2010年9月29日星期三

惡意網站防護的 DNS 服務測試

之前介紹了幾個有惡意網站防護的 DNS 服務,自己試用了及做了一些測試,ClearCloud 似乎擋惡意網站效果最好,但它錯誤擋了不少正當的中文網站,連可牛的網站及一些防毒論壇也擋,Comodo 效果最差,暫時 Norton DNS 在阻擋惡意網站及誤差方面有最好的平衡。


SitesClearCloud Comodo Norton
From MDL (malware sites)
xxxvideo-___.cz.ccBlockedfailedBlocked
barrhaven___.caBlockedfailedfailed
k0___.ruBlockedBlockedBlocked
residentiebeveili___.nlBlockedfailedBlocked
navashi___.comBlockedfailedfailed

AVG Anti-Virus Free Edition 10.0(2011版)推出了

據說新版效能有所改進,這裡有不錯的網上介紹,我就不再多寫了

官方網站

2010年9月27日星期一

AV-Comparatives 20隻防毒偵測率測試報告 (2010年8月)

AV-Comparatives 剛出了 20隻防毒軟件的偵測率、誤報及掃描速度測試報告,簡單結果如下
偵測率(越大越好)

誤報(越少越好)

掃描速度(越大越好)
官方網站

2010年9月20日星期一

Norton DNS 惡意網站防護

原來其它公司也正在磨拳擦掌推出或加入防護惡意網站的 DNS 服務,Norton DNS 已推出公測,若要使用 Norton DNS,只要更改電腦及 router 到以下的 DNS 伺服器位址便可。
198.153.192.1
198.153.194.1

官方網站

Previx SafeOnline 上網安全軟件 (更新至 3.0.5.199)

如之前的 KeyScramber,Previx SafeOnline 能加強上網隠私的安全,能防止截屏、防截鍵盤記錄、掃描及移除惡意病毒、及防護惡意程式。它最大好處是易用,不如 HIPS 般要用者正確回應警告才能防護電腦,而且它不用特徵碼而是用雲安全技術,所以和其它防毒軟件沖突的機會很少。

不過它有一個弱點,就是當第一次開啟其它應用程式時,它都會用雲安全檢測載入的程式是否安全,並等待雲安全的結果才會讓程式啟動,這樣就拖慢了程式的啟動,不過之後再開啟同一程式時便不會再有明顯拖慢的情況。


現在 Prevx 和 Facebook 合作提供免費 SafeOnline 特別版(永久免費,但是沒有了移除病毒及即時防護惡意程式的功能)。這圖可以看到惡意程式移除及即時防護要購買才可啟動 (它把我的 AntiTest 測試程式當是惡意移式)

如一般防護軟件的基本設定
進入 SafeOnline 功能設定,在這裡可以加入要受特別隠私保護的網址及設定安全的強度
這裡有其它工具選項

官網介紹
To protect information being stolen while browsing on an unknowingly infected PC, we developed Prevx SafeOnline. Prevx SafeOnline will protect your information entered in or displayed by your Internet browser, by locking down the operating system and services to ensure that only "known good" processes and services are allowed to run.

官方網站

有 Facebook 帳號的在以下連結登入後就能下載
http://www.facebook.com/pages/Prevx-SafeOnline/254680228961

沒有 Facebook 帳號的也可從以下連結下載
http://info.prevx.com/download.asp?GRAB=PREVXFACEBOOK

註:
1. 它並不能通過 AntiTest Keylogging 的測試,所以建議配合 KeyScrambler 一同使用。
2. 發現它跟 Comodo Internet Security 衝突使 Comodo Sandbox 不能正常工作。


更新
更新至 3.0.5.199 (13/9/2010)
更新至 3.0.5.140 (10/5/2010)

2010年9月18日星期六

ClearCloud DNS 惡意網站防護

之前文章從最根本開始做網路防護介紹了幾個免費的 DNS 服務,但都不能防護惡意網站,或是要付費才可以,但這個由 Sunbelt Software 推出的 ClearCloud DNS 就免費提供阻擋惡意網站的功能,網上有測試顯示暫時它能識別的惡意網站只是一般,可能現在還是測試版,不過旣然不佔用任何電腦資源,也能阻擋部份惡意網站,在使用上也沒有發覺延誤,所以自己也就即時採用了,希望正式推出時它能有所增強。

要使用 ClearCloud DNS,只要更改電腦及 router 到以下的 DNS 伺服器位址便可。
74.118.212.1
74.118.212.2

官方網站

2010年9月15日星期三

Comodo Internet Security 2011 (ver. 5) 正式推出

有以下新工能及改善

1. 防火牆加入雲測毒 (就算不安娤防毒模組也會檢測要執行的程式)
2. 加入行分析防護
3. 自動檢測不明程式,若在雲白名單(cloud white-listing)會自動把檔案加入本地白名單
4. Game Mode
5. 改善沙盤的兼容性
6. 加強除清毒功能

繁體中文化檔案

官網介紹

What's New In COMODO Internet Security 2011?

THANKS! COMODO would like to thank the beta testers whose feedback made this release possible!

