HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. hjlbx

    hjlbx Guest

    @erikloman

    Kickstart on USB on two W10 systems does not work.

    System just boots directly to desktop - even after specifying Kickstart USB for boot in Boot Menu.

    That is what I am saying - Kickstart USB doesn't work on two separate W10 test systems.
     
  2. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,840
    Location:
    the Netherlands
    I think that is what Erik said.
    You can create a Kickstart USB stick on Windows 10, but it cannot be used to boot the Windows 10 sytem.
     
  3. hjlbx

    hjlbx Guest

    OK, mis-read @erikloman's reply.

    Thanks @Stupendous Man .
     
  4. malware1

    malware1 Registered Member

    Joined:
    May 26, 2014
    Posts:
    133
    @erikloman
    Any plans on fixing compatibility with Office XP? I understand that it's an old product, but it's still commonly used.
     
  5. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    Thanks to Erik, this is CONFIRMED!
     
  6. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    I am not aware of a structural incompatibility with Office XP. Will ask the lab to test this.
     
  7. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803
    so i see the latest version of hmpalert still hasnt fixed the issue with secure desktop mode for keepass not working , as well as has keystroke encryption messed up the autotype feature of keepass , please fix both these issues , thanks
     
  8. hjlbx

    hjlbx Guest

    @erikloman
    @markloman

    HMP.A Colored Window Border - BUG REPORT

    HMP.A 3.1.7 build 357
    Windows 8.1 Home 64-bit - Clean Install

    This Colored Window Border bug can be reliably reproduced at will every time.

    HMP.A Colored Window Border Bug.PNG
     
  9. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    How?
     
  10. hjlbx

    hjlbx Guest

    @erikloman
    • Download file via browser.
    • Set browser to ask\prompt for path when saving file (opens Explorer).
    • When Explorer opens, issue occurs.
     
  11. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    I reckon you download it via Cyberfox on either Win8 or 10.
     
  12. hjlbx

    hjlbx Guest

    @erikloman

    Quirky behavior occurs in all browsers I have tested using Colored Windows Border - Cyberfox, Internet Explorer, Chrome, Firefox - W8.1.
     
  13. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    BTW, can you give some more info about this:

    - Added protection against DLL preloading attacks
     
  14. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    The hmpalert.exe binary is no longer vulnerable to DLL preloading.
     
  15. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
  16. malware1

    malware1 Registered Member

    Joined:
    May 26, 2014
    Posts:
    133
    Thank you!
    Also:
     
  17. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Will send the strings when a beta comes out.
     
  18. Space Ghost

    Space Ghost Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    190
    Location:
    Poland
    1Password auto-update
    Code:
    Mitigation   Lockdown
    
    Platform     6.1.7601/x64 06_3a
    PID          5596
    Application  C:\Users\xxx\AppData\Local\Temp\1Password-4.6.0.604.exe
    Description  1Password Setup 4
    
    Filename     C:\Users\xxx\AppData\Local\Temp\is-QQ2U3.tmp\1Password-4.6.0.604.tmp
    Created By   C:\Users\xxx\AppData\Local\Temp\1Password-4.6.0.604.exe
    
    Command line:
    "C:\Users\xxx\AppData\Local\Temp\is-QQ2U3.tmp\1Password-4.6.0.604.tmp" /SL5="$70946,10278048,227840,C:\Users\xxx\AppData\Local\Temp\1Password-4.6.0.604.exe" /StartAgent=Y
    
    Process Trace
    1  C:\Users\xxx\AppData\Local\Temp\1Password-4.6.0.604.exe [5596]
    "C:\Users\xxx\AppData\Local\Temp\1Password-4.6.0.604.exe" /StartAgent=Y
    2  C:\Program Files (x86)\1Password 4\1Password.exe [4004]
    3  C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [4480]
    4  C:\Windows\SysWOW64\runonce.exe [4392]
    C:\Windows\SysWOW64\runonce.exe /Run6432
    5  C:\Windows\explorer.exe [3108]
    6  C:\Windows\System32\userinit.exe [4076]
    
     
  19. hitman_user

    hitman_user Registered Member

    Joined:
    Nov 25, 2015
    Posts:
    18
    @erikloman I can confirm the same behavior on W7/64 with firefox. not often but it appears.
     
  20. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,867
    Location:
    Outer space
    Question regarding compatibility with EMET:
    Recent posts here seem to indicate that compatibility with EMET is not going to happen. However, in the past, Alert was updated to be compatible with a new version of EMET (5.1 afaik).
    So at this point it is not compatible with 5.2 and 5.5, correct?
    Will compatibility with these versions come in the future or is this definitively not going to happen because of reasons posted earlier?
    Do compatibility problems only apply when a process is protected by both EMET and Alert or also in other cases?
     
  21. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    What kind of updater is that executing a .tmp file?
    "C:\Users\xxx\AppData\Local\Temp\is-QQ2U3.tmp\1Password-4.6.0.604.tmp"

    Please uncheck Application Lockdown for 1Password.
     
    Last edited: Feb 24, 2016
  22. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro.Alert 3.1.8 Build 360 PreRelease

    Changelog
    • Improved CryptoGuard Anti-Ransomware
    • Improved BadUSB mitigation
    • Improved icon strip under the tiles to better handle double click through.
    • Fixed rare BSOD in hmpnet.sys driver
    Download
    http://test.hitmanpro.com/hmpalert3b360.exe

    Please let me know how this version runs on your computer :thumb:
     
  23. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    Again a keystroke encryption-issue (build 357).

    1.JPG

    Win10 1511 build 10586.104 x64/Norton Security with Backup v22.5.5.15
     
  24. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    Thanks Erik and Dave. Solved.
     
  25. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Only have it on one machine at this point, but 360 looks great.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.