HitmanPro.Alert BETA

Here's a new one on me, anyone ever see this one before?




Since VoodooShield likewise flagged the uninstaller, I cuckoo-sandboxed it. Results:



Hmmm, I got rid of this manually.

Edited for bad snip.

Addendum: thanks, installed 710/CTP4, but can't access the game developer's webpage to test it with regard to the above mitigation--I get a 404 on Firefox and a webpage crash on IE. Combine everything and maybe it's not so good to dismiss every alert as a false positive automatically. I did contact the games developer via email, maybe it's a badly coded uninstaller on their part.

 

Having a problem with HMPA 709 CTP3 and Emsisoft IS 2017.5.1.7567. When booting I get a message that an EIS comportment is broken or missing and I have to reinstall. Did this a few times and then uninstalled HMPA and went back to HMPA 3.6.6. 593 and that seemed to fix the problem. Not sure if it is the recently added ransomware protection in EIS or the new components in HMPA 709 that are conflicting. Using Windows 7 Pro SP1 x64.

EDIT: Has occurred without HMPA installed so appears it is problem with latest EIS.

 

HitmanPro.Alert 3.7 Build 710 CTP4

This build focuses on improvements on code injection and related fail-safe mechanisms. Additional UI elements for Anti-Malware exclusions are on our roadmap.

Changelog

• Added code injection fail-safe mechanisms
• Improved Anti-Malware performance (changed from on-access to on-execute)
• Improved APC Mitigation
• Improved path translation for thumbprints
• Fixed detection of Protected Processes and Trustlets
• Fixed Local Privilege Guard (PrivGuard) mitigation on Windows XP
• Fixed Windows XP support was broken since build 708

Notes
This build has Microsoft co-signed drivers.

Download
http://test.hitmanpro.com/hmpalert3b710.exe

Please let us know how this build runs on your computer

 

HitmanPro.Alert 3.6 Build 603 BETA

This build focuses on improvements to code injection and related fail-safe mechanisms.

Changelog

• Added code injection fail-safe mechanisms
• Improved APC Mitigation
• Improved path translation for thumbprints
• Fixed detection of Protected Processes and Trustlets

Notes
This build has Microsoft co-signed drivers.

Download
http://test.hitmanpro.com/hmpalert3b603.exe

Please let us know how this build runs on your computer

 

@erikloman
Is a paid license required to Beta/CTP test these days?

 

A trial or paid license is indeed required. You can request one via PM.

 

Regarding Performance, this change is a big improvement of CTP4.
Switching to the download-folders (with a lot of executables) doesn't lead to a delay anymore. Now it is almost instant.

 

I've had the same thing happen with EIS 2017.5.1.7567 after booting out of a Shadow Defender session on a machine without HMP.A 709 CTP3 installed. Also using Win 7Pro SP1 x64 so the new EAM/EIS update seems to be the problem, not HMP.A

 

Posted on EIS forum. Something needs to be fixed.

 

On my Windows 7 x64 system (see signature), I upgraded build 602 to 603.
The upgrade was smooth, and I found no issues, everything looks fine.

 

I finally did it.
Installed build 710 CTP4 on my office machine and noticed no issues, so far.
Had to exclude MPC-HC, but that was expected.

As HMP.Alert 3.7 includes Real-Time, I removed ZAM from auto-start.

WD with pua.reg, unchecky and new HMP.Alert 3.7 seems all I need, for perfect protection.
Using Chrome, with uBlock in advanced mode, and weekly backup, on external drive, gives me a comfortable feel.

BTW: No issues with SandBoxie 5.20

 

Installed CTP4 without issue and my Windows start up tone is playing again now.

Thanks!

This version installed fine but I haven't had a chance to use that machine yet since.

 

The name "CodeCave" was kind of intriguing, I looked it up.

https://en.wikipedia.org/wiki/Code_cave

 

710, WannaCry, for Farcry4 & 3 (UPlay).

 

Just installed the latest build. Still fails to scan. Not seeing anything juicy in Event Viewer though. Any thoughts? I don't have a license and I see the trial one is good for 5 days. Is that why?



Then I got this after trying to scan.

 

Ok figured it out. For some reason, either OpenDNS or something in my content filtering is blocking access to HitmanPro domain.

Code:

Name resolution for the name get.hitmanpro.com timed out after none of the configured DNS servers responded.

Now that it can connect to the cloud, scanning is ok as it checking for updates within the GUI itself. Is anyone else running into this by chance?

Thanks.

 

One other thing of note, is your browser ALWAYS supposed to be highlighted when it is in use? I am noticing some inconsistencies with this.

 

It could be OpenDNS. It was mentioned in the other HMP.A-thread:

 

Thanks man. I am using Norton DNS now with no issues.

 

No problems here so far.

 

I had that issue myself with CTP 4. I had to install Hitman Pro separately. Now when I try to start a scan from within CTP 4 it works!

 

W7-x64: Installed build 710 CTP4 over build 709 CTP3, no issues what so ever!

 

Do you plan to keep the antimalware module on execution, or you are just testing to decide?

The AM module is similar to the one being develop by sophos? is based on the same "cloud tech" right?

After the trial expires the plan is to disable the realtime AM module or keep it enable but with less mitigations like HPA3.6?

For now is running well on my computer

 

Installed and running fine: Win 10 Pro x64 v1703 15063.332.

Thinking of trying 710 CTP4 but not sure how AM module will run alongside EAM. Can / should I disable AM if I am running EAM?

I suppose the same applies to CryptoGuard and EAM anti-ransomware behaviour blocker, but I have never had an issue there ... but then I have never been infected so can't say for sure.