HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. denniz

    denniz Registered Member

    Joined:
    Jul 26, 2007
    Posts:
    436
    Location:
    The Netherlands
    It only works when secure boot is off in de UEFI bios after a clean install of Windows 10 Anniversary.
     
    Last edited: Aug 9, 2016
  2. 142395

    142395 Guest

    I spoke too soon and should have read other posts.:(
    So currently Edge is out of scope for key stroke encryption and Chrome too?
    I see in advanced setting pane those 2 browsers are excluded from key stroke protection.

    Lol.:thumb:
     
  3. emil emil

    emil emil Registered Member

    Joined:
    May 5, 2016
    Posts:
    28
    HitmanPro.Alert 3.5.1 Build 548 BETA

    Mitigation CryptoGuard

    Platform 6.1.7601/x64 06_1e
    PID 10472
    Application C:\Users\user\AppData\Local\Temp\irsetup.exe
    Description SUF60Runtime 6.0.1

    Filename C:\Users\user\AppData\Local\Temp\irsetup.exe

    C:\Program Files (x86)\WYSIWYG Web Builder 11\gallery\Cupertino 1\bottomleft.png
    C:\Program Files (x86)\WYSIWYG Web Builder 11\gallery\Cupertino 1\bottom.png
    C:\Program Files (x86)\WYSIWYG Web Builder 11\whatsnew.txt
    C:\Program Files (x86)\WYSIWYG Web Builder 11\WebBuilder.exe

    Process Trace
    1 C:\Users\user\AppData\Local\Temp\irsetup.exe [10472]
    2 G:\Downloads\webbuilder11\setup.exe [10780]
    3 C:\Windows\explorer.exe [3468]
    4 C:\Windows\System32\userinit.exe [1748]
     
  4. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    581
    Location:
    Hengelo
    I found out that if you have hardware from Microsoft, like a Surface Pro or Surface Book, you can also run into this issue when you upgrade to Windows 10 version 1607 (Anniversary Update). Is your hardware from Microsoft?
     
  5. denniz

    denniz Registered Member

    Joined:
    Jul 26, 2007
    Posts:
    436
    Location:
    The Netherlands
    Nope, I have no hardware from Microsoft, I have a Logitech keyboard and mouse. It's a small mediacenter I build myself around a Gigabyte mainboard. There's a HDMI cable to my Samsung tv and an optical cable to my Harmen Kardon receiver. That's the only external hardware hooked up to the pc.

    I did a clean install of Windows 10 Anniversary Update with Secure Boot turned off afterwards, then HMPA worked again. You suspected Bitdefender might be causing the problem not loading the AdGuard interface?
     
    Last edited: Aug 9, 2016
  6. emil emil

    emil emil Registered Member

    Joined:
    May 5, 2016
    Posts:
    28
    Mitigation Lockdown

    Platform 6.1.7601/x64 06_1e
    PID 10376
    Application C:\Users\user\AppData\Local\Temp\PotUpdate\PotPlayerSetup.exe
    Description PotPlayer Setup File

    Filename C:\Users\user\AppData\Local\Temp\PotUpdate\PotPlayerSetup.exe
    Created By C:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe


    Process Trace
    1 C:\Users\user\AppData\Local\Temp\PotUpdate\PotPlayerSetup.exe [10376]
    "C:\Users\user\AppData\Local\Temp\PotUpdate\PotPlayerSetup.exe" /S /NoFLink /NoCleaner /NoHomePage /DefRun
    2 C:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe [5744]
    "C:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe" "G:\Downloads\D2014.avi"
    3 C:\Program Files (x86)\DAUM\PotPlayer\DTDrop.exe [9260]
    "C:\Program Files (x86)\DAUM\PotPlayer\DTDrop.exe" -Embedding
     
  7. Armadax

    Armadax Registered Member

    Joined:
    Sep 13, 2015
    Posts:
    19
    Location:
    Zuid-Holland
    No problems here: win 10 (pre-ann.), Kaspersky 2016 (2017 not yet available in Dutch)
     
  8. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    Thanks for the info, Windows_Security :)
     
  9. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    There's an incompatibility between HitmanPro.Alert 3.5.1 Build 550 BETA and Zemana Antilogger 2.0

    HitmanPro.Alert's keystroke encryption doesn't work. Have to disable it to type when using a browser.

    - Disabling real-time protection and ID theft modules on ZAL doesn't fix the issue
    - Disabling startup on ZAL also doesn't fix the issue

    Only uninstalling ZAL 2.0 worked. Now HitmanPro.Alert keystroke encryption is working well.

    This is on Windows 10 Home Anniversary Update.

