HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. Ask Mark or Erik by PM
     
  2. numen

    numen Registered Member

    Joined:
    Jul 31, 2016
    Posts:
    10
    Location:
    Europe
    Small update to my HMPA 3.5 download issue with Avira Web Protection on. Apparently it only happens in Opera. Chrome, Firefox and Edge are not affected, interesting... Disabling mitigations for Opera (not just unticking them) fixes the problem, but that is not something I would like to do.

    I also think Adobe Cloud Updater displayed an issue with downloading updates as well (as I had to download the latest Lightroom CC update manually after Adobe Cloud failed to unpack the downloaded updates several times), but I am not able to confirm it at this moment.

    I hope this will help in troubleshooting and fixing this.
     
  3. Gein

    Gein Registered Member

    Joined:
    Dec 8, 2013
    Posts:
    213
    I can't get the blizzard game overwatch to run since installing hmp.a. The process is showing up in task manager but it wont launch at all. Is anyone else having this problem?
     
  4. busy

    busy Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    117
  5. Gein

    Gein Registered Member

    Joined:
    Dec 8, 2013
    Posts:
    213
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,929
    Location:
    The Netherlands
    The thing is, there is nothing special about Bouncer and MemProtect. Just about all tools that monitor process execution will pass the "Exploit Test Tool" from Surfright. I have tested it against EXE Radar and SpyShelter, and guess what? They also block the execution of calc.exe.

    But that doesn't mean they can block the exploit in an early phase, like MBAE and HMPA both can do. The faster you block the exploit chain, the less chance of a bypass, that's the big advantage of specialized anti-exploit tools. Bouncer + MemProtect is basically AppGuard for "uber geeks", there is nothing special about it.
     
  7. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    896
    Location:
    USA
    My observations are:
    1. He bypassed the Windows SmartScreen warning and ran an unknown executable anyhow :)
    2. The Kaspersky tray icon has an yellow triangle alert on it. Was real-time protection disabled?
    3. We do not know the status of HMPA based on the tray icon, but if this was not crypto-ransomware, and no unusual process or memory exploits were employed, HMPA may not have picked this one up.
    4. The mystery at 1:20 in the video: A number of desktop shortcuts, including HMPA, disappear at the exact same time as the files in the test folder on the desktop. This only shows the shortcuts being removed, not the actual programs.
    5. So when he runs HitmanPro, a trojan is detected. I find it hard to believe that a known trojan got past the Kaspersky realtime detection without being detected.
     
  8. @Tinstaafl Mark loman explained that the guy tests with HPMA and Kapersky disabled as you suggested. HPMA protects against these variants. Thx
     
    Last edited by a moderator: Aug 11, 2016
  9. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    978
    Location:
    UK
    yeah I read in your older post that you use memprotect, but I have absolutely no idea how to enable it.
     
  10. @chrcol That is the advantage of HPMA it has a GUI and good support at Wilders
     
  11. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,049
    Location:
    Baden Germany
    @Tinstaafl :
    Darn, the "You-Tester" not only bypassed smartscreen, but also UAC...

    Such video is only good for generating clicks, and discredit the security solutions, that where loaded, but deactivated,
    just to create more rumors and clicks.

    Not worth to discuss anymore.
     
  12. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    978
    Location:
    UK
    I suspect the bypass UAC is only when the default whitelist UAC mode is enabled, not the proper UAC aka vista mode.
     
  13. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    896
    Location:
    USA
    +1

    Yep, not exactly a real world test. I usually leave my protection enabled :)
     
  14. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    896
    Location:
    USA
    Ha, yes! You will have much better protection with you stuff turned ON!!!
     
  15. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,049
    Location:
    Baden Germany
  16. Gein

    Gein Registered Member

    Joined:
    Dec 8, 2013
    Posts:
    213
    I've always been worried about keystroke encryption and stuff like that affection input latency in games, am I overthinking things?
     
  17. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    It is my opinion yes. I don't worry about key encryption as something first has to get on your system to encrypt and 2nd it has to be able to send it home
     
  18. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    896
    Location:
    USA
    Are you are referring to this: Privacy and Espionage Protection - Proactively encrypts keystrokes - HMPA feature? Then you probably don't need to worry about latency in games. As I understand this feature, it only encrypts keystrokes as you type credentials into forms on webpages. Keeps your passwords safe from spies.

    In any case case, I doubt that real-time encryption using today's modern CPU's would create any perceptible latency. I used to run TrueCrypt with full disk software encryption using on-the-fly encrypt/decrypt for the entire boot drive, and could not tell any difference in real world performance from a non-encrypted boot drive. Only with CrystalDiskMark could I see any measurable throughput difference in MB/S on a SATA 3GB/S SSD.
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,929
    Location:
    The Netherlands
  20. denniz

    denniz Registered Member

    Joined:
    Jul 26, 2007
    Posts:
    436
    Location:
    The Netherlands
    @markloman @erikloman

    Ever since I did the update to Windows 10 Anniversary, HMPA and Bitdefender don't play nice. Some programs (until now AdGuard, PushBullet and O&O ShutUp) fail to start there GUI without any errors and only show background processes in Windows Task Manager with excessive CPU usage (about 25% for each process).

    Making exclusions in HMPA doesn't help, until now this function kinda seems a bit useless because it never seems to solve anything. Also really annoying is that HMPA doesn't tell me anything when it's blocking stuff that ain't specifically in the protection list.

    To solve the problem I need to do one of the following: either uninstall HMPA or make process exclusions in Bitdefender while leaving HMPA installed. Uninstalling HMPA gives a 100% success rate of solving the problem, while exclusions in Bitdefender is a bit of a hit or miss solution depending on the program.

    I think there is a conflict between Bitdefender's Active Threat Control and HMPA. The only thing Bitdefender support advises me to do is uninstall HMPA. And I ain't planning on constantly excluding things in Bitdefender, because that kinda makes the whole real-time antivirus idea a bit useless.

    Lately I'm getting a bit annoyed by all these issues, it's a real time drainer constantly working around these problems and contacting support departments of different developers in the hope that they ain't gonna give me the runaround, while in the past everything worked fine..
     
    Last edited: Aug 13, 2016
  21. 142395

    142395 Guest

    Thanks for the info.
    I'm using 64 bit Chrome, tho I'm not sure if it has sth to do w/ key stroke encryption.
    Anyway I tested old version of HMPA, so will test later w/ new v3.5.
     
  22. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,131
    @denniz The O&O ShutUp GUI started fine on my system (clean 1607 install), with both HMP & HMPA installed. It also ran fine on a family member's PC (1607 as an update), with both HMP & HMPA installed. Perhaps something else is interfering on your system?
     
  23. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,116
    Location:
    USA
    I understand your frustration, but the problem is with Bitdefender not HMPA. They expect users to run their product exclusively instead of working to maintain compatibility with HMPA. I experienced the same thing with another AV vendor and decided to drop their product. I feel that Windows Defender is strong enough in Windows 10 to serve as my AV and it gets along fine with HMPA and MBAM.
     
  24. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    1,292
    Location:
    USA, MICHIGAN
    I have no issues what so ever with BD and HMPA
     
  25. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,116
    Location:
    USA
    I'm glad to hear that, but it doesn't change the fact that BD apparently won't support people who do have issues.
     
    Last edited: Aug 13, 2016
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.