Process Guard vs Safe'n'Sec

Discussion in 'other anti-malware software' started by FAG, Jul 12, 2005.

Thread Status:
Not open for further replies.
  1. FAG

    FAG Guest

    which is better ? and why ?
     
  2. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi,

    Functionally, I believe it is a toss-up. I've looked at various comments by users and I can see pros and cons of each product when compared to each other. Most users of SnS have tried out PG and for one reason or another have decided to switch. Many PG users have tried out SnS (as I have) and have decided not to switch. Overall, it appears that SnS may have greater appeal to users who are not interested with that much interaction with the product, while PG may be of interest to those who have an understanding (or don't mind learning) the PG alerts and extra functions (e.g. secure message handling), and thereby have greater control over their environment.

    The primary reason I continue to use ProcessGuard (the cost is not relevent in my situation), is that PG has a more active user/support base and I understand pretty well what PG is doing. It also appears to be more stable. SnS is still a bit of a black box for me, and I would like to see it mature some more before I use it. I had some questions/problems during my installation, as have others, so if you decide to try out SnS, I would highly recommend that you take an image copy before you install it. I always take an image copy of my system before I install a major security product - particularly if it is rather new and there isn't that much feedback available yet.

    Hope this helps,
    Rich
     
  3. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    hmm, indeed a nice question.

    Safe N Sec is very new...let's say two years from scratch...the other players are way older...if you see what they did in such a short notice...you get the point.

    it's a great app...IF (only IF) you want to compare: it's not possible...hence it's a combination but it's not mature enough... BUT I LOVE IT. it is even a companion to pg as it searches for suspicous actions as to pg only accepts or not... hope I am clear...

    it can be a companion...let's see what the future brings and what licences they try to sell cause at the moment I don't like the way it is sold....

    it should be a one time licence...or it could be a con for all that matters...look at msas and giant...at the end they stole my money :D

    and that's my feeling...not yours at the end ..

    just my two cents...just wait: if it is like this and evaluate together with licence: this is as close I need at the time being.

    Sincerely.
     
  4. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    I agree for the basic version, but I can see why they charge an annual fee for the version with BitDefender because of the regular updates needed. And in the future if a firewall is included in the package :doubt:
    I purchased Giant and RAV and within a month for both products, Microsoft had bought them out.

    I run both programs on separate machines and both appear stable and to be doing their job at present. Newbies need less interaction with SNS as long as they do not choose the "total" Policy setting!

    I see that a number of people here run combinations of RegDefend/SafeNSec/ProcessGuard/PrevX on their computers but at the present time I have not considered running any of these programs together in real time.

    Some good tests comparing PG and SNS.
     
  5. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Thanx Blackcat.

    I would only agree if they had the realtime monitor of Bitdefender (which is of the same quality as Kav...), memory scanner, ... you know what I want to say...

    hence for the Firewall (Outpost)...once I stated here @ Wilders that the day some product would make it possible to have a combo of OP and SnS it would be a goldmine...well I disagree to myself now...without a memory scanner your line of defence would not be that big of a deal anyway...ok it will stop suspicious activities but without mem scanner...things can get out of hand.

    I will predict golden future if they have the memory/realtime scanner/ SnS System Firewall and OP Networkfirewall...

    But it must not be Bloated. the way it is now: it's not bloated...but it can be :D we'll see lol ... sounds like my father ;)
     
  6. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Thanks for the link Blackcat. It has been a while since I visited kareldjag's site and there seems to be a lot more on it nowadays. Fascinating reading. Thanks to kareldjag! (of course). :)

    Cya,
    Rich
     
  7. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Kareldjag is better then we all think...he is even judgement free...;)
     
  8. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Totally agree. Kareldjag is a great read. Tons of info. Interesting that he came to the same conclusions as I did that:

    1) ProcessGuard is a "must-have in a single computer".

    2) RegDefend (or RegRun) are excellent companion products.

    He also has some very positive comments on SnS, which makes the choice between the two difficult.

    Rich
     
  9. Jame Taylor

    Jame Taylor Guest

    Actually he seems to be pushing for SnS, because it's a more complete product.

    Some of the cons he lists for ProcessGuard look very serious too, time to switch I think.
     
  10. IMO

    IMO Guest

    IMO going with AntiHook, ProcessGuard (Free), and maybe Prevx (free) and SSM would be the way to go rather than SnS. All freebies, at least at this time, and will provide very solid protection.
     
  11. JT3

    JT3 Guest

    Is there any need for PG (free) given antihook?
     
  12. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    To me Kareldjag's tests are very informative, but I also found they are somewhat misleading.

    For example, it listed a large number of failures by PrevX...presumably by having scripts run from programs already installed...this testing method is problematic because PrevX's main aim is to prevent the installation of malware, which in this case appears to have been purposely allowed to install.

    The other way I find it somewhat misleading, is that it tested some software in area's that they do not claim to protect.

    That said, the information makes for great information if you are trying to put together a security suite and want to know strengths and weaknesses.
     
  13. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    I ran the Finjan tests and PG stopped them all. It did this by blocking wscript.exe from starting and by blocking finjan_exe_demo[1].exe from starting.
     
  14. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    We seem to be reading different reviews. PG got a 9/10 (I believe SnS received an 8/10 which of course is also excellent) and also excellent comments (which I quoted). I don' think Kareldjag is pushing any product, just providing some good, comprehensive information on each reviewed product - and I am very appreciative of his efforts and his willingness to graciously share the information with us.

