another test:)

Discussion in 'other anti-malware software' started by jmonge, Feb 3, 2009.

Thread Status:
Not open for further replies.
  1. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    a big woooo spyblaster againts spyware terminator and spyware terminator detected it all the game;) now let's see if he removes it i am scaning now
    cool;) the underdog is winning:)it found it as SpywareScraper
    the results:SpyWare Terminator Detected spyblaster(spyscraper)but the spyware terminator got killed,run the scaner in safe mode and was killed also:)spyblaster killed spyware terminator scaner so couldn't remove the malware:)it fails
    i am not giving up i am scaning again let's see what happen:)tell you guys when finish
    ok full rescan with spyware terminator didnt detected nothing:thumbd:
    ok full rescan with spyware terminator with clamantivirus detected and remove it sucefully:thumb: spyware terminator with clam antivirus passed the test:thumb:
     
    Last edited: Feb 5, 2009
  2. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,405
    Dr.Web CureIt identifies the installation file as a trojan/problem.

    Once SpyBlaster is finally installed (switched off prevx edge), SpyBlaster gave a prompt to switch off Dr.Web CureIt as it was identified as spyware.

    Running CureIt now through a full scan to see if it can detect any SpyBlaster files.

    Prevx Edge blocks it and removes the files to prevent it from running.
     

    Attached Files:

  3. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,405
    Well CureIt detects and removes SpyBlaster. Not bad for a free tool.

    Joe (PrevxHelp), if you're reading this, should Dr.Web correct the Prevx Edge file flagged?
     

    Attached Files:

  4. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    This isn't a problem - qc.csi is the quarantine of CSI. Some AVs look through it and decode our small layer of encoding on the files so they end up detecting what we've detected. The files are disabled when in the quarantine but they still do exist (in the event that the user wants to restore the file), so, once in a while an AV does catch it :D
     
  5. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,405
    What can't you answer hey? :cool:

    Thanks for that. I know it's only one rogue program, but great effort with prevx edge (and also dr web). A thumb up for each. :thumb: :thumb:

    Edit: Maybe the developers of SpyBlaster are reading this, and will soon add you to their 'adware/spyware list'. ;)
     
  6. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    Have you tried System Shield from usec.at? http://www.usec.at/ushields.html

    Tiny & powerful!:argh:

    Dimio says: ProtectShield_free.exe: Mem. Use 500 Kb; InjectService.exe: Mem. Use 1924 Kb.

    Very small.
     
  7. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Had a look at Nemesis/System Shield and tried to install it.
    Prevx Warn.JPG
     
  8. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,405
    PROROOTECT, that program you suggested seems to be one solid little program.

    Basically a registry protection program.

    Just for testing, I let it run and installed SpyBlaster. SYstem Shield alerted me of the registry change, I clicked deny, and SpyBlaster installation was cancelled. No exe files in the relevant program files directory.

    Franklin, Prevx Edge was suspended on my comp. This program might be unknown, and no instances of it found, that's why it violates the age/spread criteria. Joe might be able to give us an update if he's still around and not too busy.
     

    Attached Files:

  9. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    I installed the rogue Antivirus 360 and denied any reg change with System Shield.

    Didn't seem to stop AV 360 from installing though?
    AV 360.JPG
     
  10. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    We've marked the software as good - the detection was a false positive just caused because it is a brand new piece of software :)
     
  11. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,405
    Franklin, I might have to try more rogue programs before i give out those 'glowing' reviews. haha ;)
     
  12. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    ok full rescan with spyware terminator didnt detected nothing:thumbd:
    ok full rescan with spyware terminator with clamantivirus detected and remove it sucefully:thumb: spyware terminator with clam antivirus passed the test:thumb:
     
  13. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    As you can see AV 360 is up and running even before I have a chance to hit the deny button.

    AV.JPG
     
  14. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    Thank you ESPECIALLY, Saraceno!:argh:

    We defend the TRUTH, both!

    PRO
     
  15. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    o_O what about this?
    http://www.emsisoft.com/en/malware/?Adware.Win32.Spyblaster
    they claim 100% clean from adware/spyware/virus in softpedia.com but look in softpedia.com about spyblaster(it is not in theier list)
    http://softpedia.com/dyn-search.php
    also spyblaster been around for long time now so it is not new at all
    SpyBlaster - Spyware Remover 2.1 DOWNLOAD BUY NOW HOMEPAGE ADD TO CART 9,137 Views

    Staff Rating: 90%
    License: Shareware

    User Rating: 98% with 11 Votes Vote

    Downloads: 221 this week, 612 total

    Price: $29.95 USD Expires: 12 Months

    Date Added: 08-23-2006 File Size: 3,790 KB it is not new:)

    DESCRIPTION COMMENTS (0) TAGS PLACEMENT PUBLISHER SYS INFO RELEASE
     
    Last edited: Feb 5, 2009
  16. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    They were referring to SystemShield as being safe not Spyblaster if that's what you mean Jmonge.
     
  17. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    oopppsss:D sorry prevxhelp:D
     
  18. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    thanks for clarifiying;)
     
  19. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    this week i am testing AsQuare AntiMalWare againts some rouge antispyware and really impress me,i just tested it againts spyware scraper and detected and clean the house very smoothly;) with no problems i got more pop ups with this one;) i will try spybot search and destroy and see it's potential:thumb: let you know
     
  20. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    You're welcome.

    A2 has a huge database 2.7 million so it picks up these rogues very nicely.;)
     
  21. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    yes indeed and not only that but the real time shield is a monster;) very nice app;)
     
  22. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,405
    Just searched for another 'rogue product'. 46 million users worldwide. :shifty: Someone might feel like testing it against a few products.

    These programs appear frequently throughout google's sponsored links. http://www.google.com.au/sponsoredlinks?q=antivirus&hl=en&um=1&ie=UTF-8&sa=N&start=12

    Scanned the site with Dr.Web, came up clean.
    Scanned the download with Dr.Web, came up infected with rootkit.
    Scanned the installation file with CureIt, came up infected with rootkit.

    noadaware.jpg
    drweb link scan.jpg
    drweb download.jpg
    no adware pro.jpg
     
  23. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    thank you i will try this one. by the way what is it?
     
  24. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,405
    It's another money-driven fake anti-virus product.

    Legitimate AV companies just have to search through Google's top sponsored links (something they probably already do), as this is what people are clicking on.
     
  25. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Yep! Congrats to the Doctor. I scanned it at Jottis' and only Dr. Web flags the installer.

    Upon installation however, TWISTERRRRRRRRR!

    http://img165.imageshack.us/img165/4107/13766556ue4.png

    The poor rootkit simply couldn't withstand the force of nature! :D
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.