HitmanPro.Alert BETA

Discussion in 'other anti-malware software' started by erikloman, May 30, 2017.

  1. mood

    mood Registered Member

    Joined:
    Oct 27, 2012
    Posts:
    2,695
    HMP.A has locked this file ("Application Lockdown")
    Try to restart the service of HMP.A or do a reboot "to release the lock".
    Then start Opera again.
     
  2. plat1098

    plat1098 Registered Member

    Joined:
    Jan 18, 2016
    Posts:
    994
    Location:
    Da mean streets of Brooklyn
    Ah, OK, no I did not have that checked. I repeated the entire procedure with above and unfortunately came up with the same result. Since sfc always stopped at 94%, I sent some info to support@hitmanpro

    Thanks a lot @Stupendous Man.

    hmpasfc3.PNG

    Edit: Noticed the update date and time matching the "created" date/time for Win. Defender updates persists with Alert 6.04 so likely not related.
     
    Last edited: Sep 27, 2017
  3. HempOil

    HempOil Registered Member

    Joined:
    Jun 15, 2015
    Posts:
    46
    I restarted the service and that did the trick. Thanks mood! Now I just have to figure out why the sandboxed iteration doesn't seem to be able to connect to the built-in VPN. :ouch:
     
  4. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    304
    Been running build 717 for several days now, and the issue of recurring HMP.A and IE11 crashes that had plagued previous versions on my Windows 7 machine has not come back. However, this is still happening on Firefox with the Foxit Web to PDF plug-in and it did not occur with build 604.

    All in all, though, in my case 717 has been an improvement. I'll take being unable to use Firefox (any version) on certain websites, over having to click over and over again through crash warnings in IE.
     
  5. msatter

    msatter Registered Member

    Joined:
    Jul 21, 2017
    Posts:
    6
    Location:
    home
    Yesterday my Firefox x64 was updated from version 55.03 to 56. I enabled "Intruder monitor" again and all seemed to work and I got no banners that is was not safe to use Firefox. That work fine for a few hours.

    In the meantime I had try a tool that should gave warnings of a backdoor (harmless) so I switch off SEP14 and I could run it. I thought that Hitman.Alert knew that it was harmless and ignored it. I could still run Firefox without warnings.

    When I was ready I reconnected the harddisks that I disconnected before I started to run the tool. To my surprise now Hitman.Alert popped up and terminated the tool.....why did it not do that the several time I ran that program.

    Back to Firefox....can it be if I use an VPN on the PC and connect to the internet Hitman.Alert remembers that address and gives warnings after that when I return to the non-VPN environment?

    Running the beta 717

    ps.
    It makes no difference now if I run Firefox with or without VPN.
    The troubles with Firefox began a few days before I downloaded the tool so no connection between them.
    When I look with IObit Uninstall at Firefox the two programs that are injected are HitmanPro.Alert and IDM (Internet Download Manager) files: hmpalert.dll and idmftype.dll
     
    Last edited: Sep 30, 2017
  6. lucien_phoenix

    lucien_phoenix Registered Member

    Joined:
    Oct 20, 2012
    Posts:
    130
    Location:
    Germany
  7. Oli95xz

    Oli95xz Registered Member

    Joined:
    Apr 9, 2017
    Posts:
    7
    Location:
    Germany
  8. msatter

    msatter Registered Member

    Joined:
    Jul 21, 2017
    Posts:
    6
    Location:
    home
    I think I understand why I did not get a backdoor warning. At that time I had not network connection active and that part runs probably in the cloud so no connection possible. This is a bit dangerous. Also the Safety Notifications are not shown and is also logical if there is no cloud connection.

    I am using also SEP and there you get a warning sign on the tray icon. You get an little yellow round shield on the icon indicating that there is something not working as it should be.

    It is really problematic that Firefox trigger warnings with Intruder Monitor enabled.

    For Hitman that could be if safe browsing of exploit mitigation is disabled or when there is no cloud connection.
     
