I prefer uBlock Origin.

BATcher

Plethora means a lot to me.

Reply | Quote

Hello,
Your newsletter mentions inSSIDer as a “free” with a link. On clicking on the link, the page that opens is to a paid versions of their software. I trawled internet and came across this article https://support.metageek.com/hc/en-us/articles/203084484-inSSIDer-3-inSSIDer-Home-End-of-Life. The article says inSSIDer 3 (inSSIDer Home) End-of-Life and one needs to buy a licence for “home” users – cost $19.99.

Would be good if you update your article. Thanks

Reply | Quote

IMHO and experience it surely is.

What NONE of the “professional” AV test organizations measure in their results is how user friendly are the programs that they test. And how could you “measure” such a soft target?

A geek will be able to interpret whatever message an AV product coughs up but a normal, in their own words “computer illiterate” home user, will feel and be “out in the cold and dark”.

Microsoft Security Essentials (on Vista and Win7 only) and Windows Defender (on Win8/10) are for above mentioned group of users unbeatable because they only speak clear, simple English.

For 99% of my customers these two AV programs are a God sent. They impose no perceivable overhead and work nicely besides Malwarebytes for the occasional on-demand PuP scan.

Btw: On all my customer’s computers with Win Home and Pro editions I apply a simple registry hack that turns MSE’s/Defender’s PuP scanning ON; it is by default ON only when MSE/Defender run under an enterprise version of Windows. See here.

Earlier I said “… no perceivable overhead …”. I compare this to systems that barely crawled along and immediately went back to “normal” working order once AVG (or Avast) were removed and replaced with MSE OR Defender.

Please no defenses of the two “free” AV programs I just mentioned, I know ALL of your arguments and feel sorry for you; but you are entitled to believe what you want to believe.

Reply | Quote

Can you (or anyone else) please explain to me why 7-zip is still in that list?

I don not even know how many years ago Windows learned to natively open ZIP files within the standard Windows File Explorer.

And the last RAR file I encountered? That is even more years in the past.

Maybe I am paranoid but any software from China and or Russia (or with authors from said countries) gives me pause…

Reply | Quote

Can you (or anyone else) please explain to me why 7-zip is still in that list?

I don not even know how many years ago Windows learned to natively open ZIP files within the standard Windows File Explorer.

Perhaps because some people want/need to create ZIP files – possibly encrypted – instead of just opening them?

Reply | Quote

Can you (or anyone else) please explain to me why 7-zip is still in that list?

I don not even know how many years ago Windows learned to natively open ZIP files within the standard Windows File Explorer.

Perhaps because some people want/need to create ZIP files – possibly encrypted – instead of just opening them?

Maybe I am paranoid but any software from China and or Russia (or with authors from said countries) gives me pause…

So everyone at Microsoft is native-born American?

Reply | Quote

Perhaps because some people want/need to create ZIP files … instead of just opening them?

Creating a zip file is covered in Windows File Explorer natively as well.
And Windows Secrets and Gizmo’s Freeware are full of recommendations for useful encryption tools.

So everyone at Microsoft is native-born American?

Place of birth IMHO is irrelevant, what social and legal system the person currently lives with or under seems to be much more in question here.

Reply | Quote

Creating a zip file is covered in Windows File Explorer natively as well. And Windows Secrets and Gizmo’s Freeware are full of recommendations for useful encryption tools.

But Microsoft specifically recommends against ZIPing encrypted files.

How about different levels of compression and/or support for other filesystems? How about unpacking file formats other than ZIP? I respect your opinion but Microsoft’s ‘native’ support is incredibly basic.

Place of birth IMHO is irrelevant, what social and legal system the person currently lives with or under seems to be much more in question here.

Does this mean that software originating in, for example, Microsoft’s R&D lab in Beijing is automatically suspect?

Reply | Quote

But Microsoft specifically recommends against ZIPing encrypted files.

Interesting read, Rick. Originally you talked about encrypting ZIP files and not about zipping encrypted files. But see below.

And I believe that there is a glaring error when the author writes “If you add encrypted files to a zipped folder, they’ll be unencrypted when they’re unzipped, …”. If that were really true I have THE reason to never use Microsoft encryption!

How about different levels of compression and/or support for other filesystems? How about unpacking file formats other than ZIP?

“Other file systems” under Windows? Are you serious?
Other ZIP formats? ZIP is a file format of compressed files. I don’t know anymore how long ago I saw the last differently compressed file on Windows.

At least some differing file systems like Fat, Fat32, FAT32 ext and NTFS are seamlessly supported.

And admittedly, it seems to be fairly basic support of the ZIP file format. But did you ever read about the many different formats of compression that the ZIP format covered? See here.

Does this mean that software originating in, for example, Microsoft’s R&D lab in Beijing is automatically suspect?

Again thanks Rick. An interesting read and since you ask, yes, that gives me pause to think. Think beyond the (for me obvious) marketing hype like “The smartest AI in the universe…”, quoted from above mentioned web page.

Luckily it seems that none of the Microsoft programs I use daily seems to originate there. And definitely there are many, many incredibly intelligent and well educated people in China.

Since MS wants to sell in China they need a presence there…

To all the others besides Rick and myself I apologize for this off topic discussion; this will be my last hick-up of this sort in this context.

Reply | Quote

For a Windows 7 user, what is the difference between Defender and MSE? I don’t believe they can both be run together, is that right? I use MSE, coupled with manual scans of MBAM Free Edition – although I’m still using version 1.75 as every time I think of upgrading to version 2 there seems to be a report of problems with it and it just sounds like it’s still in beta in all but name. What are people’s experiences in that respect?

