HitmanPro.ALERT Support and Discussion Thread

Why isn't it the very latest code? The very latest stable code I mean

 

@RonnyT
hello i have a question about a BSOD i get now sometimes because in the past we had a APC_INDEX_MISMATCH BSOD and now i get a Clock_Watchdog_Timeout in combination when i want to login in paypal or similar after i type my password...

i think it has nothing to do with HMPA because the PiD was = 4 and that was in the svchost
so what ever its causing that problem im sure it has something to do with my AV
sorry for bother you

cheers

 

after PiD check and whocrashed finally it was this corrupt or missing file = VIDEO_DXGKRNL_LIVEDUMP which was caused by an old nvidia driver which crashed my system with a BSOD Clock_Watchdog_Timeout everytime i logged in in paypal.....
new driver after DDU and no problem anymore for the case anyone get the same probs and sorry for off topic now.

cheers

 

Is unchecking Local Privilege Mitigation still the recommended setting in HMPA to allow for running a browser with Sandboxie?

See my post here for additional infos

 

Got a BSOD during a Macrium Reflect image backup, caused by HMPA.
Bug check: MEMORY_MANAGEMENT
Caused by driver: hmpalert.sys

 

What's been going on with HMP.A lately? I keep seeing people complaining about it causing bluescreens and all kinds of other problems.

 

I uninstalled HMPA...

 

No issues here.

 

Functional question from me please...

Windows 10 Pro with Defender has a default range of exploit setttings enabled. When HMPA is installed, are HPMA exploit protection settings -

a) a duplication / integration of W10 exploit settings?

b) separate to W10 exploit settings, but running in parallel? If one exploit is turned off in HPMA, the same exploit will need turning off in W10 ?

c) they disable and replace W10 exploit settings?

d) something else?

Thanks for any help!

 

I have reinstalled HMPA, as I got a Macrium image validation failure without it. Not sure what the BSOD was all about. Maybe a faulty target drive, but that BSOD is not reproducible here at this point.

 

Good to hear you got it nailed down, and no prob for the off topic, BSOD can be a beast.

 

There are two BSOD fixes pending, where do you see those people complaining? is that here or on other places we don't monitor?

 

Eh well ours are different and most of them inspect/protect both (hmpa & defender) some we bail-out because the OS has sufficient protection.
And different because we can allow/whitelist very fine-grained, where defender says "ok it's not working disable the whole protection" we can do it on a specific piece of code level per application.

In the past our head developer didn't call it EMET on steroids for nothing

 

You get the newest toys here, once most things are ironed out we release it to the home team and they can decide when to implement based on other changes / risk analysis in their product.

 

So that's why so many people are having problems with HMP.A then. The features of it aren't ironed out yet.

Why would you ever release the untested stuff in a stable build? That's not cool when you consider how many people might be using HMPA along side the standalone of their choice.

 

You misunderstood RonnyT's answer. Sophos products have a different mission than HitmanPro.Alert. One provides complete protection (Sophos), while the other (hitmanpro.Alert) provides "only" partial, additional protection. Users are also different, which is why they should consider using the latest one and not because the latest version of HitmanPro.Alert is unpolished.

 

Yes, they don't release untested stuff as stable. That's also why after internal testing we first get Beta and RC builds published on this forum.
I've been running HMP.A problem free for quite a long time btw.

 

^^^ This!!!

 

+1

 

What's up with HMPA Support?

Do they respond to email support requests or not ?

 

I guess this problem is never going to be fixed. I know, Windows 7 is out of service for some, but not all.

Code:

hmpalert.exe   Stopped working   2022-08-26 14:11:06   All Users   0xc0000005   Access Violation   0x0000f805   CRYPT32.dll   6.1.7601.26058   C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe   9,934  

Spoiler

Code:

