Re: HitmanPro.Alert
waldemar1965 używam obecnie Malwarebytes Anti-Exploit czy to są podobne programy ?
waldemar1965 używam obecnie Malwarebytes Anti-Exploit czy to są podobne programy ?
ssl111 napisał:waldemar1965 używam obecnie Malwarebytes Anti-Exploit czy to są podobne programy ?
Ja mam dokładnie to samo. Ale to na pewno jest błąd programu, którego w dodatku nie można unikać inaczej niż wyłączając go, bo program nie pokazuje info o tym co zablokował - rośnie tylko licznik blokad w oknie głównym.waldemar1965 napisał:Zainstalowałem Malwarebytes Anti-Exploit i HitmanPro.Alert.
Przy uruchomieniu przeglądarki pokazuje się komunikat
czyli to Malwarebytes Anti-Exploit zgłasza zablokowanie exploit'a.
Ten komunikat pokazuje się tylko przy pierwszym uruchomieniu przeglądarki.
pkolasa napisał:Ja mam dokładnie to samo. Ale to na pewno jest błąd programu, którego w dodatku nie można unikać inaczej niż wyłączając go, bo program nie pokazuje info o tym co zablokował - rośnie tylko licznik blokad w oknie głównym.waldemar1965 napisał:Zainstalowałem Malwarebytes Anti-Exploit i HitmanPro.Alert.
Przy uruchomieniu przeglądarki pokazuje się komunikat
czyli to Malwarebytes Anti-Exploit zgłasza zablokowanie exploit'a.
Ten komunikat pokazuje się tylko przy pierwszym uruchomieniu przeglądarki.
Wiecie może gdzie można zgłaszać takie bugi? Bo to już trzeci który zaobserwowałem, a których w wersji ZeroVulnerabilityLabs nie było...
· Entire new architecture
· Same simple usage as v1
· Greatly improved compatibility with 3rd party software hooking into browsers.
· Lower CPU usage (lower than v1)
· New configuration user interface
· Robust against attacks
· Passive vaccination against some malware families by letting computer appear virtual machine
· Automatic updater
· Supports Windows XP (SP3), Vista, Windows 7 and 8.
· Supports Internet Explorer, Google Chrome, Firefox, Opera, Maxthon, Pale Moon, TorBrowser and others.
HitmanPro.Alert 3 Community Technology Preview 1 is now available!
With version 3 we deliver comprehensive exploit protections and anti-espionage technologies to both home users and IT professionals. The software works in real-time and does not rely on signatures or the cloud.
NOTE: HitmanPro.Alert 3 CTP1 is pre-release software and should not be used in production environments.
Hardware-Assisted Control-Flow Integrity (CFI)
Alert version 3 introduces hardware-assisted control-flow integrity, which leverages special Intel CPU hardware registers to monitor how software executes on the CPU. This allows Alert 3 to detect sophisticated return-oriented programming (ROP) attacks.
Read chapter 2.5 of the Exploit Test Tool manual (provided in the download below) for supported Intel CPUs.
New Features (compared to version 2)
Exploit Mitigation
Active Vaccination
Keystroke Encryption
Webcam Notifier
Hollow Process blocker
Integrates with HitmanPro
Exploit Test Tool
To verify the correct working of HitmanPro.Alert we have developed an Exploit Test Tool. This safe and easy-to-use tool can perform over a dozen exploit techniques that attackers currently use to compromise computers from remote.
The Exploit Test Tool can also act like a keylogger and access the webcam. A manual is provided in the download below.
Download
Zaloguj lub Zarejestruj się aby zobaczyć!
License
Exploit Mitigation requires a valid HitmanPro license. A trial license is available from within the application.
The regular HitmanPro paid license will work as well and is available from our online shop.
HitmanPro.Alert 3 is free software if you already own a license for the HitmanPro on-demand anti-malware software.
Users who would like to try the software beyond the trial period can send me a PM for an extended trial key.
Known Issues
Malwarebytes Anti-Exploit is currently incompatible with HitmanPro.Alert, but the Exploit Test Tool is compatible.
