Spybro versus Prevx fight

Discussion in 'other anti-malware software' started by SystemJunkie, Dec 11, 2006.

Thread Status:
Not open for further replies.
  1. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Look the fight between antispy companies, it´s really funny, but on the other hand a bit sad, I don´t think that spybro is so bad, but most antispy think so. Look:

    First round goes to PrevX:

    http://i13.tinypic.com/2rg2kg0.png

    Second round goes to spybro:

    http://i14.tinypic.com/2cct6aa.png

    I don´t like PrevX argument that memory is infected only because lawenforcer.dll hooks files.
    It is totally useless to restart the pc because of this fact.
     
  2. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Hello System Junkie
    You mean this right?
    http://www.spyware-browser.com/

    If you don't mind, a couple of low end user questions:

    Why does spybro get such a bad time in so many malware removal forums?
    Looks like quite a powerful process scanner.
    Does it do removals? How well?
    Do you know What the difference is btwn:
    SpywareBrowser & Advanced Free Spyware Monitor http://www.spyware-browser.com/freeware/

    I see you have been using AAK: http://www.spydex.com/
    this app seems to be able to block kernel level malware with great success: could you tell me a bit about it, please

    How do these tools compare to say Process Explorer, Autoruns, SAS or Rootkit scanners?

    Thanks.
     
    Last edited: Dec 13, 2006
  3. dah145

    dah145 Registered Member

    Joined:
    Jul 3, 2006
    Posts:
    262
    Location:
    n/a
  4. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    If you have a particular question about or want to dispute any determination of any program, feel free to write in to support. The easiest way to do so would be to double click the file in your Holding Cell or Jail to bring up the web info and click the "Disagree with us?" link in the upper right hand corner. This sends us all info needed to research that particular file. Keep in mind that this may have been a heuristic determination.
     
  5. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Yes, exactly!

    It´s a great api hook and hidden dll finder.

    It is great. Spybro is maybe the most advanced api hook finder, you get more usable results then with any other.

    The Spy Scanner is not the top but the subtle forensic functions are really cool.

    How true, it is probably the best Anti-Screener and Anti-Keylogger in the world actually. I did not see anything better. It finds the deepest low level sh*t you can imagine, even very unknown not yet revealed rootkits.

    It founds two crazy sys driver in my system and a unknown screen capture event, source of this malware still not known.

    PrevX finds nothing but look AAK ;-) Firefox Exploit.

    http://i10.tinypic.com/2yjy43m.png
     
  6. dah145

    dah145 Registered Member

    Joined:
    Jul 3, 2006
    Posts:
    262
    Location:
    n/a
    It really looks great!!! Is like SSM with AS. :eek:
     
    Last edited by a moderator: Dec 12, 2006
  7. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    I agree. It is the best anti-rootkit in the world!!!
     
  8. EP_X0FF

    EP_X0FF Registered Member

    Joined:
    Nov 8, 2006
    Posts:
    233
    Totally disagree. It is very slow scan and very easy implemented. Detects only inline hooks in user mode. Modern malware do not work in user mode :) Can't remove hooks, can't work with HaxDoor -> rootkit will do BSOD (hooks on hooks).

    And it is not HIPS. SpyBro using hooking model based on DLL-injecting. It is very easy to bypass such things. And this programme give a huge affect on PC performance due to poor hooking realisation. I can prove that in any time. I fully tested this SpywareBrowser and posted results on SysInternals. Unfortunately I didn't found something new or impressive in that product, including annoying "KAU Antivirus" inside =)

    Just my two cents.
     
    Last edited: Dec 15, 2006
  9. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    @DA
    You mean AAK right?
    Have you looked at this?
    Tested with anything?
    How work?
     
  10. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    @longboard: you have to be a bit carefully with DAs comments,

    there are two possibilities, on the one hand he could acknowledge the power of aak on the other hand it could be the mockery of the devil ;-) Or the disappointment of not receiving screenshots anymore.:cool:

    Yep

    Probably, don´t know.

    But it shows very clear details of those hooks.
     
  11. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    Be patient, and all will be revealed soon.
     
Loading...
Thread Status:
Not open for further replies.