HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,843
    Location:
    the Netherlands
    Very true!
    Nevertheless, many of us can be yearning for the newest builds to test. But I think that's a good thing. As long as we stay relaxed about it. :)
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Absolutely, and I know both Erik and Mark appreciate that we are here to help them. Cool relationship.

    PS I can't wait for the next private build myself.
     
  3. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    To get back to my Firefox freezing issue; disabling safe browsing worked to unfreeze Firefox the last time it occurred. What diagnostic info will likely be needed? Will I need to create a process dump of Firefox when it occurs? That dump will likely be large, and take my slow upload speed a while to upload to the web. I already know to send Hitman Pro Programdata logs, msinfo32 file, and Windows Event Viewer logs.
     
  4. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    Did you try disabling all of your Firefox plugins, or running Firefox in safe mode? I have never had that conflict with HMPA and Firefox, and I use it as my default browser.

    about:support > Try Safe Mode > Restart with Add-ons Disabled ...
     
  5. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    I dunno. I never tried Eraser.

    https://www.piriform.com/docs/ccleaner/ccleaner-settings/changing-ccleaner-settings

    To change CCleaner's deletion method:

    1. In CCleaner, click the Options icon at left, and then click the Settings button.
    2. Do one of the following:
    • Select Normal file deletion (Faster) to delete files more quickly, but less securely.
    • Select Secure file deletion (Slower) to delete files more securely, but much more slowly.
    CCleaner has four methods of secure deletion: a Simple Overwrite (1 pass), DOD 5220.22-M (3 passes), NSA (7 passes), and Gutmann (35 passes). A 'pass' refers to how many times CCleaner writes over the spot on the hard drive. The more times CCleaner writes to that spot, the harder the file will be to recover by any means. The drawback is that it will take CCleaner longer to complete the job.

    Note: CCleaner can only securely delete files which have not yet been deleted from the Recycle Bin. If you have already delete files insecurely (for example, using Windows Explorer), you can delete them securely using Recuva.

    For more information, see the Wikipedia entry on the Gutmann method.
     
  6. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Yes, I did, safe mode did not help. My browser froze up again while on Facebook, and disabling HMPA mitigations did not work this time. I just rolled my machine back. Maybe Eset was the culprit with it's failed upgrade to the latest build. Maybe I experienced some corruption due to the failed upgrade. I will go without HMPA alert for a while, and see what happens. If I have no problems, I will install HMPA again, and hope the problems do not come back.
     
  7. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I usually use 3 passes for general use, and 7 when I want to be more thorough. I will just use CCleaner for now to secure delete files. I don't like software on my machine that causes issues. I've never had any problems out of CCleaner.
     
  8. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    575
    Thanks, I wanted to make sure I hadn't somehow missed the boat on a new build coming out.
     
  9. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,131
    Location:
    Baden Germany
    Although off topic:
    On machines with SSD secure erase is obsolete, and causes unnecessary wear to SSDs.
    The TRIM command does the job.
    On WIN8.1 and WIN10 it's called disk optimization, and is scheduled, but can be also started manually.
     
  10. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I'm using a SATA drive. Yeah, secure overwriting is bad for SSD.
     
  11. alawyer

    alawyer Registered Member

    Joined:
    May 17, 2017
    Posts:
    35
    Location:
    the final frontier
    What is an equivalent program to hitman pro alert, I don;t think cryptoprevent cuts the mustard.
     
  12. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro.Alert 3.6.7 build 601 BETA

    Changelog (compared to 593)
    • Added a Asynchronous Procedure Call (APC) mitigation which protects against the DoublePulsar code injection.
      This mitigation is part of Risk Reductions > Process Protection.
    • Added our thumbprint technology to the Load Library mitigation (reflective DLL injection protection).
    • Improved CryptoGuard
    • Improved compatibility with Steam
    • Improved DLL injection to respect trustlets
    • Fixed compatibility when installing inside QEMU/KVM hypervisor
    Changelog (compared to 600)
    • Fixed keystroke encryption
    • Fixed BadUSB mitigation
    • Fixed installer failing to upgrade driver
    • Improved compatibility with Steam
    • Improved DLL injection to respect trustlets
    • Fixed compatibility when installing inside QEMU/KVM hypervisor
    Notes
    • This version is co-signed by Microsoft.
    • After a clean installation you need to reboot the machine to fully protect the system against DoublePulsar attacks.
    Demonstration
    Here's a quick demonstration video showing the new APC mitigation in action against a remote WannaCry ransomware attack that abuses the EternalBlue + DoublePulsar NSA exploits leaked by Shadow Brokers: https://www.youtube.com/watch?v=uKXYLMKq07s
    Users running HitmanPro.Alert version 2.6.5 (or newer) from April 2014 were already protected against the WannaCry ransomware as it was stopped by CryptoGuard. The attack is now ALSO stopped at the exploitation level. Note: The video actually shows our upcoming CTP2 but we back-ported the technology to this build.

