HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. Alkajak

    Alkajak Registered Member

    Joined:
    Mar 6, 2016
    Posts:
    125
    Could this be due to O&O ShutUp10 privacy tweaks?
     
  2. _CyberGhosT_

    _CyberGhosT_ Registered Member

    Joined:
    Mar 2, 2015
    Posts:
    457
    Location:
    MalwareTips "Your Security Advisor"
    I too use O&O Alkajak, and HMP.A
    I have the 3.6.3 580 Beta installed,
    is that the same version your getting that in ?
    Never mind I just noticed your sig :p
    Ignore me today lol
     
  3. Alkajak

    Alkajak Registered Member

    Joined:
    Mar 6, 2016
    Posts:
    125
    Do you get the same alert? I am using the same versions as you.
     
  4. _CyberGhosT_

    _CyberGhosT_ Registered Member

    Joined:
    Mar 2, 2015
    Posts:
    457
    Location:
    MalwareTips "Your Security Advisor"
    No, I haven't yet, but I was asking so I would know weather or not
    to keep an eye out.
    Thanks Alkajak ;)
     
  5. MikeRepairs

    MikeRepairs Registered Member

    Joined:
    Mar 26, 2014
    Posts:
    80
    Location:
    Kissimmee, FL
    I am really curious to know what compatibility issues there might be when HMPA and MBAM 3 are run at same time. I am a re-seller of both and have hundreds of installed users running both HMPA and MBAM at same time. Now MBAM is pushing the 3.0 release to the currently installed users.

    I need to know about the compatibility or the side effects of the two anti-exploit and anti-ransom on the same computer. Am I going to have to install one or the other? I asked MBAM to give me an option to install without those modules, but they don't care to say if they will or not. and now they released 3.0 anyway, so there's my answer.
     
  6. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,278
    Location:
    Among the gum trees
    You should disable the Exploit Protection in MB 3.0 but you will see a huge warning pop up at every boot which you will need to close, even then there will be an exclamation point on the tray icon.

    I'm sticking with MBAM 2 for as long as I can, or until they fix their buggy program.
     
  7. _CyberGhosT_

    _CyberGhosT_ Registered Member

    Joined:
    Mar 2, 2015
    Posts:
    457
    Location:
    MalwareTips "Your Security Advisor"
    3 is still too buggy, you should be advising those of your customers that employ HMP.A to wait to upgrade MBAM to v3.
    That would be the intelligent thing to do. ;)
     
  8. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    I would advise against installing Malwarebytes 3.0 at all at the moment and neither would I run the premium version together with HMP.A, even with Malwarebytes' exploit-protection disabled.
     
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I've tested that,
    Have you tested. I am running MB3 with both exploit and Ransomware turned off. (latest version) and I see no conflict with HMPA
     
  10. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,100
    Location:
    USA
    I'm running HMPA and MBAM v3 together. In MBAM I've only turned off the exploit protection and the two programs get along fine. The reason I won't install MBAM v3 on the PCs of some family members though is because when you turn off a module the UI and the tray icon show a warning which cannot be canceled. Every time you boot the computer MBAM shows a pop-up saying that the system is not fully protected and that annoys and worries some people. This has been brought to the attention of MalwareBytes and they've said they intend to address it, but so far they haven't. It needs to be possible to turn off modules when necessary without the program going into a permanent warning/error state.
     
  11. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    It's nice that you personally went to hundreds of Mike's clients and tested the combination of Malwarebytes 3.0 + HMP.A + their individual operating system, hardware and other software combination. No, of course you haven't. All you can tell is that on your system with two thirds of Malwarebytes 3.0 disabled it seems to work at the moment, or there might be a conflict you simply haven't encountered yet.

    Any minute Malwarebytes might push an update which breaks compatibility again, not only with each other but also other already installed internet security solutions on those computers, or even not security related software thanks to the anti-ransom-module. An update could also result in a re-enabling of components of Malwarebytes which then might result in a conflict. Also Malwarebytes throws a fit and goes red-alert the second you disable a component which might lead the user to re-enable it.

    Just imagine all the hundreds of Mike's clients, who might not be so computer literate, and the support efforts and costs for Mike such a bound-for-trouble combination might generate. I guess reselling this stuff yields little profit as it is without getting hundreds of phone calls like "Hey Mike, Malwarebytes just showed an alert I don't understand" and the likes.

