Spyware Terminator HIPS ?

Discussion in 'other anti-malware software' started by acr1965, Nov 26, 2006.

Thread Status:
Not open for further replies.
  1. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Has anyone tested or saw the test results/reviews for the HIPS in Spyware Terminator? I have HIPS enabled in the ST I run, mainly because all those I have tried seem to have conflicts with my system for some reason or another. But I have noticed on here that many people disbable the ST HIPS and rely on SSM or some other lightweight program.
     
  2. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    I have tested and have it enabled. It is quiet compared to others meaning less pop-ups, not as effective as SSM though IMO.

    dja2k
     
  3. Arup

    Arup Guest

    Its good, but sadly 28mb is a bit too much for a anti spyware app, WD takes less.
     
  4. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    If you are talking about Spywareterminatorshield.Exe, mine takes only 4.4 mb with HIPS enabled.

    Best regards,
    Firefighter!
     
  5. KDNeese

    KDNeese Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    236
    My understanding is the Sypwareterminatorshield.exe is the resident shield, not the HIPS. When HIPS is enabled both it and Spywareterminator.exe are running in task manager (at least that has been my experience). ST's HIPS features are actually very good. The only gripe I've had is memory usage (20-30mb average) as compared to SSM (4-8mb average). If I don't have HIPS enabled the real-time shield runs around 14mb on the average. Memory usage is not going to be the same on everyones' machine, simply because of the wide variety of software and security programs being used by a particular system.

    I felt the HIPS features were fairly comparable to either SSM or PG. However, the one thing I don't like is that ST has rules that it implements (made mostly by "block" & "allow" responses by the user), but you can't edit the rules like you can in SSM or PG. Another main reason I use SSM is the ability to add registry keys you want to protect from modification. ST's spyware scanner is very prone to false positives, and I wouldn't rely on it - but its resident protection is excellent. As far as memory usage, it uses a lot less than other AS software I've tried, and works quietly in the background. I had a lot of system slowdown with Spysweeper and CounterSpy, but none with ST. Also, since I use Jetico firewall, I really only need SSM for application control (areas that Jetico doesn't cover that I want covered, which are few) and registry protection. ST provides registry protection, but you can't add keys and can't really determine which keys it is protecting. I know it monitors start-up program registry changes, but am not sure what other registry areas it may cover. I guess it boils down to trying the app and see if you like it.
     
  6. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    My ST is using a little under 15 MB and everything enabled with HIPS.

    dja2k
     
  7. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    When I opened the GUI, then I can see the Spywareterminator.exe in the Windows taskmanager, when I closed the GUI, the Spywareterminator.exe disappears.

    Best regards,
    Firefighter!
     

    Attached Files:

    Last edited: Nov 27, 2006
  8. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    I have SSM full and tried out ST yesterday. It produce a myriad of pop ups from SSM which I mostly denied because I was not sure of the implication. They seemed to be in the area of modifying the memory of some modules, CSRSS being among them.

    I have now uninstalled it.
     
  9. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    Anyone tried any new tests with the HIPS enabled in Spyware Terminator? Also isn't ST better than Arovax Shield and Windows Defender as far as what part of the PC it all covers? It seems to have many settings that make it an IDS like program too, and besides the HIPS and signatures it has, wouldn't this also help increase it's detection?
     
  10. btman

    btman Registered Member

    Joined:
    Feb 11, 2006
    Posts:
    576
    Whats not better than Windows Defender... And yeah the ST is better than Arovax Shield right now... But Arovax Shield isn't really a HIPS... It doesn't pop up for every frickin thing that I do...
     
  11. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    Thanks btman, I like Arovax Shield though I must admit that in the Spyware Terminator Forum people are very responsive to posts, and ST seems very popular. I believe the Arovax Team will get up to speed, but just not sure when. They certainly do need to market AS better as has been mentioned in their Forum, which will translate into more users and more people responding in their Forum like ST. The HIPS in ST while not a Full HIPS still seems like a better solution than AS at this time. I do know what you mean about all the pop ups, but they do stop.
     
  12. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Here is a thread where Spyware Terminator's HIPS feature was sent through a couple tests. Personally, I think ST is better suited for its Realtime Shield only. Its HIPS feature seems to become increasingly less effective at each version release.

    https://www.wilderssecurity.com/showthread.php?t=159869
     
  13. EASTER.2010

    EASTER.2010 Guest

    I won't purport to be an expert in code, especially Windows, but i have seen enough of what you mentioned to suspect that the MODIFYING MEMORY you're seeing is some type of hooking going on to ALERT you if something malicious was trying to make changes to those files.

    Specialists, developers, feel free to clarify this or dispute. Thanks
     
Loading...
Thread Status:
Not open for further replies.