Battle Windows Defender + Malwarebytes Premium + HitmanPro.Alert ?

D

Deleted member 65228

I wouldn't use Malwarebytes Anti-Exploit (included in their Premium version of the Anti-Malware) in combination with HitmanPro.Alert, I could see those two potentially conflicting but I've never tested it out before.

You can try using Windows Defender and HitmanPro.Alert for real-time and stick to Malwarebytes Premium being used for on-demand scanning (disabled real-time components - which also means you could revert back to using the free version of Malwarebytes once your current license expires).

I've heard rumours that HitmanPro.Alert now has an Anti-Malware engine embedded within it though. Hopefully someone else will be able to verify if this is legitimate or not for me to help you.

Keep a system image backup at all times, can be very beneficial if an issue/malware infection did occur at any given time (not exclusively regarding security configuration conflicts).
 

LasagnaDelRey

Level 1
Thread author
Jan 28, 2018
13
I wouldn't use Malwarebytes Anti-Exploit (included in their Premium version of the Anti-Malware) in combination with HitmanPro.Alert, I could see those two potentially conflicting but I've never tested it out before.

You can try using Windows Defender and HitmanPro.Alert for real-time and stick to Malwarebytes Premium being used for on-demand scanning (disabled real-time components - which also means you could revert back to using the free version of Malwarebytes once your current license expires).

I've heard rumours that HitmanPro.Alert now has an Anti-Malware engine embedded within it though. Hopefully someone else will be able to verify if this is legitimate or not for me to help you.

Keep a system image backup at all times, can be very beneficial if an issue/malware infection did occur at any given time (not exclusively regarding security configuration conflicts).

Ok, thanks so much for this info, I will only use Malwarebytes for on-demanding scanning now.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
You can use Windows Defender as the default primary Antivirus, with HitmanPro.Alert and Malwarebytes (free license) as an on-demand scanner. No need to purchase Premium.

If you purchase a HitmanPro.Alert license, you can download and use HitmanPro scanner for scanning and removal.

You can share you final configuration at PC Security Configuration, remember to include details.
 
D

Deleted member 65228

Why do not you use a free and much more complete AV instead of WD? I recommend Kaspersky Free, you will gain in protection and performance.
Well in all fairness, HitmanPro.Alert focuses primarily in anti-exploit and anti-ransomware and given exploitation and ransomware are very prevalent nowadays, it works quite well. Windows Defender is a basic Anti-Virus but it should be sufficient in combination with good behavioural prevention like offered in HMP.A. That's why Sophos snapped it up by purchasing Surfright company and embedding HMP.A into their end-point protection initially.

@OP On that note you could look into Premium services by Sophos since Sophos are in the AV market and they actually own HMP/HMP.A now and then still use MBAM on-demand. But it's your call. Use what you are comfortable with and trust

Personally I think Spawns first suggestion about WD w/ HMP.A and MBAM on demand is what I would go for in your shoes out of that choice
 

Faybert

Level 24
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
Well in all fairness, HitmanPro.Alert focuses primarily in anti-exploit and anti-ransomware and given exploitation and ransomware are very prevalent nowadays, it works quite well. Windows Defender is a basic Anti-Virus but it should be sufficient in combination with good behavioural prevention like offered in HMP.A. That's why Sophos snapped it up by purchasing Surfright company and embedding HMP.A into their end-point protection initially.

@OP On that note you could look into Premium services by Sophos since Sophos are in the AV market and they actually own HMP/HMP.A now and then still use Malwarebytes Anti-Malware on-demand. But it's your call. Use what you are comfortable with and trust

Personally I think Spawns first suggestion about WD w/ HMP.A and Malwarebytes Anti-Malware on demand is what I would go for in your shoes out of that choice
The problem is that WD works poorly, it sucks its CPU constantly, it's a bit bizarre and I do not like many security solutions installed, just install a robust product and that's it, most people install 3 or 4 programs at the same time, I think it's a big exaggeration, so they think they're ready for a threat that will never come.
 

Deletedmessiah

Level 25
Verified
Top Poster
Content Creator
Well-known
Jan 16, 2017
1,469
I wouldn't use Malwarebytes Anti-Exploit (included in their Premium version of the Anti-Malware) in combination with HitmanPro.Alert, I could see those two potentially conflicting but I've never tested it out before.
Which anti exploit works better, on both protection and in terms of causing less issues? Malwarebytes or HMPA?
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Why do not you use a free and much more complete AV instead of WD? I recommend Kaspersky Free, you will gain in protection and performance.
Instead of ditching it completing and relying on third-party software that will later force users to upgrade to Paid-security, and Nag them to create an account for their details and billing information. OP can earn more protection by utilizing other Windows 10 features such as, Controlled Folder Access, Warn before installing apps outside of Store in Apps & Features. It's also important that OP creates a backup of their data, which can minimize any headaches if in case of a system-wide malware outbreak, or hardware failure. Microsoft is backing Defender to protect their users, so it's fair to say Defender can only improve over the coming years and major updates.

