HIPS Software for Windows 7 x64, that's easy to use? TIA

Discussion in 'other anti-malware software' started by altruist, Mar 5, 2011.

Thread Status:
Not open for further replies.
  1. altruist

    altruist Registered Member

    Joined:
    Feb 13, 2008
    Posts:
    25
    Hey guys,

    What HIPS software can I run on Windows 7 (x64/64-bit) that's relatively easy to use? By easy to use, I mean either minimal amount of prompts, some kind of set it up and forget it type system, or the ability to use keyboard shortcuts to authorize programs.

    Thanks!
     
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Comodo Internet Security has a huge whitelist, which makes it easier to use. It's more than a HIPS though (you can opt-out of other components).

    Behaviour blockers such as Threatfire and Mamutu have less prompts than a HIPS.
     
  3. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    343
    My vote goes for comodo also
    Have been using it for years with no problems
    Try comodo forums for approprate settings for you
     
  4. Matthijs5nl

    Matthijs5nl Guest

    Why do you want intrusion prevention software?
     
  5. Gobbler

    Gobbler Registered Member

    Joined:
    Jul 30, 2010
    Posts:
    270
    By your description if I understand correctly you want an anti-malware application which is non-scanner based and easy to use.In that case, these are the applications that fits your bill-

    Online Armor Paid/free-Classical HIPS, very quite and easy to use if you install it on a clean system and "trust all" when installing it.

    AppGuard-Although not classically a HIPS application, this may be the most effective and easiest to use app on a 64 bit platform, pretty much set and forget kind of app and it is a lifetime license for $24.95 for three computers with a single purchase.

    Sandboxie-Strictly a Sandbox application but very easy to use once you set it up.Although in theory it is considered somewhat weaker on a x64 platform, there has never been any reports of any real world malware actually bypassing it.It also is a lifetime license plus you can install it on any number of computers you personally own.
     
  6. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    I'd suggest AppGuard as well. It's as effective as a HIPS and runs well on x64 machines.
     
  7. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    one of the easy to use HIPS in 64bit is SpyShelter
    On every pop up you can always choose read the details of the process,
    So we can get a greater understanding of what happened

    But if u want a minimal pop up, u can always try Behaviour Blocker like Mamutu
    It'll also get the job done
     
    Last edited: Mar 5, 2011
  8. markedmanner

    markedmanner Registered Member

    Joined:
    Nov 1, 2009
    Posts:
    134
    Agree Comodo. Defense + set to safe and Sandbox turned on works great.
     
  9. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    first of all, there is no such thing as an easy to use classical HIPS, even if it has minimal prompts, ull eventually run into something that u dont know how to answer since all HIPS are somewhat cryptic ad whitelists will never be complete

    having said that, i think Zemana would normally be the closest thing to fit the bill, but since ur on x64 where Zemana has limited functionality, perhaps something like Appguard which has minimal user interaction (long as ur not the type to frequently install/change thing on ur system, etc.) or if u really want something more traditional, Mamutu might be the closest thing to what ur looking for.
     
  10. Cvette

    Cvette Registered Member

    Joined:
    Apr 16, 2010
    Posts:
    373
    Location:
    South Carolina, USA
    I find that if you set Defense+ to SAFE mode and uncheck some options like cloud scanning, and sandbox, you have a great stand-alone hips product that is easy to use. Although I would say it is most certainly not for the casual user who doesn't know how to respond to an alert... learned that with my Grandmother :ouch:
     
  11. littlebits

    littlebits Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    262
    If you want to easiest then I recommend WinPatrol, but it is not complete HIPS solution but most people don't need a complete solution. If you don't need a firewall then there is no need to use a product like Comodo, Online Armor, etc. because they are not easy to configure for basic users. Most members here who recommend Comodo, Online Armor, etc. are advanced users who seem to have the extra time to deal with configuration, broken Windows Updates, system errors and lockups, programs not installing correctly, etc.
    In my opinion full HIPS programs are an overkill.

    WinPatrol might not offer the best HIPS protection, but it doesn't cause problems like most of the others do.

