| View previous topic :: View next topic |
| Author |
Message |
swwfr
Newbie
Joined: 01 May 2009
Last Visit: 01 May 2009
Posts: 1
|
 Posted: Fri May 01, 2009 9:12 am Post subject: Spyware Terminator BIN_STDATA2.SPT |
 |
|
hi, i installed ST 2 days ago, today it downloaded a huge file (36254 KB) to C:\Documents and Settings\All Users\Application Data\Spyware Terminator\BIN_STDATA2.SPT. What is this exactly?
During installation, i chose NOT to install the Web Security Guard.
i searched Google & Webcrawler but no answer. Only 1 search result said "I did a Spyware Terminator update earlier and Spyware Terminator downloaded BIN_STDATA2.SPT without asking and I believe it was Crawler Parental Control. ..."
But there's problem with this link (doesn't show).
i'm wary about using ST to start with, coz it's from crawler.com & was once listed in Spyware Warrior. but decided to give it a go. Super Anti-spyware & Malwarebytes Anti-malware never seem to download such huge files. pls. help. thks in advance. |
|
| Back to top |
|
 |
aBenG
Warrior
Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 297
Location: Darkest UK
|
| Posted: Fri May 01, 2009 10:41 am Post subject: |
|
|
It looks like that's the database file - see this thread:
http://forum.spywareterminator.com/Default.aspx?g=posts&t=4853
You can probably find more info elsewhere at their forum.
I ran ST for a couple of months with no problems. It was nothing to write home about though.
HTH
_________________
Inperfect. |
|
| Back to top |
|
|
mikey
Malware Expert
Joined: 12 Feb 2004
Last Visit: 19 Jun 2013
Posts: 1066
Location: CenTex
|
| Posted: Fri May 01, 2009 1:25 pm Post subject: |
|
|
| Quote: |
| It looks like that's the database file... |
Quite so. It is their detections db. Subsequent DLs are smaller.
I have recently, as well as periodically, tested their ST product behavior. The only objectionable item found was that their toolbar is installed by default...you have to manually opt-out or it will install.
I also have recent install reports if anyone should want to see all the changes made during an 'advanced' install, update, and first run.
HTH |
|
| Back to top |
|
|
aBenG
Warrior
Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 297
Location: Darkest UK
|
| Posted: Fri May 01, 2009 3:10 pm Post subject: |
|
|
Gaah! Another default toolbar. (Predictable response I know).
Is that one of their own mikey or does it come from Ask again?
_________________
Inperfect. |
|
| Back to top |
|
|
mikey
Malware Expert
Joined: 12 Feb 2004
Last Visit: 19 Jun 2013
Posts: 1066
Location: CenTex
|
| Posted: Sat May 02, 2009 5:47 am Post subject: |
|
|
OMG! I'm infected with 20 some odd 'CRITICAL' nasties!
| Quote: |
Threat Files
<Backdoor.Generic8.TYM> : F:\Program Files\Net Tools\LANTalkerServer.exe
<Backdoor.Generic8.TYM> : F:\Documents and Settings\All Users.WINNT\Start Menu\Programs\Net Tools\Independant Applications\Internet Tools\LAN Talker\Server.lnk
<NetTool.TCPScan.bt> : F:\Program Files\Net Tools\PortScanner.exe
<NetTool.TCPScan.bt> : F:\Documents and Settings\All Users.WINNT\Start Menu\Programs\Net Tools\Independant Applications\Internet Tools\Internet Port Scanner.lnk
<PSWTool.ProductKey.ak> : F:\Program Files\nirsoft\regscanner\RegScanner.exe
<PSWTool.ProductKey.ak> : F:\Documents and Settings\All Users.WINNT\Start Menu\Programs\RegScanner\RegScanner.lnk
<WinSpy> : F:\Program Files\Rise Sun\ezVidC60.ocx
<PC Remote> [American Systems] : F:\WINNT\amuninst.exe
<Trojan.AgentMB.HMAP7770658> : F:\WINNT\system32\Image Saver(2Flyer).scr
<Trojan.AgentMB.HMAP7770658> : F:\WINNT\system32\Flash Saver(2Flyer).scr
<Trojan.AgentMB.HMAP7770658> : F:\WINNT\system32\Video Saver(2Flyer).scr
<Trojan.AgentMB.HMAP7770658> : F:\WINNT\system32\Web Saver(2Flyer).scr
<Monitor.KeyLogger.ls> : F:\Documents and Settings\All Users.WINNT\Application Data\uklpr\KLKlMon.dll
<Monitor.KeyLogger.ls> : F:\Documents and Settings\All Users.WINNT\Application Data\uklpr\KLPP.dll
<AdWare.AdBar.r> : F:\Program Files\Flash Effect Maker\albumboader\myflashplayer.exe
<NetTool.Portscan.c> : F:\Program Files\angryipscan\ipscan.exe