NEW! Extended spyware scanner and improved malware cleaning
NEW! Cloud Based Antivirus Scanning
NEW! Cloud Based Behavior Analysis
NEW! Cloud Based Application White-listing
NEW! Game Mode
IMPROVED! Application Control
IMPROVED! Default Deny re-engineered to improve application compatibility
IMPROVED! Application user interface

Cloud Based Infrastructure:

2011 family of products(Yes COMODO Firewall too!) are now armed with cloud based file rating technologies. The cloud computation, enabled by default, is used for a variety of purposes.(Do not be surprized if COMODO Firewall gives you a malware alert!!!).

With cloud computation;

Cloud based Whitelisting: Safe files and trusted vendors are now easily identified. The concept of “Trusted Publisher” is now cloud based.

Cloud based Anti virus: Malicious files are detected even if the users do not have an up-to-date antivirus product or an antivirus product at all.

Cloud Based Behaviour Analysis: Zero-day malware can be detected INSTANTLY by COMODO’s cloud based behavior analysis system CIMA(Comodo Instant Malware analysis).

Extended Spyware Scanning

COMODO’s vision and focus has been about “keeping a clean computer clean” from early days. Now that We have achieved that COMODO is focusing on “cleaning an already infected computer”. This is why we extended the spyware scanning in COMODO Internet Security 2011 and COMODO Antivirus 2011 and now include a new spyware scanner which is capable of scanning the windows registry and computer disks for the signs of malware infection.

This new scanner is implemented to improve the detection and successful cleaning rate of already infected systems.

Game Mode

2011 family of products are now gamer friendly security applications. When they are put into the game mode, the operations that can interfere with users’ gaming experience such as alerts or resource intensive virus database updates, scheduled scans are suppressed.

Stronger and Smarter Application Control

2011 family of products have a highly smart application control mechanism which extends the functionality of the previous versions.

The new application control provides the users the ability to lockdown their computers such that only the known good applications can be executed.

The new sandbox introduces a new default application isolation level, partially limited, which improves the compatibility with many windows products.

Nowadays, a lot of malware come in other forms than standalone executables. For example, some come in the form of visual basic scripts while some come in the form of java binaries. When they come in such forms, they are executed by “interpreter” applications such as wscript.exe or java.exe etc.

2011 family of products can identify such applications heuristically and detect the real file behind the requests of “interpreters”.

2010年9月6日星期一

偽防毒軟件及刪除工具 Remove Fake Antivirus (更新到1.68)

有人上網時會看到視窗說你已中毒,需要下載軟件清除,但事實可能你的電腦並沒有中毒,那些警告(廣告)視窗只是想你下載一些偽防毒軟件,這些軟件不單不可以防毒,有些甚至會下載木馬病毒至你的電腦,所以首先不要隨便下載軟件,真是有需要時也要在可信的網站下載。

若懷疑已經中了偽防毒軟件,可以在以下網站下載刪除工具。
Remove Fake Antivirus Free Download to Uninstall and Clean Rouge Fake Anti-Virus Program

官方網站

官網指可查殺以下偽防毒軟件
  1. Security Tool
  2. My Security Shield
  3. Antivirus 7
  4. Antivirus GT
  5. Defense Center
  6. Protection Center
  7. Sysinternals Antivirus
  8. Security Master AV
  9. CleanUp Antivirus
  10. Security Toolbar
  11. Digital Protection
  12. XP Smart Security 2010
  13. Antivirus Suite
  14. Vista Security Tool 2010
  15. Total XP Security
  16. Security Central
  17. Security Antivirus
  18. Total PC Defender 2010
  19. Vista Antivirus Pro 2010
  20. Your PC Protector
  21. Vista Internet Security 2010
  22. XP Guardian
  23. Vista Guardian 2010
  24. Antivirus Soft
  25. XP Internet Security 2010
  26. Antivir 2010
  27. Live PC Care
  28. Malware Defense
  29. Internet Security 2010
  30. Desktop Defender 2010
  31. Antivirus Live
  32. Personal Security
  33. Cyber Security
  34. Alpha Antivirus
  35. Windows Enterprise Suite
  36. Security Center
  37. Control Center
  38. Braviax
  39. Windows Police Pro
  40. Antivirus Pro 2010
  41. PC Antispyware 2010
  42. FraudTool.MalwareProtector.d
  43. Winshield2009.com
  44. Green AV
  45. Windows Protection Suite
  46. Total Security 2009
  47. Windows System Suite
  48. Antivirus BEST
  49. System Security
  50. Personal Antivirus
  51. System Security 2009
  52. Malware Doctor
  53. Antivirus System Pro
  54. WinPC Defender
  55. Anti-Virus-1
  56. Spyware Guard 2008
  57. System Guard 2009
  58. Antivirus 2009
  59. Antivirus 2010
  60. Antivirus Pro 2009
  61. Antivirus 360
  62. MS Antispyware 2009
  63. IGuardPC or I Guard PC
  64. Additional Guard

更新
更新到 ver. 1.63 (26 Apr 2010)
更新到 ver. 1.64 (30 Apr 2010)
更新到 ver. 1.65 (15 May 2010)
更新到 ver. 1.66 (24 Jun 2010) 能刪除更多偽防毒軟件
更新到 ver. 1.67 (21 Jul 2010)
更新到 ver. 1.68 (24 Aug 2010) 能刪除更多偽防毒軟件