    If I ran a computer repair shop, I would have recommended the old MBAM 1.75 and 2.x to clients back in the day, but Malwarebytes 3.0 is not recommendable at the moment and even once the bugs are ironed out, the recommendation has to be made on a careful individually based case. HMP.A is also more generated to computer literate persons, who know how to avoid overlaps and conflicts, but even 50% of the people who post problems in this thread here don't seem to understand that, so why would pc repair shop customers know that?
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Fleischmann

    From that perspective I have to agree. I can run it and deal with it, but no I wouldn't put it on a paying clients machine
     
  13. guest

    guest Guest

    im off topic but the main concern i see on many security forums (and here especially) is that some members only think and talk about their own personal system and setup, contradicting/ignoring/opposing/denying what other members mention in a more "common user" and wider point of view.
    Then some beginners come around , read those posts about specific system setups, feel they can do the same then smash or make their system unsecure; and obviously will blame the softwares for any issues/infections.
     
  14. Rudolf1982

    Rudolf1982 Registered Member

    Joined:
    Jan 30, 2017
    Posts:
    4
    Location:
    Samobor
    Thank you for your answer.
    One more question regarding HMPA and Intercept X.
    Is Intercept X using same technology as HMPA or is HMPA "beta" of Intercept X?
     
  15. rei

    rei Registered Member

    Joined:
    May 25, 2006
    Posts:
    51
    It appears not to be fully-integrated yet into Sophos Advanced Endpoint. We have it licensed at work and there's a separate HMPA folder installed for it into %PROGRAM FILES%
     
  16. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    We have made integration for Intercept X (it is 75% HMPA). The binaries are the same between HMPA and IX.

    Sophos builds our code base in their build environment and we build the exact same code base in our environment. So its all the same code. Stuff we fix end up in both products.
     
    Last edited: Feb 1, 2017
  17. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    651
    Location:
    Far East
    Hi Erik

    I have sent you a pm regarding the re-activation of my license. Please help. Thanks
     
  18. HempOil

    HempOil Registered Member

    Joined:
    Jun 15, 2015
    Posts:
    199
    Location:
    Canada
    No issues since upgrading to Build 580 on Sunday.
     
  19. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro.Alert 3.6.3 Build 582 RC1

    Changelog (compared to 580)
    • Improved installer/uninstaller
    • Improved compatibility with MBAE, MBAM v3 and EMET
    • Improved CallerCheck mitigation
    • Improved DEP mitigation
    • Improved compatibility with software using delay-loaded user32.dll
    • Fixed issue with Forza Horizon 3 failing to start
    • Fixed issue with Enpass UWP failing to start
    • Fixed rare crash in Mozilla Firefox when running with Norton
    • Fixed rare crash in conhost.exe
    • Fixed rare BSOD in WipeGuard in combination with some USB fixed disks
    • Fixed small memory leak
    • The issue with Overwatch was fixed by Blizzard
    Notes
    This build does NOT have Microsoft co-signed drivers. So this build will NOT run on computers with Windows 10 Redstone 1 with SecureBoot enabled.

    Download
    http://test.hitmanpro.com/hmpalert3b582.exe

    Please let us know how this version runs on your computer :thumb:
     
    Last edited: Feb 3, 2017
  20. cavehomme

    cavehomme Registered Member

    Joined:
    May 19, 2010
    Posts:
    128
    Location:
    Alps
    Dear HMPA, I still have not seen a reply or fix to the issue I raised many weeks ago concerning the throttling down then killing of my network connection. This was on 2 different laptops, different manufaturers, both Win 10. So 2 licenses remain unused and instead I am using Malwarebytes Premium 3.0.

    I am not experiencing any issues with MWB 3, certainly not the ones posted here by several people.

    I'd like to support you again, but until you guys / Sophos set up proper support processes in respect of this potentially great product, you won't be getting a renewal from me, nor purchases from my businesses, it remains a nice niche product. Hopefully Sophos can get you to fix the bugs and improve support massively and propel it to mainstream consumer level. Good luck.
     
  21. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,100
    Location:
    USA
    Upgraded from build 580 to 582 with no issues :thumb:

    By the way, is it still recommended that anti-exploit protection in MBAM v3 be turned OFF?
     
  22. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Disable the Network Lockdown feature. That should help to some extent.

    Last resort, rename C:\Windows\System32\hmpnet.sys to hmpnet.bak
     
    Last edited: Feb 3, 2017
  23. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    In build 582 we now prevent the mbae.dll to load in processes mitigated by HMPA (mbae.dll is still allowed to load if the application is not in HMPAs application list).

    The mbae.dll will be allowed to load again when HMPA's license expires or when Exploit Mitigation in HMPA is disabled. This so that the exploit protection falls back into MBAE's hands.

    This ensures that both Malwarebytes and SurfRight don't get too many support calls from customers running both products.

    So you may enable exploit protection in MBAM v3 when HMPA is installed.
     
  24. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    You guys are amazing. Thanks Erik
     
  25. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,100
    Location:
    USA
    This is very helpful as it means the constant error that MBAM v3 displays when a protection module is disabled can be eliminated. Thank you! :thumb:
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.