Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
Is there value/benefit in using HitmanPro.Alert?
Message
<blockquote data-quote="ForgottenSeer 97327" data-source="post: 1038202"><p>The first HitmanPro.alert came out just before the release of Windows 7. Vista had introduced different integrity levels and UAC, but Vista was not a market succes. The introduction of Windows7 made it harder for malware to gain admin rights and/or survice re-boot because of the extra integrity levels and UAC.</p><p></p><p>Creative as malware writers are, they started to use bugs in software to elavate rights. because of the low market success of Vista and the high succes of Windows 7, a lot of software was hastily update to comply with the (new) integrity levels. So there were a lot of bugs to misuse by malware writers.</p><p></p><p>HMPAlert was a behavioral blocker which looked specifically at the weakspots of often abused programs (contrary to earlier behavioral blockers like Mamutu or Mumato who looked at suspicious patterns of all programs). This made them as useful and succesful like having an extra body guard and a rapid response team assiting your AV. When a new intrusion method was discovered, the guys from HMPA coded a catcher/interceptor for it. HPMAlert's block rate agianst new intrusion methods was also much higher than traditional AV's.</p><p></p><p>This focussed approach of HPMA turned out also very powerful for staged attacks. Staged attacks are succesful because they make a series of minor or low profile intrusions (enough to be not detected by behavioral mechanism of the AV's). The third wave on which HMPAlert surfed was the outbreak of ransomware (which often used LOLbins and vulnabilities in staged attacks).</p><p></p><p>So the answer your question: NO HMPAlert has not become weaker, the operating system itself has got a lot of mechanisms to prevent/protect against exploits and the premium AV's developed Behavioral Monitors in combination with Machine Learning/Artificial Intelligence and Reputation (origin) validation mechanisms, which kind of makes the added value questionable when you use a paid premium paid Antivirus like Bitdefender, (but I would certainly also mention Kaspersky with systemwatcher and F-secure with deepguard)</p></blockquote><p></p>
[QUOTE="ForgottenSeer 97327, post: 1038202"] The first HitmanPro.alert came out just before the release of Windows 7. Vista had introduced different integrity levels and UAC, but Vista was not a market succes. The introduction of Windows7 made it harder for malware to gain admin rights and/or survice re-boot because of the extra integrity levels and UAC. Creative as malware writers are, they started to use bugs in software to elavate rights. because of the low market success of Vista and the high succes of Windows 7, a lot of software was hastily update to comply with the (new) integrity levels. So there were a lot of bugs to misuse by malware writers. HMPAlert was a behavioral blocker which looked specifically at the weakspots of often abused programs (contrary to earlier behavioral blockers like Mamutu or Mumato who looked at suspicious patterns of all programs). This made them as useful and succesful like having an extra body guard and a rapid response team assiting your AV. When a new intrusion method was discovered, the guys from HMPA coded a catcher/interceptor for it. HPMAlert's block rate agianst new intrusion methods was also much higher than traditional AV's. This focussed approach of HPMA turned out also very powerful for staged attacks. Staged attacks are succesful because they make a series of minor or low profile intrusions (enough to be not detected by behavioral mechanism of the AV's). The third wave on which HMPAlert surfed was the outbreak of ransomware (which often used LOLbins and vulnabilities in staged attacks). So the answer your question: NO HMPAlert has not become weaker, the operating system itself has got a lot of mechanisms to prevent/protect against exploits and the premium AV's developed Behavioral Monitors in combination with Machine Learning/Artificial Intelligence and Reputation (origin) validation mechanisms, which kind of makes the added value questionable when you use a paid premium paid Antivirus like Bitdefender, (but I would certainly also mention Kaspersky with systemwatcher and F-secure with deepguard) [/QUOTE]
Insert quotes…
Verification
Post reply
Top