    You were using Zemana AntiMalware and not the new Zemana Antilogger 2.0, correct?
     
  10. miguelgrado

    miguelgrado Registered Member

    Joined:
    May 25, 2014
    Posts:
    35
    Location:
    Asturias-España
    HitmanPro.Alert 3.5.1 Build 550 BETA

    Fix bug with Memory Cleaner

    Thanks :thumb:
     
  11. escalibur

    escalibur Registered Member

    Joined:
    Jun 29, 2013
    Posts:
    118

    Most of us are here to help them with their product. I'm sure they have good time management no matter who is posting and what. ;)

    Mark and Erik can correct me if I'm wrong. :)
     
  12. @erikloman & @markloman

    Fail of HPMA against Hitler ransomware?

    First I want to say that it bothers me that "discovery" video's of malware analist working for product X have competing products installed to make it look like the competitor's product (in this case Kapersky and HPMAlert) don't protect against these (new) variants. So I am with you before you start blaming me for bashing HPMA.

    This demonstration video of Jakub Kroustek (malware analist at AVG) shows the attack of the Hitler ransomware.
    He seems to have both Kapersky and HPMAlert active (when you look at active processes).

    Two questions:
    - Is HPMA specifically attacked? At 1.20 in the video the icon of HPMA disappears
    - Does HPMA indeed fails to protect against Hitler Ransomware variants?
     
  13. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    I'm running the latest version 52 of 32-bit Chrome and keystroke encryption is working OK.
     
  14. @SHvFl any explanation for the disapparing HPMA icon at 1.20 (Kapersky icons stay visible)?
     
  15. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    Is there a way to determine what version of HMPA is running on the system? I watched the video and couldn't see it.
     
  16. No that is why I asked the Loman brothers, also the HPMA icon disappearing is intruiging. When it is true that this ransomware specifically targets HPMA, then this is sort of acknoledgement by malware writers that HPMA is something that limits attack success, which in itself is a compliment.
     
  17. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    Yes, it would be helpful generally if the HMPA tray icon would reflect the state of protection, ie active/inactive. It would also be nice if it indicated running in free Vs licensed mode.
     
  18. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I wonder how this ransomware gets on your system in the first place?
     
  19. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    keyboard encryption still working after 21 hours, will test again in a couple of days more uptime.
     
  20. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    I think it could possibly get on the system running emsisoft in execute only mode for file scanning with limited extension scanning enabled and downloaded via outlook email given that emsisoft dont scan emails anymore (odd design decision).
     
  21. denniz

    denniz Registered Member

    Joined:
    Jul 26, 2007
    Posts:
    436
    Location:
    The Netherlands
    I further experimented a bit myself with Bitdefender. It seems the Active Threat Control function in Bitdefender is blocking the Adguard interface. After adding some process exclusions in Bitdefender regarding AdGuard it al began to work. Must have been a recent update, because I never had any problems before. The exclusions I added in Bitdefender were: Adguard.exe | AdguardSvc.exe | Adguard.Tools.exe

    There must be some weird interaction between HMPA and Bitdefender that causes the problem, because uninstalling HMPA also solves the problem. But now I can have all three installed again. :)

    Mystery solved. I'm gonna make a ticket to Bitdefender support about this, but knowing there support department, they are gonna make me jump through hoops again regarding uninstalling all security related software before they are gonna help me... fingers crossed that they don't tell me to uninstall AdGuard completely.. because regarding another question I have asked Bitdefender they asked me to uninstall HMPA...
     
    Last edited: Aug 9, 2016
  22. denniz

    denniz Registered Member

    Joined:
    Jul 26, 2007
    Posts:
    436
    Location:
    The Netherlands
    I agree, we are all helping to make HMPA a better product. If nobody reported any problems then HMPA would be a lesser product with bad reviews and less sales because of all the bugs. So I think Erik and Mark are glad we are reporting the stuff we encounter, because it makes things better for everyone, including SurfRight/Sophos.. :)
     
  23. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    Each time one of your countless (EIS, HMP.Alert, Sandboxie, AppGuard, NVT ERP, Heimdal and did I forget something, I probably did) realtime protection tools gets defeated, you ask this question. If you answer it honestly, your own entire fear-based security setup becomes obsolete.
     
  24. plat1098

    plat1098 Guest

    What do you suggest then? An anti-executable? I'm really interested; my security, after a bitter turmoil with Windows, is now minimalist-- includes HitmanPro Alert, though. I don't like third-party AVs anymore, they're too buggy and glitchy with each other, and there's too much marketing BS to sift through with this ransomware thing. Ideally your brain is your best protection, and hey, it doesn't cost anything, but that's not my best solution, unfortunately.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.