Friday, October 14, 2011

Virus Proof Windows: Online Armor Free

If you own a PC, you know that  your operating system (OS) is a target for all the malware makers of the world. With a worldwide market share of over 90%, it simply makes sense for those who create malware to target the largest number of computers. Fortunately, there is an easy way to virtually "virus proof" Windows: combine a good anti-virus program with something special--Online Armor Free. 

My favorite antivirus program is Avast 6 (free version). This Czech software protects from all types of malware. Auto update every two hours makes this something you never think about (click “Silent Mode” to turn off the voice and pop-ups announcing updates). Avast is very light on your system – it only consumes 6MB RAM (the cheapest PCs have 4,000MB of RAM!). Get it here: www.filehippo.com Another good choice (with annoying pop-up "buy me" screen): Avira Free http://www.avira.com/en/avira-free-antivirus

Now on to the tool I find especially useful, Online Armor Free. First, go to http://www.online-armor.com/downloads.php and get OA Free. It has many features, including firewall, web shield, and a "Program Guard." Turn off all those settings except for Program Guard. This guard allows you to “Run Safer” any program you choose (you will see a green border around the browser or other program “Run Safer”). If a program appears that is not on the OA "whitelist" of safe programs, then it will be "Run in Safer" mode. 

What does this do? Even if the program becomes infected it cannot make changes to your Windows OS because the program is running as a Limited Account and does not have Administrative Privileges. [For Geeks: This is not a Sandbox with all the downsides of one; it uses the DropMyRights tweak to lower privileges].

If you need to run a "Limited" program as an administrator simply right-click the program icon and “Run as Administrator.” That's it! Next time it will be running in safe mode. Tip: If you need to install or modify a program, click the "Learning Mode" button to prevent pop-ups while you install. 

This combination of Avast and OA Free (as configured above) = about 20MB RAM. You will hardly notice the hit to your system's performance and you can configure both programs to never bother you unless there really is a problem.  

For screenshots of programs running without OA "Run Safer" (BEFORE) and with it (AFTER), see here:

BEFORE (click to enlarge):


As you can see the privileges don't even fit on the screen (you would need to drag the scroll bar down to see them all. A virus or malware program could hijack any of these to take over your computer. 

AFTER: 


Notice that there is only one privilege enabled and it is to notify you of an attempt to change from Limited to Administrative Privilege.

CONCLUSION: OA “Run Safer” is a simple-yet-genius way to bullet proof your PC because 99.9% of all malware cannot get around the Limited account restrictionsBrilliant! 

A recent test of Avast and OA Free showed that it batted away "zero-day attacks"--malware so new that antivirus companies haven’t had a chance to write an “antidote.” You aren't likely to encounter software created within the past few hours but that kind of testing ought to give you piece of mind. 

POSTSCRIPT: WHAT ABOUT YOUR FRIENDS?

But you probably have friends who infect their computers as they Limewire, torrent or surf porn sites (you don't have friends who did any of that stuff, right?). If a friend needs help cleaning up their computer, download a copy of Malwarebytes to a flash key (www.filehippo.com). Malwarebytes  targets “zero-day attacks”— If something goes wrong with a friend’s computer, run this free version manually as needed. If your friend’s infected computer won’t let Malwarebytes install, I highly recommend running Norton Power Eraser from a flash key (requires no installation but highly effective emergency tool): www.majorgeeks.com  Then tell your friends to get Avast 6 + OA Free!

No comments: