HitmanPro.ALERT Support and Discussion Thread

Thanks @Victek. WSA Identity Protection protects against keyloggers, so I guess HMP.A Keystroke Encryption disables itself, as per Erik's earlier post #5852

 

Following the recent instruction in Erik's that build 188 could upgrade without uninstalling, I did so with the just released build 189.

However, after the reboot I got two application errors:

explorer.exe

"0x7c919afc" referenced memory at "0x00000010". The memory could not be written.

HitmanPro.exe

"0x7c919afc" referenced memory at "0x00000010". The memory could not be written.

I have no desktop, just the windows theme...nothing else.

To get out, I used the windows key + L which brought me back to the login screen, again and where I enter my password. I chose to reboot, instead.

After rebooting, i got the same two application errors...

However, because I have FD-ISR, I was able to boot away from the HMP.A snapshot, that now appears to be kaput.

 

I can confirm that apps using the Office template are not showing the live encryption indicator with this build. Also the encryption indicator is showing in IE 11.

 

HitmanPro.Alert 3.0.42 build 189
IE11 and Chrome43 and 'Other' have keystroke encryption.
So, I'm back to only Firefox38 sans keystroke encryption.
Cheers ~ W8.1 x64

 

I was able to get back in with Safemode, and I tried a System Restore which proved unsuccessful, after reboot.

Went back into the problem snapshot with Safemode, this time after logging into my administrator account.

Then into Add/Remove programs via Control Panel for the uninstall of HMP Alert.

This time it booted up, with the task bar, and desktop icons showing and ths systray icons loading at start.

Sigh of relief... And, as it is nearly 2:20 am Friday morning, I am off to bed.

 

I don't whether to risk installing HMP Alert, again...It seems to be able to cripple a system, very easily.

 

maybe it's the right time to redesign your security setup??

 

Build 188 was terrible for me: all text was gone in Windows!

Had to boot into safe mode to uninstall HMP.Alert.

Will try build 189 later today.

 

I also had troubles with the latest 2 updates.
Tried 189, updating from 187 and my computer wouldn't boot. Had to boot into safe mode and uninstal it.
After fixing that I then installed 188 and again pc wouldn't boot up. Left it about 30 mins on a black screen. Needed to force the computer off each time.
Went into safe mode again to uninstal. Now I have neither, thinking about installing 187 or wait for a newer version.

 

Same problem with build 189. Build 187 is still fine.

 

Erik, Mark,
do you recommend to install HMP.Alert in production environment, at current point of development?

Although we have NAS-Backup, I'm not feeling comfortable anymore, regarding ransomware (TOX and others...)

We are running Windows Server 2008R2, exchange and sharepoint. (20 clients)
Security is TrendMicro Worry free Business.

 

Are there any specifics mentioned by Windows or HitmanPro.Alert in the Windows Event Log about this?
On what version of Windows did this happen and what other security software do you have installed? I'd like to investigate and potentially reproduce this, thanks!

 

Still happening with 189:
https://www.wilderssecurity.com/thr...iscussion-thread.324841/page-235#post-2492166

 

The good:

On both my Windows Vista x86 and Windows 7 x64 machines that had HMPA 3.0.42.188 beta, I installed 3.0.42.189 and rebooted. Luckily I had no issues like Tarnak, XIII, or Fingol.

I can confirm that the IE9 Lockdown issue that I reported was resolved with build 189. Thanks very much.

And as others already confirmed, the issue with bogus "Encrypting" flyout in LibreOffice and WordPad is resolved.

And disabling "Auto-hide colored windows border" now works as expected, so that seems to be fixed.

The bad:

The "Encrypting" flyout in Windows Vista x86 IE9 and Windows 7 x64 IE11 is still not as it should be, I suppose. Some moments it is there and working, other moments it isn't.

And some issues that I reported earlier are still pending:

Triple flyouts with opening LibreOffice applications.

GOM Player no longer listed as one of the standard protected applications.

Colored borders do not show with maximized VLC media player on Windows Vista x86.
I do not know if the same issue applies to VLC media player on Windows 7 x64.
For other applications that I mentioned April 12, the issue seems resolved.

Colored borders do not show with IE9 and IE11 InPrivate Browsing, if InPrivate Browsing is opened from within the already open regular browser.
However, if IE11 InPrivate Browsing is started from the Windows 7 Taskbar shortcut option, in that case colored borders correctly show with IE11 InPrivate Browsing.
(In Windows Vista there is no standard option for opening InPrivate Browsing other than from within the already open regular browser.)

 

I don't know what you mean, specifically. I am running EAM, Kingsoft PC Doctor. They shouldn't be causing any problem.

Just to show, from earlier this is how I started before the snafu:

 

Also not good:
With HMPA 3.0.42.189 and "Show colored window border around protected applications" and "Show live Keystroke Encryption in colored window border" enabled and "Auto-hide colored windows border" disabled, for testing (normally I don't use those settings), two times Vista x86 IE9 hang, for maybe 20 or 30 seconds.
This happened when switching browser tabs and refreshing one of the pages, if I remember correctly.
I'm not sure if there was or wasn't a relation with HMPA 3.0.42.189 and the mentioned settings.

 

Running outdated versions of Windows should not be supported by HMP.Alert anymore.

That's my point.

 

Hiltihome,

Are you saying, that I am running an outdated version of windows?

 

*cough* Windows XP *cough*
Even Mandatory ASLR will not save you on Windows XP. system dlls cannot be relocated afaik. (Just an example: Almost every previous zero-day hitting IE on Windows XP used a ROP chain based on gadgets in msvcrt.dll and that is one of the dlls that is not randomized)

 

Yes, that's what I'm saying.
Look at the pictures in your post#5942

Also you are over armored, that's what's causing your issues.

My point. Of course...

I haven't had any issue, since build 187.
Former issues where caused by incompatibility with MBAM and mid-sized Cherry keyboard.
All fixed.

 

Thanks Erik.

 

No problems with Sandboxie 4.18 (W7 64 bits/build 189).

From 4.18 release notes: Added Hitman Pro Alert to templates.ini

 

HitmanPro.Alert 3.0.42 build 190

Changelog (compared to build 189)

• Fixed compatibility issue with some third-party security software on Windows XP.

Download
http://dl.surfright.nl/hmpalert3.exe

You can install this build without uninstalling your existing version.
Existing users are not yet automatically updated to this new version.