Kaspersky is well known for their antivirus and internet security software which effectively protects the computer from cyber threats such as malware in real time. It is not unusual for Kaspersky to be rated as one of the best if not the best by independent antivirus testing groups such as AV-TEST, Dennis Technology Labs and Virus Bulletin’s VB100. As good as it is, unfortunately Kaspersky does not offer a free version of their antivirus software unlike AVG, Avast and Avira for personal and non-commercial use.

They do however offer a free on-demand scanner called Kaspersky Virus Removal Tool, also known as AVPTool that can scan system memory, hidden startup objects, disk boot sectors, email, and hard drives for malware. Since it is an on-demand scanner, it does not automatically protect your computer in real time but you can use it to run a full scan whenever you want without fearing that it will conflict with a different antivirus software that is installed in Windows.

The only annoyance that we find in Kaspersky Virus Removal Tool is it does not come with an auto updater to download the latest virus definitions which means you are advised to download the new installer at 137MB in size whenever you want to run a scan with the latest signature database. An updated installer with the latest virus definitions is created every 2 hours.

In this article we’ll show you how to manually perform an incremental update for the Kaspersky Virus Removal Tool virus definitions to prevent redownloading the huge installer, saving both time and bandwidth.
(more…)

Security experts consider keylogging as the most dangerous threat because it allows cyber criminals to capture everything you type on your keyboard. This includes passwords so that they can gain access to your online accounts such as your email, banking, forums, websites and etc to steal valuable information. If keystroke logging is not damaging enough, your webcam, screen, clipboard and microphone can also be secretly captured and logged without your knowledge.

There are a couple of different methods to protect yourself against keyloggers. First you can use an on-screen virtual keyboard where your mouse will be used to select the keys when entering your password instead of typing it from the physical keyboard that is logged. A good antivirus can also recognize some of the known and unknown keyloggers through virus definition or heuristic analysis. Finally, a dedicated anti keylogging tool that constantly monitors the behavior of running applications and notifies you if it detects any potential keylogging activity.

In this article we’ll be putting 3 anti keylogging programs named Zemana AntiLogger, SpyShelter Premium and DataGuard AntiKeylogger to the test with real keylogging tools that are popular and widely being used to determine the effectiveness of each program.
(more…)

There are many different types of computer malware and the ones that use rootkit technologies are the worst because they are hardest to detect and remove. Rootkit technology is able to hide its presence from the most basic tools built into Windows such as Task Manager, to your most trusted firewall or antivirus software and you won’t even know that it’s there. This is achieved through installing and loading kernel-mode drivers which can allow the malware to run with higher privileges.

Although 64-bit Windows operating systems are generally safe from rootkit infection because by default the operating system only accepts signed driver files, there were previous cases where legitimate digital certificates were stolen by hackers and used to sign rootkit drivers to bypass security software and Windows defenses. Antivirus software was not much of a help either because the Stuxnet worm successfully stayed infected on the computers for years before it was discovered by VirusBlokAda, the developer of VBA32 antivirus software.

Since antivirus software are far from being perfect in catching rootkits, we’ve put 15 dedicated anti-rootkit tools to the test and see if they are able to detect the 3 different keyloggers (All In One Keylogger, Invisible KeyLogger Stealth, Elite Keylogger) that uses rootkit technology which we have installed on our test system.
(more…)

Antivirus companies require a lot of manpower, time and resources for their software to keep up with the latest malware created by the bad guys who are always trying to be a step ahead. This is why a large proportion of antivirus software packages are subscription based that require an annual renewal payment in order to continue downloading the latest definition and engine updates. Fortunately there are quite a number of reputable and popular antivirus companies such as AVG, Avast, Avira, Ad-Aware, ZoneAlarm etc, that offers a freeware version of their antivirus software for computer users to install and protect their computer from malware.

