HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,230
    Location:
    USA
    OK, I see that the screen you posted is for the Standard Interface. On my system in the Standard Interface there is no mention of Exploit Protection assisted by hardware. My CPU is an Intel Core2 Extreme Q6850 - is it not supported?

    Fixes, tweaks, stability, performance :thumb:
     
  2. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    3,016
    Location:
    the Netherlands
    That is correct.
    HMP.A 3 hardware-assisted exploit protection is supported for Intel Core i3, i5 and i7 processors, not for Intel Core2 processors.
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,966
    Location:
    The Netherlands
    OK, so it isn't a firewall at all, but it looks for payloads trying to trigger certain network related API's and will block it.

    I still don't completely understand it, but I assume this "Network Lockdown" feature is mainly designed to block attacks that are not related to memory corruption? So even the HMPA free version will block these kind of attacks on MS Office and Java, am I correct?
     
  4. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,687
    Location:
    South Wales, UK
    Looking forward to it! :)
     
  5. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro.Alert 3.0.23 Build 137 Release Candidate

    WindowBorder.png Language.png

    Changelog
    • Added additional APIs to IAF mitigations.
    • Added Reset Settings menu item (via gear icon next to the minimize button).
    • Added English names of the supported languages.
    • Added ability to disable Window Border (see notifier menu).
    • Improved mitigations window to turn on/off IAF mitigations.
    • Improved CryptoGuard handling of alternate data streams.
    • Improved performance of IAF mitigation.
    • Fixed CryptoGuard false positives regarding handling of unpackers like Steam.
    • Fixed keystroke encryption indicator in IE11 Enhanced Protected Mode.
    • Fixed scrolling issue in IE11 Enhanced Protected Mode.
    • Fixed stack alignment issue on 64-bit trampolines.
    • Several other minor improvements.
    Download
    http://test.hitmanpro.com/hmpalert3b137.exe

    Please let me know how this version runs on your computer :thumb:
     
    Last edited: Jan 16, 2015
  6. guest

    guest Guest

    @erikloman

    Is it possible to move a 1 PC license to another PC?
     
  7. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Yes. One time. If you run into issues, send me PM and I'll sort it out with some extra licenses.
     
  8. ProTruckDriver

    ProTruckDriver Registered Member

    Joined:
    Sep 18, 2008
    Posts:
    1,457
    Location:
    "An Apple a Day, Keeps Microsoft Away"
    Will do, Thanks Erik. :)
     
    Last edited: Jan 16, 2015
  9. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    778
    Still getting encrypted keystrokes in the IE11 address bar. Screen shot shows what I got when I typed Wilders full address
     

    Attached Files:

  10. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,230
    Location:
    USA
    Upgraded over build 131 without error and running smoothly; great to see the ongoing improvements. :thumb:

    It's nice to have the option to toggle the colored border. Regarding the border might it be possible in the future to adjust the color and/or thickness? It's thin and hard to see on my hi def screen.
     
    Last edited: Jan 16, 2015
  11. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,266
    No problems upgrading to build 137 (W7 64 bits). Handy feature with Systemexplorer 6.2 minimized to systemtray: Added ability to disable Window Border (see notifier menu).
     
  12. ProTruckDriver

    ProTruckDriver Registered Member

    Joined:
    Sep 18, 2008
    Posts:
    1,457
    Location:
    "An Apple a Day, Keeps Microsoft Away"
    I like that. :thumb:
     
  13. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,132
    Location:
    Baden Germany
    Installed Build 137 as upgrade, worked smooth.

    IE11 scrolling issue is fixed for me.

    THX
     
    Last edited: Jan 16, 2015
  14. Crunchytail

    Crunchytail Registered Member

    Joined:
    Dec 10, 2014
    Posts:
    3
    Panda Free Antivirus says it's a virus. The problem did not occur with version 131.
     
  15. Crunchytail

    Crunchytail Registered Member

    Joined:
    Dec 10, 2014
    Posts:
    3
    With version 137, I keep getting the following attack-notification when opening facebook:

