Usec SystemShield - useless?

Discussion in 'other anti-malware software' started by Gullible Jones, Sep 5, 2009.

Thread Status:
Not open for further replies.
  1. Check out this HIPS:

    http://usec.at/ushields.html

    (The one on the left - I believe PROROOTECT has recommended it before.)

    It intercepts a whole bunch of stuff via the registry, including driver loading. However... If you try to kill it via the Windows task manager, it quite cooperatively shuts down.

    (And if it uses any kernel level driver, I can't see it.)

    Would I therefore be right in saying that it is utterly worthless? A HIPS without self termination protection doesn't seem much good to me...
     
  2. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    'Confirm change?' pop-up always what happens THE thing ...ALWAYS.

    Sure.


    PROROOTECT


    PS. It is blue. Like your eyes.:thumb:
     
  3. stackz

    stackz Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    619
    Location:
    Sydney Australia
    It seems that the lack of responses to your question pretty much answers it. :argh:
     
  4. Shame that... If it actually protected itself from termination, it would be *exactly* what I'm looking for in terms of HIPS - something light and standalone that intercepts modifications to important registry areas, driver and service loading, as opposed to asking my permission every time I try to launch something.

    (With HIPS, IMHO, less can be more... Get spammed with too many popups and you might miss something important.)

    FWIW I did post about termination protection on Usec's bulletin board. Nobody's answered so far, but presumably somebody will at some point... From what I've heard Radix anti-rootkit is pretty good, so presumably these folks have *some* good programmers at least. o_O
     
Thread Status:
Not open for further replies.