HitmanPro.Alert BETA

Discussion in 'other anti-malware software' started by erikloman, May 30, 2017.

  1. plat1098

    plat1098 Guest

    Here's a new one on me, anyone ever see this one before?

    HMPA codecave.PNG


    Since VoodooShield likewise flagged the uninstaller, I cuckoo-sandboxed it. Results:

    cuckoo.PNG

    Hmmm, I got rid of this manually. :cautious:

    Edited for bad snip.

    Addendum: thanks, installed 710/CTP4, but can't access the game developer's webpage to test it with regard to the above mitigation--I get a 404 on Firefox and a webpage crash on IE. Combine everything and maybe it's not so good to dismiss every alert as a false positive automatically. I did contact the games developer via email, maybe it's a badly coded uninstaller on their part.

    :cautious:
     
    Last edited by a moderator: Jun 9, 2017
  2. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,259
    Location:
    USA
    Having a problem with HMPA 709 CTP3 and Emsisoft IS 2017.5.1.7567. When booting I get a message that an EIS comportment is broken or missing and I have to reinstall. Did this a few times and then uninstalled HMPA and went back to HMPA 3.6.6. 593 and that seemed to fix the problem. Not sure if it is the recently added ransomware protection in EIS or the new components in HMPA 709 that are conflicting. Using Windows 7 Pro SP1 x64.

    EDIT: Has occurred without HMPA installed so appears it is problem with latest EIS.
     
    Last edited: Jun 9, 2017
  3. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro.Alert 3.7 Build 710 CTP4

    This build focuses on improvements on code injection and related fail-safe mechanisms. Additional UI elements for Anti-Malware exclusions are on our roadmap.

    Changelog
    • Added code injection fail-safe mechanisms
    • Improved Anti-Malware performance (changed from on-access to on-execute)
    • Improved APC Mitigation
    • Improved path translation for thumbprints
    • Fixed detection of Protected Processes and Trustlets
    • Fixed Local Privilege Guard (PrivGuard) mitigation on Windows XP
    • Fixed Windows XP support was broken since build 708
    Notes
    This build has Microsoft co-signed drivers.

    Download
    http://test.hitmanpro.com/hmpalert3b710.exe

    Please let us know how this build runs on your computer :thumb:
     
  4. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro.Alert 3.6 Build 603 BETA

    This build focuses on improvements to code injection and related fail-safe mechanisms.

    Changelog
    • Added code injection fail-safe mechanisms
    • Improved APC Mitigation
    • Improved path translation for thumbprints
    • Fixed detection of Protected Processes and Trustlets
    Notes
    This build has Microsoft co-signed drivers.

    Download
    http://test.hitmanpro.com/hmpalert3b603.exe

    Please let us know how this build runs on your computer :thumb:
     
  5. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    @erikloman
    Is a paid license required to Beta/CTP test these days?
     
  6. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    A trial or paid license is indeed required. You can request one via PM.
     
  7. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,280
    Regarding Performance, this change is a big improvement of CTP4.
    Switching to the download-folders (with a lot of executables) doesn't lead to a delay anymore. Now it is almost instant.
     
  8. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    755
    I've had the same thing happen with EIS 2017.5.1.7567 after booting out of a Shadow Defender session on a machine without HMP.A 709 CTP3 installed. Also using Win 7Pro SP1 x64 so the new EAM/EIS update seems to be the problem, not HMP.A
     
  9. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,259
    Location:
    USA
    Posted on EIS forum. Something needs to be fixed.
     
  10. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,062
    Location:
    the Netherlands
    On my Windows 7 x64 system (see signature), I upgraded build 602 to 603.
    The upgrade was smooth, and I found no issues, everything looks fine.
     
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,395
    So far 710 looks good here,.
     
  12. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    813
    Location:
    Baden Germany
    I finally did it.
    Installed build 710 CTP4 on my office machine and noticed no issues, so far.
    Had to exclude MPC-HC, but that was expected.

    As HMP.Alert 3.7 includes Real-Time, I removed ZAM from auto-start.

    WD with pua.reg, unchecky and new HMP.Alert 3.7 seems all I need, for perfect protection.
    Using Chrome, with uBlock in advanced mode, and weekly backup, on external drive, gives me a comfortable feel.

    BTW: No issues with SandBoxie 5.20
     
  13. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,941
    Location:
    Among the gum trees
    Installed CTP4 without issue and my Windows start up tone is playing again now.

    Thanks!
    This version installed fine but I haven't had a chance to use that machine yet since.
     
  14. plat1098

    plat1098 Guest

  15. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    843
    Location:
    Land o fruits and nuts, and more crime.
    710, WannaCry, for Farcry4 & 3 (UPlay).
     
    Last edited: Jun 9, 2017
  16. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,157
    Just installed the latest build. Still fails to scan. Not seeing anything juicy in Event Viewer though. Any thoughts? I don't have a license and I see the trial one is good for 5 days. Is that why?

    Capture.PNG

    Then I got this after trying to scan.
     

    Attached Files:

    Last edited: Jun 9, 2017
  17. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,157
    Ok figured it out. For some reason, either OpenDNS or something in my content filtering is blocking access to HitmanPro domain.

    Code:
    Name resolution for the name get.hitmanpro.com timed out after none of the configured DNS servers responded.
    Now that it can connect to the cloud, scanning is ok as it checking for updates within the GUI itself. Is anyone else running into this by chance?

    Thanks.
     
  18. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,157
    One other thing of note, is your browser ALWAYS supposed to be highlighted when it is in use? I am noticing some inconsistencies with this.
     
  19. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,280
    It could be OpenDNS. It was mentioned in the other HMP.A-thread:
     
  20. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,157
    Thanks man. I am using Norton DNS now with no issues.
     
  21. Nyte

    Nyte Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    48
    Location:
    Hamburg, Germany
    No problems here so far.
     
  22. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    I had that issue myself with CTP 4. I had to install Hitman Pro separately. Now when I try to start a scan from within CTP 4 it works!
     
  23. L10090

    L10090 Registered Member

    Joined:
    Feb 13, 2015
    Posts:
    294
    Location:
    Netherlands
    W7-x64: Installed build 710 CTP4 over build 709 CTP3, no issues what so ever!
     
  24. guest

    guest Guest

    Do you plan to keep the antimalware module on execution, or you are just testing to decide?

    The AM module is similar to the one being develop by sophos? is based on the same "cloud tech" right?

    After the trial expires the plan is to disable the realtime AM module or keep it enable but with less mitigations like HPA3.6?

    For now is running well on my computer
     
  25. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,566
    Location:
    Under a bushel ...
    Installed and running fine: Win 10 Pro x64 v1703 15063.332.

    Thinking of trying 710 CTP4 but not sure how AM module will run alongside EAM. Can / should I disable AM if I am running EAM?

    I suppose the same applies to CryptoGuard and EAM anti-ransomware behaviour blocker, but I have never had an issue there ... but then I have never been infected so can't say for sure.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.