Discussion in 'other anti-malware software' started by acr45, Aug 8, 2007.
Posting just a link should be forbidden
Interesting read, but it created more questions than it answered.
It must be noted that it is PCMag. So ANY SOFTWARE that they review must be looked at with scrutiny. Make no mistake, people will use it to tout favorites and cry foul but in the end.....the ones getting good reviews on a constant basis are the ones paying big $$$ for advertising. *grain of salt*
It's just funny that all the software that people truly like, use, and are effective get sub 3 stars constantly: ST, SAS, AVG, etc....
It's just funny that software people like have even no reviews there!
Yeah we learned of the review today.
I personally have a few problems with the review:
He really did not seem to leave any indication that he thoroughly tested the HIPS feature. He just brushed it off as a generic RTS component () besides the fact that he said it only catches DLL and EXE files, when in reality it can catch much more than that (TMP, MSI, COM, BAT, etc.).
He didnt point out what settings he used with HIPS so we are unable to determine if he was using an poor arrangement of settings.
He says he does not like that ST doesnt not automatically block threats. Well 1) you can turn on that setting, and 2) I hate when Kaspersky automatically blocks stuff while Im testing malware on my system.
He makes it seem like his malware collection is the gold standard without saying what it catches or what it misses. The malware tests I have seen to include Spyware Terminator at least point out where it succeeded and where it failed with respect to particular malware.
This is not to say I disagree with the article entirely:
He brings up information about poor keylogger detection. We are having moral issues determining whether companies which offer legitimate keylogger software should be identified as malicious. It will take a decision that they are malicious to add those software titles to our database. Personally I think they should be added to the database, regardless, and those which are legitimate "commercial" applications should be part of a new category called like "riskware" because of them being a potential "risk" if they are not being used properly.
He said the scan took 30 mins (12 mins for SpySweeper for comparison). Yeah, we are trying to improve the scan times with scanning. 2.0 was a major step in the right direction, though.
He says ST is poor on the malware detection end of things. Well, we cant exactly escape the fact that we are only 1 year and 8 months old (October 2005). Age plays a big part of how big your database of definitions is. We are in the process of improving the database significantly, doing what is necessary to achieve this.
What can I say, quite a funny guy, who tested it. I do not take him seriously based on his reviews.
Spyware Terminator is the best free realtime AS and that is that. Adaware is ondemand only and CyberDefenderFREE is adware. If someone wants a high-end ondemand AS, he can use SAS in adition to ST. ST with Avira and Comodo Firewall provide the best free realtime security suite, which is better than most paid.
Well given that it is the only realtime AS (besides Windows Defender), saying it's best is not saying much.
I mean even our representative from ST here in this thread, admits detection rates could be better.
To me the most interesting part of the review I find is his dismissal of the HIPS part, I believe this is a result of him having a different idea of HIPS from what others perceive it to be.
Not at all, there are at least 10 free realtime AS, I read about in the past year, but I am sure, that there is more of them, but less known, because ST has the best detection of all, though it is true, that it could be better, but if it is used in adition with other free security software, it does its job properly as AS.
Although I am not at present using ST, I appreciate your candid response. That always gives me confidence in an application to see that the developers are aware of and admit shortcomings. That is the only way the application can be improved, and users gain confidence.
Most of us have no good way to determine if a program is all that good or bad. In many cases we cannot trust reviews so we consider those we do trust, and then it is important to know that we can also trust the developers.
I tested it out recently and found it`s scanning speed quick compared with others. Being how the final was just recently released, I will give it a few weeks b4 I re-install. After re4matting, I`m a little leary about installing too much too soon!!!
Part of my job is going around to forums like these just to be a representative of the company. Not everyone comes to the ST official forums .
Nice fair rebuttal Tokar, am not a ST user so I have no vested interest either way, save to say that it's nice to see someone from ST respond in such a manner. Shame the reviewer is not here to answer. As a casual observer I think your points all deserve a response. Good luck with the software.
I doubt he will come here. Im hoping people higher up in the company feel the need to email him for his data or whatever.
Im just happy this review is not causing some "Lewis Black style" outcry.
(scroll to 2:15... "We're ****ed! We're ****ed! I dont know whats going to happen. There are going to be giant ticks everywhere, we dont know! Run, scurry...flee...flee...") haha.