  9. lucien_phoenix

    lucien_phoenix Registered Member

    Joined:
    Oct 20, 2012
    Posts:
    130
    Location:
    Germany
    i hate the new addon policies some off my old addons deactivated and this new DRM EME ****.At the moment it sit it out with 54.xx.xx okay
     
  10. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,909
    Location:
    Outer space
    Regarding DRM, there are EME free versions for that:
    https://support.mozilla.org/en-US/questions/1118889
     
  11. lucien_phoenix

    lucien_phoenix Registered Member

    Joined:
    Oct 20, 2012
    Posts:
    130
    Location:
    Germany
    thx it doest it upddate to Firefox_Setup_56.0_32_eme_free_de

    but when i read some of my fav addons like Febe give up on ff 57
    and this developer continue his work on clone derivates like Pale
    Moon makes me sad and forces me to quit FF on 57 maybe.Just
    wait and see

    ps*HpAlert works now on the Site below i wrote here
     
  12. lucien_phoenix

    lucien_phoenix Registered Member

    Joined:
    Oct 20, 2012
    Posts:
    130
    Location:
    Germany
    the same **** happens at amazon login.
    No iam back to the stable main release
    3.6.7 build 604 now all fine
     
  13. msatter

    msatter Registered Member

    Joined:
    Jul 21, 2017
    Posts:
    6
    Location:
    home
    I went back to Firefox 54.01 eme-free because 56 was nice not nice to work with because Hitman.alert told me each time that it was not safe to use.

    I can switch off intrusion detection but then I don't know if something serieus is happening.
     
  14. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    132
    Location:
    Philippines
    Need help with this one.

    Intruder

    PID 7932
    Application C:\Program Files\Internet Explorer\iexplore.exe
    Description Internet Explorer 11

    Detour Report
    # Address Owner Disassembly
    -- ------------------ ------------------------ ------------------------
    URLDownloadToFileW
    1 0x00007FFE068DC280 urlmon.dll JMP 0x7ffdd6d60b98
    2 0x00007FFDD6D60B98 (unknown)

    FilterConnectCommunicationPort
    1 0x00007FFE0F7220A0 fltlib.dll JMP 0x7ffdd0780298
    2 0x00007FFDD0780298 (anonymous)

    FilterSendMessage
    1 0x00007FFE0F7222D0 fltlib.dll JMP 0x7ffdd07802f8
    2 0x00007FFDD07802F8 (anonymous)

    EncryptMessage *
    1 0x00007FFE0FAB5330 SspiCli.dll JMP 0x7ffdd0782518
    2 0x00007FFDD0782518 (anonymous)

    CopyFile2
    1 0x00007FFE1078B320 KernelBase.dll JMP 0x7ffdd07806b8
    2 0x00007FFDD07806B8 (anonymous)

    CopyFileExW
    1 0x00007FFE1078DE70 KernelBase.dll JMP 0x7ffdd0780718
    2 0x00007FFDD0780718 (anonymous)

    CreateProcessInternalW
    1 0x00007FFE10783D40 KernelBase.dll JMP 0x7ffdd0780178
    2 0x00007FFDD0780178 (anonymous)

    DefineDosDeviceW
    1 0x00007FFE107B9D50 KernelBase.dll JMP 0x7ffdd07803b8
    2 0x00007FFDD07803B8 (anonymous)

    MoveFileWithProgressTransactedW
    1 0x00007FFE1078ABB0 KernelBase.dll JMP 0x7ffdd0780778
    2 0x00007FFDD0780778 (anonymous)

    SetProcessShutdownParameters
    1 0x00007FFE107B7930 KernelBase.dll JMP 0x7ffdd0780358
    2 0x00007FFDD0780358 (anonymous)

    NtUserBlockInput
    1 0x00007FFE10AB7610 win32u.dll JMP 0x7ffdd0781798
    2 0x00007FFDD0781798 (anonymous)

    NtUserClipCursor
    1 0x00007FFE10AB77F0 win32u.dll JMP 0x7ffdd0781a38
    2 0x00007FFDD0781A38 (anonymous)

    NtUserGetKeyboardState
    1 0x00007FFE10AB1F30 win32u.dll JMP 0x7ffdd07814f8
    2 0x00007FFDD07814F8 (anonymous)

