Fandom

Freeware Catalog

Lists of freeware behavior blockers

296pages on
this wiki
Add New Page
Talk0 Share

Behavior blockers Edit

Screenshots
Selection of behavior blockers snapshots:
(Click to enlarge)
Antihook

AntiHook

Ghostsecurity

AppDefend + RegDefend

Cyberhawk

Cyberhawk Basic

Drivesentry

Drive Sentry

DSA

Dynamic Security Agent

Eqsecure

EQSecure

Prevx2

Prevx2

Prosecurityfree

Prosecurity Free Edition

Neovavaguard

Neoava Guard

Processguardfree

Process Guard free

Sensiveguard

SensiveGuard

Ssmfree

System Safety Monitor Free Edition

Winpatrolfree

WinPatrol 2007

Winpooch

Winpooch

This class of security software is the latest and newest to be employed and currently it is still very much a niche market, although major security product vendors are starting to add it to their security products. See FAQ on HIPS and discussion here for more details. On the freeware front, there is a wide variety of choices available, mostly liteware (some which are pretty much as capable as the full versions, while others are significantly weaker) and a few open source and free beer products.

Expect a lot of developments and changes.


Popular Edit

  1. All-Seeing Eye - http://www.fortego.com/en/ase.html
  2. AntiHook - http://www.infoprocess.com.au/antihook26.php Star
  3. AppDefend + RegDefend (nagware)- http://www.ghostsecurity.com/index.php?page=appdefend Star
  4. Vista Avorax Shield - http://www.arovaxshield.com/
  5. Blink Neighborhood Watch - http://www.eeye.com/html/products/blink/neighborhoodwatch/index.html
  6. Vista Cyberhawk Basic - http://www.novatix.com/ . Renamed to ThreatFire (beta) Star
  7. Vista Drive Sentry - http://www.drivesentry.com/index.htm Star
  8. VistaDriveSentry (GoAnywhere for usb drive) (beta) - http://www.drivesentry.com/download/DriveSentryGoAnywhere1.0.0.40.zip New
  9. Dynamic Security Agent - http://www.privacyware.com/dynamic_security_agent.html StarRecommended
  10. EQSecure - http://www.eqspywatch.com/ , see for a short introduction (setting language to english and configuration) Star
  11. Vista Prevx2 (license unique) - http://www.prevx.com/
  12. Vista Prosecurity Free Edition - http://www.proactive-hips.com/download.php Star
  13. Neoava Guard (betaware) - http://www.neoava.com/ Star
  14. Process Guard free - http://diamondcs.com.au/processguard/index.php?page=home Star
  15. SensiveGuard - http://www.sensiveguard.com/index.html Star
  16. System Safety Monitor Free Edition - http://www.syssafety.com/ StarRecommended
  17. Vista WinPatrol 2007 - http://www.winpatrol.com/ Star
  18. Winpooch (open source) - http://winpooch.free.fr/page/home.php?lang=en&page=home StarRecommended


If all you want is execution control (so you are prompted when an unknown new process try to execute), then Winsonar 2007 XP or Abstrusion protector is all you need. Avorax Shield and Winpatrol provide mostly registry control and antispyware protection only warning you of attempts to set autostart entries, hijack browser related entries similar to most antispyware real time protection but does not warn you of new unknown processes starting. Most of the other entries here do both as well as monitoring even more subtle system behavior. AntiHook, Appdefend/Regdefend, Dynamic Security Agent, EQSecure, NeoavaGuard, System Safety Monitor, ProSecurity free, Sensiveguard, Winpooch provide a lot of protection by warning you of system changes and behavior, but is very intrusive and requires some knowledge to use. ThreatFire (beta) (which boasts some intelligence) and Prevx2 (which uses a large database whitelist of applications) is perhaps the easiest to use.

Others Edit

  1. API Guard - http://www.alamak0ta.republika.pl/apiguard.html
  2. Vista ClearShield (beta, Vista only)-http://www.myclearshield.com/en/home?
  3. Vista Comodo V3.0 beta - http://www.softpedia.com/get/Security/Firewall/Comodo-Personal-Firewall.shtml (This version adds "Defense+" which is HIPS) New
  4. Vista Comodo Memory Guardian (betaware) - http://uhthn2002.blogspot.com/2007/08/comodo-memory-guardian-beta-v1-buffer.html New
  5. Firekeeper - http://firekeeper.mozdev.org/index.html (IDS using snort rules for scanning HTTP)
  6. Full Control - https://sourceforge.net/projects/fullcontrol/
  7. Guardian Angel (outdated) - http://www.freedownloadscenter.com/Utilities/Anti-Virus_Utilities/Guardian_Angel.html
  8. Hurricanesoft Internet Security 2006 Free Edition - http://www.hurricane-soft.com/Security-Software/Hurricanesoft-Internet-Security-2006-Free-Edition-EN-3.1.3/
  9. LOM Heuristics (betaware) - http://www.lommage.co.uk/lomheuristic/
  10. MicroPoint Proactive Defense Software (chinese only) - http://www.micropoint.cn/
  11. Samurai HIPS - http://www.geocities.com/spcs_inc/
  12. SECRETMAKER - http://www.securemaker.com/ All-in-One New
  13. Strata Guard Free - http://sgfree.stillsecure.com/?q=node/47#whatdoes
  14. Wehnus Buffer overflow protection - http://www.wehnus.com/products.pl
  15. Wssecure Application Monitor (open source) - http://sourceforge.net/project/showfiles.php?group_id=181434
  16. See also Lists of freeware antispyware with resident protection such as Spyware Terminator and Windows Defender.
  17. See also Lists of freeware firewalls that have some HIPS function like Jetico 1 and Comodo firewall
  18. See also Lists of freeware sandboxes
  19. See also Lists of freeware virtualization

