HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. MikeRepairs

    MikeRepairs Registered Member

    Joined:
    Mar 26, 2014
    Posts:
    81
    Location:
    Kissimmee, FL
    Attack Intercepted when plugging in 8GB Flash drive
    Acronis True Image 2016 Build 6571
    Windows 10 Home 1511 64 bit

    I tried the latest HMPA 548 beta but it still happens

    Mitigation WipeGuard

    Platform 10.0.10586/x64 06_5e
    PID 2804
    Application C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
    Description Managed Machine Service Mini 12

    Master Boot Record (MBR)
     
  2. guest

    guest Guest

    I think Acronis True Image wants to write to the MBR, so you have to disable the MBR Protection temporarily.
    Disable it and try it again.
     
  3. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    575
    Sorry, I don't know the answer to that. I'm using IE11. If you mean the Custom Level settings in the Security tab under Internet Options, then Active Scripting and Java Applets are enabled. If you have something else in mind, let me know and I'll look around.
     
  4. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    never mind, I can reproduce characters on Norton forum from Firefox by blocking scripts.
     
  5. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    575
    What might be the solution to these Asian characters showing up in IE?
     
  6. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    Problem with keystroke encryption. Build 548 beta, IE11 sandboxed (beta 5.13.3).

    1.JPG

    Win10 1607 build 14393.10 x64/Norton Security v22.7.0.76
     
  7. escalibur

    escalibur Registered Member

    Joined:
    Jun 29, 2013
    Posts:
    118

    Any comments on this issue?
     
  8. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,868
    Location:
    Outer space
    Is the autoupdate disabled on beta versions? One machine is still on b534.
     
  9. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    581
    Location:
    Hengelo
    This is not an issue. Uplay doesn't want ANY third-party code in their game, including security software. So they built something to prevent this from happening. You can ignore it the message.
    If we'd counter this, the game wouldn't start which is bad user experience.
     
    Last edited: Aug 4, 2016
  10. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    581
    Location:
    Hengelo
    And unsandboxed? Is encryption working?
     
  11. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    Encryption works sandboxed and unsandboxed. This particular problem happens now and then.
     
  12. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    Same problem see post #8823.
     
  13. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,843
    Location:
    the Netherlands
    @erikloman
    @markloman
    The issue that I reported yesterday seems to be fixed!
    Did you change something on the SurfRight side?
    If so, thanks very much, that resolved the issue!
    If you didn't, then something else changed.
    Yesterday, I installed KB3172605, that replaced the previously installed KB3161608.
    Also, yesterday I installed Microsoft .NET Framework 4.6.2, that replaced Microsoft .NET Framework 4.6.1.
    However, I don't see how that would have solved the mentioned issue.
    Anyhow, the mentioned issue seems to be fixed, which is great.
     
  14. 142395

    142395 Guest

    Tho it is somewhat expected, keystroke encryption doesn't protect me.
    My setup is Win10x64, and ofc the function is enabled in HMPA setting.
    Tested on Edge, Chrome, and notepad w/ some keylogger test tools.
    It seems responsible process is working, as sometimes I have some input problem which I also experienced in Keyscrambler in past.
    I guess this is thanks to my keybord, but it will be better that HMPA says "Your keyboard is not supported so keystroke protection can't be applied" etc.
     
  15. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    581
    Location:
    Hengelo
    Thank for letting us know, but we haven't done anything on our end. Good to hear all's well now :thumb:
     
  16. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,843
    Location:
    the Netherlands
    Thanks, Mark.
    I suppose it was one of those mystery thingies ...

    However, the other bug that I reported, that one is still there.
    As I reported, with HMP.A 3.5.1.548 beta, with HMP.A setting "Safety notification - Once per login session", there is only one flyout per boot session, instead of one flyout per login session.
    Although, for one moment I thought this bug had resolved as well, as on one occasion after logging out and logging back in, I got a HMP.A flyout in the second login session. But after logging out and logging back in once more, there were no more HMP.A flyouts with opening a protected application.
    So that reported bug in HMP.A 3.5.1.548 beta is still there.
    Have you been able to reproduce this issue, and will it be fixed in a next build?
     