CPU usage is minimal on modern hardware, running Windows 10 on Intel Core i7 here and barely notice the fan increase, unless I'm using Firefox or Chrome to play a video or loading a lot of tab contents.
 
D

Deleted member 65228

Which anti exploit works better, on both protection and in terms of causing less issues? Malwarebytes or HMPA?
Malwarebytes Anti-Exploit brings a lot less-hassle however HitmanPro.Alert brings enhanced protection in comparison without a doubt.

Then again, MBAE within MBAM comes with it's other nice features like their self-protection mechanisms. AFAIK HMP.A was not very good when it came down to that. Even as so much as unloading the MBAE module from the address space of a monitored/protected process = flagged and execution ended.

Both are good though IMO.
 

Faybert

Level 24
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
I used it many times and it was always fine for me but I know that many I know do not have that benefit and that it works poorly for them too so I am not sure what to say. I guess it works sometimes for some and not for others hahahaha
Yes I agree, it may work for some and not for others, with me the experience was horrible. Are you using McAfee?
 

Deletedmessiah

Level 25
Verified
Top Poster
Content Creator
Well-known
Jan 16, 2017
1,469
Malwarebytes Anti-Exploit brings a lot less-hassle however HitmanPro.Alert brings enhanced protection in comparison without a doubt.

Then again, MBAE within Malwarebytes Anti-Malware comes with it's other nice features like their self-protection mechanisms. AFAIK HMP.A was not very good when it came down to that. Even as so much as unloading the MBAE module from the address space of a monitored/protected process = flagged and execution ended.

Both are good though IMO.
Thanks. (y)
Now if only Malwarebytes get lighter again.
 

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
I wouldn't use Malwarebytes Anti-Exploit (included in their Premium version of the Anti-Malware) in combination with HitmanPro.Alert, I could see those two potentially conflicting but I've never tested it out before.

You can try using Windows Defender and HitmanPro.Alert for real-time and stick to Malwarebytes Premium being used for on-demand scanning (disabled real-time components - which also means you could revert back to using the free version of Malwarebytes once your current license expires).

I've heard rumours that HitmanPro.Alert now has an Anti-Malware engine embedded within it though. Hopefully someone else will be able to verify if this is legitimate or not for me to help you.

Keep a system image backup at all times, can be very beneficial if an issue/malware infection did occur at any given time (not exclusively regarding security configuration conflicts).
I haven't used both together. But regarding possible incompatibility between MBAE and HMP.A

HitmanPro.ALERT Support and Discussion Thread
"In build 582 we now prevent the mbae.dll to load in processes mitigated by HMPA (mbae.dll is still allowed to load if the application is not in HMPAs application list).

The mbae.dll will be allowed to load again when HMPA's license expires or when Exploit Mitigation in HMPA is disabled. This so that the exploit protection falls back into MBAE's hands.

This ensures that both Malwarebytes and SurfRight don't get too many support calls from customers running both products.

So you may enable exploit protection in MBAM v3 when HMPA is installed."

No idea if this is currently the case though.
 

DavidLMO

Level 4
Verified
Dec 25, 2017
158
If you buy HMPA it comes with HMP built-in. No need to DL or buy HMP. If you do get HMPA just be aware that you do not have access to all the settings in the stand-alone HMP. Just the bare bones scanner. No - I do not know why they chose to do it that way. I have HMPA license.

Be aware there is NO reason to run both MBAE and HMP.A at the same time. They are both written to do the same thing. Yes I have tested running them at the same time.
 
Last edited:

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
IMO, if you haven't bought any of, don't buy them because they won't significantly improve your overall security against malwares
if you already bought 1, use it. Don't use them together

MB: excellent web filter, poor signatures but great against PUPs, adwares and react very quickly against new ransomwares (signatures), average antiransomware module, okay anti-exploit module, compatibility issue and performance issue, high RAM usage

HMPA: many compatibility issues and may slowdown other app performance (I experienced many problems with HMPA within a month, unbearable), better antiexploit, above average but sub-optimal antiransomware module (overrated), overpriced

if I'm not mistaken, HMPA and MBAE didn't protect against SMB EternalBlue exploit. HMPA added the protection against EternalBlue after the nonpetya ransomware outbreak and MBAE can't protect by it nature and never will
 
Last edited:

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Thank you everyone for your replies. :) Is there any other free/paid program that I can use along with Windows Defender, to make my pc safer?
yes there are some:
1/ novirusthank OSArmor: Prevent Malware and Ransomware with OSArmor | NoVirusThanks
I suggest you to use the default settings. The more you tweak, the more false positives you get. version 1.4 will be released soon

