Does anyone know if Abtrusion Protector will block dll injecting trojans?

How would you compare AP to WinSonar 2005, SSM (used SSM but it causes too many problems- freeze ups ect..), Prevx free and Process Guard free?

Which would you say is the best app of the lot or combination thereof (freebies only please)? And which programs will, and will not block dll injection? Thx.

I have used it . Customer support is great . Was for me anyway . They told me it does NOT protect against code injection . That was a while back though . It is different than SSM and PG . PG and SSM will give you more security . I found AP to be unwanted with PG running . I use the paid version though . dll injection protection is best utilized with PG . Some firewalls protect against this too . AP is a good free program but not really strong in protection . For free , I would have to suggest PG free and Prevx for now . If your system can handle it , you can add AP . Although , I do not think it would be warranted . Hope that helps and good luck to you

Hi,

Abtrusion Protection does not protect against dll injection and does not provide a strong protection against advanced threats (see the image).

In a few weeks or perhaps in a couple of months, i'll publish a complete overview and test about Infection Prevention System (or Intrusion Desktop prevention) like Process Guard, Prevx, Abtrysion, SSM, Safe'n Sec, Winsonar and others ones which has not been reviewed on Wilders.
Tests are from basics ones (Process termination/Hijacking, dll injection) to advanced ones (API hooking, Buffer Overflow...).
It will just confirm the efficiency of PG and perhaps temper the enthusiasm about Safe'n Sec or Prevx.

On the next link, you'll find a brief overview of some products you had mentioned.
http://www.techsupportalert.com/intrusion-detection-p2.htm

Regards

Here process hijacking with a dll:

Hi Kareldjag, I cannot wait till the test will be ready...Nice job as allways!!

Inf;

Thanks to you both Hollywoodpc and Kareldjag. And thanks for the link Kareldjag, and I look foward to your reviews of these security programs. Sounds like it will be really good stuff! :)

{QUOTE-> Hi,

Abtrusion Protection does not protect against dll injection and does not provide a strong protection against advanced threats (see the image).

In a few weeks or perhaps in a couple of months, i'll publish a complete overview and test about Infection Prevention System (or Intrusion Desktop prevention) like Process Guard, Prevx, Abtrysion, SSM, Safe'n Sec, Winsonar and others ones which has not been reviewed on Wilders.
Tests are from basics ones (Process termination/Hijacking, dll injection) to advanced ones (API hooking, Buffer Overflow...).
It will just confirm the efficiency of PG and perhaps temper the enthusiasm about Safe'n Sec or Prevx.

On the next link, you'll find a brief overview of some products you had mentioned.
http://www.techsupportalert.com/intrusion-detection-p2.htm

Regards <-QUOTE}
Good job my friend . Not that it matters coming from me but , glad you confirmed what I knew from a while back .

{QUOTE-> Abtrusion Protection does not protect against dll injection and does not provide a strong protection against advanced threats (see the image.
Regards <-QUOTE}
Hi ;) I'm a newbie on that software, so I appreciate experienced advice...

If you would allow men I'd have 2 questions:

1/ It doesn't protect against dll injection, but does it not prohibit the infectious program to be installed on the system in the first place? What I mean by that is that I pass all the leaktests because AP would not allow for them to be installed on my system if I do not willingly instruct AP to let them install. So the result is the same, or ain't it?

2/ I saw the illustrative pic about 'advanced threats' but I don't understand what it's supposed to show me... Could you point me to one or two [advanced threats-program/exe] which would bypass my AP's protection, so I can test them on my system and more precisely understand what you are trying to tell us?

Thanks, regards...

Hi

Also, Abtrusion would not allow one to install any new component or software on the system when xp is run in non-administrator mode, so I don't see how AP's self protection could be bypassed when in non-administrator mode...?!

The 'enable install' option is only avalaible when one runs xp in admin' mode.

Rgds

Kareldjag,

Please include Antihook in your test list if possible.

Hi AbtrusionUser

I used to use Abtrusion Protector, before I switched to Process Guard. On my machine I found AP was much more resource intensive. But to answer your question about the DLL injection. You are right something has to run before it can inject, but.....

PG like AP challenges a new program and blocks it, ...BUT... if I think it is okay and give it permission to run with AP your are had. Process Guard gives you another chance by telling you it is trying to do something else. For example if I am not sure about a program, but decide to let it run, and then it wants to install a keyboard hook, at this point I might say no way. See thats my second chance.

Pete

kareldjag,

If you can please test InfoProcess' LaunchMonitor http://www.infoprocess.biz/LaunchMonitor.aspx I think it will do well especially if used in conjunction with Infoprocess' antihook as mention in an earlier post. I hope you don't mid the request but that's all it is is a request. If you don't want or can't then no problem.

Thanks,

Chris

Hi,

Attack is The best manner to test a program and to see how powerfull and efficient it is.
Those test cost time, that's why i've made them slowly (one product per week) but seriousely.

Chris12923, Antihook test has already bee finished last month and it 's in fact an interesting program (see the image).

Regards

I used AP up until today. Today I uninstalled AP because it was a resource hog. i now used Process Guard and Prevx Home instead. AP was really good but yes... a resource hog even though the stats in task manager are pretty low, it makes this machine grind alot.

You are better off with Prevx . especially since you are running PG .

Hi all,

I installed Prevx Home alongside ProcessGuard and RegDefend just to see what happens. So far, it has worked fine in some brief tests. It seems pretty stable compared to the product I tried out several months ago. I think I will leave well enough alone unless someone has found a good reason to upgrade to Prevx Pro. I will probably send them money no matter what, after 30 days, since I do like supporting those who support me. But is there any reason to go to Prevx Pro if I already have ProcessGuard and RegDefend?

Thanks.

Rich

Hi Rich .
The Pro will give you more configurability . You can turn off more things . Pretty nice feature to me . I can turn certain off in the Pro that I do not need as other programs handle it and it makes it pretty nice . cannot wait for the new version . Coming soon to a computer near you !

Thanks Hollywoodpc. I'll be checking it out and waiting for the new Pro version. Would you say the Pro version is stable. I am asking, because my guess is that the Home version is the one that is getting the most use and testing and usually the "free versions" turn out to be quite stable because of all of the usage. Any opinions?

Thanks for the help.
Rich

Hi Richrf

I am running the Pro version along with ProcessGuard,Regdef, etc. and it is quite stable.

Pete

Thanks Peter. If anyone has contrary experiences, please let me know. Thx.

Rich

Sorry for the delay . Pete is on the money . At least , for me . Pro runs smoothly . No problems and they tend to pay attention to both versions equally .

Thanks Hollywoodpc. So far my trial is going well. I'll give it a few weeks and if everything is fine and dandy, I will give it a permanent install.

Rich

{QUOTE-> Thanks Hollywoodpc. So far my trial is going well. I'll give it a few weeks and if everything is fine and dandy, I will give it a permanent install.

Rich <-QUOTE}
Remember . New version coming soon

Thanks Hollywood, I'll be looking for it.

Rich

{QUOTE-> Thanks Hollywood, I'll be looking for it.

Rich <-QUOTE}
They tell me it ought to be a doozy . Is that a word ? LOL . I am looking for it too .