Spyware terminator

Has anyone actually tested this piece of software on live infections and compared it to other products? Like real nasty malware like trojans and keyloggers (not some benign adware)?

 

I'm game but before i go hosing my research computer can you expand on what aspect you require testing

Scenario A A PC that is already infected where the software is introduced post infection inorder to act as the cleaner.This would check its detection and cleaning capabilty etc

Scenario B Its realtime protection capability where the software is loaded+configured and then the computer is opened up to attack vectors for hostile code.

My research computer is running SP1 with NO patch's/updates installed.The user has habit of clicking on dubious file downloads and surfing the dark corners of the web.Added bonus the PC has installed the JRE1.4.2 just so Vundo can gain entry when surfing through certain cracksites

I can do both scenarios over 2 sessions so what do you want first

 

That would be awesome! Yea, do both scenarios if you could. Could you compare to SAS Pro and Threatfire? I'm especially interested in which one has the best real time protection.

Thanks again for that license

 

Well I can tell you right now (working for Spyware Terminator) that detection of keyloggers will probably be poor, since our policy for keyloggers is that we dont detect commercial keyloggers since they "can" be used for legitimate purposes (monitoring company employees, or monitoring children activity).

I think in the future this will be changed and we will detect commercial keyloggers as "riskware", software that can be a potential risk depending on how they are used.

 

Hey Tokar do not panic,i have yet to experience a real world malware infection/attack that includes commercial keyloggers....Tr Sinowal + TR LDpinch/PSW's now thats real life malware with the same aim

Just to put your mind at ease I will stick to current infections c/o Cracksite/pr0n via consential file download(e.g free pr0n codec/keygen etc) and exploit attacks from known bad urls.

 

SAS Pro for benchmarking as i have not yet tested/used Threatfire although i will do in the future

 

Neil from PCMag uses commercial keyloggers in his keylogger test, which is the reason for poor scores for ST and AAW2007 in this category.

 

That's just stupid! Why not use some real world malware that logs keystrokes?

 

SAS as well....shame Neil dose'nt go and get his test PC hosed out with Delf but then that requires more specialized/advanced observation and recovery.

This is where my methodolgy and sources differ.I use current(not VX or archived) malwares & subsequent infections.These are the realworld threats faced and not some inactive 1997 sub-seven trojan stored in c/Virus samples folder(as seen by certain testing/reporting houses).

I hope this meets with your approval

 

fcukdat, how well does SAS Pro do in real time protection?

 

Hi Drew99GT/Tokar

Initial update...This is going to take a while to correlate data,i will probaly not have the time until next week to see this through.Thanks for your patience

 

No problem. Thanks for testing! So compared to other software you've tested, how does SAS Pro do in real time? (do I sound like a broken record!!!)

 

An interesting read

An informal snapshot of virus-detection rates on some fresh real-world malware

 

I wish u could u do a small set of testing for famouse AS applications to let us know the reality.
Sure it might need a lot of time!

 

Indeed it does.