    I agree with Vikorr, Kareldjag is simply trying to provide good information and it is up to each user to decide what they wish to take from the reviews. As far as I can see, I am currently in very good shape with KAV+ProcessGuard+RegDefend+Ewido. I am sure there are many other ways to get into very good shape - and I am pretty sure Kareldjag would agree. I am always looking at other products such as SnS, OnGuard, Prevx, Anti-hook, and if I believe my situation warrants it I will change/augment without hesitation. I am pretty maleable. :)
     
  15. James Taylor

    James Taylor Guest

    I must say SnS is improving by leaps and bounds and
    and Kareldjag's personal comments on this forum have indicated a preferenace for it on this forum have indicated a preferenace for it.


    When I stated my perference for Safensec, in no way did I imply your setup wasn't in "good shape", so your response sounds a tad defensive to me..

    In any case, you once thought Norton was good, and you changed your mind, so I'm sure you will come around soon too...
     
  16. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Possibly Kareldjag will clarify. I don't believe he is "pushing" any product.

    Never stated such a thing.
     
  17. James Taylor

    James Taylor Guest

    I think you will find that almost every HIPS product aims to be able to stop installation of malware. Any product with execution launch protection for example would fall into that category as well since by preventing the launch of unknown apps, you could prevent installation.

    If that is the case, you could say, it would be unfair to credit SSM,PG,Antihook etc with all these fails too. So what if PG fails to detected registry modifications? Execution protection would have caught it before it installed!

    Another problem is that most of these tests he conducts are meant to see if the programs can catch a certain advanced theorical attack, rather than exploits that cause auto execution of arbitary code attacks from visiting a website. Those of the former are rare , and known ones are already patched.


    Yes, you should really look at the details, what exactly is being tested. Sadly far too many people just look at the final rating to decide that for example PG is superior to Safensec.

    That said, I suppose these people just don't have the knowledge so they got to rely on the final ratings.
     
  18. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    He seems to like it here.

     
  19. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi Blackcat,

    I can easily understand why Kareldjag might express a personal preference for a product (e.g. SnS) while still rating another product (e.g. ProcessGuard) higher. For example, while KAV may show a higher detection rate in some tests, there are certainly other factors to consider.

    Personally, I prefer ProcessGuard + RegDefend because I like their depth of technology, transparency, flexibility/extensibility, support, compatibility with my other products, and ease of use (from my perspective) . I certainly understand why others may prefer SnS, Anti-hook (a free product with lots of capabities), OnGuard, etc. However, I believe, expressing a preference for a product, is quite a bit different from "pushing" a product.

    I think, in fairness, it remains for Kareldjag to suggest that he is clearly pushing one product as opposed to others. Personally, nothing I have read in any of his reviews or forum messages suggests this - but I will wait for Kareldjag to clarify if he chooses to. I personally do not favor putting words in other people's mouths to try to make a point.

    Rich
     
    Last edited: Jul 14, 2005
  20. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Is anyone running PG and Safe'n'Sec together or tried this combination?

    Just wondering if there would be much of an overlap between the two and whether it would be considered as potentially a good duo?
     
  21. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I had run them a bit together.

    I guess my causal impression is that SnS handles the most critical targets of PG and RedDefend, with a couple of other items thrown in, but that PG and RegDefend are certainly more comprehensive in their respective core targets of process control and registry protection respectively under the usual protection settings.

    Flagging of activity is also based on different criteria. PG will flag the start of any process not known to it or if it is known but attempting something outside of the predefined bounds. SnS (with monitoring set to Strict) only flags processes for which certain behavioral characteristics are satisfied (tries to install as a start-up entry, attempted overwrite of file in Windows system folders, registry edit, critical folder file renames, etc.)

    I tend to look at it as comprehensive control vs. control based on a preset decision trees developed by StarForce with the ability to select very aggressive flagging (normal running uses Strict monitoring, but the user can select Total control, which is very comprehensive and not recommended as a routine setting) in the event of a suspected infection.

    I found them stable when run together on my system, and you can develop a casual appreciation for the basic differences of approach.

    Blue
     
  22. starfish_001

    starfish_001 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    1,041
    I've been running them both for about a week now. I had PG and am considering SNS as a supplement. I took regDefend off yesterday as I prefer SNS.

    SNS seems to work very well it tends to flag things that other packages don't but a bit more intelligent than Prevx. It also seems very light
     
  23. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi Blackcat,

    I did try running PG and SnS for a brief time, but I had a still unexplained unexpected event (which I reported to Star-Force) so I reversed the installation using an image copy.

    Basically what happened was after I installed SnS and rebooted, PG alerted me that my copy of ZoneAlarm had been changed. Since this alert could could not be explained, I used an image copy to revert to the prior image. A couple of weeks later I re-installed SnS and had the same event so again I went back to an image copy. Star-Force support on their forum responded to my inquiry with an acknowledgement that there is a known comflict between SnS and ZoneAlarm that has been fixed and will be available with the next release. This is all the info that I have about this issue, so it still remains somewhat unexplained.


    Rich
     
  24. James Taylor

    James Taylor Guest

    Given that the rating he gives is a subjective one , your argument doesn't stand.
     
  25. James Taylor

    James Taylor Guest

    I'm curious how is your current combo superior to SafeNsec.

    You claim

    Depth of technology- In what way?
    Transparency - In what way?
    Flexibility,extensibility - In what way?
    Compatiability - Give details

    Regards
     
Loading...
Thread Status:
Not open for further replies.