    NtUserMoveWindow
    1 0x00007FFE10AB1C10 win32u.dll JMP 0x7ffdd07816d8
    2 0x00007FFDD07816D8 (anonymous)

    NtUserRegisterHotKey
    1 0x00007FFE10AB8FF0 win32u.dll JMP 0x7ffdd0781858
    2 0x00007FFDD0781858 (anonymous)

    NtUserRegisterRawInputDevices
    1 0x00007FFE10AB9070 win32u.dll JMP 0x7ffdd0781618
    2 0x00007FFDD0781618 (anonymous)

    NtUserSendInput
    1 0x00007FFE10AB2050 win32u.dll JMP 0x7ffdd0781498
    2 0x00007FFDD0781498 (anonymous)

    CertVerifyCertificateChainPolicy
    1 0x00007FFE10AECA40 CRYPT32.dll JMP 0x7ffdd3750238
    2 0x00007FFDD3750238 (anonymous)

    NdrpClientCall2
    1 0x00007FFE10D51040 rpcrt4.dll JMP 0x7ffdd6d60d54
    2 0x00007FFDD6D60D54 (unknown)

    EnableWindow
    1 0x00007FFE10EA8460 USER32.dll JMP 0x7ffdd0781978
    2 0x00007FFDD0781978 (anonymous)

    EndTask
    1 0x00007FFE10ED15F0 USER32.dll JMP 0x7ffdd0780418
    2 0x00007FFDD0780418 (anonymous)

    ExitWindowsEx
    1 0x00007FFE10EA9150 USER32.dll JMP 0x7ffdd07819d8
    2 0x00007FFDD07819D8 (anonymous)

    GetAsyncKeyState
    1 0x00007FFE10EA2EC0 USER32.dll JMP 0x7ffdd07815b8
    2 0x00007FFDD07815B8 (anonymous)

    GetClipboardData
    1 0x00007FFE10EAC9B0 USER32.dll JMP 0x7ffdd07817f8
    2 0x00007FFDD07817F8 (anonymous)

    GetKeyState
    1 0x00007FFE10EA27E0 USER32.dll JMP 0x7ffdd0781558
    2 0x00007FFDD0781558 (anonymous)

    GetMessageA
    1 0x00007FFE10E9F610 USER32.dll JMP 0x7ffdd6d60c8e
    2 0x00007FFDD6D60C8E (unknown)

    GetMessageW
    1 0x00007FFE10EA2C40 USER32.dll JMP 0x7ffdd6d60c4e
    2 0x00007FFDD6D60C4E (unknown)

    IsDialogMessage
    1 0x00007FFE10ED41F0 USER32.dll JMP 0x7ffdd0780bf8
    2 0x00007FFDD0780BF8 (anonymous)

    IsDialogMessageW
    1 0x00007FFE10E869E0 USER32.dll JMP 0x7ffdd0780c58
    2 0x00007FFDD0780C58 (anonymous)

    keybd_event
    1 0x00007FFE10EFC670 USER32.dll JMP 0x7ffdd0780958
    2 0x00007FFDD0780958 (anonymous)

    mouse_event
    1 0x00007FFE10EA8AE0 USER32.dll JMP 0x7ffdd07809b8
    2 0x00007FFDD07809B8 (anonymous)

    PeekMessageA
    1 0x00007FFE10E9EF80 USER32.dll JMP 0x7ffdd6d60c0e
    2 0x00007FFDD6D60C0E (unknown)

    PeekMessageW
    1 0x00007FFE10E9F0B0 USER32.dll JMP 0x7ffdd6d60bce
    2 0x00007FFDD6D60BCE (unknown)

    PostMessageA
    1 0x00007FFE10EA6A90 USER32.dll JMP 0x7ffdd0780f58
    2 0x00007FFDD0780F58 (anonymous)

    PostMessageW
    1 0x00007FFE10E82B30 USER32.dll JMP 0x7ffdd0780fb8
    2 0x00007FFDD0780FB8 (anonymous)

    PostThreadMessageA
    1 0x00007FFE10EA6A10 USER32.dll JMP 0x7ffdd0781018
    2 0x00007FFDD0781018 (anonymous)

