ProcessGuard Vs. AntiHook

Discussion in 'other anti-malware software' started by [suave], Aug 29, 2005.

Thread Status:
Not open for further replies.
  1. [suave]

    [suave] Registered Member

    Apr 5, 2005
    Hi guys.

    I am going crazy reading on this forum. I've read so much and I don't even know where to begin.

    Two products that I have read about here that caught my attention is ProcessGuard and AntiHook.

    Now, I definitely want to use one of them. But is there a difference between the two?

    What can one do that the other can't? Or what does one do better than the other?

    Is there some sort of feature comparison I can look at?

    I know ProcessGuard costs money and AntiHook is free... but thats about all I know about that :)

    I don't mind paying for ProcessGuard if it is indeed better. ;)

    So can anyone help me out and let me know the differences?
  2. WSFuser

    WSFuser Registered Member

    Oct 7, 2004
    well the following is a list of features in PG, as u can see it does more than just block hooks:

    Control Application execution
    Protect applications from termination
    Protect applications from modification
    Protect applications from viewing
    Block new and changed programs
    Protect physical memory
    Block Global Hooks
    Block unwanted rootkit/driver/service installation
    Block registry DLL injection (CoolWebSearch)
    Secure Message Handling
    Interface Lock

    edit: i just visited the antihook site and now i have the same question. there is quite a bit of overlap between the two apps.

    features of antihook:

    1. Launching of malicious applications and processes.
    2. Termination or killing of your critical security applications (e.g. Firewall, Anti-virus, and Anti-spyware software).
    3. Loading of suspicious DLLs (e.g. IE Browser Helper Objects, ActiveX components, COM objects).
    4. Execution of code in a remote program (e.g. Trojans or Malware modifying the memory space of an external application and executing malicious code).
    5. Remote injection of code through standard Win32 API calls to the CreateRemoteThread() API or other native APIs called from within Rootkits.
    6. Installation of Kernel Device Drivers (Kernel Rootkits) that integrate and then maliciously alter the Windows operating system.
    7. Registration of programs for loading on PC start-up or when the user logs on to the system.
    8. Registration of Initialisation DLLs that load each time a new application starts.
    9. Installation of system-wide Windows hooks by using standard Win32 APIs or native APIs.
    10. Attaching a debugger to another process.
    also see the antihook thread.
    Last edited: Aug 29, 2005
  3. randal9

    randal9 Guest

    I like the combination of Prevx home free and AntiHook. But some people have reported problems when using more than one HIPS program that operate at the kernel level. This is a Process Guard forum so I would expect the opinions to weighted in favor of PG. Just something to keep in mind. ;)
  4. Hi, I use antihook with jetico (I disable process attack table in jetico). They work very fine, and pass every leak test. Both of them are good (process guard and antihook) and I don´t see a great diference bitween them.
  5. WSFuser

    WSFuser Registered Member

    Oct 7, 2004
    [suave] - i guess u better try both and decide which one u like better (tho pg doesnt have a trial but rather a free version without the global protection enabled (hooks, services etc)
  6. richrf

    richrf Registered Member

    Dec 11, 2003
    I purchased PG prior to AntiHook becoming available, so I haven't had a chance to look deeply into AntiHook. It appears that PG provides a bit more granularity, but the primary reason I continue to purchase DCS products is because I know the company. Something like kernal-level protection is just too critical (because of what this program can do), to just allow any company to do it on my system.

    For me, it has nothing to do with features per se, but the pedigree of the company and whether I feel I can trust the company. Because I have dealt with DCS for so many years, I feel I can allow PG to have access to and control of the the kernal level hooks. But this whole issue, to my mind, is pretty tricky - i.e. Who do you Trust?

    Last edited: Aug 30, 2005
  7. ---

    --- Guest

    Interesting statements, in light of your posts about the TDS-3 Fiasco.
  8. [suave]

    [suave] Registered Member

    Apr 5, 2005
    I appreciate the replies guys, but unfortunately nobody was able to answer my question. :'(

    I am trying to figure out the exact differences between these two programs (feature-wise)

    What can one do that the other cant?
    What can one do better than the other?

    you know, things like that. :-*
  9. Their feature set is practically the same. With Antihook having a bit more.

    But I don't think that's an important consideration for a noob.
  10. floatingPast

    floatingPast Registered Member

    Aug 17, 2005
    on frog house
    anti hook has not had so many uptodates and everything it does is free for the home use
    processguard could keep going or stay still in the water nobody knows

    try antihook while the waiting for processguard to prove themselves again
Thread Status:
Not open for further replies.