HitmanPro.ALERT Support and Discussion Thread

if i were you, i'll switch directly to another browser ...

 

Hopefully Emsisoft is one of them

 

@markloman: I was wondering about this; did you mean colleagues within Sophos, or "competitors" like Emsisoft and MalwareBytes?

(I use HMP.A, EIS, and MBAM Premium so I hope all three work together on this; I know you have been cooperating with Emsisoft before to solve an issue)

 

Firefox 46 is running fast as usual for me. The only real-time protection that I have running is Avira Free and HitmanPro.Alert.

 

Hi Mark! Thanks, I tried those steps already, but it seemed to make no difference for an application that was running, and not protected. After excluding it, the DLL remained injected.

I have already ruled out HMP.Alert, by temporarily uninstalling it, so no worries! I am having a frequent appcrash in the DLL of a program from Cakewalk Inc., a virtual synthesizer VST plugin called Rapture Pro. All of their other, older software runs without issue on my system. I am testing this in demo mode. It is fairly new, just released last year, so I assume they must have done something differently that does not agree with my PC configuration

I hope it's not Avira, but I will rule that out next!

Thanks again for your feedback!

 

Kaspesky has had this for years, and there are lots of other AV's with the same tech, so I think the chance of conflicts on this front is not too big.
Normally when executing a new unknown file, the AV runs the file in it's emulator to look at the behaviour and if safe, executes it in the real environment.
With HMP.A, the real environment looks like virtual environment so it doesn't affect the virtual environment of the AV afaik.

 

Hi Mark,

The license is active. The icon is green. 669 days left.

 

32bit and/or 64bit...?

 

FWIW ~ FF46 32bit feels okay sans HMP.A (Norton, SBIE, ERP, AG, web filters).
Update: FF46 64bit feels okay sans HMP.A (Norton, SBIE, ERP, AG, web filters).

 

Windows 7 Pro 32-bit on Core i3-3240 3.4GHz custom homebuilt on Asus MB, with Samsung EVO 850 SSD

 

Firefox46 --- 32bit and/or 64bit...?

 

Don't understand the question. Last time I checked you could only run Firefox 32-bit on a 32-bit OS. I don't have Win 7 64-bit ...

 

Thanks ... so, Firefox 32bit. #9737

 

No problem, just assumed Firefox 32-bit was implied

My recipe for good system and/or browser performance (avoid duplication of tasks):
1. One lightweight real-time AV program, with any web or browser protection disabled.
2. One anti-exploit real-time program, to protect from browser exploits.

For Firefox, any time you have issues:
1. First try safe mode to see if it improves. Might be an add-on causing slowdown.
2. Then you can try creating a new clean profile without add-ons, to see if it runs better. Run "firefox.exe -p" to access profile manager. You can leave your default profile in place to revert to.
3. If #2 corrects your problem, revert to your original profile, then try giving Firefox a refresh. Firefox menu>Help>Troubleshooting Info "Give Firefox a tune up">Refresh Firefox.

Note on refreshing: backup any extension data first, such as whitelists or blacklists. These will not be preserved. All extensions are removed, but your personal data is kept.

These Firefox troubleshooting steps have solved a few big head scratchers for me, where uninstalling and reinstalling did nothing (where your profile is preserved, if your problem lies therein, it is persistent).

In my opinion, it is probably a good idea to refresh Firefox occasionally, due to changes made from version to version. Firefox is so configurable, that if you keep upgrading over top, it may introduce random unintended configuration issues that Mozilla could not test for. https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings

 

Hi Mark

Thanks for the slowness explanation. As for my specs, they are:

• Win7 64-bit
  
• Comodo Internet Security 8.2.x with browsers running in Comodo sandbox
  
• Mainly browse with Firefox and some Chrome

If you have any insights into how I can restore previous performance levels of FF, please let me know.

Thanks!

 

Can anyone tell me which Adobe Flash objects are auto-protected by HMP.A ?

I don't have HMP.A installed at the moment, but someone has a question about which specific Flash processes are auto-added to HMP.A.

 

In HMPA I'm seeing Adobe Flash Player 21.0r0 listed in the Exploit Mitigations panel, located at:

c:\windows\syswow64\macromed\flash\flashplayerplugin_21_0_0_213.exe (32 bit)

 

Thanks @Victek.

For those that have Flash Player App installed - does anyone know the directory ?

 

I went ahead and picked up the three year three system license for HMPA for around, I think, $80. Not a bad deal and all. Right now I use Comodo Firewall, but I'm thinking of dropping it for HMPA w/ windows firewall control. Is it possible to automatically schedule HMP scans with Alert, because HMP never does through the install procedure I'm never asked.

 

n8chavez, HitmanPro > Settings > Scan > Run a scheduled scan

 

Thanks!
But it would be better if the devs would comment about this because I read somewhere in the internet that Kaspersky has a patented way of dealing with sandbox(or emulator)-aware malware. Kaspersky wouldn't want the sandbox-aware malware to think that it was running in an emulated environment. In this way, Kaspersky would be able to analyze the file properly. But if HMP.A Vaccination is active, then the malware would probably immediately shut-up because it "knows" that it is running under a virtualized environment (an illusion for the malware, though).

I actually have two possible outcomes in mind:
1. Kaspersky and HMP.A conflict.
2. Kaspersky wouldn't be able to properly analyze the file because HMP.A would act first (i.e. shutting the malware off before Kaspersky proceeds with its own heuristic analysis).

 

That's the thing; HMPA doesn't let you install HMP, it simply re-downloads it every time you want to scan. And , as a part of that download procedure, we aren't given any options. I know that the screenshot you gave has options but those are not available to us. Or am I wrong? Can I have a version of HMP that HMPA can be told to use?

 

http://www.surfright.nl/en/hitmanpro/intronew
Download and install.

 

You can permanently install HMP via HMP.A. Go to C:\Users\User\AppData\Local and execute hitmanpro.exe or hitmanpro_x64.exe.

Go to HMP settings and select "Create permanent copy on system."

HMP will then be installed to C:\Program Files or C:\Program Files (x86) dependent on your system bitness.