Need a pretty simple security app.

I don't want to run a full HIPS, I really have no need to since I check everything I install with a few different scanners and use SandboxIE, but recently I got hit with a UACd.sys redirect adware/trojan/rootkit on one of my machines somehow, so I was looking for a simple program that blocks driver installs/rootkits, I don't care about *.exe or program control, just something to intercept drivers thats light and not heavy on resources. My current security setup is rather light as I feel safe with it, its GhostWall, NOD32 v4, and Malwarebytes anti-malware (with the guard active), just looking for a simple rootkit blocking app. Any suggestions would be greatly appreciated. Thanks.

 

Prevx 3.0

 

Another vote for Prevx 3.0 here.

 

I also agree with Prevx, though I don't know if it specifically monitors those types of behaviours.

Online Armor is also a good option.

 

Online Armor, as simple??

EDIT: Sorry, didn't read the whole post... My vote goes for ThreatFire. Prevx doesn't work out for me, even if I respect the company behind it a big lot.

 

I guess you're right. I was just thinking that it's relatively simple compared to most classical HIPS.

 

DefenseWall

 

Prevx here too. It is a set and forget program that is light and works.

 

Prevx or Defensewall (or both). You can't go wrong with either.

 

Unless you're installing new apps., and with Defensewall any directly by clicking run on a download prompt.

 

How do you think you got infected ? You seem to have a pretty tight setup.
Then you could figure out what you need to add.

 

I have heard that Drive Sentry is also a pretty good software...

 

There are a number of people here at Wilders who are not too happy with DriveSentry themselves at the moment. See the following thread: -

https://www.wilderssecurity.com/showthread.php?t=242412&highlight=drivesentry

 

Well I got infected from a clean install, didn't have updates installed on the system yet, and had an old copy of flash. I was visting sites in IE while waiting for a download with just the XP firewall and NOD32 v4 running, and it just got me thinking really.

I'm testing out PrevX 3.0 right now, I like it so far, light and no conflicts with anything. I'll be checking out some other stuff soon. I did use Online Armor for a while, however it seemed to be a bit resource heavy on my PC, like actual resource usage wasn't bad but it made my PC's response time considerably lower, I have no problem with a traditional HIPS if I can disable application launch protection.

 

Prevx Edge

 

Sandboxie.

 

The OP said he uses Sandboxie.

 

I'm pretty sure I remember Threatfire alerting on Driver installs at its default setting

My guess would be , that if you lower that setting , It would not alert on an normal installation , but would on a driver installation

I'm trialing DSA on my work PC , and it has a sensitivity setting too.