HitmanPro.Alert

[harlan4096]

HitmanPro.Alert 3.21.1 Build 2043 (stable)

Changelog (compared to 2019)

• Added: Vulnerable Driver Guard
  • Vulnerable Driver Guard, part of Process Protection, aims to provide signature-less, universal protection against AV/EDR Killers that abuse legitimate but vulnerable kernel drivers.
    
  • It helps prevent attackers from disabling security software or bypassing tamper protection, and reduces the risk of manipulation of critical operating system security mechanisms, even when trusted or digitally signed drivers are used.
    
• Added: ETW Guard
  • ETWGuard, part of Process Protection, protects Event Tracing for Windows (ETW) from manipulation by attackers.
    
  • ETW is critical security infrastructure used by most AV and EDR solutions for detection and monitoring, but is typically left unprotected by those same products.
    
  • ETWGuard hardens the code regions responsible for ETW functionality, blocking malware attempts to blind security tools, even though HitmanPro.Alert itself does not rely on ETW.
    
  • This prevention-first approach stops attacks that would otherwise evade detection by disabling security telemetry.
    
• Fixed: ARM64 driver issue on Win10
  
• Fixed: Compatibility issue with Sophos Home
  
• Fixed: Intruder issue with Bitdefender and Tor browser
  
• Fixed: Right click on "Last event" now prompts for Admin permissions if needed for cleaning
  
• Improved: Syscall
  
• Improved: HeapSpray
  
• Improved: SyscallX64
  
• Improved: HollowProcess
  
• Improved: Selfprotection
  
• Improved: Alert report details
  
• Improved: HWBGuard (Hardware Break Guard)
  
• Improved: UI Process protection descriptions
  
• Improved: False Positive suppression logging
  
• Improved: UI now shows if run as Administrator or not
  
• Improved: CookieGuard added protection for AppBound cookie security & IElevator2
  
• Improved: Exploit Mitigation panel shows selected template name per application
  
• Improved: Process protection UI pumpkin now shows 1/2 grayed-out if one of the protections is disabled
  

https://dl.surfright.nl/hmpalert3b2043.exe

Auto-update from 2019 is on.