Reply | Quote

For a Windows 7 user, what is the difference between Defender and MSE? I don’t believe they can both be run together, is that right? I use MSE, coupled with manual scans of MBAM Free Edition – although I’m still using version 1.75 as every time I think of upgrading to version 2 there seems to be a report of problems with it and it just sounds like it’s still in beta in all but name. What are people’s experiences in that respect?

You are correct, MSE replaces the Windows 7 version of Windows Defender.
In Windows 10 however you can think of Windows Defender as being an improved version of MSE.

Image or Clone often! Backup, backup, backup, backup......
- - - - -
Home Built: Windows 10 Home 64-bit, AMD Athlon II X3 435 CPU, 16GB RAM, ASUSTeK M4A89GTD-PRO/USB3 (AM3) motherboard, 512GB SanDisk SSD, 3 TB WD HDD, 1024MB ATI AMD RADEON HD 6450 video, ASUS VE278 (1920x1080) display, ATAPI iHAS224 Optical Drive, integrated Realtek HD Audio

Reply | Quote

For a Windows 7 user, what is the difference between Defender and MSE? I don’t believe they can both be run together, is that right? I use MSE, coupled with manual scans of MBAM Free Edition – although I’m still using version 1.75 as every time I think of upgrading to version 2 there seems to be a report of problems with it and it just sounds like it’s still in beta in all but name. What are people’s experiences in that respect?

Tandor,

Defender was/is under Windows 7 a next to useless PuP and malware scanner/remover and MSE is their AV program. On systems set up and running the MS way they always ran together with no perceivable negative consequences.

Pretty much the same program under Win 8 and 10 is called Windows Defender. If you compare the UIs you will see why I say that.

For – in their own words – “computer illiterate” users MSE (or Defender) and occasional manual scanning with MBAM IMHO are an optimal solution. See my post #9 above.

Reply | Quote

You did not include a relatively new tool in your article on Security Essentials. Glasswire has many features including limited network monitoring, firewall management, computer monitoring and others, but from my perspective it is primarily a security tool. With a simple graphical interface, anyone can quickly find out exactly what is happening on their local network.

Glasswire has been in beta for a couple of years and recently went live. A major new upgrade (2.x) is expected before year’s end.

Reply | Quote

Has anyone had experience with the “Disconnect” utility listed in the article? I’d like to have some security for my iPhone but the three reviews of Disconnect in the app store were horrible. What’s up with that?

Just asking.

Reply | Quote

---

On Security

The ultimate security-tools list: Fall edition

By Tracey Capen Keeping hackers at bay is arguably the most important task on any PC. For most Windows Secrets readers, that’s obvious, but it’s amazing how many personal-computer users I know who rarely think about their system security. You probably know a few, too. If there’s a silver lining to the recent spate of ransomware attacks and corporate-data thefts, it might be that Windows users (and possibly a few Mac users) are thinking more about digital security. Although Windows Secrets can’t compel all PC users to lock down their systems, our ultimate security-tools list makes a good reference for best-of-breed security applications.

---

The full text of this column is posted at windowssecrets.com/top-story/the-ultimate-security-tools-list-fall-edition/ (opens in a new window/tab).

Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.

Very helpful, thanks.

I have a question on VPN. I understand that hacking into my computer is impossible as long as it is off. Is it also impossible as long as I am on the internet via a VPN service? If so, this seems a good way of protecting your passwords as well.

John

Reply | Quote

Hello Tracey,

Thank you for another excellent article.

Another tool that many may find useful is the Belarc Advisor – http://www.belarc.com/ .

Though not a real-time monitor like the Secunia PSI, it has the ability to not only detect missing security updates to Windows (as well as provide specific Knowledge Base article links), but also check to see whether each installed security update is in fact properly installed and active (rather than merely present), and would need to be reinstalled.

Reply | Quote

Hello Tracey,

Thank you for another excellent article.

Another tool that many may find useful is the Belarc Advisor – http://www.belarc.com/ .

Though not a real-time monitor like the Secunia PSI, it has the ability to not only detect missing security updates to Windows (as well as provide specific Knowledge Base article links), but also check to see whether each installed security update is in fact properly installed and active (rather than merely present), and would need to be reinstalled.

This isn’t particularly accurate, especially for Win 7 users who have run Disk Cleanup as an admin to clean out obsolete/superseded updates.

It can snag those that have been cleaned out as missing.

Reply | Quote

I strenuously object to recommending Secunia PSI be uninstalled when there is really no comparable utility with the same huge data base to draw on!! satrow and JC Zorkoff are right to add to this discussion, and I totally agree with them.

Yes you can use File Hippo’s Application manager to do most well known applications, but they have no where near the scope of Secunia PSI!! I used to run a honey pot lab to monitor the behavior of some very bad actors malware, and when all corrections are done that are pointed out by Secunia PSI – you can just about guarantee no one can take over your PC as long as you are logged in as a standard user.

I’ve watched as malware tried to look for out of date and end of life execution files in Windows with the objective of using them to crack the security of the Windows operating system. I have seen many failures by such malware thanks to tips that I used from Secunia PSI!!

I also have noticed that the short list of applications monitored by Avast, makes that free AV worth having – somehow it was able to see that I needed a 64 bit patch for my Mozilla browser where File Hippo could not. Secunia PSI detected the error, and after using Avast to download and install the patch, and re-scanning with PSI it cleared the alert. The demise of this venerable utility is way greatly exaggerated in my not so humble opinion!!:rolleyes:

Reply | Quote