HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    https://www.ing.nl/de-ing/veilig-ba...apparatuur/ibm-security-trusteer-rapport.html
     
  2. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    No per se, but there is nothing preventing you from tweaking your security settings and adding it, you just have to keep in mind that some settings might interfere.
    e.g. a file manager is likely introducing new executables to the machine which might trigger Lockdown for example, in that case you might need to disable that protection but the rest of the file manger will have all the others still enabled.
     
  3. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    2,469
    Location:
    Hollow Earth - Telos
    What is the difference with 3.7 and 3.8 downloads. I looked on the HMPA site but don't see anything about it.
     
  4. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    Thank you! Which category can I put it in?
     
  5. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    @RonnyT All seems well since the latest update! Good work! I removed the exclusions and have rebooted to the new version of HMPA 3.8.13-b901.
     
  6. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    The latest version appears to have corrected my issues.
     
  7. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    2,469
    Location:
    Hollow Earth - Telos
    It has been over a week and still no update for build 901.
     
  8. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    901 showed up here two days ago via auto update.
     
  9. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    2,469
    Location:
    Hollow Earth - Telos
    I did the manual download of 901 instead of waiting. I should have done it a week ago.
     
  10. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,867
    Location:
    Outer space
    Afaik all 8xx builds are 3.8, they have the new v5 cryptoguard and some new other mitigations. Since 3.8 has been released quite some time ago now and had quite a few bugfixes I'm not sure why they still offer 3.7 on their site.
     
  11. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    2,469
    Location:
    Hollow Earth - Telos
    RonnyT has the 3.7 download in his sig, but i don't know what you would get if you downloaded it.
     
  12. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    487
    Location:
    VPN city
    The latest beta of HMP.A! is working fine.
     
  13. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I'm not sure what you are trying to say? But what I meant is that Trusteer Rappor was also quite an advanced tool that was meant to protect against phishing and banking trojans, but it often caused stability problems.

    Good to know and yes it's cool that the developers manage to fix problems eventually, but I'm not sure if I'm willing to deal with this stuff. On the other hand, almost no other tool is offering the same type of protection as HMPA, especially when it comes to memory manipulation.
     
  14. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    Yes, the devs seem to be responsive when new or upgraded features cause new problems.

    I have 3 computers, but I only protect one of them with HMPA. I take a full disk image of all three computers regularly, so fast recovery from an attack is feasible for any of them, it's just that one in particular where exfiltration of personal data may be of extra concern. I sleep better at night knowing that HMPA has got my back and gives me an extra edge for that one. And hopefully even in the worst case where HMPA cannot fully stop a zero day attack, I can hope that at least it alerts me that some intrusion activity is occurring, so that I can roll back to an earlier disk image.
     
  15. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    I would go for "Other" just keep in mind that this also set's the keystroke encryption, if the application can't handle that remove it from Other and go for Office.
     
  16. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    What version was that machine running? we're only upgrading 897/899 -> 901 if that machine was on 891 then it was expected to not get the 901 update after we paused rollout.
     
  17. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    And it's gone ;)
     
  18. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    There where some issues that didn't surface during the first testing (and which we hadn't seen before either tbh) so we had to mitigate that first.

    At the moment build 903 is being prepared, so I expect a release soonish (if it get's trough testing etc).
     
  19. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    Thanks!
     
  20. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Yes, I think HMPA is the the most advanced behavior blocker that's available at the moment. For example, SpyShelter doesn't protect against advanced code injection, like process hollowing. However, there are just too many problems that are reported, that's why I never added HMPA to my security setup.
     
  21. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    Is that based on your experience? or on reports of things you read? would you mind sending me a DM (kan in het Nederlands zo te zien ;) ).
     
  22. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    HitmanPro.Alert 3.8.13 Build 903

    Changelog (compared to build 901)
    • Fixed the Software Radar that could cause it to not notice a just installed web browser, or adding it to the wrong mitigation template. This issue caused our new CookieGuard protection to generate false alarms.
    • Fixed an issue in the CryptoGuard anti-ransomware engine that could cause a BSOD on Windows 10 Insider Build 21390.
    • Improved support for Windows on ARM. We noticed that since build 895 we always shipped the ARM64 driver of that release. This has been corrected.
    • Improved Stack Pivot exploit mitigation to support adjacent stack range in certain situations.
    • Improved detection of Chromium-based web browser for CookieGuard.
    • Added Thumbprint generation for remote-debugging-port CookieGuard detection.
    • Added checkbox to our new system-wide syscall mitigation. You can find in in the Advanced interface, under Risk reductions > Process Protection > Unexpected system calls (Stop evasion of security hooks).
    [​IMG]
    Over the next days. all users of HitmanPro.Alert should get this new build through automatic update! Beware though, we no longer support or update HitmanPro.Alert builds running on Windows 7 RTM (no service pack), Windows Vista and Windows XP (Latest release supported is 891). This is because Microsoft mandates the use of SHA-2 to sign our code. These older versions of Windows only support SHA-1 and would not allow our new driver to load.

    If you want to manually update now, use this link: https://dl.surfright.nl/hmpalert3b903.exe
     
  23. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,867
    Location:
    Outer space
    Just remembered I was still waiting for an answer to this question.
     
  24. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    Real-time but a reboot is always preferred when updating security software in general.
     
  25. davido

    davido Registered Member

    Joined:
    Mar 18, 2015
    Posts:
    15
    Hi,
    this error showed up upon reboot from latest update.
    W10 updated
    Need to find the previous version
    Any idea?
    Thank you
     

    Attached Files:

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.