How Do I Keep My Kids Safe from Internet Garbage?

If you’ve been on the internet for any length of time, you probably feel like its main purpose is to distribute pornography, drug ads, and questionable financial solicitations. If you’ve got kids, you’re probably also worried about pedophiles, cyber-stalkers, bullies, and other nefarious net inhabitants.

While things aren’t nearly as bad as the press might make it out to be, it is bad enough.

What’s a responsible parent to do?

Read moreHow Do I Keep My Kids Safe from Internet Garbage?

Why Don’t Anti-malware Tools Work Better?

//
I’ve been an independent computer repair tech for over 12 years now. The question I get the most (and have the hardest time answering) is this: how come my antivirus program didn’t stop me from getting this virus? When you’re installing AVG, the program says that only 3% of today’s security problems are caused by traditional viruses. Is this true? Is it true for the other antivirus programs as well?

In other words, why don’t anti-malware tools work better than we want or even expect them to? 🙂

I have to fault AVG for the phrase “traditional viruses”. I think that puts an unrealistic spin on your expectations. Malware is malware, and that includes viruses, spyware, ransomware, rootkits, zombies, and gosh knows what else.

What do they mean by “traditional”? I have no idea. I also have no idea where that 3% figure comes from.

But there’s a kernel of truth in AVG’s statement. No matter what program you run, there’s still a chance your computer will get infected.

Read moreWhy Don’t Anti-malware Tools Work Better?

How Can I Tell If a Website is Safe?

//
How do I know if a site I’m about to visit is safe? Is there any software or service I can use? Is there some other technique?

The short answer is, there’s no simple solution to this problem. There’s no single service or tool you can rely on to keep you completely safe.

I understand that can be frustrating.

There are tools and techniques, including online tools, DNS blocking, web blocking, and browser blocking, but these solutions are inconsistent and incomplete. Generally, they can be used only to gather a little additional data to inform the ultimate safety tool: yourself.

Read moreHow Can I Tell If a Website is Safe?

Does a Lapsed Anti-malware Tool Leave an Open Door for Malware?

//
If your virus protection subscription (say Norton) has lapsed, does this mean that the door to your computer is open and anyone and everyone can come in to rip it apart?

No. Not really. Certainly not to that degree, and certainly not immediately.

But it is important.

It’s not a good thing to let your anti-malware tool’s subscription lapse unless you plan on replacing it.

The subscription isn’t about using the software; it’s about keeping the software up to date. Making sure your anti-malware software is up to date is critical to keeping you and your computer safe.

Read moreDoes a Lapsed Anti-malware Tool Leave an Open Door for Malware?

How Safe is Kaspersky Internet Security?

//
Hello Leo, I’ve been using Kaspersky Internet Security for many years now without Problems or Viruses. What I’m concerned about is all the Negative News I’ve been reading and Hearing about Kaspersky! I’ve read that he is a Spy for the Russian Government, that he’s been Hacking our Systems at the request of the Russian Government. What do I do? Should I uninstall kaspersky that has been Protecting my Computers for years now or just ignore the Negative News? Can you give me the Truth of what’s going on with Kaspersky?

I honestly don’t know.

But there are a couple of observations I’d like to share about the situation; perhaps they will allow you to come to a decision.

These are politically charged times, without a doubt, particularly when you mention Russia. And the “truth” you’re looking for? I’m not sure we’d recognize truth if it slapped us in the face.

Read moreHow Safe is Kaspersky Internet Security?

Why Microsoft’s Response to the Windows Defender Zero Day was Spot-On

A couple of days ago, Google researcher Travis Ormandy made the following statement on Twitter:

Travis Ormandy Tweet

I think @natashenka and I just discovered the worst Windows remote code exec in recent memory. This is crazy bad. Report on the way.

Turns out it wasn’t Windows, per se, but Windows Defender (and Microsoft Security Essentials, in prior Windows versions). And “crazy bad” is apt.

It set into motion an example of “the system” working, and working well, to keep you safe.

Read moreWhy Microsoft’s Response to the Windows Defender Zero Day was Spot-On

Offline Anti-Malware Tools

One of the tricks used by malware is to prevent anti-malware tools from working. There are a variety of techniques involved, most of which rely on the fact that Windows is running, that opened files cannot be deleted, and that the malware itself is actually a program running on the machine.

