Complete Winpooch alternative

Discussion in 'other anti-malware software' started by Verms, Apr 5, 2010.

Thread Status:
Not open for further replies.
  1. Verms

    Verms Registered Member

    Joined:
    Apr 5, 2010
    Posts:
    4
    I have been searching for a long time but haven't found a program which has all of the features of Winpooch, the program which does not work beginning from SP3 of Windows XP. There are some programs I found which have some of the features of winpooch but they always lack something.
    The features are:
    allow/disallow/prompt read/write to files/folders/registry keys/values
    allow/disallow/prompt net connect/send/listen
    allow/disallow/prompt execute file/kill process
    per application (or application path mask)
    using masks for target paths
    Please tell me if there is such an application.
    But don't suggest "Kaspersky Antivirus" or something like that because those are completely different.
     
  2. codylucas16

    codylucas16 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    267
    It looks like that is a HIPS program. GeSWall, Comodo Defense+, Defensewall, Online Armor Malware Defender. These are all examples of this. Try looking into them.
     
  3. Verms

    Verms Registered Member

    Joined:
    Apr 5, 2010
    Posts:
    4
    For example, in winpooch I could allow reading of a file or registry entry only to a couple of programs and another file or registry entry only to some other programs. I couldn't find a way to achieve this in any of the listed programs.
     
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
  5. Verms

    Verms Registered Member

    Joined:
    Apr 5, 2010
    Posts:
    4
    SSM lacks some of the features, like "read registry/file restriction"
    Both Realtime Defender and EQ Secure are what I wanted but Realtime Defender is somewhat complex to understand how it works and I couldn't get it to do what I need.
    But EQ Security - maaan, this utility is perfect for me. Thank you so much!
    I tried it in virtual machine, I hope it won't conflict with anything in real machine.

    Thank You!
     
  6. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @Verms

    You might also be interested in these.


    RegDefend

    rd.gif

    RegDefend protects your registry from modification by intercepting the requests from applications and the system. You can determine the registry events you want RegDefend to protect you against through a customizable list. RegDefend is also coded partly in assembly language (ASM) to ensure it offers the fastest registry protection in the market.
    Shareware / Freeware - Runs on Microsoft Windows XP / XP64 (x64) / 2000 / 2003

    http://www.ghostsecurity.com/products/


    MJ Registry Watcher

    MJ Registry Watcher by Graphic Equaliser https://www.wilderssecurity.com/showthread.php?t=54666

    mj.png

    MJ Registry Watcher is a simple registry, file and directory hooker/poller, that safeguards the most important startup files, registry keys and values, and other more exotic registry locations commonly attacked by trojans. It has very low resource usage, and is set to poll every 30 seconds by default, although you can adjust this to anywhere between 0 and 9999. A configuration file stores all your settings for future use. MJRW not only polls the system, but it also hooks it, so that most changes to keys, files and directories are reported instantaneously. Key deletions are still caught by the polling loop though, since they cannot be hooked. Exactly which keys and files are protected can be completely configured by the user, although the sets I supply with MJRW will cover most standard PCs.

    http://www.jacobsm.com/mjsoft.htm#rgwtchr
     
  7. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i like the idea of just maybe for novice just running an antivirus and MJregwatcher:thumb:
     
Thread Status:
Not open for further replies.