    Thanks.:D
     
  12. markedmanner

    markedmanner Registered Member

    Joined:
    Nov 1, 2009
    Posts:
    134
    Been using Comodo for 2 years now. If you dont need the firewall disable it no worries about configuring it. As far as Defense+ (HIPS) if you run it on Safe Mode there shouldnt be any problems. There is a whitelist of digitally signed programs that it will allow to run without any prompt. Most things you download from websites like download.com etc will install without any peep. And even if it does prompt you when you install something just click Allow and check remember my answer. Plus Comodo is free. I personally have never had broken Windows Updates, system errors and lockups, programs not installing correctly with Comodo since I have been using it

    So disable firewall. Enable Defense+ to Safe Mode. Click allow if prompted when installing a new good program and your good. :)
     
  13. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    I agree with the recommendations for AppGuard. Similar to DefenseWall and GeSWall, it uses policy restriction. It's much quieter than than a classical HIPS and requires minimal user interaction.
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
  15. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    Appguard :thumb:
     
  16. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
    I think SpyShelter Premium is a good choice...it has silent HIPS and two latest version introduced important changes which gave even greater comfort for users.
    ver. 5.10
    - added custom signers list feature
    ver. 5.11
    - decreased number of false alerts: huge internal signers database update - added over 9400 new positions (previously ~300)
    - signatures processing function rewritten and strongly optimized
    - added import export function for Trusted signers list
    http://spyshelter.com/change_log.html
     
  17. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,509
    I am running 7 x64 and have tried all the mentioned programs. Just speaking for myself, the easiest to use is Sandboxie, along with safe computing habits and a system image. At the moment I'm also running WinPatrol and Prevx just for my own comfort level (nothing has gotten by Sandboxie in more than a year of use), but they are switched out frequently for programs like Mamutu or Privatefirewall.
     
  18. Worter

    Worter Registered Member

    Joined:
    Mar 9, 2011
    Posts:
    6
    I think Comodo Premium x64 is not bad choice.
     
  19. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    i honestly wonder if people are just recommending what they like/use or if they really try to objectively see what has minimal user interaction and will not confuse the user when prompted...
     
  20. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Most often it's what they like and use. If you truly wanted to answer the original question, and, probably quite safely, assume the user has no experience with such apps, then the answer would be to not use HIPS period. Comodo is not easy to pick up right off the bat. It talks, a lot. When it does talk, it's almost always in tech jargon. It's a HIPS, it's supposed to be that way. We may never see a truly "dumbed down" HIPS. My suggestion, go with Sandboxie, even the free version, and keep it at default settings. The only thing you really should change, imho, is telling it to dump the contents of the sandbox once a browser is closed. If there is anything in the box, like files/bookmarks that it thinks you might want to keep, it will ask you to recover them. It's safe, it's dumbed down (in default mode), and there won't be a pop-up in sight to answer wrong and have your system croak or let malware and other nasties through.
     
  21. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    well there are diff kinds of HIPS with varying degrees of diffculty of use, but i just dont undertsand why people suggest the classical variety of HIPS after looking at the OP's question
     
  22. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    By what you request, the only option I see would fit it is AVG Identity Protection, which is a smart behavior blocker. It will monitor processes and if it spots known malicious patterns, then it will act.

    Unfortunately, AVG killed it as a stand alone application. Now you can get it bundled with their free AV.
     
  23. Eirik

    Eirik Registered Member

    Joined:
    Oct 6, 2008
    Posts:
    544
    Location:
    Chantilly, Virginia
    Thanks to those mentioning AppGuard.

    I thought I'd offer one point that is useful on some occasions where "power users" are involved. Some such users, even though averse to question prompts, desire to know what's happening in fairly significant detail. I also refer to these knowledgeable folk as 'command and control' users. AppGuard is not designed to thrill such users, even with 'verbose notifications mode' enabled. I generally regard non-malware blocking event notifications as incentive to further refine AppGuard. We have more work to do, though I am encouraged by our progress.

    Cheers

    Eirik
     
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
  25. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    Most of the non-malware blocking event notifications I'm seeing are in relation to MemoryGuard. If I've understood it correctly, this is one area where the Trusted Publisher feature is going to help in a future release of AppGuard.
     
Loading...
Thread Status:
Not open for further replies.