Spyware Terminator 2.1 released

Discussion in 'other anti-malware software' started by Victek, Feb 11, 2008.

Thread Status:
Not open for further replies.
  1. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Spyware Terminator 2.1 "final" has been released (apparently build 2.1.0.313). "Complete Changelog will come soon" according the announcement on the ST forum.
     
  2. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    man it's work's
     
  3. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    You mean it works good. or you're surprised it works? LOL. Has anyone in here ever tested to see how well ST's Application and System Guards really work in preventing malware infestation? I understand the HIPS looks for programs that were not created in its data base and is suppose to block them, but what about those 2 Guards?
     
  4. Dieselman

    Dieselman Registered Member

    Joined:
    Jan 6, 2008
    Posts:
    795
    Well I use to like Spyware Terminator and I only use it on demand. But after trying out the new version and finding out it installs a backround service " sp_rsser.exe" I uninstalled it. Also the immunize files are only 5340. Spybot immunize files are 73,554.
     
  5. Dieselman

    Dieselman Registered Member

    Joined:
    Jan 6, 2008
    Posts:
    795
    You can test the HIPS yourself by simply downloading System Shutdown Simulator and using the HIPS test.
     
  6. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,124
    Location:
    Pennsylvania.
    I love the new version. Has a great look and a new shield. ^_^
     
  7. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Take a screenshot of the allowed programs and dlls and i'll tell you if the GUI was improved. :)
     
  8. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,124
    Location:
    Pennsylvania.
    Is this a good picture Pedro?
     

    Attached Files:

  9. Tokar

    Tokar Registered Member

    Joined:
    Jul 22, 2005
    Posts:
    81
    Dieselman, have you ever actually analyzed that number output by SpyBot? It does not appear you have.

    The 5,340 number put out by Spyware Terminator refers solely to ActiveX code. It immunizes against 5,340 unique malicious ActiveX items. Whether they are of any harm today with IE6Sp2 and IE7 is debatable, but they are all unique ActiveX items.

    SpyBot has a total, A TOTAL of a little under 900 unique ActiveX items. Thats it. Everything else is 7,000+ domains, or some number like that, placed in several locations.
    1x HOSTS
    1x IE restricted domains
    1x Firefox blocked domains
    1x here
    1x there

    Its like 10 different places it puts these 7000 domains. And thus you get 70000+...
    10 x 7000 = 70000.

    You are quite mistaken if you think that there are 70,000+ unique items in the SpyBot database.
     
  10. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Thank you for the pic Cheater, i appreciate it :thumb:
    If i ignore your wallpaper :) , it does seems fair. But not optimal. There should be a way to group by file type, and i should be able to see the full path.
    The list of programs itself loses too many space due to all the things around.

    Tokar: Settings, Application Guard etc. take to much horizontal space from the allowed programs list, and System Summary, Application Guard's title, and the too big white space take too much vertical space. It's far from optimal imho.

    Then as i say above, one should be able to group by file type or file name.
    Picture an option to toggle between the two modes, and if file type is chosen, there could be a separator between them (dlls, exe, and so on).

    BTW Tokar, i have 2 Qs:
    -does ST block by file extension, or does it block any binary executable? I don't know the tech mumbo-jumbo :) , i hope i am being clear.
    -does ST control by parent-child (i forgot), or does it simply work file by file, allowing it / blocking it, no matter the parent?

    TIA!
     
  11. Tokar

    Tokar Registered Member

    Joined:
    Jul 22, 2005
    Posts:
    81
    it alerts on several extensions... EXE, BAT, COM, SCR, DLL

    im not particularly sure how the parent process blocking works. i know the option is there, but ive never used it to comment on it.
     
  12. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I don,t know of any security software( except Anti-Executable) that is blocking by binary code analysis( if this is what u mean). Why we should expect it from ST.
     
  13. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Let's see if i can explain.
    SSM doesn't do code analysis, but i assume it doesn't block by extension either.

    Anyone PLZ correct me at anytime, but i think that SSM like programs hook the OS so that any executable, regardless of extension, is blocked as soon as the OS function to launch executables is called. It's the mechanism, not the extension. Was i understandable, and correct?
     
  14. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Yes.

    This is what any HIPS worth its salt does. Calls to the CreateProcess API are whacked, regardless of what fancy extensions (if any at all) that the child process is using.
     
  15. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Sorry, u are right. Actually I confused it with File protection feature of HIPS and AE where HIPS work by extension basis and AE on the basis od code analysis.

    BTW now I am interested to know also if ST,s HIPS wotk on the basis of extensions. If so, I will regard it as an an inferior HIPS.
     
  16. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    That's what i'm asking. Kind of critical. :)
     
  17. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Are any of you using the Web Security Guard?

    dja2k
     
  18. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    I do with Firefox, and it doesn't seem to cause any slowdowns, and the Crawler Tool Bar can be disabled if you like. I also have the HIPS of ST enabled, and it is running fine along with ThreatFire.
     
  19. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,124
    Location:
    Pennsylvania.
    I'm using WSG. I love it. I always feel safe with it. If you don't like the look you can go to services on the left top corner, go to services and uncheck the things you don't want up top. I have mine cut down to just services and WSG shield. :D
     
  20. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Thanks guys, I am familiar with the enabling and disabling of the WSG and I know you can avoid install at ST setup. I just wanted to see who was using it and what comments you would bring forth. :)

    I think that the Web Secure Guard toolbar seems better than using lets say LinkScanner Lite, which both are free of course.

    dja2k
     
  21. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    A question always pertinent regarding site advisor's is what they add to a host file. If they don't use some sort of heuristics, something real time to detect problems, it ain't worth it.
    Note that i never used WSG, i don't know how it works.
     
Loading...
Thread Status:
Not open for further replies.