HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    Is a USB SSD attached to your computer? It used to cause me a blue screen then. If so, disable the BAD USB feature in HitmanPro.Alert.
     
  2. heikwith

    heikwith Registered Member

    Joined:
    Jul 29, 2002
    Posts:
    91
    Libraman,
    I got a repeatable BSOD when plugging in a USB stick with disabled BAD USB feature.
    I can not read your stopcode, but it can be the same bug.
     
  3. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    Unfortunately, I have had it many times before until I realized what was causing it. I have since turned off the BAD USB function and since then everything is fine.

    My USB SSD (If any of these were turned on, it was always BSOD):

    USB 3.0: Samsung SSD 850 PRO 256 GB
    USB 3.0: Samsung Portable SSD T5 500 GB

    During work, there was never a BSOD, only at power up or restart!
     
  4. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    Very interesting alarm! This occurred while checking F-SecurityOnlineSanner. The Tor Browser did not run!

    2020-03-08_095643.jpg 2020-03-08_095728.jpg 2020-03-08_095740.jpg

    HitmanPro.Alert 3.8.2 build 865, Windows 10 64bit 1909 build 18363.693, Tor Browser 9.0.5., F-Secure Online Scanner v. 8.4.89.93

    When the TOR browser is running there is no alarm!
     
    Last edited: Mar 8, 2020
  5. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,294
    Location:
    USA
    With latest version of HPA 3.8.2 865 every time I turn on computer or reboot I have to reactivate my license key. I am using Windows 7 SP1 Pro x64 with Emsisoft Anti-Malware and AppGuard. Problem started with latest version.
     
  6. Libraman

    Libraman Registered Member

    Joined:
    Apr 26, 2016
    Posts:
    196
    Hi @feerf56
    I have BadUSB feature disable a long time ago and no, no SSD here.

    Hi @heikwith
    The system has a USB Stick for Ready Boost and it's always ON. Maybe it's the problem with this versión.
    Anyway, the system work fine.. no more blue screen.
    I sent a dump archive to support and waiting any anwser
     
    Last edited: Mar 8, 2020
  7. solitarios

    solitarios Registered Member

    Joined:
    Mar 28, 2016
    Posts:
    230
    Sandboxie.
     
  8. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    I do not understand you.
     
  9. solitarios

    solitarios Registered Member

    Joined:
    Mar 28, 2016
    Posts:
    230
    at first glance you can see that he has a conflict with sandboxie. That's what I meant, that's all.
     
  10. guest

    guest Guest

    Sandboxie is mentioned in the Process Trace. Only as a reminder:
     
  11. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324

    + solitarios


    Tor Browser not running in Sandboxie! The Sandboxie was empty at the time of the alarm.

    I've been using Sandboxie and HitmanPro.Alert for a long time (several years), but I've never had an alert like this.
     
    Last edited: Mar 8, 2020
  12. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,131
    Location:
    Baden Germany
    @feerf56:
    You posted so many issues in this thread, that my conclusion is:
    Your setup is not compatible, and most likely never will.
     
  13. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    No, no, no and no. I've had no alarms for about 6 months. This is my first alarm ever since. For most of my older problems were for 1 (one) reason: BAD USB (It was really a compatibility issue). Ever since I turned this off, I've had no (zero) problems. This problem has nothing to do with my older problems. Then what about my settings? On the other hand, this problem is not really serious, but rather interesting.

    Anyway, writing such is much easier than actually answering and interpreting the "problem" being raised.
     
    Last edited: Mar 9, 2020
  14. Libraman

    Libraman Registered Member

    Joined:
    Apr 26, 2016
    Posts:
    196
    Crash dump analisis
    CC @RonnyT
     
  15. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,131
    Location:
    Baden Germany
    HMP.A 3.8.2 b865 works flawless here. W10-18363.693
    All modules enabled, all default.
    No issue with Bad-USB, connecting USB3.0 SSD from several brands, including Samsung.
     
