HitmanPro.ALERT Support and Discussion Thread

Hi @RonnyT & @markloman ,

My 2 x two year subscriptions are expiring. Any chance of getting a license for testing, like the old days?

Thank you for considering.

 

@RonnyT

When HMP.A catches something from my Sandboxie'd browser, HMP.A can't close the browser, even though the message says it is closing the browser. What I normally do then is close the browser manually, and then reboot for good measure. 2 questions:

a) Is Sandboxie interfering with HMP.A trying to close the browser?
b) Would closing the browser stop the attack? If the attack was a privilege escalation, would the attack code still live in the escalated process?

 

@Krusty. A few pages ago you said you aren't using Sandboxie anymore, have you tried ReHIPs ? It appears to work without using any hooks. I tested the present RC1 code and it seems fine. Only problem is, their trial version only allows 10 processes of any isolated application and Chrome starts around 10 processes of itself and I can't open 2 or more tabs without reaching that limit. And the ReHIPs store is undergoing changes and I can't make a purchase .

 

Why would anyone use ReHIPS? It's dead software and haven't been updated in 3-4 years?

 

No, never tried ReHIPS.

 

@Sir Percy Just because they didn't come up with new versions doesn't mean they are no good. i like stability. Anyways, they aren't dead, they just came out with a new version this year.

 

I just had HMP.A using between 20% and 45% CPU and making my whole PC struggle. Programs and even Task Manager taking ages to open. As soon as I uninstalled HMP.A and before a restart my machine immediately became quick and responsive. I have since completed the required system restart and am deciding whether to reinstall or not.

 

Was it the only process using a lot of CPU?

If you are familiar with Sysinternals Process Explorer, you could look and see what other process threads might have been involved. Sounds like it was conflicting with something else on the machine.

 

It was the main one.

Yes, I think I need to uninstall some unneeded applications.

 

I just reinstalled and Alert is using about 30% CPU straight away.

 

Thanks stapp. I have uninstalled Alert for the time being, but I might revisit this issue again soon.

 

I uninstalled Norton thinking it was the most likely cause of conflict, then reinstalled Alert. Immediately Alert started using 40% CPU.

Not really. It says it is running under SYSTEM and David, that's about it.

Uninstalling again.

Funny how such a tiny program can have such a huge impact on my PC.

 

HMPA < 1% here. That is odd...

 

Can you right mouse on the process and create a memory dump so the devs can investigate what might be causing this?

 

@RonnyT
Dunno if it's fixed now, but about a year ago, when i was using HitmanPro Alert it gone mad with my fav audio player that im using, called Resonic Player.
Resonic Audio Player
But when starting Resonic player, HMP Alert goes mad about ransomware attacks warnings etc. Resonic is a legit software.
Can you please check it?

 

I have a .DMP file for you Ronny. Where can I send it?

 

I have Kaspersky Internet Security 2021 on my Windows 10 x64 system and I configured it to maximum protection but I want to achieve further protection by installing an amazing HitmanPro.Alert beside it. Are there any incompatibilities between them? and what's needed to be done to make both of them working together without issues and incompatibilities? Thank you for your good assistance.

 

I've got both residing quite happily together on my PC without any tweaking at all.

 

Are there any exclusion or specific tweak settings that should be added in Kaspersky or in HitmanPro.Alert to improve compatibility between them better? or doesn't needed.

 

Hello Rebsat,
In my humble opinion with KIS set to max, anything else would be redundant…

 

Hi.
I use both many years and no incompatibilities between them.
Anyway I have put them in exceptions

 

Question: Can Hitmanpro Alert protect ReHIPs isolated browsers ? As far as I know ReHIPs isolates by running the browser in an specially isolated separate user account.

 

i think you should ask that on rehips forum.

 

@RonnyT
Hi,

The company I work for uses T-Mobile Essential in combination with Sophos Endpoint Protection (Sophos Central).
When I close the options menu within the application I (and a collegue) get a flyout from Intercept-X with a Lockdown mitigation, though the application seems to work fine.
Allowing the application / making a exception in Sophos Central does not seem to help.
How can I prevent this lockdown?

Code:

Mitigation   Lockdown
Timestamp    2022-01-19T08:22:25

Platform     10.0.19044/x64 v504 06_9e
PID          18512
Application  C:\Program Files (x86)\T-Mobile Zakelijk\Essential\SoftPhone.exe
Created      2021-02-06T07:58:40
Modified     2021-02-06T07:58:40
Description  Essential 5.4.3

Operation    SetValueKey
Key          \REGISTRY\USER\S-1-5-21-520260850-339674078-2010447376-2132\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Value Name   TelepoSoftphone
Value        "C:\Program Files (x86)\T-Mobile Zakelijk\Essential\SoftPhone.exe" --background

Process Trace
1  C:\Program Files (x86)\T-Mobile Zakelijk\Essential\SoftPhone.exe [18512]
"C:\Program Files (x86)\T-Mobile Zakelijk\Essential\SoftPhone.exe" --background
2  C:\Windows\explorer.exe [12676]
3  C:\Windows\System32\userinit.exe [12592]
4  C:\Windows\System32\winlogon.exe [1012]
winlogon.exe
5  C:\Windows\System32\smss.exe [908]
\SystemRoot\System32\smss.exe 000000cc 00000084

Thumbprint
2348a8930ec44b62b75cf710c2e6515c3786afa24a43732d0a4bf1e82f1ca207
Data based thumbprint
7ef9dfa8901a2af98138a6299d1d0490b42b572bc1b622eee4ffae5e94e39e0b