HitmanPro.Alert 3 version 3.x

[Erik Loman]

I posted a new version here, build 153:
http://test.hitmanpro.com/hmpalert3b153.exe

Mostly bug fixes and reduce false positives.

Please let me know how this version runs on your computer.

 

[Moose]

Working for the install! I will provide more, later on today. A little BSOD
with the browser. Hope this will clear up!

Note:
If you have Appgaurd lower your protection to install! Or it will fail until
you lower your protection to install.

Appreciate!

 

[Moose]

Working like a champ! For me! Thank you!

 

[Adin Harahap]

This hitmanpro alert work great with My bitdefender internet security 2015 and zemana
is there any chance to get the key to activate it

 

[Andy Ful]

Works well in Windows 8.1 64-bit (+ Zemana AntiLogger, Mamutu, NVT Exe Radar Pro).
Not yet fully compatible with latest Sandboxie 4.15.12 . Some exploits (ROP-WinExec, Heap Spray 1 and Heap Spray 2) were not blocked when I let the hmpalert64-test.exe (CTP3 Release) to run in the Sandbox

 

[Moose]

@Andy Ful

Where did you get Mamutu for a current download? Could you provide the link?

Kind regards,

 

[Paul Lee]

@Andy Ful

Where did you get Mamutu for a current download? Could you provide the link?

Kind regards,

http://www.majorgeeks.com/files/details/mamutu.html

30 day free trial from MajorGeeks. It's no longer being updated unfortunately

 

[Andy Ful]

You can get it from the developer site:
http://download2.emsisoft.com/MamutuSetup.exe
It's no longer developed by Emsisoft. You must have an old valid account to use it.
Anyway, HitmanProAlert always worked well with Emsisoft Mamutu and Zemana AntiLogger.

 

[Andy Ful]

The "Office" mitigation template for Ashampoo TextMaker 2010 doesn't encrypt keystrokes, but the "Other" mitigation template does. And that is also true for Kingsoft TextMaker, SoftMaker Free Office and Notepad++.
Is it a bug or not ?
CintaNotes 2.5.1 was blocked because of ROP mitigation (VirusTotal 0/56) .

 

[Moose]

@Andy Ful

Thank you! Back on topic!

Appreciated!

 

[Welldone]

We have decided to make CryptoGuard and Process Protection a trial > paid feature. But the reason behind this shift is not only because we want a return on our product development investment. Let me explain it a little bit.

Over the last years you can see the shifts that attackers are taking to get money from their victims. They went from:

1. Rogueware or Fake Anti-Virus software that scare people with fake infections so people buy this fake product.
2. Police-themed ransomware that lock down your pc or browser, showing an indictment and a fine to scare and make people feel guilty about downloading pirated music, software or illegal pornography.
3. Police-theme ransomware with a switched on webcam stream of you, sometimes next to real pictures of child pornography to induce fear and prevent malware victims from bringing the computer to a repair shop.
4. Crypto-ransomware, like CryptoLocker, CryptoWall and CTB-Locker, that are encrypting your documents, photos and other data on your local disk, network drives and USB (flash) drives. The encryption is irreversible without the key.

So for victims the stakes have seriously gone up.

Everybody runs anti-spam, anti-phishing and anti-virus software and still people get hit by these attackers. For signature and heuristic signature based solutions, identifying these early-life malware is difficult, especially in the first hours or days of the infection.
Know that it takes a lot more time for attackers to change the behavior of their malware than to beat a virus signature. Also know that CryptoLocker, CryptoWall and CTB-Locker all have slightly different technical approaches to attack your data (copy/read, encrypt and rename/overwrite your data). Our protection covers every approach but we do keep an eye out for new behaviors. Because even though our technology does not rely on signatures, the underlying engine needs maintenance as well, which involves a bit more work than e.g. create a virus signature for a single sample.

So CryptoGuard is developed to universally detect and stop crypto-ransomware behavior. Not only does it stop malicious processes from attacking your files, it also prevents attackers from abusing legitimate processes to attack your valuable data (as can be seen in our demonstration video). Today’s variants often employ a hollow process to hide themselves in-memory inside trusted processes (CTB-Locker abuses C:\Windows\explorer.exe and CryptoWall 3 abuses C:\Windows\System32\svchost.exe). So in a way, the attacks take place in name of Microsoft.

