HitmanPro.Alert BETA

Discussion in 'other anti-malware software' started by erikloman, May 30, 2017.

  1. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,549
    I haven't used HMPA in a while. I recently installed 746 beta on Windows 10 1803.
    It is running really light!
    @RonnyT, what's new under the hood?

    The folks running Sophos Home Premium have also been saying that they see a perceptible performance improvement in recent builds. :)
     
  2. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,841
    Location:
    the Netherlands
    See the HMPA 3.7.7 build 746 beta changelog.
    (Comparison to earlier builds available.)
     
  3. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    581
    Location:
    Hengelo
    HitmanPro.Alert 3.7.8 Build 750 Release Candidate

    Changelog (compared to build 746)
    • Improved process startup performance of applications protected with Exploit Mitigations
    • Improved Hardware Assisted Control-Flow Integrity (HA-CFI) performance by increasing the LBR stack-pool
    • Improved Code Cave Mitigation
    • Improved Asynchronous Procedure Call (APC) Mitigation
    • Improved Thumbprint technology on the CallerCheck exploit mitigation, which now allows us to whitelist e.g. a CreateProcess from the 1Password just-in-time .NET code running inside a web browser or Outlook as a plug-in
    • Fixed a crash occurring during a specific ROP exploit attack, e.g. during attack on CVE-2018-9958
    • Fixed issue with Microsoft Edge browser on Windows 10 Redstone 4 32-bit (x86)
    • Fixed a false positive in Chrome caused by the Dynamic Heap Spray exploit mitigation
    • Added a workaround for an issue with Chrome 67 (and newer) which triggered our Hardware Assisted Control-Flow Integrity (HA-CFI) now Chrome generates ROP chains on the fly for a legitimate reason. Note that the workaround is we disabled the use of LBR records during ROP checks on Chrome 67 (and newer).
    • Added list of loaded modules to the alert details of the WipeGuard and CryptoGuard modules, to help with triaging attacks originating from trusted processes
    Download (with drivers co-signed by Microsoft)
    http://test.hitmanpro.com/hmpalert3b750.exe

    Let us know how this version runs on your machine. Should be pretty speedy with these other performance improvements :thumb:

    Users running beta build 746 are currently automatically upgraded to this build.
     
    Last edited: Jul 6, 2018
  4. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    I am a long time user of Avast, which I use only on-demand. For various reasons, it's time for me to make a change & HitmanPro (HMP) is high on my list of possible alternatives.

    Questions:
    • Can I use HMP on-demand only?
    • Does HMP have heuristics &/or a behavior blocker?
    • I use MalwareBytes Anti-exploit (MBAE). Ergo, I do not need the Alert aspect of HMP, right? Or should I drop MBAE & use Alert?

    Any comments will be appreciated.
     
  5. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,383
    When manually running the installer to upgrade:

    "Failed to install the program.
    Error 0"
     
  6. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    I received an 'alert' that a new version would be installed after a system restart. All good here so far.
     
  7. MikeRepairs

    MikeRepairs Registered Member

    Joined:
    Mar 26, 2014
    Posts:
    81
    Location:
    Kissimmee, FL
    I was running the 3.7.7 746 beta.I received an 'alert' that a new version would be installed after a system restart. After restart, my licence is expired.

    It could be that I did not notice before the licence expired. A suggested feature I have: The tray icon of a subscription program should always indicate if the license is expired. Grey it out a bit, put a red mark on it, or an X, etc. HMPA aparently doesn't, nor does it pop up a notification either. The only way I can tell if it expired is to open the program to see it there. I am a reseller and most of my customers, who are over 50 will not open the program and therefore will continue to go on with it expired and never notice.
     
    Last edited: Jul 7, 2018
  8. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,294
    Location:
    USA
    So far no problems (Windows 7 Pro SP1 x64) credential theft protection disabled.
     
  9. guest

    guest Guest

    all went smooth. (Win10 x64)
     
  10. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    No problems so far with build 750.

    Win10 1803 build 17134.137 x64/Norton Security v22.14.2.13
     
  11. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    581
    Location:
    Hengelo
    Interesting. What Windows version are you running the upgrade on? To resolve, please uninstall and install again.
     
  12. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    581
    Location:
    Hengelo
    Just use HitmanPro.Alert (HMPA) and you're good to go. HitmanPro.Alert has all the features of MBAE and then some. You can perform on-demand scans while the system is protected at real-time against attacks. And yes, it's a behavior-based blocker as well.
     
  13. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,383
    Windows 10 64 bits, version 1803 (OS Build 17134.137).

    Will try later today. Can it be related to the fact that @RonnyT extended my license (thanks!) but I can't activate it? (it's not expired yet)
     
  14. newyorkjet

    newyorkjet Registered Member

    Joined:
    Jan 17, 2013
    Posts:
    63
    Location:
    UK
    Automatic update to build 750. All working well.
     
  15. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,867
    Location:
    Outer space
    So far so good on Win7x64 :) And the improved startup performance is noticable :thumb:
    Now, where is that other new beta with big changes you guys were talking about earlier?:ninja:
     
  16. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    Build 746 has auto-updated to 750, with restart (machine 2). Machine 1 still on build 739, so I have updated manually.

    No issues, Win 10 x64 v1803 17134.137.
     
    Last edited: Jul 7, 2018
  17. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Mark

    So far 750 is running fine on Win 7 x64. However on the last two versions I've had to turn off the malware protection as i get false positives on both of my Excubits programs.
     
  18. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,383
    That worked!

    However, re-activating the extended license is still not possible (maximum reached, while I only used it on this single PC).
     
  19. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    Did re-activation work on that machine?

    Yes that one/those is/are on our RFE list.
     
  20. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    Any particular reason to disable the Credential Theft Protection?
    Not talking about the SAM option under there, the main feature should not cause any issues.
     
  21. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    Switching the question, what is it that you all think we should put in a next new version?
    What's missing on protection/detection/usability/features etc.

    Please try to keep it on topic of the current product HitmanPro / Alert, we're not going to build a software firewall for example. So along the lines of anti-virus/malware/exploit/intrusion prevention, detection & clean-up and usability.
     
  22. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,549
    Just off the top of my head, I would like to see HMPA perform better in ransomware tests.
    Another killer feature would be blocking attacks that load powershell dlls without actually launching powershell.exe. Currently, the only program I know that can successfully do that is Excubits Pumpernickel, when configured appropriately.
    And, of course, the ability to make exceptions in the real-time malware scanning. That's an important one, and @Peter2150 already mentioned it.
     
  23. L10090

    L10090 Registered Member

    Joined:
    Feb 13, 2015
    Posts:
    302
    Location:
    Netherlands
    W7x64,
    The auto update (after a restart) from b746 beta to b750 went fine.
    No issues what so ever, everything is running fine!
     
    Last edited: Jul 8, 2018
  24. davisd

    davisd Registered Member

    Joined:
    Feb 2, 2016
    Posts:
    19
    Location:
    Latvia
    Java.Adwind family malware and RAT's easily gets past HMP.A

    @RonnyT I wish HMP.A devs implemented more smarter and stronger AI to recognize attack vectors and terminate suspicious processes before infection takes place. I don't want HitmanPro later on to clean up the mess. I want to see more pro-active protection from HMP.A. and a more effective way to deal with the worms.
     
    Last edited: Jul 7, 2018
  25. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,294
    Location:
    USA
    First because of problems reported here in the past, but mainly I try to run protection in HMPA that will compliment what I am also running (Emsisoft AM and AppGuard). I also have disabled some other things like BadUSB and Webcam notifier.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.