Antimalware versus defensewallhost versus sandboxie

Discussion in 'other anti-malware software' started by goodquestion, Oct 7, 2005.

Thread Status:
Not open for further replies.
  1. goodquestion

    goodquestion Guest

    Which of these 3 are better? Perhaps it's just coincidence, or perhaps it's the time for an idea that as just come, but 3 of these apps have come to the attention of this forum and managed to get champions who are promoting its cause here.

    There is also Green border of that is least known because it has no champion here as yet. Sandboxie has being around fairly long too, but it is usually marketed as a one off tool to sandbox singular apps rather than a complete system. So it comes down to AM versus Defensewallhost

    Antimalware is championed by Victor , while Notok champions defensewallhost. Which is better? I'm sorry if the title is misleading, I haven't tried either yet, but I'm merely trying to decide which one to install myself based on the info posted here and elsewhere.

    First thing I want to know is what restrictions are there for an untrusted app.

    From https://www.wilderssecurity.com/showthread.php?p=562358#post562358

    While Antimalware covers the following based on Vikor's post

    https://www.wilderssecurity.com/showthread.php?p=573105#post573105

    The two lists look pretty much the same I think. Most of these same things are also covered by behavior blockers like OA,PG,Safensec,Regdefend etc.
    The only thing added that perhaps isn't in the usual arsenal protected would be file modifications, and even that, is covered to a great degree by people running Prevx Pro.

    Which brings me to the question, does it make any sense to install either of these if you run a combo of Regdefend+PG+Prevx Pro? Basically you are treating all your apps as "untrusted" already!

    Still I suppose being able to quickly give trusted apps , full permissions in one click, cuts down a lot on the work compared to giving seperate permissions for each behavior from each monitoring app and reduces popup fatiage. I trust my antivirus, so there it's "trusted".

    I suppose this virtualization tech sounds interesting in that it can keep track of file changes and allows it to be flushed away. If I'm not wrong this is something defensewallhost doesn't do. It has no virtualization at all. Is that right Notok?

    If so Antimalware has the edge here.

    ANother point against Dfensewallhost is that there is no website up , so some might feel a bit uncomfortable using it.

    Another pro, Antimalware Home is free. defensewallhost is 30 day demo, altough I suspect most early testers who give useful comments will get a free license.

    Right now I'm leaning more towards testing AM. But according to vikorr there is a conflict with prevx pro, so I'm kind of wary.

    Notok, Vikorr please chime in....
     
  2. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    Goodquestion, from what I can see DFH and AM are very similar programs. I couldn't say for sure which one is better (haven't tried DefenseWall)

    And neither are necessarily better than sandboxie, SB just needs to be used in a different way.

    Heheh, I know it's probably not what you wanted to hear, but oh well.
     
  3. goodquestion

    goodquestion Guest

    does antimalware conflict with any of the following?

    Prevx Pro
    Processguard Full
    Regdefend
     
  4. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    AM has a major & known conflict with Prevx drivers, although I have heard of one person getting the two working together. It works fine with PG. Not sure about RD.
     
  5. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I don't recall championing anything, only offering DefenseWall as an option (once) and that I have been using (beta testing) it. I won't be recommending anything until they all go final and I've had a chance to get to know them. I also generally won't declare one 'better' than another, but rather try to describe what kind of situation each might be better suited for. I'll be giving AM a try soon, but have no idea when either will go final. Until then I'll have to recommend that others simply try for themselves to decide which works better for them (assuming these kinds of apps are suitable for their situation).
     
  6. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    Pssst Notok, don't you know that if you write just one positive line, or merely mention any new product on these boards, you are said to be 'championing' the product...I mean common man, it's I thought it'd be obvious.

    Now if you write any negative lines (and I have for AM)...well don't you worry about that, you need to write a 10 negative to 1 positive before you can get out of the label of championing the product...see, as I said...bloody obvious !! :D :eek: :D *puppy* :p :eek:
     
  7. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    :eek: :blink:

    :D
     
  8. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,048
    Hey Notok

    Congratulations. You got promoted like me. You are a champion, and I am an "important" beta tester. If you ever figure out what it means let me know. :D

    Pete
     
  9. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    As I said, as long as you are prepared to talk about products you know about (which is 'usually' what you use), or are prepared to test anything...you get labelled :D

    Can't wait for my next promotion...err...rank...oh wait...if I 'promote' I get promoted...I think that's how it works !!! Now I just have to figure out what promote means...where's that dictionary...
     
  10. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    lol, woohoo!