99% of the victims of these attacks are *not* tech savvy people or security software enthusiasts like you. They expect from us to stop and get rid of this malware, which is (as mentioned) also capable of transitioning from one process to another. But only our on-demand Anti-Malware has comprehensive malware removal capabilities - Alert does not. Especially for infections like these we made our two HitmanPro programs work together. Alert offers strategic (historic and real-time) threat information to our HitmanPro scanner to point out the threat for remediation – we need to attack the object that initiated and controls the attack, not the legitimate abused file.
Since our on-demand HitmanPro removal engine already requires a license, it would frustrate and be bad service to our end-users to just keep the threat on the machine and make him or her search for another solution in the hope that one can get rid of it.

Of course, you guys (who we provided with free annual licenses) have the time and the skills to go and hunt for an alternative remediation tool, but the majority of our customers do not. Fraud caused by banking Trojans is still largely reimbursed by banks, but loss of data is never compensated. By law, doctors have a responsibility towards their patients because patients are at a disadvantage as they do not have the knowledge, experience or skills to treat their condition. We want to give victims of crypto-ransomware the best possible care, including the solution to the problem. This is also the reason why we offer our two products for the price of just one – we identify the attack, we can also clean it for you.

Some of you will be disappointed or disagree. We still love you guys but you are not like our mainstream customers. We hope you understand this transition.

Spoiler: Comparison

Source: Post# 4097

 

[hjlbx]

The problem is that the average user does not understand the huge amount of time and effort that it takes to create and maintain this software.

Plus, you're not just paying for the software...what you really are paying for is on-going support...as the vendor adds real value on the back-end.

You can say I'm full of she-it, but the HMPA package is a whale of a deal...

Just sayin'

 

[Vanderlei]

Browser conflict with Brazilian Banks GBPlugin by GAS Tecnologia, IE11, Firefox or Chrome.
Only starts after disable browser ROP.

Windows 8 64bits, HMPA 3 RC 155.

 

[soccer97]

Do you know if it will work with Kaspersky, when I last installed HitmanPro Alert Kaspersky failed to load/work?

HitmanPro itself gave me repeated BSOD's with Windows 7 SP1 (64-Bit) back in December 2014. At the time I was using PURE 3.0. I believe this version was based on KIS 2014. Here is a link to their list of incompatible software: http://support.kaspersky.com/11175#block2
I have switched venders and this is no longer an issue for me.

That being said, HitmanPro and HMP Alert are very good software. I am grateful to the developers of it. It is excellent.

You could always submit a support request to Kaspersky Labs, use My Kaspersky Account for a human response (You need to have an active license in this case - not trial). You have to reply to the first automated email that you receive to get a Technician to respond. You could also Try their Technical Support Live Chat feature. Good Luck!

 

[Erik Loman]

Browser conflict with Brazilian Banks GBPlugin by GAS Tecnologia, IE11, Firefox or Chrome.
Only starts after disable browser ROP.

Windows 8 64bits, HMPA 3 RC 155.

That plugin is kinda controversial. Some find it malware. Where can I get an installer?

 

[Vanderlei]

That plugin is kinda controversial. Some find it malware. Where can I get an installer?

https://www14.bancobrasil.com.br/diagnostico/DiagnosticoBB.exe

 

[Billcomputerman123]

i love hitman pro alert 3

 

[soccer97]

Spoiler: Comparison

Source: Post# 4097

We were provided an annual license? It must have been a giveaway...

 

[hjlbx]

Limited licenses were issued to active beta testers. After beta testing is all sorted out and the Lohman Brothers turn out a polished stable, then it's gonna primarily be a paid product.

Worth the cost in my estimation...

 

[Tony Cole]

It seems a great product, but Kaspersky technicians say the product is incompatible with all their product. On my old laptop I tried the latest beta version and once again Kaspersky Internet Security 2015 would not load and kept shutting down.