  16. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,760
    @RonnyT
    @markloman

    Is this bug (been in a few releases now) going to be fixed for W7 32/64-bit?
    Code:
    
    Faulting module name: CRYPT32.dll, Exception code: 0xc0000005
    
    2020-02-15  01:54        45,127,635 hmpalert.exe_200215_015421.dmp
    2020-02-15  01:54        45,197,791 hmpalert.exe_200215_015426.dmp
    2020-03-09  10:22        51,366,816 hmpalert.exe_200309_102225.dmp
    2020-03-09  10:22        51,620,654 hmpalert.exe_200309_102226.dmp
    2020-03-10  23:42        50,784,575 hmpalert.exe_200310_234211.dmp
    2020-03-10  23:42        51,058,513 hmpalert.exe_200310_234222.dmp
    
    2020-02-21  11:19           777,120 hmpalert.exe(1).992.dmp
    2020-03-09  21:21           788,628 hmpalert.exe.892.dmp
    2020-02-15  11:18           800,895 hmpalert.exe.992.dmp
    2020-02-15  11:24           784,832 hmpalert.exe.996.dmp
    
     
    Last edited: Mar 11, 2020
  17. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    There is a problem with the BAD USB function of HitmanPro.Alert on some Samsung USB drives which I have already written above. Not so long ago I documented it accurately to the developers.

    There was a problem with these:

    USB 3.0: Samsung SSD 850 PRO 256 GB
    USB 3.0: Samsung Portable SSD T5 500 GB

    when you turn on your PC or restart it (blue screen). Everything was fine during work.
     
    Last edited: Mar 11, 2020
  18. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,383
    I have had a few unexplainable BSOD's after installing 865.

    Only at boot, but without a USB drive attached (USB keyboard/mouse are attached though).
     
  19. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    581
    Location:
    Hengelo
    HitmanPro.Alert 3.8.2 Build 867 Released

    Changelog (compared to build 865)
    • Fixed an issue with CryptoGuard 5 when it handles very large files, that could've lead to a BSOD.
      MITRE ATT&CK T1486 - Data Encrypted for Impact
    • Added Prevent token privilege manipulation to Local Privilege Mitigation (PrivGuard).
      When a new process is created it checks if the parent process still has the same set of privileges that it started with.
      This mitigation also thwarts a specific CVE-2020-0769 exploit attack, crafted by the SophosLabs Offensive Security team, which attempts local privilege escalation via the new SMB v3 vulnerability. Video: https://www.youtube.com/watch?v=50cqXOLx-M4
      Background on this month's Patch Tuesday: https://news.sophos.com/en-us/2020/...2020-fixes-the-serious-smb-bug-cve-2020-0796/

      MITRE ATT&CK T1134 - Access Token Manipulation
      MITRE ATT&CK T1068 - Exploitation for Privilege Escalation


    • Improved Credential Theft Protection (CredGuard) when an attacker attempts to export the Security Account Manager (SAM) database from the Windows Registry for offline password dumping (e.g. via Mimikatz).
      MITRE ATT&CK T1003 - Credential Dumping
    Download
    https://dl.surfright.nl/hmpalert3.exe

    Let us know how this version runs on your machine :thumb:

    Thanks!
    Mark
     
    Last edited: Mar 12, 2020
  20. Valdez

    Valdez Registered Member

    Joined:
    Apr 21, 2016
    Posts:
    50
    Location:
    Italien
    Manual update all right
    Thank you!

    upload_2020-3-11_22-24-58.png
     
  21. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    I thought we weren't supposed to add security programs to HMP.A. In your case I see Kaspersky and Malwarebytes at least.

    @markloman ?
     
  22. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,131
    Location:
    Baden Germany
    Updated from within HMP.A, to build 867
    Still no BSOD, or any other issues yet.
     
  23. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,941
    Location:
    USA
    Build 867 running on two 7x64 machines without issue so far.
     
  24. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    Automatic update to version 867. No problem.
     
  25. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    No problems upgrading build 867.

    Win10 1909 build 18363.719 x64/Norton Security v22.20.1.69
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.