Troubleshoot SpyShelter misbehaving in the presence of HitmanPro.Alert

[conceptualclarity]

I have had SpyShelter Premium since the start of July. A couple of days ago I decided to re-install Hitman Pro.Alert full edition. (It had been thrown off my computer a few months ago when ESET got upset over an update.) After I brought back HMPA, SpyShelter began behaving perversely. It blocked the uploading via my context menu of the HitmanPro.exe setup file to the online VirusTotal. It blocked, strangely enough, my use of the bug report option on the SpyShelter GUI. It blocked my opening of my AmazonSmile bookmark on my Maxthon browser. It did all of these things with a notification saying "AntiNetworkSpy: SpyShelter blocks setting hooks for process Maxthon.exe(PID=????)"

SpyShelter support told me:

You need to go to Settings > Security > List of processes which are not monitored by AntiNetwork Spy Module and include HMPA in the list.

That didn't help, to my surprise. I told them:

Thank you for your help. I did as you said, putting hmpalert.exe in List of processes which are not monitored by AntiNetwork Spy Module. I find that the same behavior by SpySyhelter continues. It did all three of the things I mentioned above, and in addition it blocked my effort to open this page by clicking on the link in the email. In each case I got the notification mentioning Maxthon hooks. (I was able to open this page by pasting the link in the address bar.) So, although it seems inappropriate, should I add Maxthon browser to the List of processes which are not monitored by AntiNetwork Spy Module?

They responded:

Have you added Maxthon.exe to the exceptions list in List of processes which are not monitored by AntiNetwork Spy Module?

I added Maxthon to that exclusion list, and things went better for a while. Then I tried to open VLC media player, and I got trouble again, with SpyShelter blocking it.

SpyShelter support said:

You might also try to play around with HPA settings since it tries to hook into the browsers to provide protection, and since SpyShelter is already doing it, it locks HPA out. Other way around, you might as well attempt to disable AntiNetwork Spy Module but it will lower the security provided by SpyShelter.

Well, I can't articulate right now what AntiNetwork Spy Module does, but it sounds useful, and I don't want to disable it.

What are hooks and what is hook-setting? I tried my techterms.com and computerhope.com
Computer Dictionary bookmarks and came up empty. So, also, can someone suggest a better computer definitions webpage? Or maybe a big PDF

This is what appears to me to be the main configuration area for Hitman Pro.Alert full edition. I don't know where I can go to deal with HMPA hooks.

By the way, all of these things were enabled by default except "BadUSB" for which enabling was recommended. By default it has "Passive vaccination" enabled and "Active vaccination" only recommended. Are there problems with Active vaccination? I disabled HMPA keystroke encryption because, even with SpyShelter not running, it made my arrow unstable. Any comments on these things from HMPA fans?

Any way I can make SpyShelter and Hitman Pro.Alert be happy together? I really don't want to dump either of them, because I have paid for both of them. There is some overlap in their functions, but more difference, I think.

 

[conceptualclarity]

Maybe this will help you:
I tried to run SpS with Kaspersky Internet Security, and it did cause a conflict.
The SpS support gave me a piece of advice that worked well: install SpS without keystroke hooks. It is not enough to just turn off keystroke protection -- you have to uninstall, and then reinstall without those mean hooks.
You just untick that box at the beginning of the installation process. I think this might solve your problem.
It only affects the keystroke encryption and the core-level anti-keylogger. All other modules will function normally.

Thank you very much, shmu26. I take it you are referring to only one setting: "Use hard hooks"?

How badly will it affect keystroke encryption and the core-level anti-keylogger?

The manual says:

Use hard hooks- Uses hard hooks (help enforcement hook setting when other security application is installed and there is problem with compatibility)

I have now heard back from SpyShelter support:

Could you answer me directly: there must be a lot of people running both SpyShelter Premium and HitmanPro.Alert full edition. Are they having the same problems I'm having?

Not really, the issues with HPA that people experienced were long time ago and they were unrelated (HPA used to mark SpyShelter as possibly dangerous after each update)

I did uninstall and re-install in my first few days of having the program, and that did correct malfunctioning at that point. What do you think of that idea?

You might try it but I am not sure if it is going to help.

I have done some testing yesterday of HPA on Win 7/8.1/10 while i was at it, and it worked perfectly with SpyShelter. Although I haven't had the chance to do it on Windows XP, I would say that the problem you experience might be system specific or just your config specific.

Either add each not-working application to exceptions of AntiNetwork Spy or just disable AntiNetwork Spy Module but it will lower the security provided by SpyShelter. You can also try to adjust HPA settings.

Yea, I suspect it's related to XP. Life is not as good on XP. I've got a logjam of things in my life to deal with that have kept me from setting up a new computer.

So you guys are sure if I uninstall and reinstall it preserves my settings, and I don't need to export them to something?

 

[Logethica]

@conceptualclarity
I have never attempted to uninstall then reinstall SS whilst wanting to preserve my settings,so I personally cannot comment regarding the preservation of said settings.
I would go to into SS "Rules" and use the "Export all rules to file" icon at the top.
There is an "Import rules from file" icon to use once you have reinstalled SS.
To be clear...I have not followed this procedure myself,so I cannot confirm that "rules" applies to ALL of your SS settings.

 

[shmu26]

I have uninstalled and reinstalled SpS lots of times, and it does remember the processes that I whitelisted. I don't know about settings, though.

About the hard hooks: I don't recall exactly what it is called, but when installing, at the second window (approximately), at the top you will see a box you can untick, it is for the keystroke hooks.
If you untick it, your keystrokes will not be encrypted, and you will not have keylogger protection at the kernel level. But you can still activate standard keylogger protection, like you would have in the free version of SpS.

 

[shmu26]

FYI the regular support guy over there, Daniel Brom, seems to be on vacation or something.
the anonymous person filling in for him does not seem capable of answering hard questions.