HitmanPro.Alert BETA

Sure thing, I'll PM them to you once I'm back at home & have reproduced. Thanks!

 

normally I leave the filename intact and change .dll to .dll.old for example.

 

I remembered that I have an old laptop with the same edition of Vista on it. I downloaded 723 from SurfRight and installed it as a trial version, then rebooted. The laptop booted into a black screen with the mouse pointer in the center.

Next, I went into Safe Mode and renamed the hmpalert.dll file in the two places that you mentioned, and rebooted. Got another black screen showing just the mouse cursor.

We can say that renaming that .dll file didn't solve the problem. What do we try next?

 

Not on that machine anymore, so not sure if it's reproducible at the moment.

Will monitor. Maybe it's Sandboxie (stable).

 

We'll have to narrow it down to a specific protection so first need to rename the files back to it's original name.
Then set all the feature off Green tile, Blue tile and all the orange features.
I suspect something on the orange tiles, so first reboot that it survives enable Green, next Blue, then on the Orange one's step by step, only one tickbox at a time (e.g. process protection has 5 boxes, only one per boot enable) until we find the problem causing protection.

Seems like I forgot Anti-Malware please disable that also and switch on before Green

 

I can't boot into Windows unless it's in Safe Mode, but in Safe Mode there is no HMP.A icon to click on in the notification area, and if I try to open HMP.A directly via Windows Explorer, I get a pop-up saying that the HMP.A service is not running and "please reboot to resolve this issue" -- which of course only leads me back to the black screen.

So how do I launch HMP.A to disable the Green, Blue, and Orange tiles?

UPDATE: I uninstalled build 723 in Safe Mode, then rebooted and reinstalled it. But I was unable to disable anything, for as soon as the installation was done, I got that message about the HMP.A service not running and please reboot. So this time I will uninstall (again) from Safe Mode, then try reinstalling but selecting "Protects against ransomware only" with the installation wizard.

UPDATE 2: This worked: there was no error message and the HMP.A window came up normally at the end of the installation process. However, now I don't get a choice to show the Advanced interface, so there is no way to enable or disable any mitigations.

 

In case the idea didn't come out clearly in my previous post: after Update 2, the situation is that I can't systematically turn mitigations on or off, in the attempt to pinpoint where the problem is. My choices are limited to either:

1. Running HMP.A in "Protects against ransomware only" mode, in which case I can only use the "Standard" interface that doesn't show the individual mitigations; or
2. Running HMP.A in full protection mode, in which case (a) the PC complains immediately that the HMP.A service isn't running, (b) I can't start the service manually, and (c) rebooting takes me to a black screen.

So there seems to be no way for me to go clicking on green, blue, or orange tiles selectively to see which one may be causing the problem.

 

Excuse my ignorance, but where should I look?

 

Meltdown and Spectre are security vulnerabilities on a processor that can allow an attacker to read other process and kernel memory.

Is HitmanPro Alert Beta tested against this attacks?

Regards

 

The question has also to be: Is it ready for MS Patch deployment (see: http://www.zdnet.com/article/window...-if-you-havent-got-them-blame-your-antivirus/)

 

I can't apply this procedure. After installing build 604, by the time I open regedit and create the new registry key, HMP.A is already telling me that there is a new update available and it will be installed automatically on reboot.

In any case, it's not entirely clear to me how to create that new registry key. Going into regedit, I can right-click on the HMP.A to create a new key and I can name it AutoUpdate, but then do I create a new DWORD value within AutoUpdate? That's what I just did, and while I was at it, HMP.A proudly announced the availability of its unwanted update.

Not every update is purely helpful, so it would be useful to be able to disable updating via HMP.A's own UI.

 

One more idea:
Create a reg-file (for example: hitmanpro_alert_disable_autoupdate.reg) with the following content (see below) and you only need to doubleclick the file (administrator rights are needed) and the value is automatically added to the registry:

Code:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\HitmanPro.Alert]
"AutoUpdate"=dword:00000000

To revert the change, the value of AutoUpdate can be set to 1 (another variant: deleting of the registry-key "AutoUpdate") or a reg-file (for example: hitman_alert_enable_autoupdate.reg) with the following content can be created & imported to the registry:

Code:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\HitmanPro.Alert]
"AutoUpdate"=dword:00000001

 

That was a great idea, thank you. I applied the new key as soon as HMP.A got installed.

But within a couple of minutes, I still got the HMP.A flyout about an update being available and going to be installed on reboot.

Maybe HMP.A performs a check for updates immediately upon installation.

 

Why not disconnect from the net for a while until things are sorted.

 

Good idea

Preferrably while disconnected from the internet:
I think a reboot or a restart of the service of HMP.A is needed so it re-reads the registry and is detecting the "new" registry entry

 

That did the trick!

Thanks @Krusty and @mood.

Now we just need for the HMP.A folks to devise a way to run newer builds on Vista.

A few weeks ago, my father's Vista PC developed an intractable problem where it just would not boot up properly. He was running HMP.A, and I had noticed that his copy had upgraded to build 723. We thought it was a hardware (HDD) issue, but the symptoms were similar to what I noticed on my own Vista systems so now I'm pretty sure the root of the problem was HMP.A b723.

 

Even though the required registry key/value was enabled Windows would not install the Meltdown & Spectre updates on my machine.

Can it be this issue again?

 

Note that there is no patch for Spectre, only for Meltdown.

 

No issues on primary machine with HMPA so I don't think it's that.

But I did have repeated issues on secondary machine, but WU troubleshooter and disabling HMPA service did the business.

 

In case anyone is wondering, you do not need an update of HitmanPro.Alert to allow Windows Update to install the Metdown/Spectre patches.
In other words, when you use only HitmanPro.Alert on your machine, the QualityCompat registry key required by Microsoft, doesn't need to be set for Windows Update to work.
HitmanPro.Alert is compatible with the Meltdown/Spectre patches.

If you use another security product alongside HitmanPro.Alert, you do need to check with the vendor of that product as it may be blocking the update.

 

I went to play a recording in Windows 7 Media Center [b728] and got intercepted by HMP.A even though I had the Webcam Notifier disabled (result of an earlier run-in between WMC and HMP.A). Had to disable Control Flow Integrity in order to view a recording in WMC.

 

Got a flyout that an update to 728 beta would be installed on reboot. Now HitmanPro.Alert is version 3.7.3 build 729, a stable version, it seems. Does anyone know if anything else changed? It was kind of a surprise.

 

No update for my machines, but...

https://www.wilderssecurity.com/thr...iscussion-thread.324841/page-584#post-2730140

 

@RonnyT , do you know if the new build 729 resolves the blue screen / black screen issue with Vista that's described beginning here?