HitmanPro.ALERT Support and Discussion Thread

There were some early teething problems with Alert + Norton when I first started testing the betas and a few small bugs along the way, but the only issue left is this one, where Norton updates SONAR Alert may crash or CPU usage starts using around 25% constantly. Other than that, Erik has done a great job of making them compatible.

I can't speak for the other AVs but I have used Windows Defender + Alert with no issues to report at all.

 

I have never had any issues running KIS/KAV an HMP.A. However, I'm currently not running HMP.A, so there might be issues now that I'm not aware of.

 

My limited expression in english language does not reflect exactly what I want to say. Sorry.

Kaspersky AV, or Security, is by no means a simple AV, but they do not change there methods often, during a years version,
while Bitdefender and Norton do.
So one may have more compatibility issues with the latter, rather than with Kaspersky...

 

I do know what you're trying to tell us, no problems here.

 

How did you acquire the update? It's not being offered on my system.

OK, I found a mention of it, but I can't find a download link and it's not showing in Windows Update on Windows 10x64. There may be some change in this latest version of Office 2013 that has re-introduced the ROP false Positive in HMPA.

"A new version of Office 2013 Click-To-Run is available: 15.0.4823.1002"

https://blogs.technet.microsoft.com...ng/2016/05/10/may-2016-office-update-release/

 

Nice the incompatibility issue between ReHIPS and HMPA is solved.

HMPA still solid, on my system i have never encountered serious problems with it.

 

news about v3.5?

 

It wasn't announced in this thread yet, but build 372 can be downloaded

 

How did you find out?
Was it announced elsewhere?
I see that with modifying the link for the beta version build 372 is available.
It is not offered with the links for the stable build.
Well, I suppose Erik or Mark will present that build, with the changelog, later.

 

I only incremented the version-number of the beta-downloadlink to 372 to get this build.

We'll see later what else is in the changelog.

 

Ah, thanks, I forgot about Erik's post in which he mentioned an upcoming build 372.

 

Nombre de registro:Application
Origen: HitmanPro.Alert
Fecha: 25/05/2016 19:49:23
Id. del evento:911
Categoría de la tarea9)
Nivel: Error
Palabras clave:Clásico
Usuario: No disponible
Equipo: Miguel-PC
Descripción:
Mitigation LoadLib

Platform 10.0.10586/x64 06_17*
PID 3172
Application C:\Program Files (x86)\Windows Media Player\wmplayer.exe
Description Reproductor de Windows Media 12

Callee Type ProtectVirtualMemory
0x0C0D0000 (2301952 bytes)

Allocated by (unknown)

XML de evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="HitmanPro.Alert" />
<EventID Qualifiers="0">911</EventID>
<Level>2</Level>
<Task>9</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-05-25T17:49:23.417413300Z" />
<EventRecordID>21075</EventRecordID>
<Channel>Application</Channel>
<Computer>Miguel-PC</Computer>
<Security />
</System>
<EventData>
<Data>C:\Program Files (x86)\Windows Media Player\wmplayer.exe</Data>
<Data>LoadLib</Data>
<Data>Mitigation LoadLib

Platform 10.0.10586/x64 06_17*
PID 3172
Application C:\Program Files (x86)\Windows Media Player\wmplayer.exe
Description Reproductor de Windows Media 12

Callee Type ProtectVirtualMemory
0x0C0D0000 (2301952 bytes)

Allocated by (unknown)
</Data>
</EventData>
</Event>



This happens when opening files with the .avi extension

 

Im still on 368 why ain't I auto updating

 

It does, but only when a new final release is out.
Build 369, 370, 371 and 372 are pre-releases.
They have do be tested, before they are rolled out to public.

 

Which version/build of HMP.alert are you using? I think the developers should know!
EDITED:
I have no issues opening .avi files using hmp.alert build 370/371/372 with w7x64

 

Very true.
However, still there is the previously reported HMP.A issue on Windows 7 x64 with KB3146706 installed, that was fixed with HMP.A 3.1.9.369 and 3.1.10.370.
All HMP.A users on Windows 7 x64 with KB3146706 installed (by Windows Update automatic updating) that don't follow this Wilders thread and that don't have HMP.A build 369 or later installed, will probably still have HMP.A partially crippled.
I think that is quite serious.
I understand SurfRight doesn't want to rush, and push bad builds, but still not fixing the HMP.A issue on Windows 7 x64 with KB3146706 installed (by Windows Update automatic updating), not pushing a recent relatively stable build, that seems a bit sloppy to me. I think it is taking too long.
@erikloman
@markloman
I hope a recent relatively stable build will be offered for automatically updating HMP.A, for all users on Windows 7 x64 with KB3146706 installed by Windows Update automatic updating, to fix those HMP.A installations.

 

Is There Anybody Out There?

 

The issue was with builds before build 369.
What I said in my previous post was that HMP.A users on Windows 7 x64 with KB3146706 installed, that don't follow this Wilders thread and that don't have HMP.A build 369 or later installed, will probably still have HMP.A partially crippled, and I think that is quite a serious issue.

 

@erikloman, @markloman

#1
When I launch Overwatch from Battle.net launcher, nothing is showing on screen. From task manager I can see "Overwatch.exe" running constant at 12% CPU.

Temp solution: Exclude Overwatch.exe

#2
HitmanPro.Alert sometimes crashes while Battle.net is updating games. (I'll upload some of the crash dumps later)

Network related softwares that i'm using: cFosSpeed 10.12, IDM 6.25 with "advanced browser integration" enabled, CIS 8.2.0.5027

 

So manually update to the next build and I should be fine?

 

better to hold back the update if they not confident its not going to cause regressions, those who desperately need it can download the beta version, is the way I see it.

 

Ok

 

Do you have Windows update KB3146706 installed on your Windows 7 x64 system?
If not, you're OK with HMP.A build 368.

If you have Windows update KB3146706 installed, HMP.A build 368 might be partially crippled on your Windows 7 x64 system. Let's call that the KB3146706 issue.
In that case, you would see something like this in HMP.A user interface, Exploit mitigation, Running applications, with x64 items that should be protected not being protected:



In that case, if you check with Process Explorer and search (Crtl+F) for hmpalert.dll then you will find hmpalert.dll only injected in SysWOW64 objects, not in System32 objects, and you would see something like this:




With HMP.A manually updated to build 371, the KB3146706 issue is resolved.
Now you see something like this, with applications protected:



and hmpalert.dll injected in both SysWOW64 and System32 objects:




It's up to you to see whether or not you have KB3146706 installed, and if running applications are protected correctly, and if not, whether or not you want to manually update to a recent build in which the KB3146706 issue is resolved.