The solution is not to run Windows, not to have any files open, and not to have the malware itself running.

In other words, the solution is to boot from a CD, DVD, or USB disk containing a stand-alone anti-malware tool.

Read moreOffline Anti-Malware Tools

Windows Defender Offline in Windows 10

Occasionally, malware prevents your anti-malware tools from running, or is designed in such a way that anti-malware tools may not be able to actually eradicate the infection while Windows is running.

One of the most common solutions in the past has been to boot your computer from a DVD or USB drive that contains its own operating system, bypassing both Windows and the malware that might be interfering. Once running, this isolated operating system can run anti-malware tools that are much more likely to resolve the issue.

Windows 10 actually built in this capability. Without needing to download anything, you can boot your computer into “Windows Defender Offline” – a copy of Windows 10’s built-in anti-malware tool, running in a separate, isolated, dedicated copy of Windows 10.

Read moreWindows Defender Offline in Windows 10

Should I Accept My Security Software’s Recommendation of What to Remove?

//
I downloaded the Malwarebytes you suggested and did a scan. It showed more than 330 things which it asked whether to remove. Do I just accept that these are things that should be removed? The things recommended for removal are listed below. Some of the sentences include microsoft explorer, lenovo browser guard, etc, which when I look at them I am uncertain about deleting because I do not know if I am deleting something that’s important.

Do I just delete whatever Malwarebytes asks to delete every time it makes such suggestions?

<~300 entries, mostly registry-related, snipped>

This is one of those questions we never think about until someone asks.

What we’re really asking is, “Do I trust my security software to make the right recommendations?”

And the answer, as it is so many times, is: it depends.

Read moreShould I Accept My Security Software’s Recommendation of What to Remove?

Can I Run More than One Anti-malware Program or Firewall? Should I?

//
With regards to firewalls, anti-virus programs and anti-spyware programs; can I have more than one of each of these programs installed in my computer? For example, I run ZoneAlarm; does that mean I should I turn off Windows firewall?

In recent years this question has become more complex than ever.

There are certain types of protection you need, and getting all that protection may involve running more than one program.

On the other hand, running more than one program of the wrong type can, indeed, cause problems.

Let’s see if I can’t sort this out for you.

Read moreCan I Run More than One Anti-malware Program or Firewall? Should I?

Why would scanning a disk be quick, but just a file on it be slow?

//

Leo, I’ve got a portable hard drive that contains various PC disk image files. All of which take up about 500 GB in total. When I right-click on the root directory to scan the portable drive with my Norton Internet Security software, the scan is completed in about 5 seconds. However, when I scan just one of the disk image files contained therein, it would take over 30 minutes which is roughly the time it takes to directly perform a full scan on the PC. The same behavior is exhibited when I scan with Malwarebytes. Why is it that scanning the entire 500 GB portable hard drive at one time is so incredibly faster than scanning just one of the files in that portable hard drive?

Your question brings up some very important distinctions about the different types of scans possible, and the different ways anti-malware tools perform them.

Read moreWhy would scanning a disk be quick, but just a file on it be slow?

How do I safely switch from one security tool to another?

//

I’ve had AVG, the free version, for years. In the last two weeks or so, even prior to my update a few days ago, I suddenly have to reload my Gmail several times a day because I get a notice telling me my Gmail connection is lost and it starts a countdown to reconnect and never succeeds so I have to reload. I use Chrome and my Chrome browser is now very slow where it went lickety-split before, as recent as two weeks ago.

Now I’ve read where you recommend Microsoft Security Essentials, so I figured I would go that route assuming AVG is what’s causing all the problems listed above. My question to Google got me nowhere. It seems the root of the problem can’t possibly relate it to Gmail or Chrome. Can you tell me the step-by-step instructions I need to follow to safely remove AVG and replace it with Microsoft Security Essentials? I don’t want to leave my computer exposed to threats while I make the changeover.

I want to start by saying that there are many possible reasons for the symptoms you are describing with Gmail and Chrome. The anti-malware tool is one, but it’s not the first one that comes to mind for me. So, while I’ll absolutely walk you through the steps to make the switch (they’re actually pretty simple), I will warn you that this may not resolve your problem.

Read moreHow do I safely switch from one security tool to another?

