HitmanPro.Alert 3.8.26 Build 979

aikafans

yyt3150 发表于 2024-3-15 14:15
这是个主动行为防御软件。。。机制不明，有人说它很不科学！但这货有些奇效。可惜和我的sever系统 ...

某些时候确实有奇效，甚至让我想到大蜘蛛（平时摆烂，对付恶性病毒有奇效）
然后已知这货跟卡巴斯基有冲突，原因不明...

pal家族

aikafans 发表于 2024-3-15 14:23
某些时候确实有奇效，甚至让我想到大蜘蛛（平时摆烂，对付恶性病毒有奇效）
然后已知这货跟卡巴斯基有冲 ...

盗版的hmpa和卡巴冲突 会被卡巴报毒
正版我没试过

yyt3150

企稳向好 发表于 2024-3-15 13:01
hmpa自己有anti-malware的，这个就是一个云监控，云端是Sophos和bd，原本还有卡巴，后来因为众所周知的原 ...

请教下里面那个improt and exprot settings，导入、导出设置是做啥用？不明白

企稳向好

yyt3150 发表于 2024-3-15 14:27
请教下里面那个improt and exprot settings，导入、导出设置是做啥用？不明白

这个就是普通的设置导入、导出功能。hmpa还是有一些设置项的，你修改了其中的设置，可以把你的设置导出备份，然后有需要时（比如重装）就可以直接导入，免得再手动设置一遍。
如果没特别需求的话，默认设置其实够用，想打开默认关闭的保护功能要看看会不会有额外的影响，因为这些功能多半是有点问题（比如不太稳定、误报较高或者会与某些应用冲突之类的）。

aikafans

pal家族 发表于 2024-3-15 14:25
盗版的hmpa和卡巴冲突 会被卡巴报毒
正版我没试过

soga....（好像暴露了我自己）

aikafans

yyt3150 发表于 2024-3-15 14:27
请教下里面那个improt and exprot settings，导入、导出设置是做啥用？不明白

我的理解是不是一种设置备份....

yyt3150

企稳向好 发表于 2024-3-15 14:45
这个就是普通的设置导入、导出功能。hmpa还是有一些设置项的，你修改了其中的设置，可以把你的设置导出备 ...

谢谢受教了。。可能是我的sever版系统原因。。安装后看不到其他设置(只有anti-malware和tamper protection)，记得以前用w10时是有一些其他设置和浏览器监控设置。

企稳向好

aikafans 发表于 2024-3-15 14:23
某些时候确实有奇效，甚至让我想到大蜘蛛（平时摆烂，对付恶性病毒有奇效）
然后已知这货跟卡巴斯基有冲 ...

有些厂商会识别HMPA，你先装HMPA再装别家就会报冲突，BD企业版也报，是正常的。不过HMPA官方宣传与其他安全厂商兼容，也会通过更新改进兼容性，所以实际使用其实还好。比如最近的几次更新：

Build 979 (2024-02-07)
Fixed Intruder/Safe Browsing compatibly issue introduced by a recent Bitdefender update.
Improved HeapHeapProtect, improved handing in code and added more whitelisting options to alerts.
Improved SendKeysGuard, switched the main thumbprint to handle whitelisting more easy.
Improved HWBGuard (Silent).
Improved HollowProcess/HWBGuard, to prevent exception pointer abuse.
* Beware this build is signed with a new code-signing certificate by Sophos LTD, this might take some 3rd party vendors to have "trust" issues as it's a rather fresh certificate.

Build 975 (2023-12-14)
Added HWBGuard (Silent), A technique heavily used by red-teams to bypass Syscall protections is to set a HardwareBreakPoint, we now detect these breakpoints
Added New Process Protection panel for Risk Reduction
Added RDPGuard Icon under Risk Reduction button
Added SendKeyGuard
Fixed BSOD in StickyKeys
Fixed Driver BSOD under specific circumstances
Fixed KernelTrap compatibility issues with Kaspersky and GenshinImpact
Fixed Lockdown Bypass when loading files over UNC paths
Improved AMSIGuard
Improved APC Game detection
Improved Bitdefender Compatibility
Improved CiGuard
Improved CookieGuard
Improved CryptoGuard5
Improved DrWeb Compatibility CallerCheck/SysCall
Improved DrWeb Compatibility CallerCheck/SysCall
Improved HeapHeapProtect Cobalt Strike detection
Improved HeapHeapProtect prevents Powershell scripts from patching AMSI for bypass
Improved HollowProcess
Improved KeyboardGuard u.a. compatibility with ESET protected browsers, Windows search
Improved Lockdown Now allows WMIC GET 'only' commands without interference
Improved PrivGuard
Improved StackPivot
Removed ReflectiveDLL As it has become obsolete in it's current implementation
Several other changes under the hood
* Beware this build is signed with a new code-signing certificate by Sophos LTD, this might take some 3rd party vendors to have "trust" issues as it's a rather fresh certificate.

企稳向好

yyt3150 发表于 2024-3-15 14:52
谢谢受教了。。可能是我的sever版系统原因。。安装后看不到其他设置(只有anti-malware和tamper protectio ...

那应该是系统的问题，正常来说是会显示其他的保护组件和浏览器保护的