HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Do you know exactly what that is, and exactly what it does.
     
  2. L10090

    L10090 Registered Member

    Joined:
    Feb 13, 2015
    Posts:
    302
    Location:
    Netherlands
  3. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
  4. CWEric

    CWEric Registered Member

    Joined:
    Mar 29, 2015
    Posts:
    6
    For me there is a conflict when using Hitman Pro Alert and Kaspersky. On Chrome Kaspersky Web Anti-Scanner does not seem to work with Hitman Pro Alert active. It won't show the clean/infected icon next to the links on search results. Disabling the SEHOP on Hitman Pro Alert exploit migration controls for Chrome fixes it though. Kaspersky Web Anti-Scanner works fine with Internet Explorer and Firefox with Hitman Pro Alert fully active. Hoping this is a good place to bring this issue to Hitman Pro Alert developer team.
     
  5. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    We will have a look.

    Where can this Kaspersky Web Anti-Scanner be accessed (url)?

    Thank you for reporting :thumb:
     
  6. CWEric

    CWEric Registered Member

    Joined:
    Mar 29, 2015
    Posts:
    6
    Thanks for the response. Seems to be working now after a computer restart. :s
     
  7. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    I'm just curious is the "Kaspersky Web Anti-Scanner" a standalone product and is that the correct name?
     
  8. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    I think he meant Kaspersky Anti-Banner.
     
  9. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    Ah, OK. It appears to be an ad blocker.
     
  10. CWEric

    CWEric Registered Member

    Joined:
    Mar 29, 2015
    Posts:
    6
    Kaspersky URL advisor is what it is really called. Its an addon that comes with Kaspersky, not a stand-alone free program. It works sorta WOT (a free addon that relies on other wot users reviews on their experience instead) that place a green or red icon next to each search result link indicating if the link is clean or not.

    I haven't tried it but seems like Avast Online Security works the same way as Kaspersky URL advisor and appears to be free on Google Chrome Web Store - Extensions.
     
    Last edited: Mar 29, 2015
  11. @erikloman or @markloman

    The wireless router at my mother's home broke down, so I installed a sitecom WL router. It comes with a free six month hitmanpro in the router (sitecom cloud). I enabled it and to my surprise it also has exploit protection. Could you shed some light on it, because sitecom info only tells that it is a module, no geek/nerd info on how it works


    Regards Kees
     
    Last edited by a moderator: Mar 29, 2015
  12. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    335
    It does not work as HitmanPro.Alert 3. It's just a blacklist/additional firewall layer. I would be surprised if it would catch a zero-day on a custom landing page.
     
  13. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    No. The exploit feature on the router is not a blacklist. I know because I made it ;)

    The UTM proxy on the Sitecom router correlates whether a PDF or Java file was downloaded right before a payload is being downloaded. If it is, the payload download is blocked and exploit is stopped. The correlation is of course done ON the router. No traffic runs through our cloud.

    More info: https://www.security.nl/posting/38127/Sitecom router beschermt gebruikers tegen exploits
    or here: http://www.surfright.nl/nl/home/press/scs-exploit-prevention
     
  14. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    No problems with Firefox 37.0 (W7 64 bits/build 172).
     
  15. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro.Alert 3 build 177 Release Candidate

    Changelog (compared to build 155)
    • Improved Lockdown mitigation to enforce safe execution of VBScript.
      This mitigates the exploitation technique known as "VBScript God Mode".
    • Improved Load Library mitigation to detect shellcode.
    • Improved Load Library mitigation to detect reflective loaded libraries.
    • Improved branch-based hardware-assisted ROP mitigation (part of Control-Flow Integrity).
    • Improved software-based ROP mitigation (part of Control-Flow Integrity).
    • Improved IAT Filtering.
    • Improved Dynamic Heap Spray mitigation.
    • Improved CryptoGuard mitigation, specifically protection of connected network drives.
    • Improved BadUSB mitigation.
    • Improved Enforce DEP mitigation.
    • Improved Safe Browsing intruder alert, which now also shows the correct technical details.
    • Improved Software Radar.
    • Improved compatibility with EMET 5.1.
    • Improved compatibility with Sandboxie 4.16.
    • Fixed upgrade from HitmanPro.Alert version 2 to version 3. In previous builds, the upgrade could affect the functionality of the existing connected keyboard.
    Known Issues
    Alert 3 is currently incompatible with EMET 5.2.
    Alert 3 is compatible with EMET 5.1 or older.

    Download
    http://test.hitmanpro.com/hmpalert3b177.exe

    Please let me know how this version runs on your computer :thumb:
     
  16. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    335
    Thnx, I will give it a try.

    @erikloman

    Are there any major improvements with regard to mitigation capability besides the addition of VBS lockdown and Load Library improvements?
     
    Last edited: Mar 31, 2015
  17. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Yup, installing it here on my Win7 64bit system, and will give it a run.

    Regards, Baldrick
     
  18. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Is there a way to test CryptoGuard rollback files creation. I've added suggested AppGuard cryptoguard exception and SBoxie cryptoguard Direct Access. CryptoGuard files Date modified hasn't changed...so, no way of knowing if my allowances will satisfy CryptoGuard folder.
     
  19. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    335
  20. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Yeah, I was hoping for an official test....I've bookmark the site. So, I'd install AxCrypt, encrypt files and upon delete = CryptoGuard alert ?
     
  21. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    335
    AxCrypt adds an option to encrypt or destroy files to the dropdown menu that you get when you right click on a file or folder.
    I got a False Positive when using the 'Shred and Delete' option.
     
  22. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Glary adds Encrypt Decrypt Wipe to drop down....Thanks....I'll try Glary
     
  23. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    Installing on one machine now and will report results after some testing. :cool:

    Edit: On restart after installation I got a BadUSB alert for a wireless mouse receiver which had already been allowed with older builds. Is this normal and expected?

    Thanks.
     
  24. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,131
    Location:
    Baden Germany
    Bad-USB alert on my notebook, for the build in keyboard...

    Not a big thing for me, but should not happen, to avoid shocked customers...
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.