SuperAntiSpyware vs Spyware Terminator

^I agree!

 

Just out of curiosity sake, since i not yet tried ST out, maybe someone that has used it can reply to this.

Is the Real-Time protection in the ST claims have to do at all and exclusively with ClamAV? Reason being that WinPooch 6.2/6.3 and some other AS types also encourage this type of sweep detection.

Or does the ST resident protection have to do with loading it's driver to set protection levels?

Thanks.

 

I use ST but do not implement the Clam AV part. I mostly use ST for the active protections and HIPS functionality. I occasionally also scan with ST, but have SAS free as my main scan and removal engine.

Did I answer your question?

 

That helps a bunch, thanks.

That confirms for me it does at least some application/process firewalling.

 

More on ST's active guards.

There is an APPLICATION GUARD which gives you options to turn on or off:
1. Threats Shield
2. Start up Shield
3. Services Shield

There is an INTERNET GUARD which gives you the option to turn on or off
1. IE Shield
2. Winsock Shield
3. BHO Shield
4. Toolbar Shield

There is a SYSTEM GUARD which gives you the option to turn on or off
1. Hosts file shield
2. System INI file shield
3. File extension shield


For each of the Shields, you can choose the security level of:

1. Stop threats only
2. Stop threats and unkown access
3. Stop any kind of access

For each of the shields, you can also have a white list or balck list that you create.



Under an Advanced Section you can turn on or off
1. HIPS
2. Automatically block threats without user notification
3. Automatically allow child processses of new allowed processes
4. Automatically allow libraries of new alowed processes

All of the above works without CLAM AV activated.

 

I see, very wide coverage then. If i could be certain of ST not conflicting with what's already in place, i sure wouldn't mind bringing it onboard for a lengthy tryout. Of course it would have to share the company with SSM, Kaspersky, and cooperate with my other On-Demands. The SDT Table is beginning to fill up with equal coverage from the players working it so far, so i guess one more newcomer wouldn't hurt right?

 

Well, with your security set up, you probably don't need anything else. But it is just so tempting to try software isn't it? I am going to probably go with what I have for the next 6 months or so. When Comodo releases the next version of the firewall with full HIPS and possibly a sandbox, I will probably give that a try after it's been out for a good 3-4 months. But for now, I think ST/NOD32/Comodo/Spyware Blaster, and SAS do a great job and don't slow me down. When you can find that mix of software that all play ncie together, provide a broad spectrum of layered protection that doesn't slow down your machine, that's a keeper. And when you only have one applicatin that you need to pay for, that's an added bonus

 

It's alway tempting for me ejr. I am currently running what was my AVG 7.5 Internet Security Suite, without the Firwall and Antispyware Component installed, and using Kerio 4.2.2 Firewall with Spyware Terminator. I like using this combo better than I do using the AVG FW and AS because it offers more features and information, and uses less memory. I do however stick with my AVG Antivirus because of the low memory usage, automatic updates, and I rather like it's GUI. I do eventually go back to the AVG Firewall for it's low resource usage, and then install Cyberhawk or Arovax Shield. I've even reinstalled the AS Component a few times and used ProcessGuard Free. I do truly like my new set up however, and I beleive Spyware Terminator is most likely a keeper at this point. Then again. LOL.

 

I highly agree with that summation, strike the perfect balance between a HIPS/AV/AS and some other monitor's of sorts and that spells confidence with a capital C.

I installed SpywareTerminator purely out of curiosity on my test machine tonight and here are my few first impressions.

Install went smooth. I "REALLY" like the REAL-TIME SHIELD ACTION LIST that raises up from the tray area, that is a "pure" great idea for those of us with a quick-eye I spotted some familiar ACTION modules that i like to check on from time to time and this feature makes that possible.

It, the (HIPS) part was a bit slow to identify some of my normal processes to prompt me to but it did eventually complete that list.

I noticed it was easy to start __oddysee RootKit without so much as a whimper and that disappointed me some, it did nothing to block either the process starting or driver installing (I confirmed with RKUnhooker) and yes i did have Application Guard's 3 Shields enabled. I will continue to look into this more but that type failure would not make for much encouragement.

I also like it allows to set a System Restore Point before moving something away that it discovers, good idea.

I never intended to get involved with this program at all since theres plenty enough HIPS to keep me busy & go around, to test and place the most impressive one's into my active lineup, but i really like ST's potential, at least from the Real-Time Protection prospective, if and when they can also establish a deep enough and current enough scanner database to malwares/rootkits, they will surely draw a real following in place of just an audience right now.

I will agree that the HIPS part of this program alone is worth the install. While my current setup is like you say efficient enough, i don't have any problem putting this one in place too. I am installing on the main unit and going to check it out a bit more in depth.


Thanks for all the informative comments/replies.

 

I use both but .... yesterday I tried the new Counterspy 2.1 and it found something which neither ST or SAS did ! Maybe this new prog is the best ?

 

No.
The new version of CS is very good, with a lot of improvements and with a great Active Protection shield, but I still prefer SAS. The ST is my 3ª choice because of its Real-Time shield and for be free...

 

And the new thing was

BTW they all miss stuff,no one software or combination of all signature based software detect all malware files out there at anyone given point in time.That is an impossibility.

Maybe CS is better,maybe it is worse for fwiw if you over the last 2 pages of this forum you will see more bug reports than satisfied user's of the new version,whats more this is even after extensive beta testing before release and new bugs are appearing frequently

By my own testing versus advanced malware rootkits SAS leaves CS2.1. eating dust.Maybe unlucky CS users will have to wait for the next evo to detect and clean Rustock trojan if present afterall its only been in the wild/labs since the start of last year
https://www.wilderssecurity.com/showpost.php?p=945341&postcount=29

 

I agree : no product is fullproof. But I'm still glad I got rid of these pests
ST is indeed the best choice considered the fact that it's free

 

Looks to me that SAS is by far the best choice AFTER-THE-FACT and possibly before? I know it is quite the beast in identifying & chewing up malware/rootkits and dispatching/deleting their droppings quite efficiently, and on the other hand you have Real-Time Guard to monitor for those possibilities BEFORE they can drop in and attach.

ST is a work-in-progress but did themselves and everyone a HUGE favor when they integrated the HIPS/RESIDENT SHIELD seeing that it takes an incredible amount of time & effort to fill a database with a reasonably acceptable past & present signatures not to mention future threats (Heuristics?). My favorite feature, among others right now is a new one that you won't find on any other AS/HIPS that has benefits (at least from my standpoint), Real-Time Shield Action List

CS? No comment. I'm afraid that i neither have tried it or read that much about it, sorry; but i do know it does have some very capable staff/ employees at the helm working it's development and in time i would expect it to be in contention with some of the top dogs in this field if not approaching them now.