About Behaviour blocker?

are there more apps than the 2 popular ones threatfire and mamutu out there free or paid to evaluate?stand alone Behabiour blockers?thanks in advance

 

Re: About Behabiour blocker?

Prevx Edge. It uses very advanced Heuristic detection methods. I have been very pleased with prevx products, and they run great with almost any security product.

 

Re: About Behabiour blocker?

About Behabiour blocker?
it's behaviour

 

Re: About Behabiour blocker?

Give Prevx Edge a go. Fantastic program and support is A+.

x 10

 

Re: About Behabiour blocker?

I failed to mention Zemana antilogger earlier. Its also an excellent behavioral blocker. Its known for its ability to block key loggers, screen logger, clip loggers, web loggers.. lol any kind of logger you want to throw at it. It appears to be capable of blocking any category of malware in the wild. I've been giving it a test run, and i really like what i see so far. It uses white listing from their own database as well so you want get a bunch of false positives like some products. I hope Zemana keeps up the good work. Just read about it on their website http://www.zemana.com/list/list.aspx

 

Re: About Behabiour blocker?

you could give DriveSentry a go, its my fav, except for the bugs it has.

 

Re: About Behabiour blocker?

woooo there is plenty out there i didnt know
thanks

 

Drive Sentry
Mamutu
Norton Antibot
Prevx Edge
Sana Security Safe Connect
Threatfire
Zemana

IMO the best of the bunch is Drive Sentry,Mamutu,prevx Edge,Zemana.

 

hey john with your own experience which one will play nicer with defencewall zemana?mamutu?or edge?which one will you recomend?

 

is WinPatrol a behabiour blocker?

 

I have not tested mamutu with DW but Zemana runs great with DW and compliment each other nicely.For Keyloggers protection IMHO Zemana is cream of the crop as far as behavior blocker goes.What Zemana is not a scanner per say nor a cleaner or community base.

 

winpatrol monitors changes and uses heuristics So IMO I consider it a behavior base or a very light hips,Of course many will disagree with the hips part.Windows Defender in advanced spy net many consider that to be a hips.Winpatrol does about the same and more.IMO at minimum Winpatrol is a behavior blocker or should say monitor.

 

thanks buddy for explanation

 

your very welcome.

 

Ive used mamutu with defencewall and it worked fine, not sure about prevx edge though

 

which one is a closer to a good and strong bb drivesentry,prevx or winpatrol plus?thanks

 

WinPatrol is a poller. Even in the PLUS version, simply the polling interval is set at zero. But it doesn't use hooks. I usually can install Comodo, reboot and only after reboot Winpatrol Plus signals a new startup entry (a bit too late). It also has no serious ability to analyze behaviour. Behaviour analysis, is supposed to be able to merge info from various sources , so to generate an alert. Do a simple 1+1 = 2. Winpatrol can't do that. It is simply programmed to poll and thus monitor certain locations for changes. If it finds a change, you are asked to approve. That's it. It monitors your hosts file, startup, services, hidden processes, file associations, etc and alerts you. I don't consider this behaviour analysis. But i wouldn't bet anything serious that it could fend a trojan. I see it more as an alerter with probably use against spyware. You can see it here against real malware. At least in one case, judging from Twister's alert, registry modification is included. But WinPatrol doesn't see that either. Apparently it was a registry key that isn't monitoring.

http://youtube.com/watch?v=Y6J34qMtlZQ

 

Definetely not Winpatrol plus. DriveSentry and PrevX are of similar concept and in an another level compared to Winpatrol Plus. I 'd say run both and see which suits you best. PrevX is probably better in behaviour analysis. But Drive Sentry has a free version and the paid version has lifetime license...

 

Winpatrol is very nice to get a picture of the changes made by software installations like autoruns, new services, extensions etc.

 

cool thanks and also thanks about the winpatrol explanation

 

IMO, i find DriveSentry to be a stronger BB, it protects folders that u can specify and auto monitors changes in system critical folders like a normal HIPS would and alerts u if something is changed there, plus it offer behavior blocking, that way it doesnt overload u with popups, it also has a large whitelist and blacklist as well to limit notifications.

Prevx Edge might be more versatile though since it has BB, and typical signaturs, although if u want u can run DS with its BB + its AV, i prefer not to as it sometimes conflicts with other AV's but Prevx Signatures dont.

 

Winpatrol is cute and i have bought the plus version. But, IMHO, for someone with your setup, it's redundant. Nothing Malware Defender can't do. I myself don't run it, because Twister's FDD is much better and i also run RegProt that intervenes immediately for startup keys (faster than Winpatrol Plus). For me, Winpatrol is getting obsolete and more cpu-hungry as time passes. I saw the new features of the current beta and there is nothing of substantial improvement. If i were the author, i would turn it into a Mamutu-like behaviour blocker, if i could. Or at least make it a bit more robust. Some alerts come too late.
Plus, the last time i ran the 2008.15 (?) version, it was eating as much cpu time as Threatfire almost. So, why not run TF instead, which is much better... I mean, it won't tell you like TF "malware!". It will tell you that this changed , keep the change or not? So, a bit like classical hips, only much weaker. That's why i don't run it anymore.

 

manny thanks and yes i noticed the delay of pop ups also

 

i will give both a try again and see the difference i will let you know thanks

 

np, 1 thing i will say is, prevx edge is probably a bit lighter and user friendly. but i didnt notice much performance impact with DS (while using the little patch provided in the Katie DriveSentry thread)