    PostThreadMessageW
    1 0x00007FFE10E8D4A0 USER32.dll JMP 0x7ffdd0781078
    2 0x00007FFDD0781078 (anonymous)

    SendDlgItemMessageA
    1 0x00007FFE10EFCF30 USER32.dll JMP 0x7ffdd07813d8
    2 0x00007FFDD07813D8 (anonymous)

    SendDlgItemMessageW
    1 0x00007FFE10E81060 USER32.dll JMP 0x7ffdd0781438
    2 0x00007FFDD0781438 (anonymous)

    SendMessageA
    1 0x00007FFE10EA6C40 USER32.dll JMP 0x7ffdd07810d8
    2 0x00007FFDD07810D8 (anonymous)

    SendMessageCallbackA
    1 0x00007FFE10EF7A10 USER32.dll JMP 0x7ffdd0781258
    2 0x00007FFDD0781258 (anonymous)

    SendMessageCallbackW
    1 0x00007FFE10EA5270 USER32.dll JMP 0x7ffdd07812b8
    2 0x00007FFDD07812B8 (anonymous)

    SendMessageTimeoutA
    1 0x00007FFE10EAC810 USER32.dll JMP 0x7ffdd0781198
    2 0x00007FFDD0781198 (anonymous)

    SendMessageTimeoutW
    1 0x00007FFE10E82060 USER32.dll JMP 0x7ffdd07811f8
    2 0x00007FFDD07811F8 (anonymous)

    SendMessageW
    1 0x00007FFE10E8ADF0 USER32.dll JMP 0x7ffdd0781138
    2 0x00007FFDD0781138 (anonymous)

    SendNotifyMessageA
    1 0x00007FFE10EAC330 USER32.dll JMP 0x7ffdd0781318
    2 0x00007FFDD0781318 (anonymous)

    SendNotifyMessageW
    1 0x00007FFE10E83220 USER32.dll JMP 0x7ffdd0781378
    2 0x00007FFDD0781378 (anonymous)

    SetClipboardViewer
    1 0x00007FFE10EADCD0 USER32.dll JMP 0x7ffdd0781738
    2 0x00007FFDD0781738 (anonymous)

    SetParent
    1 0x00007FFE10EA9850 USER32.dll JMP 0x7ffdd0781678
    2 0x00007FFDD0781678 (anonymous)

    SetSystemCursor
    1 0x00007FFE10EFBDD0 USER32.dll JMP 0x7ffdd0781af8
    2 0x00007FFDD0781AF8 (anonymous)

    SetWindowLongA
    1 0x00007FFE10EA93F0 USER32.dll JMP 0x7ffdd0780dd8
    2 0x00007FFDD0780DD8 (anonymous)

    SetWindowLongPtrA
    1 0x00007FFE10E82CA0 USER32.dll JMP 0x7ffdd0780e98
    2 0x00007FFDD0780E98 (anonymous)

    SetWindowLongPtrW
    1 0x00007FFE10E86490 USER32.dll JMP 0x7ffdd0780ef8
    2 0x00007FFDD0780EF8 (anonymous)

    SetWindowLongW
    1 0x00007FFE10E8B380 USER32.dll JMP 0x7ffdd0780e38
    2 0x00007FFDD0780E38 (anonymous)

    SetWindowsHookExA
    1 0x00007FFE10ECAAF0 USER32.dll JMP 0x7ffdd0780cb8
    2 0x00007FFDD0780CB8 (anonymous)

    SetWindowsHookExW
    1 0x00007FFE10EA5710 USER32.dll JMP 0x7ffdd0780d18
    2 0x00007FFDD0780D18 (anonymous)

    SetWinEventHook
    1 0x00007FFE10EA59F0 USER32.dll JMP 0x7ffdd0780d78
    2 0x00007FFDD0780D78 (anonymous)

    SwitchDesktop
    1 0x00007FFE10EAA020 USER32.dll JMP 0x7ffdd0781a98
    2 0x00007FFDD0781A98 (anonymous)

    SystemParametersInfoA
    1 0x00007FFE10EA1D10 USER32.dll JMP 0x7ffdd07818b8
    2 0x00007FFDD07818B8 (anonymous)