    Download
    http://test.hitmanpro.com/hmpalert3b601.exe

    Please let us know this version runs on your computer :thumb:
     
    Last edited: May 29, 2017
  13. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Tomorrow we plan to start the CTP2 program. The build is done, with co-signed drivers. Stay tuned.
     
  14. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Thank your for the update! We look forward to giving her a test drive.
     
  15. guest

    guest Guest

    Very nice :thumb:
     
  16. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,430
    Location:
    Surrey, England.
    Upgraded smoothly from build 593, and running lovely (incl running a HMP scan to check). Looking great, thanks! :)
     
  17. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,131
    Location:
    Baden Germany
    I upgraded build 600 to 601, but Bad-USB did not stay activated.
    As advised a clean install was necessary, to make Bad-USB work.
     
  18. Nyte

    Nyte Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    48
    Location:
    Hamburg, Germany
    Upgraded from 600 to 601 and everything is fine.
     
  19. _CyberGhosT_

    _CyberGhosT_ Registered Member

    Joined:
    Mar 2, 2015
    Posts:
    457
    Location:
    MalwareTips "Your Security Advisor"
    Spot on @erikloman & @markloman , thanks for the Heads Up & keep up the good work ;)
     
  20. Lockdown

    Lockdown Registered Member

    Joined:
    Oct 28, 2016
    Posts:
    772
    Location:
    Wilders Security
    @erikloman
    @markloman

    HitmanPro.Alert 3.6.5.592 | 3.6.7 601 Beta
    Windows 10 Pro Version 1703 OS Build 15063.332 64-bit
    Dell XPS 15 9650
    P\S2 Driver Microsoft 10.0.15063.0

    1. Before installation of HMP.A keyboard is fully functional when desktop appears after system start or restart
    2. Install HMP.A
    3. Reboot system
    4. Keyboard is not functional during approximately the first 30 to 60 seconds after the desktop appears; pressing keys during this time generates beep
    5. Uninstall HMP.A
    6. Reboot system
    7. Keyboard is fully functional when desktop appears
    Disable keystroke encryption and item 4 above no longer happens

    * * * * *

    Your internal is throwing a hmp.a service Error 1068; dependency will not start; hmp.a service cannot be manually started

    Also, it disabled thumbnail view for icons - could be system change during install - strange
     
    Last edited: May 30, 2017
  21. newone

    newone Registered Member

    Joined:
    Oct 14, 2006
    Posts:
    71
    Location:
    UK
    thank you, Erikloman, looking forward to CTP2 Program, Great Work, :thumb:
     
  22. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    No luck getting FarCry 3 and 4 working, not a Steam game. Did not have problems with Steam.
    Uplay launches all games frozen.
    As soon as I uninstall HMPA, no problems with game.
     

    Attached Files:

    Last edited: May 30, 2017
  23. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,843
    Location:
    the Netherlands
    On my Windows 7 x64 system (see signature), I upgraded build 593 to 601.
    There was one minor issue, a weird error running the hmpalert3b601.exe installer. Running the installer did not offer the upgrade, but it opened the HMPA UI. I forgot to see if it was the build 593 or build 601 UI that opened with running hmpalert3b601.exe.
    I tried a few times, with the same results. Then I logged off and logged on again in Windows, and I tried again. This time running hmpalert3b601.exe offered the upgrade to build 601.
    After that, the upgrade was smooth, with no issues, and everything looks fine.
     
  24. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    I installed over Build 593 and BadUSB Protection will not enable.

    Edit: Only one machine affected and even after uninstalling / reinstalling I still could not enable BadUSB Protection.

    Currently restoring an image backup.
     
    Last edited: May 29, 2017
  25. plat1098

    plat1098 Guest

    Hi, after both installing v. 601 over top and then cleanly installing, BadUSB does not remain enabled after closing menu nor does Keystroke Encryption work.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.