AntiHook 3

Discussion in 'other anti-malware software' started by egghead, Jul 26, 2007.

Thread Status:
Not open for further replies.
  1. egghead

    egghead Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    443
    Location:
    The Netherlands
    made curious by the review of NicM:

    https://www.wilderssecurity.com/showthread.php?t=180969&highlight=NicM

    I have downloaded AH 3.

    The install went flawlessly on my rig (note: you need MS.netframework 2).
    It is a very userfriendly proggie, gui is very intuitive. :thumb:
    The learning mode is called "fingerprint mode" here. When enabled it makes rules automaticaly. After the learning you can select "normal mode" (=detect & prompt) or "allow all" (=pass through mode).

    I run it alongside KAV 7 (with proactive defense disabled) and LookNStop. No problems thus far with these or other programs.

    Are there geeks among you who are running this proggie for some time now?
    What are your experiences? cons/pros ?

    Whip it out lads !

    Btw the price for this proggie, is this an annual fee ?
     
  2. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    I am not sure if the one year license fee refers to an annual fee that you have to pay in order to be eligible for future program versions or if it means that the program will deactivate if you don't continue to pay every year. I would think that it would be the former because they offer version 2 for free (which I presume will not shut off after a trial period). They list a 30 day trial period, so I presume that there is an internal shutdown of the program if you don't purchase it. I don't think the annual fee would have the same restriction. You can email the tech support link on their website. They are pretty fast to respond to questions.
     
  3. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I also am very interested in reading comments by users of Antihook. For instance, does it protect the registry, I wonder?

    Because of NicM's hook tests, I am looking for a HIPS to use until the time when SSM gets its act back together. (Too bad NicM didn't include Safe'N'Secure in his tests.)

    Online Armor would be fine except it doesn't protect the main registry, and I am NOT interested in using a stand-alone app for registry protection.

    ProSecurity would be an obvious choice except for its dreadful GUI. For instance it took me nearly 15 minutes to scroll through ProSecurity's lists of my applications so as to block the wgatray.exe process. I can't see having to do that for each of the several processes where I want to modify the rules set by ProSecurity's wizard. The scrolling is absurdly slooooow, and there is NO find function.

    Ergo, I am hoping that someone will comment as to whether Antihook is good at what it does AND has a module for registry protection.
     
  4. PSDeveloper

    PSDeveloper Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    93
    ProSecurity will make a new GUI in next versions, then all 3rd part components(they makes the GUI to be slowly and unstable) will be removed, and the GUI will be fast and find will be easy.
     
  5. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I am very happy that you are monitoring Wilders. By the way -- congratulations on your splendid results in NicM's hooking tests!

    As to the GUI improvements -- I tried the current beta of 1.4, but the GUI was still not up to standards. Do you intend to improve GUI in the final version of 1.4? Or... when?
     
  6. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    Regarding Antihook 3 and 2.6 i have used them before and reviewed them on download.com

    Here is a copy of what i said on download.com:

    Antihook 3:
    A Surprising Disappointment

    by: D_Menace on 17-Jan-2007 12:23:34 AM

    Pros: Read their website at infoprocess.com.au;

    The program is supposed to offer more protection (but it doesn't really) and due to completely new code be more light and efficient (but it still slows you're system down dramatically)

    Cons: High Memory Usage - 40 MB (Shared by 2 processes)

    Misleading Naming - "Registry Modification" protection, does NOT block a process from modifying the registry, only blocks a process from modifying certain areas such as the startup keys.

    Insufficient Protection - AntiHook is considered as an advanced product for expert computer users to protect against 0day threats. Yet it doesn't have enough features to offer such complex protection, completely missing Buffer Overflow protection (though some can argue that process start protection protects against this*), and its keylogger / rootkit protection is very 1-dimensional, missing new keylogger / rootkit methods (see Firewallleaktester.com keylogger and DFK Threat Simulator rootkit component.)

    Insufficient information in alerts, which although technical, doesn't provide enough details to make an informed decision, meaning that if a breach occurs, a user can easily misunderstand its meaning.

    Infoprocess - there is still quite a long way... but you can potentially turn this into a very competitive product!

    Antihook 2.6:
    Difficult to use - Mainly for experts, However is a free full featured HIPS!

    by: D_Menace on 22-Oct-2006 10:13:13 PM

    Pros: Full featured free version - not limited at all protects against... everything... which is a bit of a problem see below

    Easily beats free HIPS rivals like System Safety Monitor and Winpatrol - This program protects against code injection, rootkits etc, etc, etc, etc x 10 ^ 3. Look on their website at infoprocess.com.au

    But I still think there is room for improvements - adding network IPS capability, monitoring more windows areas, buffer overflows perhaps?

    It's an Australian, Sydney-based company, not based in India or some other unfamiliar country... Go Aussie!

    There are also other benefits such as that it uses a Kernel level driver etc already mentioned on this page, however I have just a slight degree of concern about the stability of my system with this running... if it crashes my computer may be impossible to boot...

    So 4 STARS - top marks for functionality and high level of security but minus one for usability.

    Cons: GUI needs more work - the rules editor is hard to use and I'm struggling to configure this program - there literally is just an icon in the system tray...thats it! E.G. How can I set up a program for Antihook to protect? I want more eye candy... I guess its aimed at those who want solid security without the bloated graphics. But still it needs a better GUI.

    In learning mode, no popups, easy going.

    In normal mode, popups galore! Is it ever going to be possible for this thing to work silently with minimum false positives? I am not so sure...

    Hope this helps :cool: Please note these are one of my first reviews and as they are a year old some of the contents may be inaccurate. These reviews are probably inappropriate to Wilders as they are targeted at newbie / beginner computer users.

    Edit: Spelling, removed 1 misleading paragraph, added / changed last paragraph
     
    Last edited: Jul 27, 2007
  7. PSDeveloper

    PSDeveloper Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    93
    Thank you very much!
    Yes, i see, the current GUI makes many problems, the new GUI will be released in the next version, I can't promise it will be released in 1.4, but anyhow it will be released in 1.4.x.
     
Thread Status:
Not open for further replies.