The Microsoft Safety Scanner is a free downloadable security tool that provides on-demand scanning and helps remove viruses, spyware, and other malicious software. It works with your existing antivirus software.

Note: The Microsoft Safety Scanner expires 10 days after being downloaded. To rerun a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again.

This appears to be a variation of the Malicious Software Removal Tool (MSRT) that Microsoft runs on your system each month if you have automatic updates turned on. From what I can determine, the Microsoft Safety Scanner (MSS) is simply an on-demand version of Microsoft Security Essentials (MSE) that also targets some of the specific MSRT targets. I guess that makes sense in some way? Why wouldn’t you just use MSE and turn on automatic updates? Seems like the same effect.

Some people have noted that McAfee has a comparable tool, also free, called Stinger. Trend Micro, Symantec, and Malware Bytes also offer on-demand scanners. Also noted is that MSS is a 67 MB download while Stinger is just under 8 MB. Why such a disparity? Does this indicate that MSS has a much larger malware signature file, or is it just typical Microsoft bloat?

I don’t plan on testing MSS, so if you have any comments on your experiences with it, please leave them here.

I take issue with that. Microsoft is only offering MSE download via update to Windows users who aren’t already running antivirus software. The commercial AV firms clearly are miffed because their products aren’t being offered for download. That’s just ridiculous.

I’ve long criticized Microsoft for poor security practices, but with MSE, they got it right. I’m certainly no apologist for Redmond, but all of this drivel about being anti-competitive has to come to a stop at some point. Why in the world should Microsoft be forced to market other firms’ products for free? And that’s exactly what the others are saying.

Juan Santana, CEO of Panda Security argues, “We agree with Microsoft; it’s better to have some protection than not having any at all. However, the way the guys in Redmond are executing the idea is risky from a security perspective and could very well make the malware situation much worse for internet users. That’s why we encourage Microsoft to continue using Windows/Microsoft Update but instead to push all free antivirus products available on the market, not just MSE.” (You can read his blog post.)

Horseapples! How in the world is putting protection in place where there is none going to make the malware situation worse for Internet users? The argument has no substance. It’s illogical in the extreme.

Shame on both Panda and Trend Micro (who have both lost credibility with me as a result of this). Wouldn’t time spent on promoting the advantages and/or superiority of their products be more productive than trying to force Redmond to do their marketing for them?

October 2010 marks the seventh annual National Cybersecurity Awareness Month sponsored by the Department of Homeland Security. Americans can follow a few simple steps to keep themselves safe online. By doing so, you will not only keep your personal assets and information secure but you will also help to improve the overall security of cyberspace.

In honor of this event, I post my all-time evergreen security tips:

1. Repeat after me: I will NEVER, EVER click on any pop-up of any kind – NEVER, EVER. Not even on the “X” (it’s usually safe, but why take the chance?). Use the key combination Alt-F4 instead; it safely closes the current window. In the slimy world of sleaze-ware, “No” means yes, “Cancel” means yes, “Close” means yes – ANY click on a button means yes. So many times users ask, “How did I get that? I clicked ‘no’ when it asked me!” Well, sorry, but you clicked, so they got you. NEVER, EVER CLICK!
2. Although Internet Explorer has enhanced security and has been detached somewhat from the Windows operating system, it is still too big a target. Crackers are still writing malware that exploits IE security flaws. I recommend you use Firefox or Opera to browse the Web. (Some web sites still require IE, so you’ll be forced to use it for those, but you should minimize its use otherwise.) Whatever browser you use, be sure you configure your preferences to block all unwanted pop-ups or install a pop-up killer like the Google Tool Bar. And while you’re at it, re-read #1!
3. Patch your system. If you’re still running XP, make sure you have at least service pack 2. If you’re a home user, install service pack 3. (I still see systems that are running XP with service pack 1 or 1a, probably because they turned off automatic updates. While some argue against it, I recommend you turn them on.) And be sure to install any recommended security updates and patches for ALL software on your system, – especially Microsoft Office – not just Windows. If you’re running Windows Vista, you benefit from its enhanced security, but you still need to keep ALL of your applications patched. Secunia’s Online Software Inspector is an excellent tool for scanning your system’s applications to discover those that need updates.
4. Besides installing a NAT router (see How to Secure Your Computer: Maxim #2), run a properly-configured, proven software firewall. Don’t rely only on Windows XP’s built-in firewall – it blocks inbound attacks only (see this article) and it has flaws of its own (see this article). It will not stop back-door trojans, adware, spyware, and the like from “phoning home” with your sensitive information. (See this article for more info.) My favorites are the Comodo Personal Firewall (free), and the Sunbelt Kerio Personal Firewall (full-featured for 30 days, then runs free in limited-feature mode, $19.95/yr for full version).
5. Run a good anti-virus program. Choices abound. I have used AntiVir Personal Edition (free) and Grisoft’s AVG (free). Other good ones are Avast! and Comodo AntiVirus. Microsoft Security Essentials is now my hands-down favorite, however.
6. Run multiple anti-spyware/anti-adware programs and keep them updated. I recommend you run Malware Bytes Anti-malware. One of the best commercial anti-spyware applications is Sunbelt Software’s CounterSpy. It is a PC World Best Buy award winner. Comodo BOClean:AntiMalware is also a good one and it’s free.
7. Run a spam blocker to isolate junk e-mail. Most malware and all phishing attempts rely on spam. You want to isolate this stuff and delete it. NEVER, I repeat, NEVER, EVER click on a link in any e-mail you are not absolutely certain is legitimate. And to be as safe as possible, always type in the address of your bank, credit card companies, and any other site that you want to keep secure. (See #1 above and apply that principle to links, too!) One of the best programs is Open Field Software’s ella for Spam Control. It uses wizards to “train” it to your personal specifications.
8. On Windows XP, set up a restricted user account and use that for routine tasks. Only log on with administrative privileges when you need to install or configure software. This will prevent rogue programs from affecting your system – they won’t be able to install. You can activate the “run as” feature so you can do administrative tasks while logged in as a restricted user. Microsoft Knowledge Base article Q294676 explains how to activate and use this feature. If you are running Vista, you don’t have to worry about this step: User Access Control (UAC) takes care of it.
9. Finally, disable scripting in your browser. If you use IE (you probably shouldn’t, see Step 2), Tony Bradley gives you an excellent step-by-step procedure to accomplish this. Firefox users have a more elegant solution in the form of an add-on: NoScript. I use it on every PC. Scripts are blocked globally by default, but you can selectively activate them if you trust the site. For example, you can trust the main site’s scripts but keep blocking any advertising or other third party scripts with no ill effects.

