HitmanPro.Alert BETA

Discussion in 'other anti-malware software' started by erikloman, May 30, 2017.

  1. plat1098

    plat1098 Registered Member

    Joined:
    Jan 18, 2016
    Posts:
    807
    Location:
    Da mean streets of Brooklyn
    mood, yes, that's the long way. It's no big deal at all, what I'm saying is it's just very convenient to one-click the scanner on the HMPA interface and one-click on that once it's scanning to get the HMP interface. This isn't happening for me in 712.

    Clicking on the 712 scanner tile yields this instead of initiating the scan and as you said, you also have to click on the tray icon to get the HMP interface. However, I am lazy.
    HMP 712 scanner.PNG
    Stopping the HMPA service and then deleting all the HMP files also gets the above menu instead of starting the scan in 604. Just another of the several HMP/HMPA issues I've had. :cautious:
     
  2. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,443
    Location:
    USA
    Did you use the uninstaller in the Programs and Features list?
     
  3. mood

    mood Registered Member

    Joined:
    Oct 27, 2012
    Posts:
    2,297
    Or try to click on "Scan Computer" again after HitmanPro has been started. Now HitmanPro appears too.
    At least you have a "two click" solution. ;)

    But the anti-malware component is not yet finished and more changes are expected. For example a new on-demand scanner:
     
  4. plat1098

    plat1098 Registered Member

    Joined:
    Jan 18, 2016
    Posts:
    807
    Location:
    Da mean streets of Brooklyn
    Yes, I'll check it again when the new anti-malware is finished. Only HMPA can be uninstalled via Apps and Features. I didn't have the inclination to pursue it further, it's no big deal.

    Thanks, Victek and mood! :)
     
  5. Paul R

    Paul R Registered Member

    Joined:
    Aug 5, 2014
    Posts:
    58
    Location:
    Bury, Lancashire
    Thanks Ed, was driving me crazy. that worked :thumb:
     
  6. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    1,922
    Location:
    Cape Town, South Africa
    Bit of a long shot but could there be any chance that build 712 stops sfc /scannow from running - 'Windows Resource Protection could not start the repair service.' ?

    If I go into Safe Mode it works. Haven't tried uninstalling HmP.A to verify this, so it could be something else ...
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    18,669
    Hi Paul

    Two simple ways to test without installing.

    1. Just stop the service.
    2. Use autoruns and uncheck the service and drivers. That does require a reboot.

    Usually the first does trick.

    Pete
     
  8. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    18,669
    Hi Erik

    Now have 712 on everything. Only issues are the Credentialprotection and Local privilege. But other than that love it. That new malware protection does a good job.

    Pete
     
  9. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    1,922
    Location:
    Cape Town, South Africa
    Indeed, I can confirm that stopping the service does do the trick, and allows sfc /scannow to run. It must be something to do with the newer mitigations, because I have not encountered this before.

    Thanks again, Peter.
     
    Last edited: Jul 12, 2017
  10. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    18,669
    you are most welcome
     
  11. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    120
    Location:
    Philippines
    LOL wasted a few hours figuring out Backup aborted! - Unable to read from disk - Error Code 5 - Access is denied. after Win CU update, even reinstalled Macrium to be sure. Should have just search it in the thread...:D
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    18,669
    Yes unfortunately the Credential Protection has to be disabled. Don't feel bad Duotone. The first time I encountered it, it took time to pin it down. That is one of the fun things about beta testing. It's also one of the advantages I have with two near identical machines. I always update one first and then see what happens. Then it's just a matter of a light bulb going to to remember I did that.
     
  13. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    528
    Location:
    Philippines
    Fortunately for you, that error went away after disabling one feature. In mine, I disabled all, and even uninstalled the HMP.A, but the problem persisted. :( Nevertheless, I did a restore prior to the error occurring, so it's okay now. :)
     
  14. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    1,922
    Location:
    Cape Town, South Africa
    Another issue to report with latest 712 beta build, on my (primary) machine at least, Win 10 Pro x64.

