HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. c2d

    c2d Registered Member

    Joined:
    Sep 26, 2007
    Posts:
    572
    Location:
    Bosnia
    Nope. NTFS. External HD.
     
  2. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    I've placed 2.5.6 build 63 on the download site which should fix the FAT32 bug.

    Download
    http://dl.surfright.nl/hmpalert25.exe

    Please let me know whether this version still causes BSOD when accessing FAT32 volumes :thumb:
     
  3. GvL

    GvL Registered Member

    Joined:
    Jan 25, 2006
    Posts:
    3
    2.5.6 build 63 fixed the BSOD issue for me.
     
  4. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,750
    Location:
    EU
    Fixed :)
    Thanks for prompt action
     
  5. c2d

    c2d Registered Member

    Joined:
    Sep 26, 2007
    Posts:
    572
    Location:
    Bosnia
    Build 63 working fine here.
     
  6. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    I've uninstalled 2.5.6.63, so unfortunately I can no longer give you the "exact" message I was getting, but using Sandboxie on XP with Firefox 20.0.1, I would get a popup when attempting to exit Firefox saying that (something) was unable to read memory and FF was not able to shutdown. As I recall, I had to click an "OK" in that popup to close Firefox. It only seemed to happen when I opened Firefox with Sandboxie - not Firefox alone.

    After going back to hmp.alert 2.5.1.56, the problem disappeared.
     
  7. thegoodguydlc

    thegoodguydlc Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    3
    Location:
    UK
    EDIT: No longer getting update error, only got it twice and then it stopped.
     
    Last edited: Nov 25, 2013
  8. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro.Alert 2.5.6 Build 64 BETA

    Changelog
    • ADDED: Start Menu shortcut when installing Alert. Note that when upgrading from older version the shortcut is not installed.
    • FIXED: The IPv6 address of a CryptoLocker client attacking shared files on a server is now properly formatted in Event Log on the server.
    • FIXED: BSOD when accessing FAT32 volumes. Bug was introduced in BETA build 61 and is fixed as of build 63.
    • FIXED: Event Log Message File pointed to the download file instead of installed file.

    Automatic Update
    Existing HitmanPro.Alert 2.5 BETA users are automatically updated to build 64 if you start a web browser. The update is downloaded in the context of the web browser.

    If you click on the flyout you should see that an upgrade is pending:

    update250.png update255.png

    Download
    http://dl.surfright.nl/hmpalert25.exe

    Please let me know how this version runs on your computer :thumb:
     
  9. guest

    guest Guest

    A few pages back we were talking about HPA v3 being release soon, if all this is being added in 2.5 what will be new in v3?

    si there any plan to include an auto-update feature?
     
    Last edited by a moderator: Nov 25, 2013
  10. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
  11. Gandalf_The_Grey

    Gandalf_The_Grey Registered Member

    Joined:
    Jan 31, 2012
    Posts:
    801
    Location:
    The Netherlands
    Automatically updated to build 64 after a reboot and running fine here :thumb:
     
  12. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,274
    Location:
    the Netherlands
  13. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    972
    HitmanPro.Alert 2.5.6 Build 64 BETA sees Sdelete v1.51 as a virus while deleting a sandbox (Sandboxie 4.07.04).

    Same for Eraser (http://eraser.heidi.ie/).
     
  14. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Crypto ransomware has been around for a few years. But the number of reports reaching our helpdesk increased steadily over the past months. Most of the times the cryptography was reversible. Until CryptoLocker came along with a big campaign: huge infection numbers, irreversible encryption, lots of documents and files lost (no backup or failing backup).

    We came up with the idea for CryptoGuard many months ago but we never got around creating it due to schedules. CryptoLocker changed our priority.
    While we were working on Alert version 3, we decided a few weeks ago to temporarily halt development of v3 and create CryptoGuard as part of v2. Hence, version 2.5.

    Version 2.5 was never planned. We just saw the urgent need for CryptoGuard as there was no solution available other than setting group policies on where software is allowed to run. We cannot rely on sigatures because the effect of a 'miss' is usually catastrophic where the user ends up paying the ransom to get the files back/decrypted.
    Just look at the thread at Bleeping Computer where people are begging to get the malware back because they WANT TO pay the ransom. Even a police department in Swansea paid the ransom.

    We expect crypto ransomware to up their game by encrypting files from within legitimate processes via code injection. Think of winword.exe starting to encrypt documents, images and presentations.

    Since CryptoGuard does not look at who is encrypting the files, but actually looking at the changing content of the files, we think CryptoGuard is more robust against both the polymorphic changes of malware binaries as well as which files and registry keys the malware is using.

    The fact CryptoGuard works at the file system level, we also offer protection against _remote_ crypto ransomware on locally shared files. This means that CryptoGuard blocks the encryption while the actual infection is on a remote infected computer that is not running Alert!

    On to the question, now that version 2.5 nears completion, work on Alert version 3 has already continued. I cannot elaborate on the features of v3.

    As you can see in my post above, every Alert 2.5 user is now updated to the latest build. Existing 2.0 users will be updated when 2.5 is declared non-BETA.

    Hope this helps.
     
    Last edited: Nov 25, 2013
  15. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    When using these secure delete tools, you need to disable CryptoGuard under Settings and when you're done, enable CryptoGuard again. That is because Sdelete writes a high entropy stream (random) to the file which looks the same as cryptography.

    Note that cycling the on/off state of CryptoGuard also clears the list of blocked processes and IPs.
     
    Last edited: Nov 25, 2013
  16. guest

    guest Guest

    @erikloman

    Is there any plan to include the UTM scanning abilities (http://www.surfright.nl/en/hitmanpro/utm) on Hitman Pro alert?
    Something like, every file downloaded is scanned in the cloud automatically.
     
  17. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,979
    It just updated itself to the latest version on my XP/SP2, & no issues to report. So the ongoing fixes appear to be working ;)

    HMP & the team should be congratulated for providing this extremely beneficial & life saving App for FREE :thumb:

    Here's a gold award from me.

    2a.png
     
  18. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    972
    Thanks for info. Btw... HMP Alert doesnt always intervene during deletion of a sandbox by Sdelete.
     
  19. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    972
  20. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Do you have high DPI / large fonts configured?
     
  21. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    972
    Standard 96 DPI. It's a 22 inch screen.
     
  22. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    I see, you have a non standard font configured. Alert gets the font of the operating system. I will see if we can fix this in the next build.
     
  23. thegoodguydlc

    thegoodguydlc Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    3
    Location:
    UK
    Would it be possible to have updating without a reboot? On the server it can be pretty inconvenient to have to do a reboot as it will disrupt other users. I can schedule a reboot for when people have gone home but i'd rather that the updates could happen during the day if there was a vulnerability for instance.
     
  24. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    On a server, Alert will not automatically check for updates. This because the update procedure is triggered while using a web browser.

    On servers you can schedule as task specifying the following command line:

    "C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /update

    This will initiate the update procedure. In the Event Log there will be an entry indicating whether a reboot is needed to complete the update procedure.
     
  25. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,975
    Location:
    Boston, MA
    Have current beta running in sandboxie with flyout. Everything seems to be working well on firefox current build on win 8.1 64 bit. Haven't tried chrome yet.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.