HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. newone

    newone Registered Member

    Joined:
    Oct 14, 2006
    Posts:
    71
    Location:
    UK
    hi, ohgood, I did a fresh install of windows 10 AV update and I think I need a Microsoft signed driver version of HitmanPro.alert :)
     
  2. ohgood

    ohgood Registered Member

    Joined:
    Apr 3, 2015
    Posts:
    39
    Location:
    cold upper midwest
    I can't help with that ;) Maybe surfright support can help? support@hitmanpro.com I know the dev's are work hard to get to stuff, but there is other tech support available. I had a minor issue they took care of.
     
  3. plat1098

    plat1098 Guest

    Crackers!!! And I thought this was a thing of the past:


    It happens consistently when opening Gmail from bookmark. Firefox48/32 bit/Windows 10 v.1607 b.14393.51/HitmanPro Alert v. 3.5.1. b. 550b. Does anyone else experience this? For me, not a big issue, but it's irritating and a little concerning.
     

    Attached Files:

  4. eddiewood

    eddiewood Registered Member

    Joined:
    Apr 23, 2006
    Posts:
    136
    Can't say for x86 but Firefox 48 x64 / Windows 10 Pro 14393 x64 / HMP.A 550b. No issue with Gmail as a bookmark on x64.

    Have you done the usual like disabling add-ons or starting FF in safe mode?
     
  5. eddiewood

    eddiewood Registered Member

    Joined:
    Apr 23, 2006
    Posts:
    136
    There are going to be a LOT of annoyed people with broken drivers for all sorts of things after they do a fresh install of Windows 10 AU!
     
  6. guest

    guest Guest

    so just download the proper drivers before upgrading...
     
  7. denniz

    denniz Registered Member

    Joined:
    Jul 26, 2007
    Posts:
    436
    Location:
    The Netherlands
    Well that's not always possible, since Microsoft activated there new and more stricter driver signing policy on July 29 2016. This new policy wasn't activated in de previous Insider builds, so a lot of developers (and thus many end-users) were a bit surprised by this when the RTM version of the Windows 10 Anniversary Update was released.

    You can find more info in a blog from Microsoft here: https://blogs.msdn.microsoft.com/wi...r-signing-changes-in-windows-10-version-1607/
     
  8. eddiewood

    eddiewood Registered Member

    Joined:
    Apr 23, 2006
    Posts:
    136
    If the driver is available.
     
  9. guest

    guest Guest

    then it is the fault of the vendor, not MS.

    indeed in this case it was a stupid move...
     
  10. eddiewood

    eddiewood Registered Member

    Joined:
    Apr 23, 2006
    Posts:
    136
    I didn't say it was the fault of Microsoft. Read my comment.
     
  11. plat1098

    plat1098 Guest

    No to either, but then, Firefox is largely devoid of doo-dads anyway, just have uBlock Origin. Safe mode would eliminate HMP_A, right?, but it's already known this is involved. Adobe module :gack: is disabled but not the other two. Since it's very specific, ie: only involving HMP-A and opening gmail via bookmark, I guess it'll have to remain one of those mystery things, no way am I disabling DEP mitigations. It rarely occurs but when it does, it's always under the same circumstances. *puppy*
     
  12. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,131
    Location:
    USA
    Starting Firefox (not Windows) in safe mode from the command line, ie

    "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode

    will disable extensions (not HMPA), so you can see if extensions have anything to do with the problem.
     
  13. plat1098

    plat1098 Guest

    Oops, guess who's been using Windows safe mode a lot lately, sorry for mix-up. It's only the adblocking extension, now and before, so there's nothing to eliminate. I can say, though, that a bona fide issue with Firefox is periodic and unpredictable memory handling problems. At one point, I had only one tab open with Firefox consuming over 1000 mb of RAM. There was also a RADAR_PRELEAK info in Event Viewer. Nevertheless, Firefox, from what I've read, doesn't seem inclined to address it, it's always the other guys' fault. Long ago, Erik Loman suggested to disable DEP mitigations in HMP-A's interface but I'd rather deal w/crashes now even though his recommendation was effective.

