mood: yes after CTP2, in fact just today I noticed it. I uninstalled CTP2 and HMP and reinstalled both to see if I could get the HMP icon off the CTP2 but was unable. Oh well, it was nice while it lasted, at least I can look at my screenshot and remember fondly.....lol. Maybe a developer can help out with this one, right? Edit: Forget it, I got the new desktop icon back that allows one to enable Shell Integration. Know how? I simply opened Settings and clicked thru the tabs, suddenly the shortcut popped on the desktop. Bizarre, but I swear it's true. If there's a log documenting this, I'll be happy to send it somewhere. By the way, HMP on here is also the subscription scanner.
I'm not into cloud protection, and no, exploit protection is not related to real time scanning. It watches for known exploitation techniques and only comes into action when it sees this behavior. OK thanks.
PUB CTP runs great, only issue is it interferes with the HMP scanner, but thats a known issue. Encryption works and badusb works. Edit for clarity
Those of you running the 708 beta -- did you clean-install it or did you install it over your previous version of HMP.A?
All of my reported false-positive alerts from CTP1 have been fixed with CTP2. Only this issue from CTP1 remains. But since I don't really need the colored border it's a non-issue for me. Only one new minor issue on the gui: If I disabled the "Credential Theft Protection" the background color on the small tile doesn't darken to indicate that. Another issue with the tiles I just noticed: The background of the "Process Protection"-tile is only bound to the first protection "Hollow Process Mitigation". So it only changes when you disable or enable this protection. If you change any of the other protections the tile stays the same.
HitmanPro.Alert 3.7 Build 709 CTP3 This build addresses a few minor issues in CTP2. Changelog (compared to 708 ) Added Sandboxie compatility to Local Privilege Guard (PrivGuard) Fixed HitmanPro/Sophos Clean triggering Credential Theft Protection (CredGuard) Fixed driver did not properly keep track of injection and whitelisting Fixed driver did not properly stop when installing only the anti-ransomware component Notes This build uses Microsoft co-signed drivers. Download http://test.hitmanpro.com/hmpalert3b709.exe Please let me know how this build runs on you computer
Upgraded to build 709 CTP3. Problems with Sandboxie: FIXED. A HitmanPro-scan via HmP.Alert: Scan computer > Failed. BADUSB disabled after upgrade, had to enable it. Win10 1703 build 15063.332 x64/Norton Security v22.9.4.8
Can you make a procmon trace when performing a Scan? NOTE: The Scan from HMPA does not support authenticated proxies (yet). As a workaround you can install HMP and then perform a scan.
Logboeknaam: Application Bron: HitmanPro.Alert Datum: 4-6-2017 10:18:24 Gebeurtenis-id:911 Taakcategorie: Mitigation Niveau: Fout Trefwoorden: Klassiek Gebruiker: n.v.t. Computer: **** Beschrijving: Mitigation PrivGuard Platform 10.0.15063/x64 v709 06_17* PID 5444 Application Z:\Sandbox\****\DefaultBox3\user\current\AppData\Local\Temp\Temp1_ProcessMonitor.zip\Procmon.exe Description Process Monitor 3.33 Sweep Code Injection 0000000000380000-0000000000386000 24KB C:\Program Files\Sandboxie\SbieSvc.exe [3100] 0000000000390000-0000000000391000 4KB 00007FFE6DFC9000-00007FFE6DFCA000 4KB Gebeurtenis-XML: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="HitmanPro.Alert" /> <EventID Qualifiers="0">911</EventID> <Level>2</Level> <Task>9</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2017-06-04T08:18:24.397306200Z" /> <EventRecordID>3308</EventRecordID> <Channel>Application</Channel> <Computer>****</Computer> <Security /> </System> <EventData> <Data>Z:\Sandbox\****\DefaultBox3\user\current\AppData\Local\Temp\Temp1_ProcessMonitor.zip\Procmon.exe</Data> <Data>PrivGuard</Data> <Data>Mitigation PrivGuard Platform 10.0.15063/x64 v709 06_17* PID 5444 Application Z:\Sandbox\****\DefaultBox3\user\current\AppData\Local\Temp\Temp1_ProcessMonitor.zip\Procmon.exe Description Process Monitor 3.33 Sweep Code Injection 0000000000380000-0000000000386000 24KB C:\Program Files\Sandboxie\SbieSvc.exe [3100] 0000000000390000-0000000000391000 4KB 00007FFE6DFC9000-00007FFE6DFCA000 4KB </Data> </EventData> </Event>
MPC-HC cannot be supported. Exclude it via the blue tile > applications > scroll to the far right and click on the [+] to add it. Note: You might first have to remove it from exploit mitigations if it is listed.
Thanks! If MPC-HC cannot be supported, it's probably good to have it automatically detected, so that if it's present, it's automatically included in the exclusion list.