  17. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    Is it the case that HMPA will not notify if you log in with a different user account or does it only happen with the same account?
     
  18. escalibur

    escalibur Registered Member

    Joined:
    Jun 29, 2013
    Posts:
    118

    Ok thanks for the information. Is there any chance that we could have 'whitelist' feature in HitmanPro.ALERT so that we could exclude processes like these? I'm sure Uplay/BattleEye is not the only one. The most ideal situation would be if Hitman could stay totally invisible to software like these.
     
  19. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,843
    Location:
    the Netherlands
    Both.
    After logging out and then logging in in the same user account, and also when logging out and then logging in in another user account.
    With HMP.A 3.5.1.548 beta, with HMP.A setting "Safety notification - Once per login session", there is only one flyout per boot session, no matter what user account. (N.B. Except for one occasion after logging out and logging back in, when I did get a HMP.A flyout in the second login session, as I mentioned.)
     
  20. guest

    guest Guest

    It already has a "whitelist feature" ;)
    With HMP.A 3.5 it's possible to exclude processes from being protected.
     
  21. JayKatai

    JayKatai Registered Member

    Joined:
    Dec 16, 2015
    Posts:
    23
    I only use ESET and HMPA, I also use Sandboxie but not often.

    Sometimes keystroke encryption works fine, the indicator at the bottom right for example shows the scramble, but sometimes it doesn't and it just shows the keys I'm pressing. This happens both unsandboxed and sandboxed.
     
  22. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    On my win10 box, I was uninstalling avast and the uninstaller was killed by HMPA leaving avast in a half uninstalled state.
     
  23. zagtastic

    zagtastic Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    16
    Location:
    san diego
    hey guys. been googling and have searched this thread, but am having a major issue and have not found any help.

    i wiped my PC and used the media creation tool to create a fresh windows 10 anniversary update disk. after a fresh install i grabbed all windows updates, then installed bitdefender 2016, mbam, and finally the release version hitmanPro.alert. unfortunately, i got windows popup errors saying that it blocked the installation of 3 hmpa drivers and that i need to get signed ones from the devs, and hmpa didn't appear to run. manual scans also failed.

    this seems to be because i did a clean install of the anniversary update, rather than allowing windows to update, as doing so (i believe) would have effectively grandfathered the necessary drivers in.

    anyway, i stumbled onto this thread, uninstalled the current release version, rebooted, and installed the beta version posted a couple pages back. things are a little better now as manual scans succeed and the ui actually recognizes that it is registered and enabled, but the driver warnings still popped up during the install and i am unsure whether i am actually protected (tho, if anyone is curious, it does appear that the anti-keylogger is working :) )

    so, is this a known issue? am i protected now? when will there be a build (beta or otherwise) that resolves this issue? is there anything i can do to hack this myself? thanks much.
     
    Last edited: Aug 4, 2016
  24. guest

    guest Guest

    HMP.A 3.5.1 Build 548
    There are some problems with programs started as Administrator. (No Colored Window border, No live Keystroke Encryption...)

    Setting: Colored Window border - All Options enabled
    Protected Programs (started as Administrator): No Colored Window border + No live Keystroke Encryption (*)
    Protected Programs (started with normal user-rights): Colored Window border + live Keystroke Encryption

    Setting: Colored Window border - only the first 2 options enabled

    Protected Programs (started as Administrator): Colored Window border + No live Keystroke Encryption (*)
    Protected Programs (started with normal user-rights): Colored Window border + live Keystroke Encryption
    Edit: (*) Keystrokes are encrypted (verified with Zemana KeyLogger) but the encryption is not shown in the lower right corner
     
    Last edited by a moderator: Aug 5, 2016
  25. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    Is hmpalert 3b548 the latest Beta Build? Or was it a specific fix for PezZy's banking issue?

    see post
    #10634
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.