HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    Same here, but only on one of my machines for some reason.
     
  2. LittleDude

    LittleDude Registered Member

    Joined:
    Mar 22, 2008
    Posts:
    79
    ...and same here too :(
     
  3. plat1098

    plat1098 Guest

    Krusty, were both BadUSB and KE not working on your one machine?

    I uninstalled 601 and reinstalled 593, everything is functioning. Guess I'll stick with that for the time being, right?
     
  4. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    Upgraded over the top of beta build 600 and after reboot Bad USB is staying ON and keyboard encryption is working :thumb:
     
  5. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    I didn't check Keyboard Encryption but I could see BadUSB had a different icon and when I checked that out I couldn't keep it enabled.

    I'm sticking with 593 on that machine too.
     
  6. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    U[graded to build 601 beta: BADUSB cant be activated and keyboard encryption does not work. I'll try a clean install.

    Win10 1703 build 15063.332 x64/Norton Security v22.9.3.13
     
  7. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    Both dont work after clean install.
     
  8. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    It seems that for some Bad USB mitigation and Keystroke Encryption are still not working after we've made changes since build 600. We are addressing this right now. Stay tuned for an update.

    In case someone is wondering whether Alert prevents real-world exploits, including the DoublePulsar NSA exploit, check out this tweet:
    https://twitter.com/GossiTheDog/status/869468423209848832
     
  9. test

    test Registered Member

    Joined:
    Feb 15, 2010
    Posts:
    499
    Location:
    italy
    yesss!! *puppy*
     
  10. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro.Alert 3.6 Build 602 BETA

    We have slightly tweaked the code related to keyboard handling so that Bad USB and Keystroke Encryption now work as expected ... hopefully ;)

    Changelog (compared to 601)
    • Fixed Bad USB mitigation
    • Fixed Keystroke Encryption
    Notes
    This build has co-signed drivers by Microsoft.

    Download
    http://test.hitmanpro.com/hmpalert3b602.exe

    Please let us know how this build runs on your computer :thumb:
     
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Erik

    Does this upgrade of the CTP 1 private beta?

    Pete
     
  12. newyorkjet

    newyorkjet Registered Member

    Joined:
    Jan 17, 2013
    Posts:
    63
    Location:
    UK
    Just upgraded from 593 to 602.
    Everything OK so far.
     
  13. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    The 602 is meant as an upgrade from 593.
    The 7xx series are the CTP1 and the inbound CTP2.
     
  14. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Okay, I will stick with the private beta's
     
  15. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,841
    Location:
    the Netherlands
    On my Windows 7 x64 system (see signature), I upgraded build 601 to 602.
    The upgrade was smooth, with no issues, and everything looks fine.
    Bad USB is enabled, and Keystroke Encryption works as expected.
    However, as I experienced no issues with Bad USB and Keystroke Encryption in build 601, my experience with build 602 doesn't say much regarding the fixes for Bad USB and Keystroke Encryption.
     
  16. newone

    newone Registered Member

    Joined:
    Oct 14, 2006
    Posts:
    71
    Location:
    UK
    hi, everything was ok with build 601 also everything ok with build 602 thank you, :thumb:
     
  17. plat1098

    plat1098 Guest

    Yes, 3.6/602: BadUSB stays enabled and Keystroke Encryption works. Thanks! :)
     
  18. newone

    newone Registered Member

    Joined:
    Oct 14, 2006
    Posts:
    71
    Location:
    UK
    hi, any news on CTP2 thank you :)
     
  19. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,841
    Location:
    the Netherlands
    As Erik said - stay tuned - just keep an eye on this forum thread, and relax. Give Erik and the team some time.
     
  20. newone

    newone Registered Member

    Joined:
    Oct 14, 2006
    Posts:
    71
    Location:
    UK
    ok thank you :thumb:
     
  21. Oli95xz

    Oli95xz Registered Member

    Joined:
    Apr 9, 2017
    Posts:
    12
    Location:
    Germany
    Installed the BETA over 3.6.5 and 3.6.6 on two different computers. Bad USB and Keystroke Encryption are working flawlessly on both.

    Additionally a Steam game made with Unity is now working without getting terminated by Mitigation: CallerCheck, Callee Type: LoadLibrary. :thumb:

    BTW: Is there a software/server-side delay when a new official release is available? When 3.6 was released I was stuck with 3.6.0 for a long time before noticing that hitmanpro.com was already offering 3.6.3, at which point I did a manual update on all of my 3 machines. Today on my surface the internal updater did not offer 3.6.6, before I installed the build 602 BETA over it. Is that intended or a bug?
     
  22. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    Build 602 BETA fixes both problems. Nice.
     
  23. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Thanks for the link. I suppose HMPA will also block this tool from injecting code?

    https://github.com/countercept/doublepulsar-usermode-injector

    You know what the thing is, HMPA is focused on auto-blocking things, so it can't monitor things like service/driver loading and standard code injection, because this can also be used in a non-malicious way. And a full behavior blocker often relies on user input.
     
  24. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    What type of problems do you have, and which version of Windows are you using? In the past I also had problems with the HMPA and SBIE combo, that's why I decided not to install HMPA. But because of all the new protections I'm planning to give it another try.

    BTW, I saw a video that was made by the VoodooShield developer, and it seemed like lsass.exe was exploited which resulted in the loading of rundll32.exe which is able to run the payload I suppose. So does HMPA now protect all system processes, or does it simply act whenever this exploitation technique is being used? And HMPA doesn't protect against EternalBlue itself, correct?

    https://www.mrg-effitas.com/eternalblue-vs-internet-security-suites-and-nextgen-protections/
     
  25. Lockdown

    Lockdown Registered Member

    Joined:
    Oct 28, 2016
    Posts:
    772
    Location:
    Wilders Security
    3.6 602 with keystroke protection enabled now locks keyboards on other PCs\laptops than what I initially reported. Dell, Toshiba, MSI,...
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.