AntiHook is a unique desktop-based Host Intrusion Prevention (HIP) product. AntiHook dynamically protects your privacy, operating system and applications from malicious software, such as Spyware, Rootkits, Keyloggers, Code Injection, and Trojans.

Exhaustive Real-time Protection

AntiHook is kernel mode protection that detects and prevents attacks in real-time. It can be trained to isolate malicious activity. AntiHook ensures the integrity of the operating system by blocking and reporting any suspicious activity, including the following:

1. Launching of malicious applications and processes. This option allows the user to put restrictions on what applications execute on her machine.
2. Terminating of critical security applications (e.g. Firewall, Anti-virus, and Anti-spyware software).
3. Loading of suspicious DLLs (e.g. IE Browser Helper Objects, ActiveX components, COM objects).
4. Execution of code in a remote program (e.g. Trojans or Malware modifying the memory space of an external application and executing malicious code).
5. Remote injection of code through standard Win32 API calls to the CreateRemoteThread() API or other native APIs called from within Rootkits.
6. Installation of Kernel Device Drivers (Kernel Rootkits) that integrate and then maliciously alter the Windows operating system.
7. Registration of programs for loading on PC start-up or when the user logs on to the system.
8. Registration of Initialisation DLLs that load each time a new application starts.
9. Installation of system-wide Windows hooks by using standard Win32 APIs or native APIs.
10. Attaching a debugger to another process.

A Unique Approach

1. AntiHook provides kernel mode protection.
2. The AntiHook solution does not rely on lists of known Malware, so no updates are required!
3. No connection to a server or the internet is required - the protection is virtually built into the operating system!
4. You are protected immediately from all new threats - no lag-time for updates to be published!
5. AntiHook is complementary with all other computer protection systems including anti-virus, firewall, and anti-spyware systems. AntiHook even protects these systems from malicious attack!
6. AntiHook blocks first, and then asks second. Prevention is better than cure!
7. The AntiHook solution is optimised for the Microsoft Windows environment and has no noticeable impact on system performance.

AntiHook FAQ section :

Q: Is AntiHook a firewall?
A: No, AntiHook is not a firewall. AntiHook is an Intrusion Detection and Prevention resident system and its major goal is to protect your privacy and applications from Spyware, Code injection, Trojans and Keyloggers. In addition AntiHook provides fine granular application isolation and lets you monitor and control all suspicious activities and detect them as they happen.

Q: What does AntiHook can protect you from and what kind of activities does it detect?
A: AntiHook is an Intrusion Detection and Prevention System that identifies activities such as loading of Windows Hook DLLs, ActiveX/COM, Browser Helper Objects, writing data to an area of memory that belongs to another process, creating threads that run in the virtual address space of another process and starting a new process from within Outlook and Internet Explorer.

Q: Can AntiHook and a personal or other firewall system work side by side?
A: Yes, AntiHook integrates seamlessly with any firewall. As at today it has been completely tested against Sygate Personal Firewall and ZoneAlarm.

Q: Is it a problem if I already have an Anti-Virus system installed?
A: No, AntiHook doesn't interfere with Anti-Virus software and after you install AntiHook the Anti-Virus software will continue to work as before and without any interruption.

Q: What is the difference between software like Spybot-Search & Destroy and AntiHook?
A: Spybot - Search & Destroy is excellent privacy software, but it doesn't have the ability to report suspicious activities and attacks as they happen. Spybot - Search & Destroy is a post-mortem system and for example it cannot stop a Trojan Horse from stealing your passwords and sending it to someone else. In contrast, AntiHook as an Intrusion Detection and Prevention System can dynamically stop the malicious code before it has done any damage.

Q: Shall I keep using software like Spybot-Search & Destroy after I have installed AntiHook on my machine?
A: Yes, it is always a good idea to use as many protection systems as you can.

Q: Why do I get so many warning messages from AntiHook after installing it on my machine? What should I do to reduce this “noise”?
A: When you run AntiHook for first time it is recommended that you switch it to “Fingerprint mode”. This will force the system to record all activities without asking you to confirm. However, this assumes that your system is clean and you don't have any Spyware on it. It is a good idea to leave AntiHook running for a day or so in fingerprint mode even if you system has been working for a while.

Q: How do I deploy AntiHook in a multi user environment?
A: In order to reduce the “noise” that you might get when you first run AntiHook, it is recommended that you train AntiHook before you distribute the AntiHook data file (antihook.dat) to all your users.

Q: Do Windows XP SP2 and the new Microsoft Active protection technologies resolve all these problems?
A: No, unfortunately Windows XP SP2 doesn't completely eliminate this type of vulnerability as Windows offers several well-documented interfaces for injecting code in external processes. This allows hackers (unless you have AntiHook) to implant their own code in almost any running application.

Q: What are the Windows versions supported by current version of AntiHook?
A: At this point of time we provide full support for Windows 2000, Windows XP, Windows 2003 and related SPs.

Q: Does AntiHook affect the overall system performance?
A: No, it doesn't as the system utilizes highly efficient and already proven C/C++ algorithms for managing data structures.

Q: Can I use AntiHook in my development environment. I have different debuggers installed and would like to make sure that AntiHook will not interfere with them.
A: Yes, you can use AntiHook in development, testing and production environment as well. While working with debuggers you will be prompted to allow the debugger to modify the memory of the application being debugged.

Q: How do I uninstall AntiHook?
A: To uninstall AntiHook either select the Uninstall option from the InfoProcess menu in your Start->All Programs menu, or do the following:

1. Open Add or Remove Programs in Control Panel. 
2. Click Change or Remove Programs button on the left pane.
   • If you have installed InfoProcess AntiHook Rules Editor, find it in the list, and then click Remove button.
   • Wait for the unistallation program to finish.
   • Next, select InfoProcess AntiHook, and then click Remove button.
   • Upon successful unsinstallation reboot the machine .
3. Notes:
   • To open Add or Remove Programs, click Start, point to Settings, click Control Panel, and then double-click Add or Remove Programs.
   • You can sort programs by selecting different options in Sort by.

Q: How do I get a registration key for AntiHook?
A: For the free Home Version (version 2.6 onwards) you do not need a registration key. If you are still using an earlier version you need to upgrade to the latest. For all commercial users of AntiHook, please send us an email to antihook@infoprocess.com.au and we will arrange your registration key.

Q: Do I have to install .NET Framework 1.1 in order to run AntiHook?
A: You only need .NET with AntiHook if you plan to use the Rules Editor, otherwise AntiHook Control Center works fine on its own without .NET Framework.

Q: Are there any official forums for discussing the product and user experiences?
A: There are several forums and reviews available:
* The official forum can be found here: Software Security Central
* There is a discussion going on at Wilders Security Forums: AntiHook free for home users where experts are discussing AntiHook.
* A review is also available at ANTIHOOK V2.5 - SECURITY OVERFLOW
* Discussions on previous versions can be found at AntiHook 2.5 build 12.
* An earlier article for 2.0 was published in "The Sydney Morning Herald": "A bouncer for your PC".

Licensing and Pricing :

A commercial license is required to redistribute any of AntiHook binaries directly (whether by computer media, a file server, an email attachment, etc.) or to embed them in- or link them to- another program.