HitmanPro.ALERT Support and Discussion Thread

Yes, this has been explained in the past, although a bit vaguely, or perhaps I forgot about it. But the question still is why other similar tools, which offer just as strong protection, don't need to do this. Like I said, if HMPA worked differently, then I could have chosen to apply exploit mitigations to all vulnerable apps besides "sandboxed" browsers, for example. But now I had to uninstall. But I didn't test if removing the "OpenPipePath=\Device\NamedPipe\hmpalert" line would have also solved the problem.

 

My point is, that all of you guys are using a to redundant setup, that does the conflicts.

That's your hobby, to find out, what goes together.

My request is to bring HMP.Alert to final, so that I can roll it out to the average Joe , that needs an extra protection, that other solutions don't offer.

 

I am sure that when Erik and Mark consider HMP.A final it will be released but it isn't quite there yet. Would you have them release an unfinished product?

 

I'm still waiting for an answer to this, especially regarding the final product.

 

No, certainly not, but I don't want them to compromise to much, to make every constellation work, that is rare in the wild.

 

with 143 Bad Pool Header ~ need to restart pc
Is it best to clean install 153 or over install 143 with 153 will satisfy ?

 

I don't think it matters. Personally, I only uninstall if I'm going back to an older build.

 

OK ~~ R U still seeing FF issue with 153 ?

 

Only sometimes FF won't open but I've sent Erik a .DMP and he has found the issue and advised a fix will be here shortly. It only happens once in a whiile so I would suggest you go for it. You can always keep a copy of 143 if it does bother you.

 

Thanks ~ !!!

 

Hello,

Installed HMPA 3 RC.

After a few minutes it causes IE11 to hang/freeze; uninstall HMPA and IE11 works.

W8.1 x86-64 (OEM) Toshiba
IE 11

 

Which build of HitmanPro.Alert?

Build 153 is the latest:
http://test.hitmanpro.com/hmpalert3b153.exe

Are you running any other security software (e.g. antivirus)?

 

Hello Erik,

I grabbed the 143 off the site.

I will try 153 and post here should anything arises.

Other security software: Emsisoft Internet Security - never any issues with HMPA nor IE

If there's an app crash or hang do you want mem dumps?

Do you have the symbol file for IE in case it freezes again?

Thanks.

 

Yes memdumps would be great. I have symbols files so I can dig up the problem quite quickly.

 

Since build 153 no more problems with Firefox 35.0.1 (W7 64 bits, Sandboxie beta 4.15.12 and NIS 2014).

 

I think you misunderstand what HMPA does. It doesn't detect or block vulnerability, but it blocks exploit. They are different.

 

Erik, another CrashDump for v153 after coming out of suspend (W7-x86) on its way.

 

Good point, I think the terms can be easily confused by the novice. I understand the difference between a vulnerability, a mitigation, and an exploit, but thanks for pointing this out because we all should be use precise language and terms to communicate accurately in a technical forum. Point well taken.

Now then, I completed a paid upgrade to CyberLink PowerDVD 14 Ultra and then reinstalled HMPA RC 153. HMPA RC 153 no longer detects an IAT Filtering "Exploit" but does detect a Control Flow Integrity ROP Attack "Exploit". When I turn off the ROP mitigation, PowerDVD 14 works perfectly.

My new question is, is this a "false positive" by HMPA RC 153? Or, is there a real ROP exploit being detected/mitigated by HMPA? Please advise.

See attached.

 

This is a false positive. Though it is a real ROP used in a legitimate way.

 

So i just downloaded the beta (or RC, build 153) for HMPA and saw that cryptoguard is now a paid feature where it was previously free in version 2.x.

I'm all for you guys getting paid by people who want to use the hitman pro program, but why are you making a previously free feature into a paid feature? that's a real good way to lose users and end up with version fragmentation on your platform (people will just keep the old version and not bother with the upgrade unless you're planning to silently force the upgrade on 2.x users).

 

Has anyone installed build 153 on a Windows 10 CTP machine? A few versions back, it worked great!

 

"Alert is mostly a free product, only Active Vaccination and the Exploit Mitigation requires a license. All other features are free!"

https://www.wilderssecurity.com/thr...discussion-thread.324841/page-79#post-2394534

 

Victek, have you tried the latest version without a license? I already brought up the issue a while back, but was mostly ignored.

 

No I haven't tried it without a license; sorry, I didn't know there was an issue. Hopefully it will be sorted in the final release.

 

I have installed PowerDVD 14 but don't see any ROP alerts. I'd like to reproduce your situation. What antivirus or other security software do you have running?