    I had previously found that sfc /scannow would not run unless I disabled the HitmanPro.Alert service.

    Also since June 28, I was surprised why KB4022716 and since July 11, superseding KB4025342 wasn't being picked up by Windows Update.
    More here: https://www.wilderssecurity.com/threads/bork-tuesday-any-problems-yet.370217/page-129#post-2691822

    Downloading and running these from the MS catalog would repeatedly result in 'The update is not applicable to your computer'. Office and WD Windows updates ran fine though.

    After some thrashing about, including trying a repair install, on a hunch I disabled the service again, and was able to successfully run the update.

    Unless it is pure coincidence, it would appear that on my machine at least, one of the new mitigations is interfering with WU cumulative updates. I currently have Credential Theft Protection and Local Privilege Mitigation disabled.

    Edit: Re 'coincidence', it is a wierd one, and strange that no one else has encountered or reported this ...
     
    Last edited: Jul 15, 2017
  15. plat1098

    plat1098 Registered Member

    Joined:
    Jan 18, 2016
    Posts:
    807
    Location:
    Da mean streets of Brooklyn
    Hidden in plain sight, lol. I'd taken 712 off but when I had 710 on here plus VoodooShield, I had no problems with Windows Update. I put 712 back on real quick, here's what I got so.... I ran it without disabling any mitigation. Since you found the real problem, I'll have to keep that in mind also because if everything worked previously, you're not inclined to consider it again.
    hmpa712dismsfc.PNG
    With 604
    hmpa604dismsfc.PNG
     
  16. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    1,922
    Location:
    Cape Town, South Africa
    I just noticed that Update History shows that KB4025342 Security update failed.

    However System>About shows build no. was updated to 483.

    So not sure what's going on here with WU anymore, and if HMPA is involved. All I can say for sure is I have to disable HMPA service to run sfc /scannow, which still comes up clean - no integrity violations.
     
    Last edited: Jul 16, 2017
  17. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    423
    That fixed the Macrium Reflect problem for me, too.
     
  18. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    120
    Location:
    Philippines
    In 712 does the Credential protection still needed to be disabled for macrium to work?!
     
  19. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    18,669
    Hi Duotone

    Absolutely does.

    Pete
     
  20. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    120
    Location:
    Philippines
    Thanks Pete
     
  21. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    634
    Upgraded to build 712, no Sandboxie-alerts.
     
  22. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    120
    Location:
    Philippines
    Same here for now...
     
  23. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    1,922
    Location:
    Cape Town, South Africa
    I have finally managed to successfully update KB4025342.

    The sequence:
    Got Flash update KB4025376 through WU but it crashed with a code 0x8007007e, which also bedevilled previous attempts at DISM /Online /Cleanup-Image /RestoreHealth (error code 126).
    Stopped HMPA service, also disabled DLL Hijacking mitigation (only because it seems the code above may have something to do with DLLs).
    Checked for Windows Updates again, and Flash KB installed successfully.
    Retried DISM commands and they suddenly worked!
    CheckHealth and ScanHealth showed 'The Component Store is repairable' and RestoreHealth cofirmed 'The Restore operation completed successfully'. And anothe CheckHealth showed "no Component Store corruption detected'. sfc /scannow again came up clean. So this could have been the source of the problem all along, but I had been unable to run DISM till now.
    I then uninstalled KB4025342, which also uninstalled June cumulative update KB4022725 to go back to build 0.
    Trying to install these from the catalog again gave the 'not applicable to your computer' message, but WU installed both successfully. Work that one out!

    And now dism and sfc commands seem to work, even with HMPA service active.
    So it seems I may owe brothers Loman an apology, and save them a wild goose chase on this one.
    At one point I could demonstrate the sfc issue on demand though.
     
  24. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    863
    is the beta (and the future stable release) a full substitute for a resident av?
     
  25. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,443
    Location:
    USA
    I don't believe it's meant to be. I use it alongside Windows Defender in Windows 10.