HitmanPro.ALERT Support and Discussion Thread

You can request a license as a Wilders member.
The license-system doesn't support lifetime licenses: (it was already mentioned above: #12564)

 

I upgraded to HMPA 3.6.1 build 574 today and everything seems to be running smoothly here.

The earlier conflict that I reported with VirtualBox after upgrading HMPA has actually turned out to be an odd conflict between VirtualBox and Windows, that only occurs immediately after a reboot.

It turns out that if I just let Windows run to idle for a little while after a reboot, VirtualBox then executes normally. The error is related to security hardening in VirtualBox.

 

Hi

I don't have traditional BIOS in my laptop but instead it is using UEFI for boot up.

Can tell me whether HMPA's MBR protection feature will protect my GPT since I don't have MBR and the BIOS?

Thanks

 

no (at least in its current revision)...

I could be wrong but i'm not aware of ransomware that run* on GPT
* i mean able to alter such low-level disk structure...

 

anyway, nobody intrested in Alert as "surrogate" of EMET? (i mean for its peculiarity as proactive/ex-ante solution)

For me, infact, the most valuable feature of this software is its AntiExploit engine...

De gustibus...

 

Not yet. But already have ransomware attacking MBR

 

Is there anyway to exclude files please ?

 

There is a way to exclude executables from exploit protection.

 

You asked the same in the HMP thread.
Do you mean regarding HMP, or HMPA, or both?

Regarding HMP, I replied in the HMP thread.

Regarding HMPA, as Victek replied, there is a way to exclude executables from exploit protection.
To exclude an executable from HMPA exploit mitigation:
open the HMPA user interface,
in settings, choose Advanced interface,
click the blue Exploit mitigation tile, and then Applications,
scroll to the right, and under Exclude, choose Add exclusion, navigate to the regarding application exe, and add it as exclusion.

 

why don't make a mini tutorial with the help of some screenshots so to covers the F.A.Q. like the last one? (It takes 10 minutes and someone that is able to write in proper english)...

 

I wanted to report coupon bar as a false positive. I hope this is right.

Do you all need a screenshot?

 

I think they (Surfright and/or Sophos) could given they have written an n-page whitepaper about Intercept-X's anti-exploit techniques, but it's just not their priority. And it actually makes me sad.

 

ok, but it's feasible for every WS user with a proper english (10 minutes for upload some screenshots equipped with brief comments).

 

Again, as I asked before:
Do you mean regarding HMP, or HMPA?
As I guess you a referring to a HMP scan, I think it would be best to post in the HMP thread, not in the HMPA thread as well.
It is getting rather annoying that you post in both the HMP and the HMPA thread.
Regarding HMP scans, better post in the HMP thread, thanks.

And yes, a screenshot may be helpful (in the HMP thread), and also the HMP log that mentions coupon bar.
You can access the HMP log through HitmanPro\Settings\History\Logs.

 

@max2,
You wrote,

To which I replied,

Later, I realized, you may not be using the standalone HitmanPro application to scan, but scan using the "Scan computer" option in HitmanPro.Alert.
That "Scan computer" option in HitmanPro.Alert uses HitmanPro for scanning, but I don't know if it offers the same option to ignore, or report a detection as safe as the standalone HitmanPro application offers.
Nor do I know if it offers the option to get the HitmanPro scan logs.
Someone else may be able to tell you.

In case you didn't use the standalone HitmanPro application to scan, but scan using the "Scan computer" option in HitmanPro.Alert, you may want to download and install the standalone HitmanPro application (uses same license as HitmanPro.Alert), and use the standalone HitmanPro application to scan.
Now you should be able to ignore, or report a detection as safe.
And also you can access the HitmanPro log through HitmanPro\Settings\History\Logs.

If you download and install the standalone HitmanPro application, and use that to scan, and you still have issues or questions, please post those in the HitmanPro thread. Please add screenshot(s) and HitmanPro log, if helpful.
Thanks.

 

To be fair most buyers want a high level overview of what it does so I can understand why they don't bother.

 

But a FAQ can be of great help, especially for inexperienced users. Questions about what to do when it blocks, what/where/when to report about FPs, etc.

 

Agree with the usefulness of a FAQ of course, but your average HMPA user won't be asking Surfright for one. They'll just install HMPA and contact support for any issues.

It would be good to have a FAQ at least outlining what each of the tick boxes does and basically how it does it at a high level. Of course anybody is able to produce one for this Wilders forum should they feel up to it.

 

You mean something like this?
https://www.sophos.com/medialibrary...os-Comprehensive-Exploit-Prevention-wpna.aspx

 

Not like that, of course. That's too much detailed because that's a whitepaper.

My point was that if they could create that kind of detailed whitepaper, then they could easily create a FAQ for HMP.A. But like I said, I think it's just not their priority to create one, that's why there is none.

 

Thanks, looks like an interesting paper.

 

Will HMP and HMP.A binaries be compiled with Intel MPX enabled in the future?

 

Yes they will.

 

Great
Big chance you will be the first security software with MPX. I'm also wondering if there are more security softs with CFG enabled, probably only a few if any.

 

Just a random thought here, but I am sure glad I am running HMPA instead of Malwarebytes 3.0.