HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I had an app, don't remember what now(may have been an nvt app, but it showed the dll in everything. That is the way it was designed to work. I am sure it does so in the free version. If that is a problem, than that app isn't for you.

    But, although it first bothered me, now that I understand why it does that, and also the fact it hasn't caused me any issues, it no longer is a concern.

    Pete
     
  2. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,104
    Location:
    USA
    If you doubleclick any listed executable in System Explorer it will show hmpalert.dll as a module.
     
  3. newbino

    newbino Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    460
    Thanks Pete, indeed it works fine. Another issue that had popped up (couldn't save a word file as pdf with the Save as Pdf and XPS addon) is also solved.
    That's goodbye for EMET, am keeping HP.A
     
  4. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    HMPA causes my VPN client to crash, and my DNS to leak. My VPN provider informed me that it was due to HMPA injecting it's .dll into their client. I don't know exactly what HMPA is doing that is causing the issue, but I do know HMPA is the source of the problem. As soon as I install HMPA my DNS leaks, and my client crashes. I checked my dns 5 times just before installing HMPA, and my DNS was not leaking. Then my dns leaked immediately all five times after installing HMPA, and would not stop leaking. The client also crashed immediately after installing HMPA. Erik said HMPA can not be causing the issue, but I know better. I was easily able to reproduce this 100% of the time. HMPA is not even an option for me unless they can fix this. I thought if they gave an option to exclude applications from HMPA's protection that might fix the problem.
     
    Last edited: Oct 13, 2014
  5. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    Thank you! I will try that when I test HMPA again. It's just not an option for now.
     
  6. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    I just tried System Explorer with MBAE, and it worked. I checked Firefox to make sure MBAE .dll was being infected into Firefox.exe, and it was as expected. I have not checked to see if HMPA is injecting it's .dll into my VPN client yet because I don't want my workflow interrupted by the problems it causes.
     
  7. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    I found another way of doing it. There is an option in the toolbar of Process Explorer that says show .dlls. You have to click on show .dlls, and also click show lower pane. Then all you have to do is click on what ever process you want to check for .dll injection.
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    Do you have the issue even when all protections are disabled in HMPA?
     
  9. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,240
    Tested HMPA for keylogger encryption protection. Browser was sandboxed.(Sandboxie) Keystrokes
    were captured, but scrambled. Tested several ways including "Forced Programs" & Start/Run
    Access in Sandboxie. See screenshot. Note: Sandboxie IP address was typed.

    key sim.JPG
     
  10. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    Yes, Once I install HMPA is does something to my VPN installation. First I have to uninstall HMPA. Then I have to uninstall my VPN, and install it again. That fixes the problem. If I install HMPA then the problem starts all over again. As long as I don't install HMPA I have no problems at all with my VPN client, or with DNS leaking.
     
  11. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    Well that's the thing, the free version of HMPA should not interfere with MBAE or EMET when exploited mitigations are disabled. But if it will cause problems on the long run, there is always HMPA v2.
     
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    That's really weird, did you have this problem with all builds? I do know that the latest HMPA now has a "Network lockdown" feature that was not present with older versions.
     
  13. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,325
    Location:
    the Netherlands
    That is, if HMP.A 2 is not auto-updated to HMP.A 3, once v3 is considered stable.
    I don't know what SurfRight's plans are.
     
  14. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,104
    Location:
    USA
    Assuming that you could get HMPA to work along side MBAE and/or EMET what do you think the benefit would be?
     
  15. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,325
    Location:
    the Netherlands
    At least the HMP.A 2 benefits, check for browser integrity plus crypto ransomware protection, the reasons for which the current HMP.A 2 users have it installed. All free extras in HMP.A 3 are great, if they don't break EMET and MBAE compatibility for those users that only want to use HMP.A features that don't require a license and want to combine HMP.A with the use of EMET or MBAE.
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    I think you may have misunderstood me, but Stupendous Man has already explained it. :)
     
  17. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,104
    Location:
    USA
    It looks like the point is the free exploit protection in EMET and MBAE...? If people are willing to work with EMET more power to them, and exploit protection in MBAE is limited in the free version.
     
  18. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,325
    Location:
    the Netherlands
    Very true, EMET is far from perfect.
    But neither is HMP.A 3 CTP, judging on comments in this thread.
    Sometimes it seems HMP.A 3 CTP has still quite a way to go.
    However, I hope the HMP.A 3 final will be a wonderful piece of software and better than EMET or MBAE.
     
  19. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I think HMP.A 1 is already better and working. I've tested it against real malware, and it performed well.

    Pete
     
  20. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    Yes, there may be people who prefer EMET or MBAE (Free or Premium), but they do not offer the other features in HMPA Free. So compatibility would be nice.
     
  21. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Eh, why would Surfright try to make HMPA compatible so you didn't have to pay them and could use a competitors free product instead. Not a smart business model. Personally I have no problem paying surfright for an excellent product
     
  22. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    The point is that HMPA also offers a free version without exploit protection. And I do not see how compatibility with other software is a bad thing.
     
  23. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Doesn't really matter what either of us think, only what Surfright thinks. Time will tell.
     
  24. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    I don't think it's Surfright who is making it incompatible, but rather the other way around.
     
  25. shogun_r

    shogun_r Registered Member

    Joined:
    Aug 17, 2013
    Posts:
    22
    Location:
    Sweden
    Looks like the new version has alot of new features compared to last I tried (think version 2). But this is only a beta? Someone knows when a "real" full version is out?

    Is there any tests about how effective is i to stop threats?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.