AntiHook 2.5 Review
General:AntiHook is what we call a next generation security software, mainly come to add some horsepower to our weak AV, however can even (carefully) installed without any other Security software (maybe only personal firewall), the main idea behind AntiHook is that anything and everything can damage your OS, so the software basically catch every move in the system, from DLL loading, Global Hooking and even Driver installation, many things for such a small software about 1.5Mb.
Many people like to refer to this kind of software in the name HIDP, cause it can prevent intrusion attempt locally from Download files and anything that tries to resident in the computer.
Many times I have encountered such kind of programs and mostly they have the same problem, Management , is becomes a hassle to work with the computer that every time an annoying alert (popup or some kind of message) comes and ask you a question regarding some operation in the system, many times you don’t even understand what is going on.
Lets see how does AntiHook is dealing with this issue along with keeping the security level is high has possible.
Installation
The installation process is very easy, it’s a basic installation wizard and nothing to it .
One thing I didn’t understand, why do we have to install the Rule Editor separately, does InfoProcess company is so convinced that there product doesn’t need any Rule editing and it’s only for expert users … it’s a question to the company
General operation
This is the complex part, as seen before many HIDP like AntiHook and others has the same problem. Management and day to day work, I did hope that AntiHook will be able to overcome this issue, but in vain.
What AntiHook did it’s very simple, after the install stage the program goes into Fingerprinting mode, basically learns everything you do, like all of you I have bad experience with “Learning” system, even Gateways, the issue is that you can never learn everything, that what happened to me also with AntiHook, my system was on Fingerprinting mode for 3 hours and I did worked in the all stage of Fingerprinting mode. I was content and thought to myself “great all I have to do is change the mode to normal mode in order to get security” how boy how was I mistaken, not only I got Security I also got and annoying Alert from Antihook about things happening in my computer , wait I only moved my mouse and poof a Alert from Anithook that “something tried to do something” wait!!! I didn’t move the mouse in the Fingerprinting stage …
Damn what with the huge alerts that you can barley understand the error message nor understand what action to take, and don’t forget that I’m kinda of technical savvy, what will happen with the Home user that will see this messages …the amazing thing that I got many messages about things that I already did in the Fingerprinting stage and it also gives you the option to turn on the Fingerprinting mode for like installation … so what happens if in the installation has a DLL Injection Trojan ???
However lets not forgot that we have a Rule editor, part of the Win95 look and feel the Rule editor does let you control all aspects of the Computer and show all rules that have learned or you have entered your self.
Security testsI did many security tests, mostly using well known Trojan and Security test products, thus are the results
Note: Pass = Antihook blocked it, Fail = Antihook didn’t was able to stop or catch it.
TrojDemo.exe (Trustware) = Fail , the TrojDemo was able to send the info without AntiHook preventing it from DLL injecting to the User Calc
tooleaky.exe = Pass
ProcX.exe = Pass, the ProcX.exe couldn’t kill the AntiHook process
firehole.exe = Pass
pcaudit.exe = pass
pcaudit2.exe = pass
Modified Taskman = pass. Couldn’t kill the AntiHook process
Ghost.exe = pass
Advanced Process termination = Fail, Kill 2 and 6 killed the AntiHook process
OverallI think that AntiHook 2.5 it’s a nice supplement for AV in the security suite that we all are looking for, the issue is that it’s only can be used by Computer Savvy or Security expert and that’s shame cause I really think that Home user can benefit from the product and InfoProcess can benefit from selling to more that only Computer Geeks
Grade = 7/10