Do I Need to Deactivate My Old Anti-virus Before Installing the New One?

//

Hey, Leo. When I bought this computer, Norton anti-virus came with it. Norton anti-virus is about to expire and I don’t plan to renew it as I’ll switch to Windows Defender since it’s recommended by you and by others. My question: can I activate Windows Defender before Norton anti-virus expires or do I need to uninstall Norton first? Also, should I uninstall Norton after Windows Defender is installed? Finally, how do I activate Windows Defender? I’m running Windows 7, X64, on an HP desktop.

A note on product names: for Windows 7 what you’re really talking about is Microsoft Security Essentials. That’s the old name for “Windows Defender”, which is what you would use if you were running Windows 8. However, for Windows 7 and before, what we’re really talking about here is “Microsoft Security Essentials”.

Typically, the answer to your question is “yes”; you should uninstall the old anti-virus software before installing the new.

Read moreDo I Need to Deactivate My Old Anti-virus Before Installing the New One?

What’s the Difference between Microsoft Security Essentials and Windows Defender?

//
I use Windows Defender Offline on a flash drive both at home and at work. On the computers themselves, however, the screen sometimes says Microsoft Security Essentials and other times, it says Windows Defender. I forgot to check if the Windows Defender has Microsoft Security Essentials installed. Does it really matter which one shows up?

Microsoft’s product naming frustrates me to no end. They seem to have an incredible knack for picking the most confusing names possible.

While the names Microsoft Security Essentials and Windows Defender seem innocuous enough, what they mean has changed over time. And therein lies the confusion.

Read moreWhat’s the Difference between Microsoft Security Essentials and Windows Defender?

How does a site identify me when I am using a VPN?

//

Today, reading a blog, I clicked on a link that took me to an answer on Quora.com, which is a site that I can’t recall ever visiting although it’s possible that I may have hit it using Stumble Upon or something similar in the past. My CyberGhost VPN was active. I scrolled down to the bottom of the page and there was my name and an invitation to submit further details. How could this be? I’m most concerned. I did not submit any information to this site during this session. How could it have identified me if I was using a VPN?

The fact the you’re using a VPN has almost nothing to do with this. A VPN protects your connection from the prying eyes of people between you and the VPN service, but that’s about it.

A couple of other things are going on here.

Read moreHow does a site identify me when I am using a VPN?

Does a VPN give me complete security?

//

I recently signed up with a personal VPN service for several reasons. I’d like an unbiased opinion of their value in terms of real security, privacy, etc., and also the potential unintended consequences of using them. I like the idea of having my email completely secured. No tracking (by Google or Bing) of my searches and portability to public hotspots. But I’ve also read that because VPN tunnels through my router’s NAT firewall, I might be giving up a valuable layer of security when I use it at home.

I use a robust anti-virus firewall of course, but I know you recommend a NAT firewall as a strong first line of defense against internet attacks. Are there other potential downsides to casual use? I’m not recommending one “pay for” service over another, but I happened to sign up with Witopia and I’m quite satisfied so far. Thanks for any thoughts on the subject.

I’m a little concerned that there may be some fundamental misunderstandings of exactly what a VPN does and what it does not get you.

To be clear, a VPN does nothing more than encrypt and route all of your internet traffic through the VPN provider’s server. That’s it. What happens after that server actually doesn’t change.

Is your email completely secured? That depends on what you mean.

Read moreDoes a VPN give me complete security?

Do I Need to Stop Using Microsoft Security Essentials?

//
I read an article last week that basically said Microsoft had give up competing with other anti-malware tools and that Microsoft Security Essentials wasn’t going to be any good any more. The article recommended that I quit using it immediately and switch to something else. What do you think? Do I need to stop using Microsoft Security Essentials?

No.

No you don’t. If you’ve been happy with it, you’re perfectly welcome to keep on using it as you have in the past.

To put it a different way, I’m not changing my recommendation. Microsoft Security Essentials remains my recommendation for most people. I’m also not changing what I use myself, which is MSE.

As it turns out, the majority of the “journalism” on the topic over the past couple of weeks has simply been repeating a single source of information. Worse, the repetition included not only a couple of quotes without full context from a Microsoft spokesperson and also additional speculation by the author of that original piece. As the story was repeated, even more speculation was added and assumptions were made.

The result was quite the kerfuffle.