    SystemParametersInfoW
    1 0x00007FFE10E9FC00 USER32.dll JMP 0x7ffdd0781918
    2 0x00007FFDD0781918 (anonymous)

    TranslateMessage
    1 0x00007FFE10E86190 USER32.dll JMP 0x7ffdd0780b98
    2 0x00007FFDD0780B98 (anonymous)

    BitBlt
    1 0x00007FFE127131F0 GDI32.dll JMP 0x7ffdd07807d8
    2 0x00007FFDD07807D8 (anonymous)

    CreateDCA
    1 0x00007FFE12713A70 GDI32.dll JMP 0x7ffdd0780478
    2 0x00007FFDD0780478 (anonymous)

    CreateDCW
    1 0x00007FFE12714360 GDI32.dll JMP 0x7ffdd07804d8
    2 0x00007FFDD07804D8 (anonymous)

    DeleteDC
    1 0x00007FFE127124B0 GDI32.dll JMP 0x7ffdd0780658
    2 0x00007FFDD0780658 (anonymous)

    GdiAlphaBlend
    1 0x00007FFE12715D30 GDI32.dll JMP 0x7ffdd07805f8
    2 0x00007FFDD07805F8 (anonymous)

    GdiTransparentBlt
    1 0x00007FFE12715D90 GDI32.dll JMP 0x7ffdd0780598
    2 0x00007FFDD0780598 (anonymous)

    GetPixel
    1 0x00007FFE12714AB0 GDI32.dll JMP 0x7ffdd0780538
    2 0x00007FFDD0780538 (anonymous)

    MaskBlt
    1 0x00007FFE1271A560 GDI32.dll JMP 0x7ffdd0780838
    2 0x00007FFDD0780838 (anonymous)

    PlgBlt
    1 0x00007FFE12715ED0 GDI32.dll JMP 0x7ffdd0780898
    2 0x00007FFDD0780898 (anonymous)

    StretchBlt
    1 0x00007FFE12714540 GDI32.dll JMP 0x7ffdd07808f8
    2 0x00007FFDD07808F8 (anonymous)

    KiUserApcDispatcher
    1 0x00007FFE137E8F70 ntdll.dll JMP 0x7ffdd6d60cd6
    2 0x00007FFDD6D60CD6 (unknown)

    KiUserExceptionDispatcher
    1 0x00007FFE137E90D0 ntdll.dll JMP 0x7ffdd6d60d96
    2 0x00007FFDD6D60D96 (unknown)

    LdrLoadDll
    1 0x00007FFE1375C340 ntdll.dll JMP 0x7ffdd3750178
    2 0x00007FFDD3750178 (anonymous)

    LdrResolveDelayLoadedAPI
    1 0x00007FFE13753FA0 ntdll.dll JMP 0x7ffdd37501d8
    2 0x00007FFDD37501D8 (anonymous)

    LdrUnloadDll
    1 0x00007FFE13789590 ntdll.dll JMP 0x7ffdd0780238
    2 0x00007FFDD0780238 (anonymous)

    NtAdjustPrivilegesToken
    1 0x00007FFE137E5BB0 ntdll.dll JMP 0x7ffdd07822d8
    2 0x00007FFDD07822D8 (anonymous)

    NtAllocateVirtualMemory
    1 0x00007FFE137E5690 ntdll.dll JMP 0x7ffdd6d60f16
    2 0x00007FFDD6D60F16 (unknown)

    NtAlpcConnectPort
    1 0x00007FFE137E6240 ntdll.dll JMP 0x7ffdd07824b8
    2 0x00007FFDD07824B8 (anonymous)

    NtAlpcConnectPortEx
    1 0x00007FFE137E6260 ntdll.dll JMP 0x7ffdd0782038
    2 0x00007FFDD0782038 (anonymous)

    NtAlpcCreatePort
    1 0x00007FFE137E6280 ntdll.dll JMP 0x7ffdd0781bb8
    2 0x00007FFDD0781BB8 (anonymous)

    NtAlpcSendWaitReceivePort
    1 0x00007FFE137E64A0 ntdll.dll JMP 0x7ffdd0781b58
    2 0x00007FFDD0781B58 (anonymous)

