Spyberus

A new version of it has been released earlier this month. You can get it at http://www.robotgenius.net/technology/downloadSpyberus.jsp.

 

Average users, watch out this is a beta version.

 

I remember using a program from this company a while ago and it liked to crash my system alot. XPproS2 no other security programs at that time.

 

Well, if was this program, the bug you had was probably fixed in the new version.

 

Played with it earlier and i never reached my desktop

Regards,

MaB

 

Being an idiot and a whore of software I tried this program a few minutes ago. No BSoD but system became very sluggish/nonresponsive. Uninstalled quickly. I feel this program is not quite ready for primetime. A lot more development is needed.

Later...

 

Spyberus can be looked upon as a system modification management tool.

Microsofts Steady state freezes the system
Altris lest you management versions, free version has limited options
Spyberus is a sort of enhanced Altriss roll back management

Problem Altris was intended for testing software, suectity enthousiasts discovered how to use it as a more flexibel steady state, spyberus builded on this idea.

Problem is that you have to cover the complete attack surface and match teh changes against the triggers. This is quiet difficult to achieve. complexity reduces solidness of software. DefenseWall has a rollback option but leaves it to the power user (and therefore evades the problem of accurate matching).

Note: tried and hung my system, had to roll back



I like the idea, but I have doubts on the complexity to implement it as a solid security mechanisme. Simpler implementations (either no yes or no when allowing changes) like steady state or Returnil, PowerShadow are more likely to proove a solid defense.

So basic idea is great, solid implementation trouble some. I would not hesitate to buy such a program when it was fool and error proof.

Regards Kees

 

The newest version runs very smooth on my XP SP3. I am looking forward to a final release of this. It works great

 

Is it free? What is it exactly?

 

It appears to be a zero day threat preventer.

http://www.net-security.org/secworld.php?id=5081

Since it is a beta, I would think it would be free. No mention about a price from what I could tell.

http://www.robotgenius.net/technology/spyberus.jsp

 

http://www.robotgenius.net/index.jsp

"NEWS
August 26, 2008
Robot Genius has released a new, more stable version of Spyberus. "

 

I decided to give it another try (on the home PC on which the first version gave no problems). It can be best explained as a combo of Altris and a limited classical HIPS.

It give you a real time warning when systems changes (e.g. drivers are installed/loaded) occur (like a clasical HIPS), the nice thing is that you can decide to uninstall the package plus clutter afterwards (like Altris). It works real well for regular programs or regular programs which have spyware attached. I still have to try it against serious malware.

Running it together with Avira (write only) and DefenseWall. Because DW takes the first load of **** trying to enter my PC it will not be tested much in regular use.

Regards Kees

 

I basically use it for reliable software uninstallations. I am looking forward to Robot Genius releasing a final and getting their first real rounds of feedback and suggestions.

I am glad to see they are more routinely releasing new versions.

 

i gave the tool bar a try and is very good at detecting pages that contain malware or hacking tools,is very good in my own opinion better than siteadviser.i went googling for some infected pages with malware and always alerted me with a red pop up explaining how manny malwares those pages contain and also the names of the malwares,etc.etc.

 

U mean RGcrawler right? Its a linkscanner n if you say its good ima certaintly try it

 

RgRuard is the exact name and i believe that RGcrawler is in it(data base)is so far the best security tool bar if i can call it like that is the best ever,better than site adviser and link scaner.
note:base on my own experience and opinion

 

I tried it and found it confusing.

Google download.com and RGguard gives it a Green OK rating but when you click on the Green icon next to a Google search it states a lot of programmes on the site are Red Bad.

So, if you are thinking about installing a programme from a Green OK portal you then need to manually check the programme is not Red Bad by seeing whether it's name is listed.

If this were automatic that would be great but who is going to trawl through pages of Red Bad programmes to see whether the programme is listed?

Ian

 

Until so far it notifies on global hooks, driver loading/installation, does not on programs acquiring admin rights or going into debug mode.

 

I use Returnil and Spyberus was only 2 stars at Castlecops Wiki List of Freeware virtualization. http://wiki.castlecops.com/Lists_of_freeware_virtualization

I tried to install RGGuard in FireFox 3, No Go. Would not install. Gecko/2008070208 Firefox/3.0.1

 

Yer it wouldnt install for me at first try either. I then noticed avg av had left their toolbar in addons after i deinstalled it so i removed that restarted tried again n then it installed np.

 

4 RGGuard

Nothing in addons like that. Just Noscript, ShowIP, and User Agent Switcher.
Nothing in Themes. Plugins java, ms drm, sf and mp.

I wanted to give it a go to see how it differs from siteadvisor, which is not installed.

 

Testing it against malware under XP Pro power user and it is real strong. To use Spyberus without ownership errors (when switching between users) it is best to set the SPyberus directory as allow all in SRP, also the All USers application data directory of Spyberus. It is alo best to give users full access rights to the registry keys HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RGProtect
and HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RGSvc

I found a nice tweak in this registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RGProtect\Parameters
, you can add extra files to protect (normal file path + name), regsitry keys and values (normal registry name proceeded with \REGISTRY\)

I have entered all the static registry keys and values of Tony Klein's list out of the HKCU section and added my host file under file protection.

Cheers Kees

 

Syntax for registry protection

\REGISTRY\MACHINE\ = HKLM (HKEY_LOCAL_MACHINE)
\REGISTRY\USER\ = HKCU (HKEY_CURRENT_USER) --EDIT -- HKU (apologies Master San Rabinovich)
You can enter * as a wildcard and ? as a character joker

 

Wrong. It's HKU.