Although the free antivirus products are absolutely free to use, most of the time there is a catch where you will most likely find some features that provide additional protection being disabled. Other than that, the word “free” does not necessarily mean without limitations or restrictions. If you read the long and boring End User License Agreement (EULA) that is displayed during installation which most of us ignore and blindly click on the Agree button to continue the installation, it contains very important information to where you can install and use their free antivirus software. Most of the time a free antivirus is intended only for non-commercial, personal home use while academic institutions, business, commercial, corporate or government use is prohibited. You or your company can be heavily fined if it’s discovered you’re breaking the license agreement.

For your convenience, we’ve reviewed all of the free antivirus license agreements and compiled a list of those that can be used without restrictions. The URL to the official agreement and screenshot is also included as a proof to this research.
(more…)

A rescue CD is an additional tool provided by most antivirus companies to assist in removing difficult-to-remove malware without booting in to Windows. This is especially useful when the computer is so badly infected that Windows couldn’t be booted up, or is crawling really slowly and you can hardly run any diagnostic tools inside Windows to investigate and clean the virus.

A huge advantage in using a rescue CD compared to the antivirus installed on your computer is the chances of a successful removal is much higher because the malware is inactive since Windows is not even loaded in the first place. Unlike when a virus is active on the system, it can be very resilient and block any security tools from being run, making it really difficult even for experienced users to delete it from the system.

Rescue CD’s mostly come as an ISO image file that can be written to a compact disc (CD) or installed to USB flash drive which is then used to boot up the computer to run the live operating system in memory. Most of the rescue CD’s provided by the antivirus companies are free while there are a few that are exclusively available only to their paid customers. Here is an extensive list of 26 available rescue CD’s that can be downloaded and used for free.
(more…)

New malware is being created and released into the wild everyday, and it’s a fact that your antivirus software does not protect you 100% from everything. Sometimes it may take a few days for the antivirus analysts to get hold of the sample which will then be added to the latest virus definition. Within this time frame of unknowingly being infected by a new computer virus, probably all your sensitive information such as passwords, are already being stolen through a keylogger and the damage has been done.

A keylogger is a common feature found in most Remote Access Trojans (RAT). When either the offline or online keylogger mode is activated, anything that you type on the keyboard will be recorded and logged to a file or transferred instantly to the controller. The purpose of a keylogger is to steal the login credentials or probably to know who the user is talking to on the Internet. Whatever the reasons are, keylogging is an invasion of privacy and is against the law in some countries.

When an antivirus fails to detect the threat, a very effective extra layer of defense to keep your sensitive information safe is through keystroke encryption. Basically a keystroke encryption software works in a very deep level of the Windows operating system kernel to prevent the keyloggers from logging the real keystrokes, either completely blocking them or sending garbage text. Currently there are 4 pieces of keystroke encryption software available today. We’ve tested them against 13 different keyloggers and compared the features offered by these applications.
(more…)

There are a lot of reasons why WordPress is one of the most used content management system (CMS) today. It is easy to install and maintain, very user friendly and contains a lot of free themes and plugins which can be installed with a few clicks of a mouse button. However, it is also prone to being hacked if your website is running an outdated version of WordPress or plugin. About a year ago, a vulnerability has been found in the popular TimThumb PHP script that is widely being used to automatically resize images. The hackers gained access to many websites running WordPress with TimThumb and infecting all PHP files with eval(base64_decode code to redirect every visitors that comes from search engine to websites of their choice.

You can easily clean up the malicious gzinflate/eval(base64_decode codes from all PHP files by using this cleaner script to gain back the traffic from search engine but unfortunately using the script alone is not enough. You may notice that your website gets hacked again and again even if you’ve updated to the latest version of TimThumb because the hacker has already planted a few backdoors. The only way to prevent your website from being constantly hacked is to locate the backdoor and remove it from your server.
(more…)

Whether you’ve had a computer for years or only a matter of days, it’s probably a good bet you have heard terms like malware, virus, trojan, keylogger, worm, rogueware, fake antivirus, rootkit, ransomware, adware, spyware or dialer. Most users will wonder what the differences between all these different words are as the word virus is often used as a generic term to cover all types of malicious activity on a computer.