AutoIt applications like AdwCleaner show a warning when started. Temporarily disable Active Vaccination allows the AutoIt application to run.
Webcam Notifier works with standard webcams. Webcams using vendor specific drivers are currently not yet supported.
Alert counters in the UI are currently disabled but exploit detections are logged in the Windows Event Log.
Alert 3 is currently incompatible with Emsisoft Anti-Malware on 64-bit versions of Windows.
Please report issues via PM or email
Zaloguj lub Zarejestruj się aby zobaczyć!
License
Exploit Mitigation requires a valid HitmanPro license. A trial license is available from within the application.
The regular HitmanPro paid license will work as well and is available from our online shop.
HitmanPro.Alert 3 is free software if you already own a license for the HitmanPro on-demand anti-malware software.
Today we release the second Community Technology Preview of HitmanPro.Alert 3. This release bears the version number 3.0.12.73 CTP2.
Release notes
Added ability to protect custom applications against vulnerability attacks. Users can now use the ‘Running applications’ dialog under ‘Exploit mitigations’, which offers a user-friendly overview of the running applications and the ability to choose and protect applications against vulnerability attacks.
Added automatic exploit protection for 'Skype for Windows desktop'.
Added automatic detection of media applications to the built-in software radar. This means that applications that can open music or video files are automatically protected against exploit attacks (e.g. Windows Media Player, VLC media player, etc.)
Added a notification and ability to restart an application when the user updated its exploit mitigation settings.
Added ability to remove exploit mitigations from configured applications.
Added tray icon to summon the main user interface, scan the computer or check for updates.
Improved detection of uninstalled applications so that they are no longer listed under ‘Your web browsers’ or ‘Your applications’.
Improved the software radar to also detect 64-bit applications with 32-bit registrations; e.g. WordPad on 64-bit Windows is now correctly recognized.
Improved detection and blocking of malware downloads initiated from attacker-controlled memory.
Improved support for the Opera web browser, including Opera Next and Opera Developer.
Improved compatibility of ‘Active vaccination’ with installed applications.
Enabled the checkbox to ‘Perform malware scan after installation’ on the Install dialog.
Solved input lag that occurred in games like Battlefield 4.
Solved compatibility issue with some 64-bit security software, like Emsisoft Anti-Malware.
Many small fixes and improvements.
Remarks and known issues
Values of ‘Number of alerts’ and ‘Last alert shown’ in the main user interface are currently not available, but any exploit detection will be logged in the Windows Event Log.
Webcam Notifier works with webcams that use the Windows usbvideo.sys driver. Webcams using vendor specific drivers are currently not supported.
AutoIt applications like AdwCleaner show a warning when started. Temporarily disabling ‘Active vaccination’ in HitmanPro.Alert allows the AutoIt application to run.
The checkbox ‘Show border around applications’ under ‘Safety notification’ is currently checked and locked on purpose.
Sandboxie and Norton Security with Backup version 22 (BETA) can interfere with the drawing of the notification border around protected applications.
Agnitum Outpost Firewall on 64-bit versions of Windows is currently incompatible with HitmanPro.Alert 3.
Malwarebytes Anti-Exploit is currently incompatible with HitmanPro.Alert, but our Exploit Test Tool is compatible.
Installation notes
If you're already running CTP1, you must first uninstall CTP1, reboot the computer and then install CTP2.
NOTE: HitmanPro.Alert 3 CTP2 is pre-release software and should NOT be used in production environments.
Alert is mostly a free product, only Active Vaccination and the Exploit Mitigation requires a license. All other features are free!
The price for a license is the same as for HitmanPro as both HitmanPro and Alert use the same license.
So if you buy a license, you can use both products and basically get one product for free.
Hornet napisał:Długa droga, daleka, przed nami w tym teściku CryptoLocker robi z ProAlerta sieczkę :
HitmanPro.Alert 3 Build 79 CTP3
With each Community Technology Preview (CTP) of HitmanPro.Alert 3 we introduce new features for compatibility testing. CTP1 was our first development release of HitmanPro.Alert 3 wherein we introduced our hardware-assisted exploit mitigations. A few weeks later, with CTP2, we added the ability for users to add and protect custom applications through an easy-to-use Running Applications interface.
