HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. guest

    guest Guest

    This has been fixed in the beta version "728 BETA" (#881) but the workaround above also works, so there is no need to install the beta just because of this issue :)
     
  2. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    Can anyone reproduce this crash? as I was under the impression this was a single use-case and we couldn't pinpoint the root cause.
     
  3. HempOil

    HempOil Registered Member

    Joined:
    Jun 15, 2015
    Posts:
    224
    Location:
    Canada
    I was getting a number of BSOD's, but a few things had changed on my system, so I couldn't be sure which one was responsible at the time (see this post). I have since performed a clean install of Windows 10 FCU and the only thing I haven't reinstalled is Comodo (because of that corroborating anecdotal report). I will go ahead and reinstall Comodo in the near term and let you know if anything untoward occurs.
     
  4. DurdenX

    DurdenX Registered Member

    Joined:
    May 7, 2017
    Posts:
    2
    Location:
    Maldives :)
    I got some conflict b/w the stable version 3.7.1 build 723 and Emsisoft AM 2017.11.. some kind of " Mitigation CredGuard"
    it happend while I was performing a custome scan with Emsisoft on my system drive .
     
  5. guest

    guest Guest

    Is "SAM" (see picture below) enabled or disabled?
    If it is enabled, disable it and do another scan with Emsisoft (maybe the issue is gone now)
    Credential Theft Protection.PNG
     
  6. DurdenX

    DurdenX Registered Member

    Joined:
    May 7, 2017
    Posts:
    2
    Location:
    Maldives :)
    Thank you ! I think your right on spot . I failed to mention that in the event viewer it actually says "SAM access denied" , I'm not experienced enough to have noticed that.
    so I should always keep it disabled while running alongside my Emsisoft ?
    I made exclusions for Hitman in Emsisoft, is there a way to do that for emsisoft (in hitman settings )?
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Just leave it disabled period. It was a good concept, that when implemented was bad.
     
  8. guest

    guest Guest

    Yes, better keep it disabled.
    And to exclude something, do the following steps:
     
  9. dios

    dios Registered Member

    Joined:
    Mar 9, 2016
    Posts:
    14
    I'm intermittently getting a particular BSOD since installing HMPA (3.7.1. build 723), usually on resuming from hibernation:

    SYSTEM_THREAD_EXCEPTION_NOT_HANDLED

    *** STOP: 0x1000007e (0xffffffffc0000005, 0xfffff80438851e4d, 0xffffdb01a9714088,
    0xffffdb01a97138d0)

    *** partmgr.sys - Address 0xfffff80438851e4d base at 0xfffff80438850000 DateStamp
    0x3c743841

    Using HMPA on Windows 10 1703 build 15063.786. Also using Norton 360 with "boot-time protection" set to "normal", and Bitlocker enabled.
     
  10. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,383
    My dad bought a new PC. How can I transfer the HMP.A (& HMP) licenses from his old to his new PC?

    (it's part of a 3 PC license and the other 2 licenses should not be invalided, as they protect other PC's)
     
  11. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    632
    Location:
    Planet Earth
    Hi XIII,

    Please contact support@hitmanpro.com so that we can take it from there.
    Also provide Cleverbridge reference and license key so that we have all details at hand.
     
  12. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,383
    Will do once I setup his new PC.
     
  13. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
  14. zagtastic

    zagtastic Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    16
    Location:
    san diego
    you didn't ask me... but no -- at least not in the way that you mean.

    the exploit you linked there requires the "attacker" to execute code on your machine. hmp.a will defend against THAT happening with its various exploit protections, just the same as any other malignant process. however, if you assume that the process gets run, there's no chance that hmp.a can prevent the flaw.

    the bug you're asking about basically means that an unprivileged process can access, in an indirect way, memory that the CPU shouldn't allow it to-- but it can't change or destroy the data. being able to access it, however, can make other attacks easier or allow confidential/sensitive data (including passwords, keys, etc) to be read. addressing this issue correctly requires a hardware revision, but OSes (including windows and linux) are already working on mitigations on the system level-- but apparently this is expected to have non-trivial performance effects, at least for some workloads. :(

    sorry.
     
  15. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,843
    Location:
    the Netherlands
    @RonnyT,
    @erikloman,
    @markloman,

    Does Microsoft's article "Important information regarding the Windows security updates released on January 3, 2018 and anti-virus software" apply to HMPA?
    In other words, is HMPA ready for the Windows security updates released on January 3, 2018, regarding the Meltdown and Spectre vulnerabilities?
    N.B.
    This is relevant, as the Microsoft article mentions,
    "Customers will not receive these security updates and will not be protected from security vulnerabilities unless their anti-virus software vendor sets the following registry key [...]"
     
  16. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
  17. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,843
    Location:
    the Netherlands
  18. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    True. I would also like to know.
     
  19. Theblackstar

    Theblackstar Registered Member

    Joined:
    Mar 27, 2016
    Posts:
    36
    Location:
    Italia

    Attached Files:

  20. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,843
    Location:
    the Netherlands
    Great, thanks. :thumb:
     
  21. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    Has anyone successfully installed The Microsoft Emergency WIN 10 Update for Meltdown with HMPA installed ?
     
  22. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    Yes, three Win10 x64 1709 machines. One with Norton and two with Windows Defender.
     
  23. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,383
    Manually. The update did not show up for me (though the required registry key/value was present).

    But since it did even not show up after uninstalling HMP.A (and rebooting) I don't think HMP.A is to blame?
     
  24. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    @Krusty;@XIII

    Thanks for the info :)
     
  25. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    Yes, two with HMPA, and EAM installed. One took a few attempts; ran WU Troubleshooter and disabled HMPA service, but I think the latter was unnecessary.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.