Incompatibility with WD and ReHips??
- Thread starter Rengar
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Status
- Jan 10, 2015
- 48
I believe there are no known incompatibilities with those two. I have been using Rehips and Windows Defender for months. There have not been any problems for me. Just remember Rehips is still beta.
- Jan 6, 2017
- 835
- Jan 10, 2015
- 48
It is relatively powerful. Intel i5, 8 GB RAM, and 500 GB HDD. However, I found ReHips to be barely noticeable in terms of system resources.
I did not change anything major in the settings. I just put ReHips into learning mode for a while then I switched it to Standard. You just have to make sure your system is clean without any malware. I think this way with default settings is best for everyday use. I only use ReHips to restrict anything an antivirus misses and I do not really use the program isolation.
I did not change anything major in the settings. I just put ReHips into learning mode for a while then I switched it to Standard. You just have to make sure your system is clean without any malware. I think this way with default settings is best for everyday use. I only use ReHips to restrict anything an antivirus misses and I do not really use the program isolation.
- Nov 19, 2014
- 2,344
I can confirm that there are no incompatibilities with WD and Rehips.
It'd be pretty dumb for ReHIPS to be incompatible with Windows Defender, since ReHIPS is not a replacement for existing anti-virus software, no matter how good it is. Watching what you do and being careful is your first line of defense, your second is preventing the malicious downloads/detecting threats in real-time... Behavioral aspects/HIPS&BB&Sandboxing protection comes afterwards.
Why let it execute and give it a chance in the first place?
Why let it execute and give it a chance in the first place?
No one bothered to ask the guy why he asked the question...
He is most likely just curious before he installs it so he stays on the safe side without having to deal with any issues... If he had an issue with it then surely he'd have mentioned this in his original post.
- Jul 3, 2015
- 8,153
you can use ReHIPS with almost any AV you want, or with no AV at all, if you so wish.
The main advantage to ReHIPS+WD, besides the fact that it is a pretty light config, is that there are no hooks into Windows core,
The main advantage to ReHIPS+WD, besides the fact that it is a pretty light config, is that there are no hooks into Windows core,
- Nov 19, 2014
- 2,344
He got the beta yesterday and making sure if he has to change something in order for rehips to work with WD. He was talking about it on his other post.
- Jan 6, 2017
- 835
- Jul 3, 2015
- 8,153
no problem, this is the place to ask anything you want.
I agree with what others have said: WD will not mess with ReHIPS, or vice versa, so you don't have to make any exceptions in either software. I tried the combo, and others did, too. Everything went smooth.
There's nothing wrong with API hooking as long as it's done properly however it depends on what you want to do, since sometimes there are better and documented methods of doing something. The problem is when hooking occurs but is not done properly and leads to a big slow-down and crashes.
As for hooking into the Windows core, most security software that does this for purposes such as virtualization actually work with the hyper-visor, allowing them to forget about PatchGuard being present on x64 systems, because they'll still be able to make use of kernel-mode hooking (e.g. MSR hooks). Therefore, the hooks won't be valid system-wide into the real Windows core of the OS (since PatchGuard would prevent it on x64 at least), but the hyper-visor is being used system-wide for real virtualization.
That being said, there is more to hooking than kernel-mode hooking... User-mode hooking can also occur, and that doesn't touch the Windows Kernel and is applied from user-mode.
Microsoft have actually made a library for API hooking (user-mode), it's called MS Detours; the free version supports x86 processes only, the professional version supports x64 processes too (but costs a lot of money). I assume there are tons of vendors out there using it if they apply hooking for behavioral monitoring and the such.
Obviously supported and documented methods are much better, but like I said, depends on what you want to do. ReHIPS haven't taken the approach most others take but then again, it's unique in it's own way and if it works for them then great
- Jul 3, 2015
- 8,153
If I got you right, this comment was directed to all the people who shot off quick answers, subtly chastising them for not trying to zero in on a specific issue that the original poster might be having
- Nov 19, 2014
- 2,344
- Status
Similar threads
