Discussion in 'other anti-malware software' started by ratchet, Aug 31, 2010.
Can it be used independent of AVG Anti-virus? $2.75 US today! Thank You!
I would say it is more like TF. With all the prompts, Mamutu seems more like a HIPs to me.
Thanks for the reply! I'm going to search the info on it but do you know if it is stand alone or not?
Never mind, it is stand alone!
this is a pretty good deal considering not many stand alone behavior monitors are available today.
It is simply the old Norton Antibot.
Actually, the old Sana Security Primary Response, which then became Norton Antibot, as a licensed product, if I well remember. Then, bought by AVG.
I think it has some enhancements by grisoft as norton antibot had troubles with vista IIRC while I have been trying ID Protect in Win 7, 32 bit for a little while now with no issues at all (except for the 'prompt to save work') component.
I may get in trouble for the double post (posted in the ongoing AVG free today thread) but...CleanMem disables Identity Protection at CMs scheduled run times. What the heck kind of anti-malware product can be shut down by just cleaning RAM? I couldn't understand why it was disabling and then I had a hunch and sure enough. I sent AVG a support ticket before I discovered it but they haven't responded yet. When they do I'll in form them!
Something definitely needs to to investigate this. I would hope IDP has self protection.
Did you check task manager to see that all the processes were killed? I am thinking there are 4 processes. I can kill one with task manager but another keeps coming back after being killed. Two others are not able to be killed.
The AVGIDSWatcher is not able to be killed by task manager even when protection is disabled.
One thing I noticed is that when ID Protection is enabled it is made part of the AV- even the free version. So when IDP is disabled the free av gives a notice.
its like mamutu and threatfire, but its wayyyyy too docile, its VERY much on the safe side of things wen it comes to detection making it next to silent but also pretty bad in detection, it will detect large major infections spreading around, but not nearly as good as TF or Mamutu IMO
Anyone test this IDP against malware?
There are a couple youtube videos of AVG 2011 beta(w/ IDP) that shows it does pretty well.
I did not check what processes were being stopped. I was running it "stand alone" as I use Avast right now. I had it enabled and sure enough, every 30 minutes (the way I have CM scheduled, :06/:36) it would disable I P. I made a CTM snapshot before installation and I back to that point. For $2.75 I thought I'd try it. I should have just trialled it.
Are you going to send in a support ticket?
Set on Paranoid Mode, I agree on that.
It's also possible to disable it's protection, by a standard user! This should not happen! Because if a standard user can, so can malware.
I sent a support ticket to AVG online help. If I get a response I will let you all know what happens. If others send a similar support ticket maybe they will respond faster? I think Online Armor offers some sort of feature to prevent programs from being killed, maybe some other HIPS programs do as well. I noticed that not all services can be killed. Has anyone tried to kill the services by malware in virtual environment or kill services then run malware? Possibly just the GUI or task bar icon are killed. If the protection is actually killed by task manager and/ or standard user then this is a serious problem.
Actually I did but before I realized it was CleanMem. They did finally respond today and although I couldn't provide them with the information they requested (log files, etc,) I did inform them that it was CleanMem and provided them with the link.
They responded to me that the 32 bit version of IDP has self protection but the 64 bit version does not. And that the 64 bit problems will be fixed in a coming major release.
And, what about that standard users can disable it's protection? Have they said anything about it?
Could you also ask them why there's a discrepancy between the "monitored behaviors"? Some people have 318, others 323, others 417, etc.
I contacted them via email more than a week ago and still no answer.
If you could ask them that, it would be great. I'm confused why the numbers are different. I can't think of any reasons.
I told them a standard user can disable IDP but they did not address that specific issue. I believe there are 4 IDP processes, can you see if all IDP processes are disabled in standard user mode? Just let me know- then I'll send another email.
Separate names with a comma.