Process firewalls/ execution control (only) Edit

  1. Abtrusion Protector (development stopped)- http://www.pcworld.com/downloads/file/fid,56608-order,1-page,1/description.html
  2. Exe Lockdown (development stopped) - http://www.padring.com/soft/Utilities/Antivirus/ExeLockdown.html
  3. FullControl for Windows (open source) - http://sourceforge.net/projects/fullcontrol/
  4. Trust-no-exe - http://www.beyondlogic.org/solutions/trust-no-exe/trust-no-exe.htm Star
  5. Winsonar 2007 XP - http://digilander.libero.it/zancart/winsonar.html Recommended


If all you want is execution control (so you are prompted when an unknown new process try to execute), then one of the entries here is what you need. Trust-no-exe is highly configurable and useful software that allows you to set filtering permissions at various levels. Winsonar 2007 XP , offers a special online mode, where all unknown processes are automatically killed.

Integrity checkers (only) Edit

  1. Vista Drive Sentry - http://www.drivesentry.com/index.htm Star
  2. File Checker - http://www.javacoolsoftware.com/filechecker.html Star
  3. Installspy - http://www.2brightsparks.com/freeware/freeware-hub.html
  4. Sentinel - http://www.runtimeware.com/sentinel.html StarRecommended
  5. Spy-The-Spy - http://www.mediachance.com/free/spythespy.htm
  6. Tiny Watcher - http://www.donationcoders.com/kubicle/watcher/ StarRecommended


These entries act mostly as integrity checkers, to ensure that sensitive file and directory areas like Windows directory is unchanged. Some like Sentinel or Tiny Watcher only do this on demand or at startup, others like File Checker and Spy-The-Spy do this in near real time polling the system a number of times a minute to check for changes. Drive Sentry is a full blown "data firewall" that can watch any folder ,file or extension for changes. Some of the behavior blockers already mentioned above like EQSecure and Winpooch can also do similar functions.

Registry watchers (only) Edit

  1. MikeLin's StartupMonitor - http://www.mlin.net/StartupMonitor.shtml Star
  2. MJ Registry Watcher - http://www.jacobsm.com/mjsoft.htm#rgwtchr Now payware. Last freeware MJ Registry Watcher version 1.5.4 StarRecommended
  3. RegistryProt - http://www.diamondcs.com.au/index.php?page=regprot. (down July 2007), alternative download
  4. Startup Monitor - http://www.windowsstartup.com/startupmonitor.php Star


These utilities warn you of changes to autostart entries. Most of them (except MJ Registry Watcher) cover only the most common autostart up areas, and you cannot add more entries for monitoring. Not recommended unless you are not using anything else more capable (E.g. AntiSpyware with realtime protection or one of the other HIPS above with register monitoring capabilities generally do the same and more). For on demand checks see List of freeware autostart lisers

Script watchers (only)Edit

  1. Kaspersky Anti-Virus Script Checker - http://mikepav. narod.ru/eng/kavscrch.htm
  2. Script Defender - http://www.analogx.com/CONTENTS/download/system/sdefend.htm Star
  3. ScripTrap - http://keir.net/scriptrap.html Star
  4. Script Sentry - http://jasons-toolbox.sectorlink.org/programs.asp?Program=Script%20Sentry Star
  5. VBS Script Executor - http://fileforum.betanews.com/detail/VBS_Script_Executor/990131048/1
  6. Volto Interceptor - http://www.volto.com/interceptor/
  7. See also Lists_of_freeware_hardening_tools


These are Script related tools. Script Defender , ScripTrap and Script Sentry are tools that warn you of any scripts running and providing the option of blocking them or letting them continue to run. They work by associating themselves to script extensions (Script Defender allows you to add more extensions to intercept) so if a script runs it will first call them, before passing it on, as such they use zero cpu time. Also most normal users will never run scripts, so these tools are usually silent and not very intrusive until similar monitors for executables.

Note  : Most of them tools are very old, because they were invented at the time when scripts based worms were rampant.

Information Sources Edit

  1. kareldjag.over-blog.com - lots of details
  2. Definition and analyse of what HIPS means by Gartner
  3. Behavior Blocking: The Next Step in Anti-Virus Protection
  4. Details about Panda's TruPrevent
  5. Link to Tests of specific HIPS products
  6. HIPS Feature comparison
  7. HIPS_FAQ

This article is part of the Lists of Freeware Security Software: Malware Control series.

Freeware Anti-Viruses | Freeware Anti-Spyware | Freeware Anti-Trojans | Freeware Anti-Keyloggers | Freeware Anti-Rootkits | Freeware Firewalls | Freeware Behavior blockers | Freeware Sandboxes | Freeware Virtualization | Freeware Security analysis tools | Freeware Hardening tools | Freeware Blocklists | Freeware security services (excluding virus scanners) | Freeware Anti-Phishing | List of portable tools | List of unclassified tools

Related : Lists of online scanners

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.