antihook free for home users

Do you have an updated expected release date? Just wondering, not harassing.

 

A keylogger which does not use a hook

Hi Guys,

I tested untihook and PG with a lot of keyloggers but unfortunately found an application which seems does not use a keyboard hook.
Please see
http://www.geocities.com/martinisthebest1703/

I tested it on VMWare with antihook, PG and Advanced Anti Keylogger.
Nothing helps to stop it.
Any suggestion would be greatly appreciated.

Thank you,
Alexander

 

Re: A keylogger which does not use a hook

Not surprising really. Nothing is perfect, whether it is signatures or behavior monitoring. The only way to be safe is not to install suspicious software, that alone is worth all the KAVs, HIPS in the world.

Just the other day, I tested this new rootkit detector on vmware, KAV,NOD gave it a clean bill of health. But got zapped by some nasty trojan . Thankfully, i tested it on vmware.

 

I installed Antihook,but it's not for me.I had PG Free before and i decided to uninstall it,in order to try Antihook.Well,to my surprise,without PG on,i noticed an increase of speed to everything (specially visible when opening the control panel and its options and launching Firefox).Anyway,rebooted,installed Antihook in fingerprint mode,rebooted etc.Now,there was a real slow down!(although CPU was 0% and RAM only 4,5-6MB).I tried also normal mode,but nothing.An other weird thing is that in my start menu,the options weren't anymore directly executed.For example,by clicking find,it didn't launch the search engine,but a small window appeared with "find" on and i had to click on that.Fortunately i had made a Registry backup with Erunt and uninstalled antihook and reverted to the previous situation.Oddly enough,i lost half Firefox favourites (of course i had a backup) and all firefox preferences had been reverted to default.Of course this might have to do with ERUNT and not with Antihook uninstalling ,but i ve used ERUNT many times before and never seen this.

At this point,i also really wonder if it's worth the hassle to put back PG too.Although i never realised there was a slow down because of PG,i think that with time,the many entries have started hogging my PC (Athlon 2500,1 Gig 333Mhz dual channel) and i only realised it once PG was uninstalled.Given the fact that i have never been "saved" till now by such programs,i think i ll pass to something lighter that will leave the kernel alone,like Winpatrol.I think programs like PG and Antihook are pioneers in their camp,as prevention is better than cure,but at the end,for someone with careful surfing habits,i think the hassle of clicking "allow" for any new installer for example and having a drop down on PC speed doesn't worth the price.
Did i mention that now my surfing speed with Firefox is also superior?Just think that this was my main complaint with my ISP and made me downgrade my ADSL ,cause the pages had a lag to load.Now with no PG on,Firefox launches faster and surfs better.Nevertheless,IMHO,PG is currently much lighter compared to Antihook.

Anyway,i hope i ll be able to win my paranoid side for sometime and finally enjoy my PC withoug popups,slow downs etc.Maybe you guys should try it,it's almost a new experience

 

I agree. If one is careful with their surfing and what you download, you can get by with only your AV, FW, probably a couple anti-spyware scanners for manual checks, using an alternate browser like Firefox, and maybe something like WinPatrol.

Many people overinflate the value of using a program like Process Guard, when in most situations you'll never need it. Of course RichRf will probably chime in about now saying how blah blah blah- you still need PG for protection- blah blah blah, but I disagree. I mean how many times has PG actually protected anyone that their AV/FW/AS couldn't have handled? I say very very very few times. Probably for most, absolutely none.

If someone wants to use a program like AntiHook, which I do like and still feel is a very good program, then go ahead. I'm not here to tell anyone how to protect their own system. It certainly can't hurt you, from what I've seen, but it can be of benefit in many cases. And considering it's a free program, I don't see how you can lose when using AH.

I didn't notice the kind of slowdown mentioned by Hyperion when I tried AH though on a Athlon xp 2200 512MB ram system.

I am thinking of trying the next release of AH again myself, it's just that at this time I haven't felt the need for the extra protection provided by the program.

 

I had the same experience than you, Hyperion.

I used the PG about a year and never saw anything that I can say that PG protected me against a threats, but who knows...
It's goo to have a preventing systems because we don't know what will happen in the future, but for now, I will stay without this kind of software...

Besides, I would like to test the new versions of PG and AntiHook to see the improvements...

 

Yes,i noticed that only one other poster in this thread noticed a slowdown.It might have to do with other software running resident...In any case,on my pc it was obvious.With PG it wasn't.Only when i uninstalled it i notices a slight speed up and probably because i m picky with such stuff.Before,opening the control panel was like "zzap",now it's "zap" I tend to keep as few starting programs as possible exactly because i love the sense of the window that literally pops up in an exploding way rather than feeling the "effort" to open.

Anyway,i ve 3 avs and 2 at (all free ).Plus winpatrol and Spybot,adaware,i ll keep it like this.I ve had PG 3.150 free running for some months now and nothing happened.Same when i was running PrevX and SSM.As Vampiric Crow says,how many here have actually needed these programs?Considering that many posters here are experts in security,it's more a psychological need to take all measures than true need for such applications.I ve started using such applications from my own paranoia too,specially when i first read about dll injection...Never happened to me at the end.Then i got terrorised by the "beast" and was running SSM and PG ,till i was tired of all the alarms.Now i see that most of these fears for someone who does some basic things,remain academic and it's better if someone can enjoy his PC with calmness,without windows and alerts poping up from left and right etc.Thinking about it,in SSM for example,i doubt if would have been able to distinguish a real malign dll injection or a hook from the numerous legitimate alerts the program was giving.