    Yeah, well, you know.. it's not like that's what these forums are about or anything. :D At least not anymore, it seems..
     
  11. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Well, there is a easy way to solve your problem. You may create three virtual machines under VMWare and install all of the programs and test.

    AntiMalware doesn't allow to modify files-> it has no virtualization on the file system level.

    www.softsphere.com. The description will be there when I'll release program.

    It is not a pro.

    Already got it.

    Just test all of them and be the champion!
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,048
    Aw shucks Goodquestion. I wish you hadn't posted that definition, as that almost demotes me. But just to clarify. The products which I am currently beta testing are OA, SnS and KAV 2006. KAV is sort of a public beta, in that you can get the beta's from their forum. They strongly urge the general public not try them, as they are sometimes unstable. OA and SNS aren't public beta's perse, and anyone can sign up to beta test. The only special code I've gotten was from OA, and that was actually offered to all the beta testers, but I guess I was the only one curious enough to try totally untested code. Not really a big deal.

    I hope you realize that you benefit when people are will to be guinea pigs and test new software, as it improves the chances when you get a program it will work well.

    Anyway all this is just good natured fun.

    Pete
     
  13. edotan

    edotan Registered Member

    Joined:
    May 1, 2005
    Posts:
    4
    AntiMalware does have file system virtualization (old versions didn't).

    Cheers
     
  14. BufferZone

    BufferZone Guest

    Hi to All
    It's unacceptible for us to talk about other products.
    Our specialty is security through virtualization and our product is AntiMalware.
    We'll be happy to read AM related posts and to reply them by our professionals.
    Cheers
    Tal
     
    Last edited by a moderator: Oct 10, 2005
  15. Painkiller

    Painkiller Registered Member

    Joined:
    Aug 24, 2004
    Posts:
    42
    Yoo,

    Part of the mumbling, Counterpoint or Needless sarcasm. :rolleyes: .. you guys have any interesting input about the programs ..

    I use all three, in different computers, yet didn't get any conclusive result, however i can say that AntiMalware does seems to be more professional oriented , better GUI and it's seems that it's backed up by a Solid company ... good for the future ...

    I hope to have better (Technical) info next Post ...;)

    btw: I saw a post concerning the Virtual File system , i think that Ilya said that AntiMalware doesn't have a Virtual File system, however i'm testing it and it does, i repeat does have Virtual File system , do it seems that Ilya has posted an irrelevant info ... :ninja:

    Cheers


    Painkiller
     
  16. goodquestion

    goodquestion Registered Member

    Joined:
    Oct 9, 2005
    Posts:
    6
    I am the original guest poster goodquestion, who has done the keylogger tests in the topic: Summary of Anti-keyloggers started by Toploader, and the threadstarter here is just someone who stole my name, so I decided to join the forum so there will be no more name stealing by this impostor. Let's see you steal my name now TS. ;)
     
    Last edited: Oct 9, 2005
  17. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    I am using the latest DW Beta and all I can say it runs very smoothly together with my other apps. I beta tested and found one or two bugs - were corrected within hours.

    I tested my PC with all apps Ive got and all online-scanner - so I was clean when I installed DW.

    Ive also put A: and E: in untrusted (little bug there - fixed in the release ver).

    Ive tested only REGTEST.EXE from the box and DW had no problems defending against this test part 1 and 2.

    My security set up was a bit weak on the antimalware and virus side, but I feel good now when Ive added DW. Maybe I wont do a lot of testing - just use it - run Ewido and Kaspersky on line scans now and then and if I get anything else than a tracking cookie - I will mail support.

    It doesnt slow anything down. I dont know - but I believe its awesome and I will not look elsewhere as long as it doesnt dissapoint me.

    ntvd-something is always running untrusted - so I used the big red button and closed it - seems to make no difference if its running or not?

    We have all kinds of protection at work and NAV says my computer there is clean - Kaspersky online says Ive got Net Sky B and some others!! The BIG marketleaders like NAV and ZA doesnt always impress me - but still they impress very many - so good product need to be marketed - and there lies a problem for newbies I think - it costs big money.

    With IceSword coming from China, OP, Kaspersky, DW from Russia, NOD32 from Croatia?, AVG (with Bill Gates as part owner) from Czech Republic - it might be that the light - also in the software security business - comes from the east? Some might be newbies but they are also normally more hungry.

    I dont think signature based defence will be enough.

    Try DW - I doubt it will dissapoint you.

    Best Regards
     
Loading...
Thread Status:
Not open for further replies.