    Mitigation IAF
    Platform 6.3.9600/x64 1f_04
    PID 3872
    Application C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Description Google Chrome 39
    Violation 08FCC5EA is calling msmpeg2vdec.dll IAT funcptr KernelBase.dll!GetProcAddress
    Stack Trace
    # Address Module Location
    -- -------- ------------------------ ----------------------------------------
    1 08FCC5EA (anonymous; chrome_child.dll)
    8985ccedffff MOV [EBP-0x1234], EAX
    83bdccedffff00 CMP DWORD [EBP-0x1234], 0x0
    7566 JNZ 0x8fcc65f
    8b8eec402900 MOV ECX, [ESI+0x2940ec]
    ffd1 CALL ECX
    8985d4edffff MOV [EBP-0x122c], EAX
    83bdd4edffff00 CMP DWORD [EBP-0x122c], 0x0
    7f0e JG 0x8fcc61e
    8b95d4edffff MOV EDX, [EBP-0x122c]
    899590e6ffff MOV [EBP-0x1970], EDX
    eb1b JMP 0x8fcc639
    2 08FCB40A (anonymous; chrome_child.dll)
    3 08FC2769 (anonymous; chrome_child.dll)
    4 08FCC560 (anonymous; chrome_child.dll)
    5 6634A0EC msmpeg2vdec.dll ?LoadSurface@CVIDEOfilter@@QAEJHPAEK@Z +0x5939c
    6 66349C0D msmpeg2vdec.dll ?LoadSurface@CVIDEOfilter@@QAEJHPAEK@Z +0x58ebd
    7 66349FE3 msmpeg2vdec.dll ?LoadSurface@CVIDEOfilter@@QAEJHPAEK@Z +0x59293
    8 66345135 msmpeg2vdec.dll ?LoadSurface@CVIDEOfilter@@QAEJHPAEK@Z +0x543e5
    9 6285F567 chrome_child.dll IsSandboxedProcess +0x1fda8f
    10 6285F68A chrome_child.dll IsSandboxedProcess +0x1fdbb2
     
  16. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Is this only when browsing InPrivate or also in normal? What other AVs and/or security products are you running?
     
  17. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Erik

    Will update later and let you know.

    Pete
     
  18. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,430
    Location:
    Surrey, England.
    Unfortunately the upgrade (from b131 to 137) didn't go well here at all, and I had to do a clean install. The prompt to upgade appeared as usual, and I accepted the reboot. On rebooting it just got locked in a black screen (W7 32-bit), and had to do a hard reboot, and when I got back to desktop found that previous build appeared still installed, but corrupted. On trying to use Snipping Tool I saw the errors "The instruction at 0x7714e1e1 referenced memory at 0x7714e1e1. The memory could not be written. Click on OK to terminate the program". And then same error reference 0x77154ec3, if this info may be some help.

    Following another reboot it now seems to be installed correctly. Let me know if further info required, or any advice. Thanks.
     
  19. FOXP2

    FOXP2 Guest

    I’ve been lurking this thread for about a month and running b136 for a few days and b137 updated A-OK.

    After searching this ~3550 posting history, I’ve got a couple of questions; sorry if they’ve been addressed and I couldn’t find ‘em:

    • I understand a license will activate both HMP and HMP.A and the effects of running them free vs activated. My HMP.A RC install is good for a little over two weeks. Was/is there a key to bump that out to 30 or a few more days?

    • When scanned with HMP.A, does HMP run with the user settings (like not-checked “Scan for Tracking Cookies,” checked “I am an expert...” etc.)? Or does it run with settings accorded by the HMP.A session itself which will most likely differ from mine?

    Curiosity: if one does not have HMP already installed, as I did, will the HMP.A install do the HMP install as well?

    Feature request: setting to run HMP scan not-silent by default. (Yes, I know the UI can be opened from the tray icon.)

    Thanks!
     
  20. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,230
    Location:
    USA
    When you click on "Scan Computer" in HitmanPro.Alert it will download Hitman Pro if it is not already installed.
     
  21. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    778
    It happens in both InPrivate and normal. This only happens when Emsisoft Internet Security is installed, as long as EIS is not installed HMP.Alert works flawlessly, it is not sufficient to shut EIS down - it has to be completely removed. I know the answer is to uninstall EIS and use an alternative but I would like to see the two co-exist.
     
  22. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Odd. I run Emsisoft myself and I do not have that issue. Do you have a special setting in EIS?
     
  23. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,365
    Just back into my HMP.A snapshot...will it update automatically to the latest release? When can I get to see it update, automatically?
     
  24. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,443
    Has the Sandboxie Drop Rights setting been addressed? When it's checked the HMPA flyout doesn't occur when running in admin. account.
     
  25. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Erik

    1. New version running great. Will to run it a bit to wring it out. Currently I have on my Win 7x64 desktop and a Win10x64TP VM Works great on both.

    2. I also am running EIS both on desktop in Win10 VM

    Dark Star. Have you installed the WIndows Hot Fix that is mentioned on the EMSIsoft forum. You may need it.

    Pete
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.