Now, for CTP3 we enabled our network inspection driver and Java Lockdown, while we also expanded support to all Intel Core i3, i5 and i7 processors for our hardware-assisted mitigations.
HMPA3CTP3.PNG
As before, this preview is released here at Wilders Security Forum only. A CTP is not to be used in production environments and for extra clarity we also added the "Not for review" phrase to this build. This as not all features are fully implemented yet.
Release notes
Improved hardware-assisted control-flow integrity (CFI) for detection of sophisticated ROP attacks.
CFI now supports all Intel Core i3, i5 and i7 processors from November 2008 and later, including codenames Nehalem, Westmere, Sandy Bridge, Ivy Bridge and Haswell.
Improved stack-based ROP mitigation for legacy Windows XP in virtual environments.
Improved repetition-based detection of attack code that starts via the heap (Dynamic Heap Spray).
Improved recognition of attacker-executed processes.
Improved compatibility with local Java applications and games.
Improved Restart Application handling when altering exploit mitigations of in-use applications.
Improved malware scan after installation.
Improved detection of Java runtime and added more media file types to the Software Radar.
Enabled network inspection layer to analyze and log attack pages.
Enabled the Java Lockdown security feature to block communication channels from malicious Java applications in the browser.
Enabled the alert counters on the main window.
Fixed BSOD on legacy Windows XP running on physical machine with Intel Core processor from 2011 or newer.
Fixed prolonged “Please wait” during boot on some computers.
Fixed compatibility issue with video streaming on e.g. Magine.com, which employs Digital Rights Management (DRM).
Fixed compatibility issue with the Microsoft MPEG2 audio and video plug-in.
Fixed compatibility issue with iTunes for Windows.
Fixed a memory leak in internal message handling.
Fixed event ID 6281 that caused audit failures.
Removed "New Process" and "Deny New Process" from Exploit Mitigations as they are now automatic and integrated into other mitigations.
Updated the Exploit Test Tool with two additional return-oriented programming exploit techniques: “ROP – system() in msvcrt” and “ROP – WinExec() via anti-detour”.
Updated the Exploit Test Tool Manual with an important note (in paragraph 2.5.1) on testing in virtual environments, advantage of our hardware-assisted technology (paragraph 2.5) over software stack-based approaches and background information on the two new ROP tests.
Remarks and known issues
Webcam Notifier works with webcams that use the Windows usbvideo.sys driver. Webcams using vendor specific drivers are currently not supported.
AutoIt applications like AdwCleaner show a warning when started. Temporarily disabling ‘Active vaccination’ in HitmanPro.Alert allows the AutoIt application to run.
The checkbox 'Show border around applications' under 'Safety notification' is currently checked and locked on purpose.
HitmanPro.Alert 3 is currently not compatible with Sandboxie on Windows Vista.
Sandboxie and Norton (Internet) Security can interfere with the drawing of the notification border around protected applications.
Agnitum Outpost Firewall on 64-bit versions of Windows is currently incompatible with HitmanPro.Alert 3.
The Export Address Table Access Filtering (EAF) module of Microsoft EMET 5.0 is currently incompatible with HitmanPro.Alert 3, but our Exploit Test Tool is compatible.
Microsoft EMET 4.1 Update 1 is fully compatible with HitmanPro.Alert 3.
Malwarebytes Anti-Exploit is currently incompatible with HitmanPro.Alert 3, but our Exploit Test Tool is compatible
Download
Zaloguj lub Zarejestruj się aby zobaczyć!
Please uninstall previous versions of Alert before installing CTP3.
Reporting issues
Please report issues via PM or via email:
Zaloguj lub Zarejestruj się aby zobaczyć!
Please send me a PM if you need a product key for testing purposes.
I want to thank the many Wilders forum members for testing the pre-release of CTP3. Without them this release would not be possible!