    NtClose
    1 0x00007FFE137E5570 ntdll.dll JMP 0x7ffdd07801d8
    2 0x00007FFDD07801D8 (anonymous)

    NtConnectPort
    1 0x00007FFE137E6700 ntdll.dll JMP 0x7ffdd0781fd8
    2 0x00007FFDD0781FD8 (anonymous)

    NtCreateEvent
    1 0x00007FFE137E5C90 ntdll.dll JMP 0x7ffdd0781c78
    2 0x00007FFDD0781C78 (anonymous)

    NtCreateEventPair
    1 0x00007FFE137E67E0 ntdll.dll JMP 0x7ffdd0781cd8
    2 0x00007FFDD0781CD8 (anonymous)

    NtCreateFile
    1 0x00007FFE137E5E30 ntdll.dll JMP 0x7ffdd0782218
    2 0x00007FFDD0782218 (anonymous)

    NtCreateMutant
    1 0x00007FFE137E6900 ntdll.dll JMP 0x7ffdd0781c18
    2 0x00007FFDD0781C18 (anonymous)

    NtCreatePort
    1 0x00007FFE137E6980 ntdll.dll JMP 0x7ffdd0781d98
    2 0x00007FFDD0781D98 (anonymous)

    NtCreateSection
    1 0x00007FFE137E5CD0 ntdll.dll JMP 0x7ffdd0782158
    2 0x00007FFDD0782158 (anonymous)

    NtCreateSemaphore
    1 0x00007FFE137E6A60 ntdll.dll JMP 0x7ffdd0781d38
    2 0x00007FFDD0781D38 (anonymous)

    NtCreateSymbolicLinkObject
    1 0x00007FFE137E6A80 ntdll.dll JMP 0x7ffdd0782338
    2 0x00007FFDD0782338 (anonymous)

    NtCreateThread
    1 0x00007FFE137E5D50 ntdll.dll JMP 0x7ffdd0781df8
    2 0x00007FFDD0781DF8 (anonymous)

    NtCreateThreadEx
    1 0x00007FFE137E6AA0 ntdll.dll JMP 0x7ffdd0782458
    2 0x00007FFDD0782458 (anonymous)

    NtFreeVirtualMemory
    1 0x00007FFE137E5750 ntdll.dll JMP 0x7ffdd6d60ed6
    2 0x00007FFDD6D60ED6 (unknown)

    NtLoadDriver
    1 0x00007FFE137E7300 ntdll.dll JMP 0x7ffdd0782098
    2 0x00007FFDD0782098 (anonymous)

    NtMakeTemporaryObject
    1 0x00007FFE137E7460 ntdll.dll JMP 0x7ffdd0782398
    2 0x00007FFDD0782398 (anonymous)

    NtMapViewOfSection
    1 0x00007FFE137E5890 ntdll.dll JMP 0x7ffdd6d60f56
    2 0x00007FFDD6D60F56 (unknown)

    NtOpenFile
    1 0x00007FFE137E59F0 ntdll.dll JMP 0x7ffdd0782278
    2 0x00007FFDD0782278 (anonymous)

    NtOpenSection
    1 0x00007FFE137E5A70 ntdll.dll JMP 0x7ffdd07821b8
    2 0x00007FFDD07821B8 (anonymous)

    NtProtectVirtualMemory
    1 0x00007FFE137E5D90 ntdll.dll JMP 0x7ffdd6d60e96
    2 0x00007FFDD6D60E96 (unknown)

    NtQueueApcThread
    1 0x00007FFE137E5C30 ntdll.dll JMP 0x7ffdd6d60d16
    2 0x00007FFDD6D60D16 (unknown)

    NtSetInformationProcess
    1 0x00007FFE137E5710 ntdll.dll JMP 0x7ffdd07823f8
    2 0x00007FFDD07823F8 (anonymous)

    NtSetSystemInformation
    1 0x00007FFE137E8720 ntdll.dll JMP 0x7ffdd07820f8
    2 0x00007FFDD07820F8 (anonymous)