2/ use windows firewall to block access of vulnerable processes. I created a batch file to help you to make rules. Run it as administrator and only run once
Dropbox - firewall - block vulnerable processes.bat
after it runs, if you see a lot of "OK", it's working
content of the batch file. My coding skill is very limited
@echo off

netsh advfirewall firewall add rule name="cscript.exe" dir=in action=block program="C:\Windows\System32\cscript.exe" enable=yes
netsh advfirewall firewall add rule name="mshta.exe" dir=in action=block program="C:\Windows\System32\mshta.exe" enable=yes
netsh advfirewall firewall add rule name="wscript.exe" dir=in action=block program="C:\Windows\System32\wscript.exe" enable=yes
netsh advfirewall firewall add rule name="powershell.exe" dir=in action=block program="C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" enable=yes
netsh advfirewall firewall add rule name="powershell_ise.exe" dir=in action=block program="C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe" enable=yes
netsh advfirewall firewall add rule name="msra.exe" dir=in action=block program="C:\Windows\System32\msra.exe" enable=yes
netsh advfirewall firewall add rule name="cmd.exe" dir=in action=block program="C:\Windows\System32\cmd.exe" enable=yes

netsh advfirewall firewall add rule name="cscript.exe" dir=out action=block program="C:\Windows\System32\cscript.exe" enable=yes
netsh advfirewall firewall add rule name="mshta.exe" dir=out action=block program="C:\Windows\System32\mshta.exe" enable=yes
netsh advfirewall firewall add rule name="wscript.exe" dir=out action=block program="C:\Windows\System32\wscript.exe" enable=yes
netsh advfirewall firewall add rule name="powershell.exe" dir=out action=block program="C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" enable=yes
netsh advfirewall firewall add rule name="powershell_ise.exe" dir=out action=block program="C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe" enable=yes
netsh advfirewall firewall add rule name="msra.exe" dir=out action=block program="C:\Windows\System32\msra.exe" enable=yes

pause

3/ use Norton DNS: 199.85.126.10, 199.85.127.10. Norton has an excellent web filter database. It can also protect you against cryptominers

4/ Use Avira browser safety for your browser, after installing, turn off all the options
chrome: Avira Browser Safety
other browsers (avira safe shopping is okay): Avira Safe Shopping – Free for Chrome
Capture.PNG
avira browser safety is an even more excellent database to protect your browser from malwares and phishing

5/ you can use configuredefender to strengthen windows defender (from andy ful) -> use high settings (high = more resource usage but safer)
ConfigureDefender utility for Windows 10
 
Last edited:

LasagnaDelRey

Level 1
Thread author
Jan 28, 2018
13
yes there are some:
1/ novirusthank OSArmor: Prevent Malware and Ransomware with OSArmor | NoVirusThanks
I suggest you to use the default settings. The more you tweak, the more false positives you get. version 1.4 will be released soon

2/ use windows firewall to block access of vulnerable processes. I created a batch file to help you to make rules. Run it as administrator and only run once
Dropbox - firewall - block vulnerable processes.bat
after it runs, if you see a lot of "OK", it's working
content of the batch file
@echo off

netsh advfirewall firewall add rule name="cscript.exe" dir=in action=block program="C:\Windows\System32\cscript.exe" enable=yes
netsh advfirewall firewall add rule name="mshta.exe" dir=in action=block program="C:\Windows\System32\mshta.exe" enable=yes
netsh advfirewall firewall add rule name="wscript.exe" dir=in action=block program="C:\Windows\System32\wscript.exe" enable=yes
netsh advfirewall firewall add rule name="powershell.exe" dir=in action=block program="C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" enable=yes
netsh advfirewall firewall add rule name="powershell_ise.exe" dir=in action=block program="C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe" enable=yes
netsh advfirewall firewall add rule name="msra.exe" dir=in action=block program="C:\Windows\System32\msra.exe" enable=yes
netsh advfirewall firewall add rule name="cmd.exe" dir=in action=block program="C:\Windows\System32\cmd.exe" enable=yes

netsh advfirewall firewall add rule name="cscript.exe" dir=out action=block program="C:\Windows\System32\cscript.exe" enable=yes
netsh advfirewall firewall add rule name="mshta.exe" dir=out action=block program="C:\Windows\System32\mshta.exe" enable=yes
netsh advfirewall firewall add rule name="wscript.exe" dir=out action=block program="C:\Windows\System32\wscript.exe" enable=yes
netsh advfirewall firewall add rule name="powershell.exe" dir=out action=block program="C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" enable=yes
netsh advfirewall firewall add rule name="powershell_ise.exe" dir=out action=block program="C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe" enable=yes
netsh advfirewall firewall add rule name="msra.exe" dir=out action=block program="C:\Windows\System32\msra.exe" enable=yes

pause
3/ use Norton DNS: 199.85.126.10, 199.85.127.10
4/ Use Avira browser safety for your browser, after installing, turn off all the options
chrome: Avira Browser Safety
other browsers (avira safe shopping is okay): Avira Safe Shopping – Free for Chrome
5/ you can use configuredefender to strengthen windows defender (from andy ful) -> use high settings (high = more resource usage but safer)
ConfigureDefender utility for Windows 10


I have tried OSarmor, but I dont Know why it blocks my startup programs? I have WD in startup options and OSarmor blocks it from launching. I have also tried Vooodoo Shield but sometimes I dont Know what to allow and what to block.. I have also tried Norton DNS but its slow for me, Im using OpenDNS now, is that ok? And ConfigureDefender, what it actually does? Does it change registry? I dont understand how it actually changes Defender, I Know the options in it, but Im just wondering what it actually does. Thanks
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top