HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    578
    Location:
    Hengelo
    HitmanPro.Alert 3.1.0 Build 343 Released

    Release History:
    • Improved hardware-assisted ROP mitigation.
      Improved DEP mitigation.
    • Improved BadUSB mitigation.
    • Improved upgrade procedure.
    • Improved hooking engine.
    • Fixed compatibility with Avast! on 64-bit systems.
    • Fixed keystroke encryption compatibility with Trusteer Rapport.
    Download: http://dl.surfright.nl/hmpalert31.exe

    Later this week, we'll be updating existing users automatically to this new build.
     
    Last edited: Dec 8, 2015
  2. PoodleDoodle

    PoodleDoodle Registered Member

    Joined:
    Dec 4, 2015
    Posts:
    6
    Sorry to report that Unpivot Stack protection fails for me (calculator starts) on Build 343...
     
  3. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,365
    Location:
    Among the gum trees
    Early days, but so far so good with Build 343. :cool:
     
  4. L10090

    L10090 Registered Member

    Joined:
    Feb 13, 2015
    Posts:
    302
    Location:
    Netherlands
    W7-x64:
    Download went fine, installed 3.1 build 343 over build342, no problems/issues so far.
     
  5. L10090

    L10090 Registered Member

    Joined:
    Feb 13, 2015
    Posts:
    302
    Location:
    Netherlands
    W7-x64:
    No failure for me using the Exploit Test Tool (32-bit) 1.9.1, with hmp 3.7 build 251 and hmpalert 3.1 build 343.
     
  6. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,052
    No problems upgrading to build 343.

    Win10 1511 build 10586.17 x64/Norton Security with Backup v22.5.5.15
     
  7. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Are you running natively or in a virtual machine?
    Do you see the Hardware-Assisted Exploit Protection moniker on the main GUI of Alert?

    ExploitProtection.png
     
  8. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Build 343 successfully updated to two machines. Running very smooth.
     
  9. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,436
    Location:
    Under a bushel ...
    I see you have fixed keystroke encryption compatibility with Trusteer Rapport (in 342 already).
    Re the WSA Identity Shield / HMPA keystroke encryption indicator compatibility issue (your comments #7627, #7632), I did try to pursue it but their Escalation Team couldn't reproduce it, so I gave up.
    I use WSA because my bank recommends it - the Identity Shield specifically. I just live without the indicator now - and hope that there are no other conflicts between the two :)
     
    Last edited: Dec 9, 2015
  10. F4lc0

    F4lc0 Registered Member

    Joined:
    Nov 30, 2015
    Posts:
    5
    @markloman any word on this? im not the only one and after i posted this other issues get handled but nobody seems to have a look at this...

    tnx in advance
     
  11. PoodleDoodle

    PoodleDoodle Registered Member

    Joined:
    Dec 4, 2015
    Posts:
    6
    Hi Erik,

    I am running native Win10 Pro x64. HMPA does show that Exploit Mitigation is assisted by hardware. All other tests are successfuly blocked, except for Unpivot Stack.

    I have Sanboxie installed, as well as Hyper-V for running Linux VMs. But none of that is running during the tests.

    Thoughts?
     
  12. JDBushby

    JDBushby Registered Member

    Joined:
    Dec 8, 2015
    Posts:
    3
    Hello.

    Using HitmanPro.Alert version 3.1.0 build 340. Is it possible to exclude folders from the "scan computer" feature?
     
  13. Poppey

    Poppey Registered Member

    Joined:
    Nov 23, 2015
    Posts:
    36
    Location:
    Germany
    I have an Intel Q9450. Why I don't see the Hardware-Assisted Exploit Protection Icon? Or do not have my processors this function?
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,929
    Location:
    The Netherlands
    I'm not following you, my response was to "why do you make this assumption", and I explained why I did. And I'm not unhappy with the direction of the product at all, I was just wondering if they can offer a version where the anti-exploit component is not installed, because sometimes disabling this module is not enough to fix compatibility problems. However I'm indeed unhappy about being ignored when I ask a simple yes or no question.
     