    NtShutdownSystem
    1 0x00007FFE137E8860 ntdll.dll JMP 0x7ffdd0781eb8
    2 0x00007FFDD0781EB8 (anonymous)

    NtSystemDebugControl
    1 0x00007FFE137E8980 ntdll.dll JMP 0x7ffdd0781f18
    2 0x00007FFDD0781F18 (anonymous)

    NtTerminateProcess
    1 0x00007FFE137E5910 ntdll.dll JMP 0x7ffdd0781f78
    2 0x00007FFDD0781F78 (anonymous)

    NtTerminateThread
    1 0x00007FFE137E5DF0 ntdll.dll JMP 0x7ffdd0781e58
    2 0x00007FFDD0781E58 (anonymous)

    NtUnmapViewOfSection
    1 0x00007FFE137E58D0 ntdll.dll JMP 0x7ffdd6d60e56
    2 0x00007FFDD6D60E56 (unknown)

    NtWaitForDebugEvent
    1 0x00007FFE137E8BE0 ntdll.dll JMP 0x7ffdd6d60fd6
    2 0x00007FFDD6D60FD6 (unknown)

    RtlInstallFunctionTableCallback
    1 0x00007FFE137B3F90 ntdll.dll JMP 0x7ffdd6d60f98
    2 0x00007FFDD6D60F98 (unknown)


    Thumbprint
    25d4f42a3f8d28d62b4d6722beb53513a27efc56fa59976ce8de43bf3214f457

    Is this a true attack or I just have a problematic IE, opened thru AMD setting>Help.

    Also running HotspotShield that time when it happened, HMP didn't found anything nor ZAM after this report. I did save a backup of my PC before reverting to a previous backup.

    Security installed: CF, HMP.A(BETA), AG, and WD when this happened.

    Edit: need some info with this one, need I be worried?
     
    Last edited: Oct 6, 2017
  15. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    323
    Location:
    Far East
    Hi

    Any target release date for this new v3.7? My license just expired

    Thanks
     
    Last edited: Oct 6, 2017
  16. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    2,286
    Location:
    The etherlands
    Again had to disable HMP.A build 717 beta for WU to detect KB4041676 Cumulative Update for Win 10 Pro x64 v1703 15063.632. In fact, I uninstalled HMP.A.

    But there is something else also going on here, subsequent Windows Updates either failed or found no updates. MS Catalog downloaded Delta update install: 'The update is not applicable to your computer'.
    Eventually the MS Catalog Cumulative Update install worked.
     
  17. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    132
    Location:
    Philippines
    So HMP.A was causing this, I had to click check updates a lot of times in order for the updates to continue somehow I succeeded without having to uninstall HMP.A... Haven't updated Win7 hopefully it won't have the same issue like Win 10.
     
  18. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    1,519
    Location:
    the Netherlands
    No Windows Update issues with my two Windows 7 x64 + HMPA 3.6.7.604 systems.
    I haven't tried HMPA 3.7.0.717 beta.
     
  19. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    132
    Location:
    Philippines
    Probably only affects HMPA 3.7.0.717 beta users..
     
  20. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    553
    Thank you for bringing this up!

    I somehow completely missed this, but when I checked it turns out I had the "Windows Malicious Software Removal Tool for Windows" for every month, but no "Quality Updates" since July 1... This also explains why the embedded Flash player was outdated for so long (which I did not understand at all).

    After uninstalling HMP.A Beta and restarting my PC I did receive the "Security Update for Adobe Flash Player for Windows 10" and the "Cumulative Update for Windows 10".

    While I know there's a risk in running Beta software I think it's really bad this is going on for so long and Sophos did not act on this (at least inform us). Please improve?!
     
  21. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,909
    Location:
    Outer space
    I had no problems with 717 on Windows 7x64. I thought the problem only affected Windows 10.
     
  22. Gapliin

    Gapliin Registered Member

    Joined:
    Feb 12, 2012
    Posts:
    77
  23. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    132
    Location:
    Philippines
    Good to know as I haven't updated Win7 Desktop yet...
     
  24. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    644
    Last edited: Oct 13, 2017 at 7:42 AM
Loading...
Similar Threads
  1. Umbra
    Replies:
    17
    Views:
    1,221