Page 1 of 3 123 LastLast
Results 1 to 10 of 27

Thread: Spybot-S&D 2.0 Beta 4 release thread

  1. #1
    Administrator daemon's Avatar
    Join Date
    Sep 2006
    Posts
    427

    Cool Spybot-S&D 2.0 Beta 4 release thread

    Spybot-S&D 2.0 Beta 4 just got released!

    This release sees speed enhancements, greater stability and improved Live Protection.

    See our our official release announcement for more details and download links.

    Please help with beta-testing so Spybot-S&D 2.0 final will be rock stable.

    You may use this thread for general comments about the beta release, please open new threads if you like to discuss specific issues.

    daemon
    Please help us improve Spybot and download our distributed testing client.


  2. #2
    Member
    Join Date
    Nov 2009
    Posts
    73

    Default

    Regarding the Rootkit Scanner:

    It finds thousands of entries.

    The common factor is; under Details it reports 'Invisible to Win32'.

  3. #3
    Senior Member
    Join Date
    Sep 2009
    Posts
    191

    Default

    Hopefully this is less buggy, and hopefully it works better overall.

  4. #4
    Member
    Join Date
    Nov 2009
    Posts
    73

    Default

    As it appears no-one is following the suggestion to use this thread for reporting issues with BETA4, I thought I might give it a bump.

    Anyway, why is the Rootkit Scanner doing what I reported?

    Is that normal (I certainly hope not)?

    Patiently awaiting a reply...

  5. #5
    Senior Member
    Join Date
    May 2010
    Posts
    114

    Exclamation

    I know at least that some rootkits rely on Registry entries with strings containing the null character (ASCII/UTF8/UTF16 code-point 0), because that character ends a C-style string, so regedit won't pick up anything after the null character, even though lower-level APIs for accessing the Registry do pick up the entire string and make use of it.

    One possibility is that such strings are in fact handled incorrectly by the Win32 API (the lowest-level API for which ordinary Windows programs can be programmed) but correctly by the Native API, used by the kernel, drivers, and...rootkits.

  6. #6
    Member
    Join Date
    Nov 2009
    Posts
    73

    Default

    OK, but Kaspersky and GMER find nothing.

    I noticed the entries appeared to all be in User folders, in the Application Data/*/*/*/*/*... subfolders. (where * is Application Data again), this repeats several times, literally thousands of entries.

    After a couple hours I shut down the scanner, because it was not finding anything new, just repeating, except in a different User folder.

    I would imagine a more inexperienced user might delete all those entries, possibly wrecking their OS.

    The fact I am running X64 version of Windows would not have anything to do with it?

    Anyway, uninstalled and awaiting next BETA.

  7. #7
    Senior Member
    Join Date
    Sep 2009
    Posts
    191

    Default

    Send the false-positives to the Spybot team, or make a log.

  8. #8
    Member
    Join Date
    Nov 2009
    Posts
    73

    Default

    Quote Originally Posted by imageek View Post
    Send the false-positives to the Spybot team, or make a log.
    So, you do not have this issue?

    If it is specific only to my rig, I do not believe that will be worth the many, many hours it would take to complete, and I will simply forego the use of SBS&D.

    If others will verify they are experiencing the same thing, and submit their own logs/false positives, then perhaps I might make the effort...

  9. #9
    Senior Member
    Join Date
    Sep 2009
    Posts
    191

    Default

    I have been busy with a lot of things lately, therefore I haven't had the opportunity or time to test out the new beta version. In addition, I don't try beta software on my current PC, or basically I do, but I use a virtual machine.

  10. #10
    Member
    Join Date
    Nov 2009
    Posts
    73

    Default

    Quote Originally Posted by imageek View Post
    I have been busy with a lot of things lately, therefore I haven't had the opportunity or time to test out the new beta version. In addition, I don't try beta software on my current PC, or basically I do, but I use a virtual machine.
    I have no reluctance trying BETA software, but when I find it is not operating properly it is quickly uninstalled (as is the case here).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •