HitmanPro.ALERT Support and Discussion Thread

hi, ohgood, I did a fresh install of windows 10 AV update and I think I need a Microsoft signed driver version of HitmanPro.alert

 

I can't help with that Maybe surfright support can help? support@hitmanpro.com I know the dev's are work hard to get to stuff, but there is other tech support available. I had a minor issue they took care of.

 

Crackers!!! And I thought this was a thing of the past:


It happens consistently when opening Gmail from bookmark. Firefox48/32 bit/Windows 10 v.1607 b.14393.51/HitmanPro Alert v. 3.5.1. b. 550b. Does anyone else experience this? For me, not a big issue, but it's irritating and a little concerning.

 

Can't say for x86 but Firefox 48 x64 / Windows 10 Pro 14393 x64 / HMP.A 550b. No issue with Gmail as a bookmark on x64.

Have you done the usual like disabling add-ons or starting FF in safe mode?

 

There are going to be a LOT of annoyed people with broken drivers for all sorts of things after they do a fresh install of Windows 10 AU!

 

so just download the proper drivers before upgrading...

 

Well that's not always possible, since Microsoft activated there new and more stricter driver signing policy on July 29 2016. This new policy wasn't activated in de previous Insider builds, so a lot of developers (and thus many end-users) were a bit surprised by this when the RTM version of the Windows 10 Anniversary Update was released.

You can find more info in a blog from Microsoft here: https://blogs.msdn.microsoft.com/wi...r-signing-changes-in-windows-10-version-1607/

 

If the driver is available.

 

then it is the fault of the vendor, not MS.

indeed in this case it was a stupid move...

 

I didn't say it was the fault of Microsoft. Read my comment.

 

No to either, but then, Firefox is largely devoid of doo-dads anyway, just have uBlock Origin. Safe mode would eliminate HMP_A, right?, but it's already known this is involved. Adobe module is disabled but not the other two. Since it's very specific, ie: only involving HMP-A and opening gmail via bookmark, I guess it'll have to remain one of those mystery things, no way am I disabling DEP mitigations. It rarely occurs but when it does, it's always under the same circumstances.

 

Starting Firefox (not Windows) in safe mode from the command line, ie

"C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode

will disable extensions (not HMPA), so you can see if extensions have anything to do with the problem.

 

Oops, guess who's been using Windows safe mode a lot lately, sorry for mix-up. It's only the adblocking extension, now and before, so there's nothing to eliminate. I can say, though, that a bona fide issue with Firefox is periodic and unpredictable memory handling problems. At one point, I had only one tab open with Firefox consuming over 1000 mb of RAM. There was also a RADAR_PRELEAK info in Event Viewer. Nevertheless, Firefox, from what I've read, doesn't seem inclined to address it, it's always the other guys' fault. Long ago, Erik Loman suggested to disable DEP mitigations in HMP-A's interface but I'd rather deal w/crashes now even though his recommendation was effective.

Can't stand the idea of Microsoft's invading one's BIOS. It's my machine with their PAID software on it.

 

Sorry to prompt again, but any ETA on when HMPA will be signed? I can't disable secure boot for work reasons, and not using HMPA is just wasting days/weeks on my licenses. Its getting to the stage where I may have to install something else due to the uncertainty. A beta would be no use either, again; work/security/stability reasons.

 

thank you ohgood

 

That did the trick. Thanks a bunch.

 

Don't mind

Guys, I'm a bit late but I've got a suggestion by a friend of mine (AFAIK he's a member here too), regarding a possible conflict between Zemana AntiLogger (short: ZAL) (using the current stable v2.21.204.465, and HMP.A BETA v3.5.1 B550), and hey, I'm surprised but he's right. Once you deactivate Identity Protection in ZAL, HMP.A works fine alongside Chrome. Note that it doesn't care if you have the realtime protection of ZAL activated or not, it mustn't even autostart or run, but there is a service running in memory regardless any option you take.

Spoiler: Anti-Keylogger

 

I have ZAL but i don't see anything that says identity protection.

 

Spoiler: ID Protection

 

My ZAL has not updated since Dec 2014 i just noticed.

 

I haven't looked into what conflict there is but I assume it's that both ZAL and HMP.A are trying to encrypt keystrokes making things mess up. Solution is disabling Keystroke Encryption in either ZAL or HMPA (unless the issue is with another module) ZAL 2 has keystroke encryption in the ID Theft Protection setting. ZAL 1 probably has a specific Keystroke Encryption setting.

 

Realistically you need then to go to "Plan B". While I don't know your secure boot issues, losing secure boot is less risky that losing HMP.A in my opinion. If you can't do that, then MB Anti-Exploit is where I would head until the signing thingy gets worked out (assuming the signing thingy is working with MBAE.). Ain't Microsoft great!

 

Hi All, quick question re setup of Macrium & MMPA - add Macrium to protection or exclude?

Thanks!

 

This is an expected issue, when you run two apps with keystroke encryption parallel.
Better run ZAM, instead of ZAL, together with HMP.A.

+1
Secure-Boot is overrated.
Either an attacker already made it to your machine, then secure-boot won't stop him,
or an attacker has physical access to your machine, then secure-boot won't stop him as well.

Don't add software to mitigation, until there is an urgent reason.
Macrium Reflect is a disk imager, not a target for exploits.
You may want to add it to exclusions, in case of any issue, or temporarily disable MBR protection in HMP.A, if necessary.

 

Thanks Hiltihome! Glad I asked.