Author Topic: HackShield  (Read 3909 times)

Offline BabyBottle

  • Newbie
  • *
  • Posts: 10
    • Personal Message (Offline)
HackShield
« on: July 16, 2011, 01:24:28 AM »
Avast blocks the program Ahn-Lab hackshield which most game uses to run.With Avast blocking this program the game fails to start. To remove this problem I have to un-install then reinstall Avast which is very annoying to do.So when can you remove the block of Avast and hackshield?

Offline Para-Noid

  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 4498
  • Gender: Male
    • Personal Message (Offline)
Re: HackShield
« Reply #1 on: July 16, 2011, 01:29:34 AM »
You do have the option of disabling off the resident shields. this can be done by right clicking the tray icon. By disabling the shields will leave you more vulnerable to malware, trojans and, other nasty things.  :)
Dell Inspiron, Win7x64 SP1, Pentium Dual-Core, 6 GB Ram, Avast Free 2014.9.0.2018, Comodo Firewall 5.12 w/D+, MalwareBytes Premium 2.0, MCShield, Super Anti-Spyware Free, SpywareBlaster, Bitdefender TrafficLight, OpenDNS Premium, Keyscrambler Personal,  PrivDog. CCleaner, Greenshot, Firefox (latest build) and, Google Chrome (latest build).

When you do something, do it with a purpose and do it on purpose.

Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69208
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: HackShield
« Reply #2 on: July 16, 2011, 02:51:45 AM »
Disabling the shields isn't the way to go as it leaves you ZERO protection.

@ BabyBottle
First we have to find what shield it is that is blocking it and avast doesn't block as such, but scans an alerts to infection.

There is however a possibility that it could be the Behavior Shield as that is set to Auto Decide by default. Check the C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\report\BehaviorShield.txt (XP) or C:\ProgramData\AVAST Software\Avast\report\BehaviorShield.txt (Vista, Win7) using notepad and see if there are any entries for the Ahn-Lab hackshield executable.

If so you can add the full path to that file in the trusted processes and see if that helps.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Offline BabyBottle

  • Newbie
  • *
  • Posts: 10
    • Personal Message (Offline)
Re: HackShield
« Reply #3 on: July 16, 2011, 01:04:26 PM »
I tried shutting down all shields and even tried shutting down behavior shield itself. No luck

Offline Darth.Mikey

  • Super Poster
  • ***
  • Posts: 1586
  • You are unwise to lower your defenses!
    • Personal Message (Offline)
Re: HackShield
« Reply #4 on: July 16, 2011, 07:45:57 PM »
Can you try uninstalling the behavior shield completely ? You have to do it via Control Panel, choose avast - uninstall and when you get the avast! setup screen select change(not uninstall) and untick behavior shield. Restart the pc and try your game.



EDIT: You can get the behavior shield back via the same method.

Offline Para-Noid

  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 4498
  • Gender: Male
    • Personal Message (Offline)
Re: HackShield
« Reply #5 on: July 16, 2011, 07:53:19 PM »
Disabling the shields isn't the way to go as it leaves you ZERO protection.

That's why I added the second sentence.
By disabling the shields will leave you more vulnerable to malware, trojans and, other nasty things.  :)
Dell Inspiron, Win7x64 SP1, Pentium Dual-Core, 6 GB Ram, Avast Free 2014.9.0.2018, Comodo Firewall 5.12 w/D+, MalwareBytes Premium 2.0, MCShield, Super Anti-Spyware Free, SpywareBlaster, Bitdefender TrafficLight, OpenDNS Premium, Keyscrambler Personal,  PrivDog. CCleaner, Greenshot, Firefox (latest build) and, Google Chrome (latest build).

When you do something, do it with a purpose and do it on purpose.

Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69208
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: HackShield
« Reply #6 on: July 16, 2011, 08:05:37 PM »
Which is why I wouldn't have mentioned the issue at all as it really isn't an option and then no need for any reason why it shouldn't be considered.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Offline BabyBottle

  • Newbie
  • *
  • Posts: 10
    • Personal Message (Offline)
Re: HackShield
« Reply #7 on: July 16, 2011, 08:43:13 PM »
Removing the Behavior shield doesn't work.
It works when i reinstall Avast without restarting system. (Sandbox feature doesnt work without restart)
Disabling sandbox doesn't work though..
Uploaded the Behavior Shield report
« Last Edit: July 16, 2011, 08:57:59 PM by BabyBottle »

Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69208
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: HackShield
« Reply #8 on: July 16, 2011, 10:02:35 PM »
Unfortunately according to the log, of those that the behavior shield actually analyses even when on Auto they were all Allowed, no sign of Ahn-Lab hackshield in the log. Which is why even when disabled or uninstalled it doesn't make any difference.