Basically malware is short for Malicious Software and all of the terms above fall into this category because they are all malicious. The different terms being used instead of just plain virus are to categorize what the malicious software is capable of doing. For example, a keylogger is designed to record whatever keys you press on your keyboard and then send that information to a remote location. A trojan on the other hand, allows a hacker to steal information or gain full access to your computer.

Using the the word “virus” to include all types of malicious software is not very accurate, and “malware” is a more suitable term, a virus is after all just one type of malicious software. Thankfully most paid or free antivirus software looks for many different types of malware, not just viruses.
(more…)

Ransomware is a type of malicious software that has been gaining popularity lately and it is actually similar to kidnapping if put into real life cases. When a ransom is paid, the victim may (or may not) be released. Hackers have extended this idea to computers, basically creating malware that takes control of your computer by restricting you from using it, or it can also restrict you from accessing your important files such as documents and photos.

Locking up computers and asking for ransom is ineffective because it is easy to fix. Anyone who knows how to use a rescue disk to boot up the computer can easily remove the malicious file from Windows startup. It didn’t take long for the hackers to realize this and they’re now using a more effective approach which is taking your important file such as photos and documents hostage by encrypting them with really strong encryption that is virtually unbreakable.

Breaking an encryption algorithm is not something that a computer technician or engineer is capable of, so the probability of getting back your files by sending it to a computer shop is close to zero. If you do not have a backup of the files encrypted by the ransomware and the shadow volume copies have been deleted, here we have a few resources to search for the possibility of decrypting the encrypted locked files without paying the ransom.
(more…)

There’s no doubt that Free Antivirus software is incredibly popular these days, with many of the top rated ones being downloaded millions of times every year. The problem for the the antivirus companies that offer free products is the software package gets larger all the time to include new features that help to keep computers secure from the latest threats. In addition to the setup installer, the virus definitions you need to download are growing all the time as well to include all the known threats.

With the increasing bandwidth larger setup files and definitions are consuming, it’s perhaps understandable that some companies have resorted to offering a small “Web Installer” when you download the software. This either downloads the full setup file when you run it, or fully installs the software by downloading the required components in the background. The bandwidth an antivirus company needs to supply is reduced because every user downloads a small file and not the full 50-300MB unless they’re actually installing it.

If you’re a tech minded person or the computer you want to install the antivirus on currently has a limited or no internet connection, then the small file is of little use. Most free antivirus software that downloads as a web installer still has the full setup file on the website, but it’s usually away from the main download page in support pages or forums. Here we have some solutions for getting the full setup installer packages for the software in our Comprehensive List of Free AntiVirus that currently offers a web installer as the main download.
(more…)

Protecting your main email account is very important. Some of the effective methods to protect your email password is by using keystroke encryption software, a virtual keyboard, autofill browser extensions etc, but we still have to be prepared for the worst which is what if a hacker manage to get hold of your password? The answer is to use a two-factor authentication, also known as 2-step verification.

Recently you’ll find a lot of popular major online services such as Google, Facebook, Dropbox, LastPass, and Microsoft that allow you to set up two-step verification for your account. You can either setup your phone to receive SMS or voice call or install an authenticator app on your smartphone that generates a security code. On the surface, the above method seems safe but is actually ineffective against modern threats such as phishing and mobile malware that can intercept SMS messages.

A device that is safer to be used as a 2nd factor authentication would be YubiKey. Basically YubiKey is a small yet water and crush-resistant device that doesn’t require drivers or batteries to work. All you need to do is insert the YubiKey into a USB port and touching the sensor will automatically perform the 2nd step authentication.
(more…)

Any person who has started using a computer since Windows 95 would have at least heard of an antivirus software called PC-cillin. It was one of the very few pieces of antivirus software available for the Windows computer because back then there weren’t many computer viruses and the available ones weren’t that advanced if compared to the current malware that uses rootkit technology to stay undetected.