    Can't stand the idea of Microsoft's invading one's BIOS. It's my machine with their PAID software on it.
     
  14. JayKatai

    JayKatai Registered Member

    Joined:
    Dec 16, 2015
    Posts:
    23
    Sorry to prompt again, but any ETA on when HMPA will be signed? I can't disable secure boot for work reasons, and not using HMPA is just wasting days/weeks on my licenses. Its getting to the stage where I may have to install something else due to the uncertainty. A beta would be no use either, again; work/security/stability reasons.
     
  15. newone

    newone Registered Member

    Joined:
    Oct 14, 2006
    Posts:
    71
    Location:
    UK
    thank you ohgood :thumb:
     
  16. mohankrajan

    mohankrajan Registered Member

    Joined:
    Jun 17, 2009
    Posts:
    2
    That did the trick. Thanks a bunch. :)
     
  17. DreamsandVisions

    DreamsandVisions Registered Member

    Joined:
    Aug 14, 2016
    Posts:
    45
    Location:
    Germany
    Don't mind ;)

    Guys, I'm a bit late but I've got a suggestion by a friend of mine (AFAIK he's a member here too), regarding a possible conflict between Zemana AntiLogger (short: ZAL) (using the current stable v2.21.204.465, and HMP.A BETA v3.5.1 B550), and hey, I'm surprised but he's right. Once you deactivate Identity Protection in ZAL, HMP.A works fine alongside Chrome. Note that it doesn't care if you have the realtime protection of ZAL activated or not, it mustn't even autostart or run, but there is a service running in memory regardless any option you take.

    anti-keylogger.PNG
     
  18. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    2,347
    Location:
    Hollow Earth - Telos
    I have ZAL but i don't see anything that says identity protection.
     
  19. DreamsandVisions

    DreamsandVisions Registered Member

    Joined:
    Aug 14, 2016
    Posts:
    45
    Location:
    Germany
    zal1.PNG zal2.PNG
     
  20. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    2,347
    Location:
    Hollow Earth - Telos
    My ZAL has not updated since Dec 2014 i just noticed.
     
  21. SanyaIV

    SanyaIV Registered Member

    Joined:
    Oct 17, 2013
    Posts:
    278
    I haven't looked into what conflict there is but I assume it's that both ZAL and HMP.A are trying to encrypt keystrokes making things mess up. Solution is disabling Keystroke Encryption in either ZAL or HMPA (unless the issue is with another module) ZAL 2 has keystroke encryption in the ID Theft Protection setting. ZAL 1 probably has a specific Keystroke Encryption setting.
     
  22. Telos

    Telos Registered Member

    Joined:
    Jul 26, 2016
    Posts:
    171
    Location:
    Baana
    Realistically you need then to go to "Plan B". While I don't know your secure boot issues, losing secure boot is less risky that losing HMP.A in my opinion. If you can't do that, then MB Anti-Exploit is where I would head until the signing thingy gets worked out (assuming the signing thingy is working with MBAE.). Ain't Microsoft great!
     
  23. ohgood

    ohgood Registered Member

    Joined:
    Apr 3, 2015
    Posts:
    39
    Location:
    cold upper midwest
    Hi All, quick question re setup of Macrium & MMPA - add Macrium to protection or exclude?

    Thanks!
     
  24. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,054
    Location:
    Baden Germany
    This is an expected issue, when you run two apps with keystroke encryption parallel.
    Better run ZAM, instead of ZAL, together with HMP.A.

    +1
    Secure-Boot is overrated.
    Either an attacker already made it to your machine, then secure-boot won't stop him,
    or an attacker has physical access to your machine, then secure-boot won't stop him as well.

    Don't add software to mitigation, until there is an urgent reason.
    Macrium Reflect is a disk imager, not a target for exploits.
    You may want to add it to exclusions, in case of any issue, or temporarily disable MBR protection in HMP.A, if necessary.
     
    Last edited: Aug 16, 2016
  25. ohgood

    ohgood Registered Member

    Joined:
    Apr 3, 2015
    Posts:
    39
    Location:
    cold upper midwest
    Thanks Hiltihome! Glad I asked. :thumb:
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.