  15. Headcool

    Headcool Registered Member

    Joined:
    Dec 8, 2015
    Posts:
    8
    Since Build 340 I have problems regarding the keys that I press and the keys that appear on the screen. Often keystrokes seem to be repeated, when typing fast. This is extremely annoying. The problem is only present, if the keystroke encryption in Hitman Pro Alert is activated.
    I use the Neo Keyboard Layout for faster and more ergonomic typing. To use it a keyboard driver (kbdneo32.zip or kbdneo64.zip) and a Autohotkey expansion (kbdneo_ahk.exe) are necessary. The Autohotkey expansion is necessary because some keys (i.e. arrow keys) can't be changed in the driver.
    When disabling the Autohotkey expansion the problem is gone, but this also means the keyboard layout is not fully functional. So I guess there is a problem with Autohotkey in general.
     
  16. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    335
    Expected behavior, as you need an i3, i5 or i7 processor to benefit from Hardware-assisted CFI.

    As indicated in the test manual: http://dl.surfright.nl/Exploit Test Tool Manual.pdf
    "Important: This test is only intercepted by HitmanPro.Alert if the main processor (CPU) is an Intel® Core™ i3, i5 or i7 CPU"
     
  17. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,321
    Location:
    AmstelodamUM
    Win10 Home x64 on an i5, Avast Free version 11.1.2245, EMET 5.2 (recommended settings), HMP.Alert Free/no license version 3.1.0 build 343.

    The issue with IE11 not launching persists; Windows error message with 'error code 0xc0000005'
    Whether starting IE11 from the HMP.Alert webbrowser list of from regular Windows Start menu; same Windows error message.
    Edge will not launch from HMP.Alert webbrowser list (no error message created)) but will launch from Windows Start menu.

    In HMP.Alert, under 'webbrowsers' are listed
    - Chrome 47 (chrome.exe)
    - Internet Explorer 11 (iexplore.exe 32-bit)
    - Internet Explorer 11 (iexplore.exe)
    - Microsoft Edge 11 (microsoftedge.exe)
    - Microsoft Edge Content Process... (microsoftedgecp.exe)

    edit;
    After removing 'Avast Free AV', no more issues.
    IE11 and Microsoft Edge will launch from Windows Start menu and from HMP.Alert browser list.
     
    Last edited: Dec 9, 2015
  18. test

    test Registered Member

    Joined:
    Feb 15, 2010
    Posts:
    496
    Location:
    italy
    Erik, you got PM
     
  19. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,104
    Location:
    .
    Playing with LastPass, I'll observe orange encryption flyout with LastPass Master Login dialog in Firefox okay... but, not in Chrome or IE. Anyone else...?
     
  20. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,116
    Location:
    USA
    Yeah, I'm seeing the live encryption indicator when logging into the LastPass plugin in Firefox, but not Chrome. It's working elsewhere in Chrome though, such as Google search fields.
     
  21. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,104
    Location:
    .
    Yeah, encryption is working okay otherwise. So, not just my setup.
    IE and Chrome nada LP master password encryption.
    Firefox has LP password encryption.
    Thanks
     
    Last edited: Dec 9, 2015
  22. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,116
    Location:
    USA
    As a workaround I log into LastPass using Firefox first, and then when I open Chrome it is logged in there automatically (no additional typing required).

    In the plugin go to "Preferences/Advanced Settings/Share login state with other browsers"
     
  23. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,104
    Location:
    .
    Aha, live and learn. LP has toys I haven't played with yet. Thanks again.
     
  24. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I now have build 343 on two win 7 x64 desktops, one win 7 x64 VM, one Win 10 x64 VM and in the Win 10 x64 image of my desktop. All win 10 lastest build 10586.29 HMPA is working great in all of them.

    Pete
     
  25. HansF

    HansF Registered Member

    Joined:
    Dec 10, 2015
    Posts:
    24
    Hello,
    i'm running Firefox (64Bit) sandboxed (Sandboxie) and since yesterday, HMPA for testing this combination. The sandboxed Firefox shows, that it is protected by HMPA (green Frame, secure browsing and exploit-protection), but when i open surfright's exploit test tool and start a test for Firefox, the browser starts without any reaction of HMPA. HMPA only reacts, when i run Firefox outside Sandboxie. Is it right, that i've got to run the exploit test tool in Firefox's sandbox for testing?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.