Version=1
EventType=APPCRASH
EventTime=133059894666496001
ReportType=2
Consent=1
ReportIdentifier=2904e3c2-2538-11ed-834c-c85b76503892
IntegratorReportIdentifier=2904e3c1-2538-11ed-834c-c85b76503892
WOW64=1
Response.type=4
Sig[0].Name=Application Name
Sig[0].Value=hmpalert.exe
Sig[1].Name=Application Version
Sig[1].Value=3.8.21.945
Sig[2].Name=Application Timestamp
Sig[2].Value=62ab1d33
Sig[3].Name=Fault Module Name
Sig[3].Value=CRYPT32.dll
Sig[4].Name=Fault Module Version
Sig[4].Value=6.1.7601.26058
Sig[5].Name=Fault Module Timestamp
Sig[5].Value=62ccef35
Sig[6].Name=Exception Code
Sig[6].Value=c0000005
Sig[7].Name=Exception Offset
Sig[7].Value=0000f805
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=6.1.7601.2.1.0.256.1
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=1033
DynamicSig[22].Name=Additional Information 1
DynamicSig[22].Value=0a9e
DynamicSig[23].Name=Additional Information 2
DynamicSig[23].Value=0a9e372d3b4ad19135b953a78882e789
DynamicSig[24].Name=Additional Information 3
DynamicSig[24].Value=0a9e
DynamicSig[25].Name=Additional Information 4
DynamicSig[25].Value=0a9e372d3b4ad19135b953a78882e789
UI[2]=C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
UI[5]=Check online for a solution (recommended)
UI[6]=Check for a solution later (recommended)
UI[7]=Close
UI[8]=HitmanPro.Alert stopped working and was closed
UI[9]=A problem caused the application to stop working correctly. Windows will notify you if a solution is available.
UI[10]=&Close
LoadedModule[0]=C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
LoadedModule[1]=C:\Windows\SysWOW64\ntdll.dll
LoadedModule[2]=C:\Windows\syswow64\KERNEL32.dll
LoadedModule[3]=C:\Windows\SysWOW64\hmpalert.dll
LoadedModule[4]=C:\Windows\syswow64\KERNELBASE.dll
LoadedModule[5]=C:\Windows\syswow64\USER32.dll
LoadedModule[6]=C:\Windows\syswow64\GDI32.dll
LoadedModule[7]=C:\Windows\syswow64\LPK.dll
LoadedModule[8]=C:\Windows\syswow64\USP10.dll
LoadedModule[9]=C:\Windows\syswow64\msvcrt.dll
LoadedModule[10]=C:\Windows\syswow64\ADVAPI32.dll
LoadedModule[11]=C:\Windows\SysWOW64\sechost.dll
LoadedModule[12]=C:\Windows\syswow64\RPCRT4.dll
LoadedModule[13]=C:\Windows\syswow64\SspiCli.dll
LoadedModule[14]=C:\Windows\syswow64\CRYPTBASE.dll
LoadedModule[15]=C:\Windows\system32\FLTLIB.DLL
LoadedModule[16]=C:\Windows\system32\MPR.dll
LoadedModule[17]=C:\Windows\syswow64\NETAPI32.dll
LoadedModule[18]=C:\Windows\syswow64\netutils.dll
LoadedModule[19]=C:\Windows\syswow64\srvcli.dll
LoadedModule[20]=C:\Windows\syswow64\wkscli.dll
LoadedModule[21]=C:\Windows\syswow64\bcrypt.dll
LoadedModule[22]=C:\Windows\system32\IMM32.DLL
LoadedModule[23]=C:\Windows\syswow64\MSCTF.dll
LoadedModule[24]=C:\Windows\system32\api-ms-win-core-synch-l1-2-0.DLL
LoadedModule[25]=C:\Windows\SysWOW64\SHELL32.dll
LoadedModule[26]=C:\Windows\syswow64\SHLWAPI.dll
LoadedModule[27]=C:\Windows\syswow64\ole32.dll
LoadedModule[28]=C:\Windows\syswow64\profapi.dll
LoadedModule[29]=C:\Windows\SysWOW64\USERENV.dll
LoadedModule[30]=C:\Windows\SysWOW64\VERSION.dll
LoadedModule[31]=C:\Windows\SysWOW64\WS2_32.dll
LoadedModule[32]=C:\Windows\syswow64\NSI.dll
LoadedModule[33]=C:\Windows\SysWOW64\wintrust.dll
LoadedModule[34]=C:\Windows\syswow64\CRYPT32.dll
LoadedModule[35]=C:\Windows\syswow64\MSASN1.dll
LoadedModule[36]=C:\Windows\syswow64\CLBCatQ.DLL
LoadedModule[37]=C:\Windows\syswow64\OLEAUT32.dll
LoadedModule[38]=C:\Windows\System32\netprofm.dll
LoadedModule[39]=C:\Windows\system32\nlaapi.dll
LoadedModule[40]=C:\Windows\system32\CRYPTSP.dll
LoadedModule[41]=C:\Windows\SysWOW64\PSAPI.DLL
LoadedModule[42]=C:\Windows\system32\rsaenh.dll
LoadedModule[43]=C:\Windows\syswow64\imagehlp.dll
LoadedModule[44]=C:\Windows\system32\ncrypt.dll
LoadedModule[45]=C:\Windows\SysWOW64\bcryptprimitives.dll
LoadedModule[46]=C:\Windows\system32\GPAPI.dll
LoadedModule[47]=C:\Windows\SysWOW64\WTSAPI32.dll
LoadedModule[48]=C:\Windows\system32\WINSTA.dll
LoadedModule[49]=C:\Windows\system32\cryptnet.dll
LoadedModule[50]=C:\Windows\syswow64\WLDAP32.dll
LoadedModule[51]=C:\Windows\system32\apphelp.dll
File[0].CabName=AppCompat.txt
File[0].Path=WER8036.tmp.appcompat.txt
File[0].Flags=65538
File[0].Type=5
File[0].Original.Path=C:\Windows\Temp\WER8036.tmp.appcompat.txt
File[1].CabName=WERInternalMetadata.xml
File[1].Path=WER8076.tmp.WERInternalMetadata.xml
File[1].Flags=65538
File[1].Type=5
File[1].Original.Path=C:\Windows\Temp\WER8076.tmp.WERInternalMetadata.xml
File[2].CabName=memory.hdmp
File[2].Path=WER8077.tmp.hdmp
File[2].Flags=2097152
File[2].Type=3
File[2].Original.Path=C:\Windows\Temp\WER8077.tmp.hdmp
File[3].CabName=minidump.mdmp
File[3].Path=WER822C.tmp.mdmp
File[3].Flags=2162690
File[3].Type=2
File[3].Original.Path=C:\Windows\Temp\WER822C.tmp.mdmp
FriendlyEventName=Stopped working
ConsentKey=APPCRASH
AppName=HitmanPro.Alert
AppPath=C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe

 

Still waiting :-(

I know that @RonnyT does a great job here on technical issues, but my problem is that I purchased a new license for HMPA and was sent a product key for HMP. My license for HMPA expires today. My problem is outside of @RonnyT 's lane.

This lack of responsiveness from HMPA Support does not inspire confidence.

 

Maybe PM him anyway? He has always been very helpful.

 

just received a response from HMPA Support.

Sadly, the response was useless nonsense.

"I have checked your license and I could see that you have activated this PC: XXXX-XX-XX DESKTOP-XXXXX

Do you still need assistance?"

WHAT ?

Yea -- Last year I activated my current license that expires tomorrow.

 

Got a clarification that the new product key is for HMP not HMPA.

Thanks for the info. BOZO !

That's the point -- I purchased a license for HMPA and was sent a product key for HMP.