Panda Cloud Antivirus UI

On June 3, Panda Security announced that it has significantly upgraded and extended its Panda Cloud Antivirus product line to offer a free and “Pro” version to users.

A year ago, Panda made history by becoming the first major security vendor to unveil a free antivirus powered exclusively by the cloud. Microsoft was next with its Security Essentials product. Having tried AVG’s, Avast’s and Avira’s free antivirus products, I’ve settled on Panda’s Cloud Antivirus and Microsoft Security Essentials for my home systems. From their press release:

Today’s announcement is a natural evolution of the company’s “freemium” strategy and builds on Panda’s commitment to providing all users – of both the free and pro versions – with the best possible protection and minimal impact on PC performance. While other vendors charge more money for better protection (like the Mafia), Panda’s upsell comes in the form of greater ease of use and manageability through a number of automated security capabilities.

That’s a novel idea, isn’t it?

How about the rest of the industry follows suit?

Source: Microsoft

I have never been an apologist for Microsoft’s security policies and practices; indeed, I’ve often criticized the firm and accused them of a laissez-faire attitude towards their development teams. I have to admit that they’ve been making some headway in the direction of basic security over the years, but I’ve wondered if they would ever get it right. Recently, I’ve had a love-hate relationship with Microsoft Security Essentials (See “Microsoft Security Essentials is a Game Changer” and “Microsoft’s Security Essentials Causes Performance Problems“), their most recent attempt at complete security protection for Windows™. I’m going back to the love relationship. My reason? The combination of  Windows 7 security enhancements, IE8 and Microsoft Security Essentials is very secure; it looks like Microsoft has finally done it right.

I migrated my laptop to that combination in mid-March. I have enjoyed nearly two months of secure computing with no performance issues, no security issues, and the freedom from having to worry about which third-party security solution I should implement. I still use Thunderbird for email and Firefox as my main browser, but that’s no longer because I’m concerned about using IE–IE8′s default settings have proven to be more than sufficient.

I’m not the only one who’s noticed. Fred Langa of Windows Secrets Newsletter recently ran a 120-day test of his own under some pretty tough conditions. You’ll want to read that article, of course, especially if you’re an advanced Windows user, but Fred’s results are worth mentioning:

Four months in, and no malware has infected my Win7 systems. I’ve experienced no malware-like misbehavior on my machines, and to the best of my knowledge, my systems remain clean and unhacked.

So I’m comfortable saying that the combination of the Win7 firewall, Microsoft Security Essentials, and fully current browsers and e-mail clients is proving to be a wholly acceptable security solution for routine use.

However, I’m not ready to recommend this combination to advanced users — especially those with demanding needs or who require the ability to easily customize their setup.

What’s your opinion? Leave me a comment.

I didn’t attribute this to MSE. Instead, I got rid of my background picture on the desktop, defragmented my registry, defragmented my page file and did all of those things I normally do to completely tune up a machine. No joy.

Then, Panda came out with version 1.0 of Cloud Antivirus and I commented on that: Panda Cloud Antivirus Emerges From Beta. I said “slight” performance issues had been evident with MSE. I was wrong: They were major, and I’m not the only one who has experienced that. Here’s a comment I just got on my Ask the Geek blog:

nothing was working for me…until I disabled microsoft security essentials – which apparenlty came with Windows 7! I prefer another malware program and virus program anyway…then I did a msconfig service cleanup of all the crap (including stopping ms sec essentials)….everything’s been loading great.

Evidently, MSE isn’t all it’s cracked up to be and I stand corrected. BTW, Panda is doing fine and I no longer have the performance problems. Microsoft, please get it right for once.

Who else is having problems? Comments welcome.

The Microsoft Security Essentials team has this to say:

Microsoft Security Essentials (formerly codenamed “Morro”) is the newest security product from Microsoft that helps protect consumers against viruses, spyware and other malicious software. The program, using the same technology as the Forefront product family, is designed to protect and take the guess work out of you wondering if you are protected or not.

If you’re green, you’re good.

Red or yellow means there is something that needs to be done to keep your PC secure. A single click and the PC is back to the green protected state.

Microsoft Security Essentials is also designed to address cost and other barriers that have prevented many of our customers from running up-to-date security protection on their PCs. Because there are no subscription fees, there is no registration required to collect billing or other personal information.

It also runs quietly in the background scheduling scans when the PC is most likely idle and interrupting the user only when there is an action required to keep their PC secure. It employs practices like active memory swapping and CPU throttling to limit the impact on your PC performance, even on older or less powerful PCs.

Sounds good to me. I’m going to recommend it to some of my less-than-savvy clients and see how it works for them. I’ll even try it myself, though I’m not a good candidate for such a thing, being the security Geek that I am. Still, it can’t hurt. The one thing that’s unclear: Is this going to come standard with every new PC, or does everyone have to make the effort to download and install it?

Stay tuned.