Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.
CTP1 has limited support for Sandboxie. Eventually they will be compatible.
On this machine only Windows Defender is installed, no other security, or system software.
I could reproduce the incompatibility between Startisback 1.51 and Alert 184.108.40.206
With Startisback 1.62 it works flawless so far.
No need for further investigation, as Startisback 1.51 is outdated.
Nice to know, but I still wonder what is meant with "not compatible". And do you have any plans to offer a third party exploit test, to showcase the strength of the new HitmanPro.Alert?
Perhaps someone can anser this question: will it stop Sandboxie from running apps sandboxed, or will the exploit protection don´t work in sandboxed processes?
Being compatible means it will not affect the workings of Sandboxie, the sandboxed application and Alert.
Therefore Alert will be able to stop exploits inside Sandboxie as it does already on some systems.
We are thinking about how to provide third party tests. But exploit testing is hard and therefor we provide our tool so that everybody can test for themselves. All exploits in the tool are derived from exploits used in the wild and academic field.
Hope this helps.
Will you add the feature to manually add an application to protected applications list?
Yes. This is already implemented in CTP1 but due to incomplete user interface we decided to grey out this feature (Running processes). It will be available in CTP2.
If you are feeling adventurous, you could add a few registry keys in CTP1 right now to add an application, in somewhat the same manor EMET allows you to do. You have to restart the service to reload the registry configuration.
If i remember correctly there will be a yearly subscription that the license will be integrated with HMP. If you purchase 1 or the other, the other will be automatically free. Im not sure if there will be a free (limited) version, or if there will be a standalone product.
I too would love to see a tray icon, maybe to integrate both products (hopefully someone can confirm this), with possible right click options like
upload sample to virus total
open GUI of both HMP and HMPA
Enable Disable protection
When you can use license of HMP, yearly I guess
Mark/Erik any chance you might answer https://www.wilderssecurity.com/thre...discussion-thread.324841/page-72#post-2390199
I was wondering, will it work as expected in computers with older Intel CPUs?
"HitmanPro.Alert will automatically fallback on software-only Control-Flow Integrity checks if your computer does not have a hardware-assisted CFI supported processor" (Exploit Test Tool Manual, Page 7)
The HitmanPro.Alert Exploit Test Tool Manual 1.0 says:
Only 2nd, 3rd or 4th generation (or newer) Core i3, i5 or i7 are supported,
Nehalem and Westmere are not supported.
So I suppose the earlier Core 2 CPUs (or earlier) are definitely not supported.
And as test replied:
Finally installed HitmanPro.Alert 3.0.12 Build 63 Community Technical Preview 1 after *numerous* attempts (Error install 0). W7 64 bits.
Using the beta I noticed there is no green banner that shows with the stable version when starting chrome.
This also still works with the 64 bit version of Chrome at the same time with MBAE - not sure if you are now covering everything that does or not so I'm keeping that going.
I ran the keylogger test and anti- logger appears to have locked down the exe completely now since I can no longer open the test exe anymore. Have to experiment some with that.
Appears I'm missing out using an AMD processor rather than a newer Intel. Same with DeepSafe. I'll have to keep that in mind when I upgrade next.
I am not a technician but, based on what i've seen, i think it is really not misleading to call it as "EMET on sterorids"!!
PS: why don't open a new official thread?? for ex., [HP.Alert 3] Comprehensive exploit protections and anti-espionage technologies
I'm sorry if I miss it, will there be HMP Alert 3 free version? (in the final release)
Nor my Q6600 quadcore ( 2008 ), I guess.
The per application exploit mitigation feature requires a HitmanPro license.
But all other features in Alert are free.
See these three February 19 posts:
thanks man! it really help.
Since the installation of HitmanPro.Alert 3.0.12 Build 63 Community Technical Preview 1 there's a 35-40 seconds "Een ogenblik geduld..." (One moment please) during every boot.
W7 64 bits and NIS 220.127.116.11.
That would be nice, if it could stop exploits inside the sandbox. I do know that HIPS like SpyShelter are able to monitor apps that are sandboxed, so I´m sure there must be a way. About exploit testing, I think a third party (like MRG Effitas) is able to test these kinda tools against exploit kits. And I´m sure you know that Malwarebytes hired Kafeine to do some testing.
Ok, so exploit protection is not free?
That is what Erik Loman told us February 19.
But if you already have a HitmanPro license, then you get exploit mitigation for free.
I'm glad a decent amount of protection is available for free.
Also, why is it running as a 32-bit process on my PC, and it is in Program Files (x86)?
Had to uninstall HMP 3. My actual config is win 7 (Amd processor, KIS 2015 and appguard). Boot time increased and sometimes it became impossible to log on my LUA...
No troubles so far with my other PC (Icore 5) ;-)
HMP 3 is a great piece of software