Now, I don’t call myself a “journalist” – I’m just a geek with a voice on the web trying to help people use their computers. But even I know that just repeating and embellishing what others are saying about what others are saying isn’t the right way to approach something like this.

So I took a different approach. I went to the source and contacted Microsoft directly for clarification.

Read moreDo I Need to Stop Using Microsoft Security Essentials?

Do I really need to uninstall these programs to update my anti-virus?

//
I have Avira AntiVir Personal, free edition on Vista. I was recently offered a new improved Avira program and accepted because I like all of my security software to be as up-to-date as possible. When I tried to install the new version, I was told to uninstall two programs that I’ve had for some years: Spybot Search and Destroy and Trusteer Rapport. I assume that this means uninstalling those programs permanently rather than just while the new Avira is installed. So I declined to continue with the installation of the new Avira. Was this sensible? Spybot and Rapport both seem like excellent products and it’s counterintuitive to uninstall them both for the sake of the better version of Avira. What do you think the problem is? Should I look for an alternative free spyware program that is compatible?

Whenever you have a concern about installation, it’s always sensible to cancel and do a little research.

Avira is actually an anti-virus product. These days, they seem to be adding things to the utility to make it more like an anti-spyware product. I suspect that that’s why the installation asked you to uninstall the other programs.

Still, your scenario is interesting and there is a lot going on behind the scenes. Let’s talk about why Avira wants you to uninstall the other programs and what your options are.

Read moreDo I really need to uninstall these programs to update my anti-virus?

Do I need to run the Malicious Software Removal tool?

//
I have a Fujitsu laptop running Windows 7 with Service Pack 1. It’s running fine. I used Microsoft Security Essentials per your recommendation. After reading your last newsletter about manual updates, I went searching around the MS download site and found out about the Microsoft Malicious Software Removal tool and Microsoft Security Scanner. Should I download both of these and run them? Or are they earlier versions of software that are now wrapped up in Microsoft Security Essentials?

I wouldn’t necessarily consider them wrapped up with the existing software. But you don’t have to worry about them. Let me explain.

Read moreDo I need to run the Malicious Software Removal tool?

Why is Microsoft Security Essentials constantly saying potentially unprotected?

//
Quite some time ago, I installed Microsoft Security Essentials as per your recommendation. I liked it right off the bat, but lately after turning my computer on, a small icon appears in the lower right-hand corner of the tray, telling me “Potentially unprotected” and that my virus protection is turned off and that my computer may be at risk. This happens occasionally, but now it’s happening every time. When I go to Microsoft Security Essentials, I see that my real-time protection is on and virus and spyware definitions are up-to-date. To get rid of this icon, I have to manually do an update every time. Once this is done, the icon disappears. This never used to happen until about three months ago or so. Do I have a virus in my system or malware or spyware wanting me to use their protector?

I’ve seen it, too. It seems to be fairly common.

I’ve run into several theories about why this might happen.

Read moreWhy is Microsoft Security Essentials constantly saying potentially unprotected?

TrueCrypt – Free Open Source Industrial Strength Encryption

TrueCrypt comes up frequently in Ask Leo! answers. Many people are concerned about things like privacy, identity and data theft, particularly on computers or on portable devices where they might not always have total physical control of the media.

Someone might gain access to sensitive data stored on your computer.

Encrypting your data renders that access useless, even when your computer or your thumbdrive falls into the wrong hands.

And TrueCrypt makes it not only easy, but nearly un-crackable.

IMPORTANT On September 30, 2015, it was reported that a serious security vulnerability had been discovered in TrueCrypt. Not a fault in its encryption, but rather a more traditional vulnerability that malicious software could use to gain administrative privileges on your Windows machine.

Since TrueCrypt development has halted and no fix is likely forthcoming, I can no longer recommend its use.

My tentative understanding is that VeraCrypt is a free, compatible, and supported alternative, based on a fork of the original TrueCrypt code. And yes, these most recent vulnerabilities are supposedly fixed therein.

IMPORTANT: On May 26th, 2014 TrueCrypt development was abruptly and somewhat mysteriously halted. While I still use and recommend TrueCrypt, please also read Is TrueCrypt Dead? for what happened, and any late-breaking updates.

Read moreTrueCrypt – Free Open Source Industrial Strength Encryption