Spyware Terminator HIPS ?

Has anyone tested or saw the test results/reviews for the HIPS in Spyware Terminator? I have HIPS enabled in the ST I run, mainly because all those I have tried seem to have conflicts with my system for some reason or another. But I have noticed on here that many people disbable the ST HIPS and rely on SSM or some other lightweight program.

 

I have tested and have it enabled. It is quiet compared to others meaning less pop-ups, not as effective as SSM though IMO.

dja2k

 

Its good, but sadly 28mb is a bit too much for a anti spyware app, WD takes less.

 

If you are talking about Spywareterminatorshield.Exe, mine takes only 4.4 mb with HIPS enabled.

Best regards,
Firefighter!

 

My understanding is the Sypwareterminatorshield.exe is the resident shield, not the HIPS. When HIPS is enabled both it and Spywareterminator.exe are running in task manager (at least that has been my experience). ST's HIPS features are actually very good. The only gripe I've had is memory usage (20-30mb average) as compared to SSM (4-8mb average). If I don't have HIPS enabled the real-time shield runs around 14mb on the average. Memory usage is not going to be the same on everyones' machine, simply because of the wide variety of software and security programs being used by a particular system.

I felt the HIPS features were fairly comparable to either SSM or PG. However, the one thing I don't like is that ST has rules that it implements (made mostly by "block" & "allow" responses by the user), but you can't edit the rules like you can in SSM or PG. Another main reason I use SSM is the ability to add registry keys you want to protect from modification. ST's spyware scanner is very prone to false positives, and I wouldn't rely on it - but its resident protection is excellent. As far as memory usage, it uses a lot less than other AS software I've tried, and works quietly in the background. I had a lot of system slowdown with Spysweeper and CounterSpy, but none with ST. Also, since I use Jetico firewall, I really only need SSM for application control (areas that Jetico doesn't cover that I want covered, which are few) and registry protection. ST provides registry protection, but you can't add keys and can't really determine which keys it is protecting. I know it monitors start-up program registry changes, but am not sure what other registry areas it may cover. I guess it boils down to trying the app and see if you like it.

 

My ST is using a little under 15 MB and everything enabled with HIPS.

dja2k

 

When I opened the GUI, then I can see the Spywareterminator.exe in the Windows taskmanager, when I closed the GUI, the Spywareterminator.exe disappears.

Best regards,
Firefighter!

 

I have SSM full and tried out ST yesterday. It produce a myriad of pop ups from SSM which I mostly denied because I was not sure of the implication. They seemed to be in the area of modifying the memory of some modules, CSRSS being among them.

I have now uninstalled it.

 

Anyone tried any new tests with the HIPS enabled in Spyware Terminator? Also isn't ST better than Arovax Shield and Windows Defender as far as what part of the PC it all covers? It seems to have many settings that make it an IDS like program too, and besides the HIPS and signatures it has, wouldn't this also help increase it's detection?

 

Whats not better than Windows Defender... And yeah the ST is better than Arovax Shield right now... But Arovax Shield isn't really a HIPS... It doesn't pop up for every frickin thing that I do...

 

Thanks btman, I like Arovax Shield though I must admit that in the Spyware Terminator Forum people are very responsive to posts, and ST seems very popular. I believe the Arovax Team will get up to speed, but just not sure when. They certainly do need to market AS better as has been mentioned in their Forum, which will translate into more users and more people responding in their Forum like ST. The HIPS in ST while not a Full HIPS still seems like a better solution than AS at this time. I do know what you mean about all the pop ups, but they do stop.

 

Here is a thread where Spyware Terminator's HIPS feature was sent through a couple tests. Personally, I think ST is better suited for its Realtime Shield only. Its HIPS feature seems to become increasingly less effective at each version release.

https://www.wilderssecurity.com/showthread.php?t=159869

 

I won't purport to be an expert in code, especially Windows, but i have seen enough of what you mentioned to suspect that the MODIFYING MEMORY you're seeing is some type of hooking going on to ALERT you if something malicious was trying to make changes to those files.

Specialists, developers, feel free to clarify this or dispute. Thanks