 

No slowdowns with AH on either of my machines, a dual XEON and a dual Athlon 64.

 

Vampirc, Iagree, Hyperion finally people who see beyond the hype.

 

I've been criticizing the overzealous pseudo-security nuts here for years.

I agree that these HIPS utils are not usually worth it. Besides the performance hits--which can be downright dramatic--you often have to put up with stability and usability issues as well.

The security freaks will scream at you that you're a fool, that you're hanging your ass out, that you lack common sense. Then they'll give you a list of 317 applications that they think you should buy and run (and, of course, you're a bloody fool if you don't run at least 278 of them).

Then, in another thread, they'll detail their latest experience contracting a trojan.

While you sit there and wonder where these fools come across all that malware in the first place--was it because they didn't run application #318?

 

Interesting...I use HIPS in place of a realtime AS (when I'm not installing)...mainly because it's 'performance hit' is almost neglible (especially compared to a realtime AS or AT)...and at present it seems they have a better prevention rate than AS's (once again, except for during installations, which is a weak point for many HIPS)

It's good how people see other things differently too - promotes discussion. For example, I rarely see anyone here saying that HIPS are an absolutely necessity...although I do see a number of people saying that's what they are saying...take Richrf who is given as as example of such (in above posts)...I'm 'fairly' sure he's said that KAV is the only security program of his that has caught anything.

Yet he obviously thinks HIPS have their place...actually so do I...although I do think they have a good deal of improvement left in them...

I've also never had a stability issue with one.

Still, the sheer number of security programs some people have does amaze me.

I think you'll find that even the people that use HIPS think the websites that promote them use a lot of hype.

 

Since the AS you are referring to is probably slowing down the machine due to polling of registry, it makes some sense to turn that portion off if you have a superior method of course. Of course, this is a different matter from the purely signature porition of the scanner.

On the other hand, I think AT's memory scanner is worth the performance hit if any, to be on 24/7.

Actually I object more to hype/slogan self generated and technobabble by certain members.

 

Fair enough comment, including signature scanner bit. For the performance hit, I was referring to MSAS, which slowed down my machine noticeably. TrojanHunter, which didn't slow down my machine very noticably still often generated cpu spikes between 6-14% on my machine.

 

Good post. I enjoyed reading it.

 

Ok i tried this program and found it to slow down my pc.I wasn't that impressed with it .....but you can try it for yourself.......

 

Hi pffft,

Sorry for the delayed response but recently we’ve been very busy on our new product that will probably replace AntiHook. It extends the functionality of AntiHook and targets home users as well as corporates by introducing centralised rules, users and profiles management. It also has significant improvements in terms of the performance which I believe is a key point for any user. Anyway we haven’t scheduled the exact release date but our initial plans are to have the beta available for testing mid or end October.

Let me know if you want to know more details on the new project.

Cheers,

Ivo

 

Re: A keylogger which does not use a hook

Hi Alex_123,

Thanks for reporting this issue – we have a fix that is part of the next version that we will release mid-end October.

Regards,

Ivo

 

Can you please email me (antihook@infoprocess.com.au) with a little bit more information on this. To improve the overall performance we are testing our products with almost all sort of software but I’m sure we have missed some products that in combination with AntiHook may slow down the system.

Thanks for your cooperation.

Ivo

 

Hi Ivo, it would be good to test AntiHook (or the new one you are making to replace it) with Sandboxie v2.0, because when I wanto to run a program protected by sandoxie the system freezes, and sandboxie doesn´t work.

Thanks

 

Hi zorrito,

Thanks for your report. I will make sure that this will be tested against the new product.

Thanks,

 

That's very good news Ivo! Thanks for letting us know about it. I'll be looking foward to trying it out, if it will be available to all. Sounds like it's well worth the wait till the end of October. Will our same activation keys still work with the new version?

 

I can not uninstall Antihook!!!

I can not uninstall Antihook 2.5.

It doesn't show on the Control Panel (programs list) and the Antihook
folder doesn't have any uninstall file.

Please, can you help me? I just can tell you that I changed the
destination folder on the install, so maybe it's a bug.

Thank you,


PS: Win XP PRO & Filseclab Firewall, and I've emailed Antihook. Now I often get the Blue Screen and have to restart Win.

 

Re: I can not uninstall Antihook!!!

Hi,

If “InfoProcess AntiHook 2.5 (Build 12)” doesn’t show up in the add/remove programs panel, that means that possibly the application hasn’t been installed at all.
Do you have AnitHook being started automatically by Windows? If yes, make sure that you uncheck “Load AntiHook at startup” from the AntiHook menu to make sure that AntiHook won’t be launched next time. After that you just reboot your machine.

Please let me know if you have any other questions.

Regards,

 

The application was installed, I just changed the default folder to another hard drive.

As I was unable to use the Control Panel to uninstall it, I also unchecked the Load "AntiHook at startup".

And I can run the program, so it's installed, isn't it?

I can uncheck "AntiHook at startup" and delete the Antihook folder, but will it work to completely remove Antihook?

I'm running Win XP Pro, Antihook 2.5.0.12 and Filseclab firewall.

Thank you,

 

Hi,

Here is what you should do:

1. Make sure you are logged on as the same user who installed the system if you have installed AntiHook for yourself (“Just me” installer option)
2. Using Windows Explorer navigate to the location where AntiHookProSetup25.msi has been stored. Right click on it and select “Uninstall” from the context menu.

We are investingating this issue and if it is a bug we will make sure we will provide a fix with next build.

Thanks,