HitmanPro.ALERT Support and Discussion Thread

Definitely, just showing HMPA can detect tray processes as long as you bring them to the front, as you can see ESET is in the non protected list because I opened the GUI from the tray.

 

oh sorry you are right, i overlooked it!

 

ahh thanks, so I guess it does its detection via detecting an app window or something.

any idea for windows system processes like svchost?

 

What about generic Microsoft processes?
“System and network services are also out-of-scope for EMET. Although it is technically possible to protect these services by using EMET, we do not advise you to do this.”
[source] (the same precept obviously applies to Alert3)


Furthermore, keep in mind these remarks:

 

yeah I havent protected security software, but why the advise to not harden svchost? is that process immune to exploitation?

 

Hi

Does the HitMan Pro/HitMan Alert license auto-renew?

 

Fortunately, it does not auto-renew.

 

You are correct. The notice, in this case, was triggered by an unsigned installer, according to HMP-A Support. Thanks to all who contributed to this issue.

plat1098

 

That may be but I thought this was a serious security tool not one that holds your hand too much.

Another issue is that the keyboard encryption only works on apps added to the protection list, this means the windows search bar, as an example doesn't have encrypted key presses.

The lack of ability to add any process puts the marketing claim of fine gain control equal to emet into question, that's all really.

Since no rep's are here I will email support and see what they say.

 

You can add any application to keystroke encryption by adding it to the Other template.

 

i really hope that someone who is native English speakers will be able to explain to you what alert3 is because, frankly, i don't think you have it very clear...

Se vuoi invece che te lo spieghi in italiano, allora...

 

svchost is used by tons of different services. You could add svchost.exe (via registry) but be prepared that all services relying on it are all mitigated.

Unlike EMET, we focus with Alert on the average computer user. So we chose to first implement the ability to easily add desktop applications via GUI (with icons and such). If a mitigation is triggered, the application simply closes.

If you add the ability to easily add services (which can be quite useful) or processes like winlogon.exe then when a mitigation is triggered it might cause unexpected behavior. Note: this also applies to EMET.

So you can add ANY process to be mitigated through registry editing. Easy adding via GUI is currently only for desktop applications. In the near future we will add adding via a picklist or browse for exe.

@test is right in his post above https://www.wilderssecurity.com/thre...iscussion-thread.324841/page-338#post-2557972

Hope this helps.

 

Just a thought, maybe not worth it in practice, but perhaps being able to set only services to Silent Audit would help here? That way desktop applications are still terminated while you also get alerts (?) of services but they aren't terminated.

 

A per-process audit. Certainly do-able. I will discuss with the team.

 

@erikloman
@markloman

Windows 8.1 x86-64 Clean Install
HMP.A 3.1.1 build 351

BSOD APC_INDEX_MISMATCH

 

Can you send me the dump located in C:\Windows\Minidump\ ? Send to erik(at}surfright.com

 

@erikloman

Heading your way...

 

i cant install
http://i.imgur.com/lzkX4mh.jpg

w7 x64

 

I would appreciate if you could check my message too. Thank you!

 

We will re-download before the release. Thank you!

 

Finally, thanks! Please check your inbox for the download links as I have sent them in case you lost them.