Tag Archives | Internet Security

Twitter Updates for 2010-03-12

Continue Reading · 5

Comodo 4 Internet Security New Features

Since I’m getting ready to review Comodo 4 Internet Security I thought I’d post what the changes/new features are:

Whats New in COMODO Internet Security 4.0.135239.742?

NEW! Seamless livePCsupport Integration
This version has a built-in Live Support for getting instant help from the experts for any type of problems.
NEW! New User Interface Theme
A new user interface theme has been introduced with this version.
NEW! New Web Based Installer
Now, there is a single setup file which downloads and installs the required products according to operating system the computer has. The product installers are created with Microsoft Windows Installer for native installation/uninstallation support.
NEW! Integrated Sandbox
Proactive Defense i.e. Defense+ now includes a built-in sandbox which combines file system/registry virtualization and least-privileged user account principle in order to combat with unknown malware.
IMPROVED! Default Deny Protection
Defense+ now automatically sandboxes all unknown applications/executables until they are analyzed.
IMPROVED! Significantly fewer number of popup alerts
Defense+, with the help of new sandboxing technologies, has a more powerful default security policy while having significantly fewer number of alerts compared to previous versions.
Also in this version, Defense+ and Firewall, by default, do not create automatic rules for already known safe applications.
IMPROVED! Popup alerts layout
The new popup alerts now include additional options which allow the users to take COMODO Time Machine snapshots or set Windows system restore points, submit suspicious files for immediate analysis.
IMPROVED! Antivirus Engine
Antivirus engine is improved for better detection and cleaning. The new engine now has disinfection support for the infected files.
A new command line virus scanner (cavscan.exe) has been introduced in order to address the need for scanning the computers in windows safe mode or scanning files transferred from MSN etc.

My Comodo 4 Internet Security review and test structure:

  • cover some of the new features (sandbox demo)
  • pit comodo against 10 zero-day threats (non-sandboxed)
Continue Reading · 16

Internet Security 2010 Rogue, Winlogon2.exe and Other Fun Things for this Week…

I’ve been pretty busy this week with malware appointments and thought I’d share this weeks “note to self stuff”…

  1. A client calls me and says that they have a fake antivirus (internet security 2010 rogue) and now they can’t login to Windows
  2. When I arrive I load my UBCD4WIN and immediately:
    • Replace Atapi.sys.
    • Replace Userinit.exe.
    • Load the host registry and fix the winlogon key so that userinit points to c:\windows\system32\userinit.exe, (not winlogon2.exe).
    • Disconnect the network connection.
    • Reboot.
    • Load Malwarebytes and load the latest updates via usb stick.
    • Quick Scan with MBAM and remove anything found.
    • Reboot.
    • Load new AV (either Microsoft Security Essentials or Kaspersky Internet Security 2010)
  3. Perform misc cleanup stuff and then leave.
Continue Reading · 15