Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.
No per se, but there is nothing preventing you from tweaking your security settings and adding it, you just have to keep in mind that some settings might interfere.
e.g. a file manager is likely introducing new executables to the machine which might trigger Lockdown for example, in that case you might need to disable that protection but the rest of the file manger will have all the others still enabled.
What is the difference with 3.7 and 3.8 downloads. I looked on the HMPA site but don't see anything about it.
Thank you! Which category can I put it in?
@RonnyT All seems well since the latest update! Good work! I removed the exclusions and have rebooted to the new version of HMPA 3.8.13-b901.
The latest version appears to have corrected my issues.
It has been over a week and still no update for build 901.
901 showed up here two days ago via auto update.
I did the manual download of 901 instead of waiting. I should have done it a week ago.
Afaik all 8xx builds are 3.8, they have the new v5 cryptoguard and some new other mitigations. Since 3.8 has been released quite some time ago now and had quite a few bugfixes I'm not sure why they still offer 3.7 on their site.
RonnyT has the 3.7 download in his sig, but i don't know what you would get if you downloaded it.
The latest beta of HMP.A! is working fine.
I'm not sure what you are trying to say? But what I meant is that Trusteer Rappor was also quite an advanced tool that was meant to protect against phishing and banking trojans, but it often caused stability problems.
Good to know and yes it's cool that the developers manage to fix problems eventually, but I'm not sure if I'm willing to deal with this stuff. On the other hand, almost no other tool is offering the same type of protection as HMPA, especially when it comes to memory manipulation.
Yes, the devs seem to be responsive when new or upgraded features cause new problems.
I have 3 computers, but I only protect one of them with HMPA. I take a full disk image of all three computers regularly, so fast recovery from an attack is feasible for any of them, it's just that one in particular where exfiltration of personal data may be of extra concern. I sleep better at night knowing that HMPA has got my back and gives me an extra edge for that one. And hopefully even in the worst case where HMPA cannot fully stop a zero day attack, I can hope that at least it alerts me that some intrusion activity is occurring, so that I can roll back to an earlier disk image.
I would go for "Other" just keep in mind that this also set's the keystroke encryption, if the application can't handle that remove it from Other and go for Office.
What version was that machine running? we're only upgrading 897/899 -> 901 if that machine was on 891 then it was expected to not get the 901 update after we paused rollout.
And it's gone
There where some issues that didn't surface during the first testing (and which we hadn't seen before either tbh) so we had to mitigate that first.
At the moment build 903 is being prepared, so I expect a release soonish (if it get's trough testing etc).
Yes, I think HMPA is the the most advanced behavior blocker that's available at the moment. For example, SpyShelter doesn't protect against advanced code injection, like process hollowing. However, there are just too many problems that are reported, that's why I never added HMPA to my security setup.
Is that based on your experience? or on reports of things you read? would you mind sending me a DM (kan in het Nederlands zo te zien ).
HitmanPro.Alert 3.8.13 Build 903
Changelog (compared to build 901)
Fixed the Software Radar that could cause it to not notice a just installed web browser, or adding it to the wrong mitigation template. This issue caused our new CookieGuard protection to generate false alarms.
Fixed an issue in the CryptoGuard anti-ransomware engine that could cause a BSOD on Windows 10 Insider Build 21390.
Improved support for Windows on ARM. We noticed that since build 895 we always shipped the ARM64 driver of that release. This has been corrected.
Improved Stack Pivot exploit mitigation to support adjacent stack range in certain situations.
Improved detection of Chromium-based web browser for CookieGuard.
Added Thumbprint generation for remote-debugging-port CookieGuard detection.
Added checkbox to our new system-wide syscall mitigation. You can find in in the Advanced interface, under Risk reductions > Process Protection > Unexpected system calls (Stop evasion of security hooks).
Over the next days. all users of HitmanPro.Alert should get this new build through automatic update! Beware though, we no longer support or update HitmanPro.Alert builds running on Windows 7 RTM (no service pack), Windows Vista and Windows XP (Latest release supported is 891). This is because Microsoft mandates the use of SHA-2 to sign our code. These older versions of Windows only support SHA-1 and would not allow our new driver to load.
If you want to manually update now, use this link: https://dl.surfright.nl/hmpalert3b903.exe
Just remembered I was still waiting for an answer to this question.
Real-time but a reboot is always preferred when updating security software in general.
this error showed up upon reboot from latest update.
Need to find the previous version
Separate names with a comma.