<RiskTool.PsKill.ba> : F:\Program Files\sysinternals\2\accesschk.exe
<RiskTool.PsExec.172> : F:\Program Files\sysinternals\2\psexec.exe
<JOKE.BlueScreen.A> : F:\Program Files\sysinternals\2\SysInternals Bluescreen.scr
<SPR/PassView.H> : F:\Program Files\sysinternals\rdpv\rdpv.exe
<NetTool.MSIL.Sniffer.a> : F:\Program Files\Net Tools\QuickSniffer.exe
<PSWTool.Dialupass.o> : F:\Program Files\nirsoft\ProduKey.exe
<PSWTool.NetPass.ag> : F:\Program Files\nirsoft\awatch.exe
<SPR/PSW.SniffPass> : F:\Program Files\nirsoft\sniffpass\SniffPass.exe
<PSWTool.NetPass.bd> : F:\Program Files\nirsoft\heapmemview\HeapMemView.exe
<PSWTool.NetPass.aw> : F:\Program Files\nirsoft\pinginfo\PingInfoView.exe
<SPR/PassView.H> : F:\Program Files\nirsoft\rdpv.exe
<PSWTool.NetPass.fb> : F:\Program Files\nirsoft\netpass.exe
<PSWTool.ProductKey.ai> : F:\Program Files\nirsoft\RegScanner.exe
<Trojan.PSW.Agent.jzj> : F:\Program Files\AMT\BackupTool.exe
<Trojan.KillWin.po> : F:\Program Files\Free Web Buttons\vista-buttons-setup.exe
<Backdoor.Agent.CC> : F:\Program Files\SysAnalyzer\safe_test1.exe
<Server-FTP.SFH.k> : F:\Program Files\tiny_usb\HFS\hfs.exe
<AdTool.WhenU.a> : F:\Program Files\DualDVD\VVSNInst.exe
<SPR/Tool.SuperScan.1> : F:\Program Files\Kier\SuperScan\SuperScan4.exe
<SPR/Tool.SuperScan.1> : F:\Program Files\superscan4\SuperScan4.exe
|
I only scanned one drive on one partition of one appliance. I was going to scan all the drives/partitions on that machine but I gave up after 7 hours @ 52%. When I aborted, it was up to 47 'CRITICAL' items.
The fact is that, even the items that are not just plain F/Ps are completely harmless. There isn't a "CRITICAL' item in the lot.
You know, on another note, I actually liked the direction of their HIPS dev in their beginning. However, their current 'real time protection' is just a joke...no better than all the dozens and dozens of other worthless scanners out there.
IMO GARBAGE
| Quote: |
| Is that one of their own mikey or does it come from Ask again? |
Theirs. I don't really know much about it. They may have some affiliation with some search engine...I don't know. Perhaps I should go ahead and install it and do a capture to see how it behaves. If it's like most toolbars, it will use a GUID to identify the user and track the user's habits.
Does anyone know off hand if anyone is still targeting the toolbar? |
|
| Back to top |
|
|
aBenG
Warrior
Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 297
Location: Darkest UK
|
| Posted: Sat May 02, 2009 9:23 am Post subject: |
|
|
Holy *expletive deleted* mikey! That's a lot of very dangerous tools you've got there.  
ST was one of the first apps I tried when I got back online (before I'd started posting here again). Only used it to scan a few files but it seemed to sit there unobtrusively with the rest of my system. Dumped it as unnecessary not long after coming back to SW.
You have reminded me though that I haven't actually done a full scan of my comp since cobbling it together in October last year. Still, if it ain't broke...
_________________
Inperfect. |
|
| Back to top |
|
|
roger_m
Warrior Addict
Joined: 24 Feb 2006
Last Visit: 26 Mar 2013
Posts: 605
Location: Blackwater, Australia
|
| Posted: Sat May 02, 2009 5:04 pm Post subject: |
|
|
I also have also found that Spyware Terminator gives lots of false posatives. While some of items it detected for you Mikey are not false posatives but instead just items which probably should not be detected as a threat, still the amount of actual false posatives ST give is way too high.
When Spyware Terminator was first relased, it was a very promising application with fast scan times and a very few false posatives. And when using the bulit in option to report false posatives, the false posatives were soon removed - however fase posative were rare. However nowdays I would never use Spyware Terminator due to the ridiculous amount of false posatives.
Personally, I have found the Ad-Aware these days gives has similar problems with a lot of false posatives which is a shame. |
|
| Back to top |
|
|
|