PC-cillin is now known as Trend Micro and just like any other antivirus company, they too offer several different paid subscription products such as basic antivirus, Internet security with firewall, and maximum/premium security with additional privacy protection, mobile device protection, and even system optimization modules.

The current 2016 version of Trend Micro Antivirus is at version 10 and it is known as Trend Micro Antivirus+ 10. If you haven’t noticed, their product title no longer carries the word “Titanium”. As far as we know, Trend Micro started adding the word “Titanium” to their product names when their cloud-based global threat intelligence was integrated into the software and advertised as a fully cloud based antivirus without relying on offline virus patterns.
(more…)

The traditional method for an antivirus to detect if a program is malicious is by cross checking with their virus definition database file to see if there is a match. The numbers of malware keeps on growing at a very fast rate and that would increase the size of the virus definition database. Try to imagine scanning a single file would have to be checked against a database containing millions of records.

This creates a challenge for an antivirus company today in keeping their software fast and as light as possible without slowing down the computer. One of the most efficient method that is being implemented on antivirus software to bring down the load is cloud technology. You can find most of the major antivirus brand such as Kaspersky still uses the traditional definition together with modern cloud detection, but very few that solely uses only the cloud protection method.

The cloud-based antivirus would be very light on the computer because all the heavy scanning work is done on the server side. Sending every file to the cloud for scanning doesn’t make sense as it would be very slow, hence the cloud based antivirus would still need to employ some other kind of technology such as behavioral scanning to tell if the file is suspicious, then only sends the digital fingerprint of the file to the cloud for identification.

In this article we’ll list the cloud based antivirus software that delivers protection from the cloud without relying on the local signature-based scanning.
(more…)

An antivirus software must be efficient in detecting and blocking a malicious software to ensure that the computer stays safe while connected to the Internet or network. Other than that, the antivirus must also be very good at protecting itself to prevent its processes from being forcefully terminated or modified by an external application so that it can continue to run on the system and monitor for suspicious activity.

A simple example is attempting to end the avp.exe process that belongs to Kaspersky using the Task Manager and it shows an “Unable to terminate process” error window with the message “Access is denied”.

The example above is only a very basic self defense mechanism and it actually protects much more than that. A unique feature found in Kaspersky but is not available in other antivirus such as Avast, Avira, AVG, ESET, Bitdefender and Norton is the ability to prevent most third party remote access software from interacting with the program’s interface. If you’re connected to a remote computer using a remote access software, you won’t be able to configure and control Kaspersky as the graphical user interface does not respond to mouse clicks.

While this is a safety feature to protect Kaspersky, it can also be a possible annoyance when an administrator legitimately wants to remotely configure the antivirus or internet software.
(more…)

Avira is a well known company from Germany that creates very good antivirus software. It used to be the most downloaded software on CNET Download.com but unfortunately it is no longer listed in the top 20 downloads today. The popularity of the Avira free antivirus started going downhill ever since they partnered with Ask.com whose toolbar is often being criticized as spyware/adware. Other than that, Avira also encouraged the installation of Ask Toolbar bundled in the setup by enabling the Web Protection module only if it detects that the toolbar is installed.

Previously Avira had two versions of the antivirus which were the Personal (free) and Premium (paid) but now they’ve replaced the Premium with Pro. One of the restrictions that the personal version had was it cannot download the latest program updates and virus definitions from Avira’s fast premium servers which are only available to their paid premium subscribers. The free users probably had to endure the slow and sometimes non responding update servers which are very critical in keeping your system protected against the latest 0-day viruses.

In the current Avira, the Free version connects to personal.avira-update.com for updates while the Pro version connects to a different hostname which is premium.avira-update.com. Although they are different subdomains, both actually connect to the same CDN server that belongs to Akamai. This is why you will no longer find any information on Avira’s website stating that the paid version gets to download updates from a fast server.
(more…)