The autosandbox, despite the name is not autonomous as the default setting is to Ask, so you should at least see a popup suggesting you run the file in the sandbox.

So even after a custom install where the behavior shield isn't installed this doesn't work ?
The reason I ask is that I was going to suggest unchecking the Monitor the system for unauthorised modifications in the behavior shield, expert settings and set it to Asl rather than Auto.

Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Offline Darth.Mikey

  • Super Poster
  • ***
  • Posts: 1586
  • You are unwise to lower your defenses!
    • Personal Message (Offline)
Re: HackShield
« Reply #9 on: July 16, 2011, 10:07:05 PM »
Well perhaps it's time to call in the avast! team then. I will report this thread to the mods. One final thought though but admittedly it is fishing in the dark, can you try disabling the rootkit scan on startup in avast!, restart the pc afterwards of course ? avast! -> settings -> troubleshooting

Reason i thought of this is because HackShield does use some rootkit type methods to fish for cheats. Most of these anti-cheat systems are like that though, i remember there were problems with VAC aswell when avast! first introduced the behavior shield.
« Last Edit: July 16, 2011, 10:11:07 PM by Darth.Mikey »

Offline BabyBottle

  • Newbie
  • *
  • Posts: 10
    • Personal Message (Offline)
Re: HackShield
« Reply #10 on: July 16, 2011, 10:56:39 PM »
Well I switched to Avira and no problems.
Ima re-download Avast and install it to check if your solution will work

Offline Darth.Mikey

  • Super Poster
  • ***
  • Posts: 1586
  • You are unwise to lower your defenses!
    • Personal Message (Offline)
Re: HackShield
« Reply #11 on: July 16, 2011, 11:14:19 PM »
I see the game is free, i will install it on my pc and see if i can reproduce the problem.


EDIT: It's a bit late here though, 1:15 AM so i will probably post my findings tomorrow.
« Last Edit: July 16, 2011, 11:15:51 PM by Darth.Mikey »

Offline Darth.Mikey

  • Super Poster
  • ***
  • Posts: 1586
  • You are unwise to lower your defenses!
    • Personal Message (Offline)
Re: HackShield
« Reply #12 on: July 16, 2011, 11:40:55 PM »
Forgot to add, after you remove Avira with regular uninstall it would be wise to also run the Avira RegistryCleaner, that should completely get rid off all registry traces of Avira. 

Avira RegistryCleaner - http://www.avira.com/en/support-download-avira-registrycleaner

In case you need them, you can find removal tools for all other AV's here:
http://thewebatom.net/uninstallers/security-software/

Offline BabyBottle

  • Newbie
  • *
  • Posts: 10
    • Personal Message (Offline)
Re: HackShield
« Reply #13 on: July 16, 2011, 11:44:55 PM »
Thank you for helping me

@DavidR
Seems like the Behavior shield has nothing to do with this.It looks like the sandbox option is 90% the cause of this

I uploaded a picture after i install Avast (No restart-No Sandbox) and restart of computer (Restart - Yes Sandbox)after Avast installed
Registry has been wiped of Avira entries by CCleaner

Images are too big Let me upload to tinypic.com
(No restart)Works http://tinypic.com/r/90ugc5/7
(After restart)Hack shield error 516 http://tinypic.com/r/xbcnsn/7


Question:How do i temporally disable sandbox?
« Last Edit: July 16, 2011, 11:59:54 PM by BabyBottle »

Offline Darth.Mikey

  • Super Poster
  • ***
  • Posts: 1586
  • You are unwise to lower your defenses!
    • Personal Message (Offline)
Re: HackShield
« Reply #14 on: July 17, 2011, 12:09:34 AM »
Well a google search on that error comes up with this thread(many hits on google though): http://www.sleepywood.net/forum/showthread.php?t=1560767

What are your system specs btw ? OS in particular ?

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now