Just one thing to say: None sense review, like so many made by this magazine...
Believe me, PCMagazine has dropped a lot in quality.
I get the magazine for free (thanks to some free magazine dealie I found on a deals forum) and it has really shrunk in size from 5 years ago, and there are many more ads now.
And there are a lot more articles from John Dvorak (as if there arent already enough).
August 21, 2007 - 98 pages
August 17, 2004 - 132 pages
August 19, 2003 - 138 pages
June 11, 2002 - 160 pages
March 6, 2001 - 234 pages
I have all of these issues in hand .
Good luck getting anything out of PC Mag. Nick from SAS has already dealt with this when talking to Neil Rubenking. Basically it's "unfair" in his (Neil's) opinion to say what was caught and what was missed. However from what you can see in some of the screenshots some of the malware is stuff that really isn't around very much (Coolwebsearch is clearly visible in some of the screenshots). Not to take anything away from ST but your "age" isn't hurting you as much as you think. It's a cats bag as to what he is using as infected samples. Who knows where Neil gets his samples
Nick from SAS also takes your company's opinion on the keyloggers as the commercial ones are not flagged by SAS. Neil claims they don't "count" very much in his testing however if you read back through their articles it appears that it's approximately 1.5 points (out of 10) in the removal and detection score.
BTW It,s very very hard to maintain a free signature based security application with good detection.
Sounds like McAfee to me. We had a little problem with a McAfee listing where they detected our software as "bad". We asked them to tell us what they found and they said the same thing SAS apparently heard from Neil: its "unfair" and McAfee is not at liberty to dictate how a software title should be designed.
Its a little dumb if you ask me. I feel that response is heard from lazy people who dont feel like finding new samples to test security software. Just stick with the same old malware/spyware/viruses/etc., keep the test easy for you, make it harder on security software.
Seeing these tests basically makes NicM's (user here on the forum) HIPS test even more worthwhile: he tested certain rootkits, reported the performance of different programs, then submitted the samples to the companies whose products he tested.
I personally think the age plays a big part. If this guy is using CWS, it means he is using "older" malware/spyware, which might be older than 1.5 years. So its a bit of a problem.
Oh well, not much we can do except make version 2.1 even better and see if he is willing to test it when it comes out.
Interesting. Mind listing some?
Why doesn't anyone on this forum ever mentions Tenebril's SpyCatcher Express.
For a free antispyware program, it looks hard to beat:
It has realtime protection, rootkit detection (using a HIPS component) etc:
I am not advertising the program, but rather want to point out that there are better realtime antispyware programs than Spyware Terminator.
Only reason why I buy PC Magazine is because of the disk with the programs haha.
PC Mag reminds me of the 6 o'clock National news, always anxious in a mad rush in another feeble attempt to stir up another day of anxiety, but never take the time to fully display the whole overall picture with the full compliment of details, only the negative they can squeeze into that half-hour time slot.
On a more positive note from this end of the minority i continue to favor the HIPS features of Spyware Terminator and have not had a single problem of system stability running it "resident" alongside a whole heap of other security programs i used to group together. Just keep the eyes on the prize and continue to improve it the best thats available for you. It's done quite a job in my opinion of overtaking some other AS's in part due it's HIPS AFAIK. Nice job.
This thread provides several reasons...
but to summarize
1) Incredibly large no. of FP's
2) System slowdown, instability (crashes, freezes, etc)
I used to use spycatcher express myself, then, after finally having had enough, found spyware terminator, and haven't looked back.
Back on topic, however...
This causes me to suspect that it was actually a previous version that was tested, (and the article later "updated" with a 2.0 screeny) as a full scan no longer has any effect on the HIPS database, which is now built in the background. (1.9 and earlier used a full scan to build HIPS database)
The reviewer does make a valid point about claims of ST (+WSG) being a "security suit" (it's quite obviously not), but as far as I know, it wasn't Crawler itself which made that claim, but the head honcho of Crawlers parent company.
I knew, that someone is going to ask, but I do not mark those products in my favorites, nor in my memory, but eg mentioned:
SpyCatcher Express, then Arovax Antispyware, Myplaycity Antispyware, PCclear Antispyware, Doctor Alex Antispyware and so on.
There are many unknown AVs as well (paid and maybe free), but only the best are known, the same applies to AS and ST is the star.
Separate names with a comma.