HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Your comments about the websites are understandable. Note that hitman products by Surfright NL have recently been purchased by Sophos. They are in the process of combining things so yes there are temporary issues. You found the best place for help. The loman brothers are here often and there many members here who can help you. Oh and welcome to Wilders.

    Pete
     
  2. keepersjohn

    keepersjohn Registered Member

    Joined:
    Nov 19, 2016
    Posts:
    11
    Location:
    shoreham by sea england
    Hi just a quick question reinstalled windows 10 downloaded paid version hitmanpro alert and can not activate it it says i have used up all my activations i have only had it five months and i did not no there a limit i have sent hmp a email on saturday but they have not got back yet just wondered if any one has had the same problem thanks if you can help johnyjohn
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    42,809
    If you see a message like this: "The license has reached the maximum number of activations" or if you have similar activation problems you can write a PM to @erikloman
    But you already emailed them yesterday, so give them a little more time ;)
    And i don't think there is anybody in the office on a Saturday/Sunday :doubt:
     
  4. keepersjohn

    keepersjohn Registered Member

    Joined:
    Nov 19, 2016
    Posts:
    11
    Location:
    shoreham by sea england
    thank you for answer johnyjohn
     
  5. Gapliin

    Gapliin Registered Member

    Joined:
    Feb 12, 2012
    Posts:
    81
    www.hitmanpro.com is the official one. (The old company-domain "www.surfright.nl" also gets redirected to that.)
    www.hitman-pro.com is either a rip-off or some sort of fan-page. The guy who owns the domain also registered many other suspicious sounding domains: http://viewdns.info/reversewhois/?q=matthijssmit@gmail.com
    I see no ads on there and actually every download-link leads to the official page, so nothing malicious on there afaics. Still not sure whats the reason for it. Also the page is very outdated, not really useful and misleading for Surfright's customers.
     
  6. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    907
    Location:
    USA
    I just upgraded to this new release, and upon testing Virtualbox, I received this error when attempting to launch a VM.

    The virtual machine 'Linux Mint 17.3' has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in 'V:\VirtualboxVMs\Linux Mint 17.3\Logs\VBoxHardening.log'.

    The VBoxHardening.log shows these files affected:

    Code:
    122c.1704: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
    1314.1590: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
    The last time that I saw this happen, it was an issue with Avira, which they eventually released a fix for. Something to do with injecting a process into dll's and code signatures? Vbox refuses to run in this case.

    FYI, I tested Virtualbox just moments before updating to the latest HMPA release, and all was working well.
     
    Last edited by a moderator: Dec 11, 2016
  7. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    907
    Location:
    USA
    EDIT: as a follow-up, I tried disabling the HMPA system protections, and rebooting after, but to no success. I uninstalled HMPA, and rebooted, but no success. Then I found a Windows system restore point that I had from over 7 hours ago, restored, rebooted, and Virtualbox is running like a champ again!

    Back to HMPA 360-b573, and Virtualbox life is still good again!
     
    Last edited: Dec 11, 2016
  8. Thomas Platts

    Thomas Platts Registered Member

    Joined:
    Dec 9, 2016
    Posts:
    9
    Location:
    United Kingdom
    Hi Keepersjohn
    I had the same problem about a year ago when I upgraded from Windows 8. For me, a number of software producers are using similar checks. In my case, during the upgrade, the identity of my computer had changed. The process took a number of emails to rectify the issue, and I was lucky enough to reach a person who took control of my problem. I note that Raxco and Malawarebytes use the same system of checks. I wish you well.

    Tom
     
  9. Morkha

    Morkha Registered Member

    Joined:
    Dec 11, 2016
    Posts:
    4
    Location:
    Germany
    Hi guys,

    I'm new here but also have a problem that was already discussed before. Somehow after the last Windows update my HitmanPro license didn't work anymore. It says I have used the maximum number of licenses .
     
  10. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    907
    Location:
    USA
    Same thing happened to me after a clean install of Windows. Emailed support and they reset my activations. Sent the request over a weekend, and I received the response on Monday evening. All good!
     
  11. keepersjohn

    keepersjohn Registered Member

    Joined:
    Nov 19, 2016
    Posts:
    11
    Location:
    shoreham by sea england
    Thanks for your input they got in touch and said they extended my key put it in all fine now thanks. Keepersjohn
     
  12. Wesley Edwards

    Wesley Edwards Registered Member

    Joined:
    Dec 12, 2016
    Posts:
    1
    Location:
    canada
    Is there any way to whitelist an application against the Cryptoguard SMB check? We have a network based document indexing/versioning service that is being blocked on each client workstation by Hitmanpro.alert. It seems like after every update of the hitmanpro.alert program, we have to go in, disable cryptoguard, reboot the machine, re-enable and voila, everything works again.
     
  13. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    42,809
    Problem solved, nice :thumb:
    Yes, the installation is tied to the hardware:
     
  14. Morkha

    Morkha Registered Member

    Joined:
    Dec 11, 2016
    Posts:
    4
    Location:
    Germany
    Ok. I'll just have to wait then. This is something rather annoying. Isn't it possible to have another system which detects if you use the programm or not?
     
  15. ohgood

    ohgood Registered Member

    Joined:
    Apr 3, 2015
    Posts:
    39
    Location:
    cold upper midwest
    Hi all,

    Are any of you using HMPA and Rollback RX?

    Edit: I found this: https://www.wilderssecurity.com/thr...iscussion-thread.324841/page-420#post-2604555

    I'd like to use HMPA & Rollback RX, but I know there can be problems. I'm going to clean install my system, get a good base & backup, then:

    Install Rollback RX, then HMPA - is that the correct order?

    Can I then safely fully arm/enable HMPA?

    Thanks in advance for feedback!
     
    Last edited: Dec 12, 2016
  16. Scyna

    Scyna Registered Member

    Joined:
    Jan 30, 2015
    Posts:
    17
    Hi I'm on windows 10 64x. I'm getting an attack intercepted when i have Nahimic 2 running and then launch skype.
     
  17. mrhex1

    mrhex1 Registered Member

    Joined:
    Jul 2, 2016
    Posts:
    19
    Location:
    Timbuktu
    Hello Loman brothers. I seem to have an issue with MSI's Nahimic sound driver package. Right after I installed this application on my new laptop Hitman Pro Alerts would trigger a ROP alert not only in firefox. I could also get this to occur in MS Word as all.

    I could not set up any exclusions to fix this problem. I had to go in to firefox in HMPA to disable Control Flow Integrity to stop HMPA triggering on this. The only solution that I found was to uninstall the Nahimic sound driver package I have attached a few of the dumps from the HMPA mmc plugin:

    Code:
    Mitigation   ROP
    
    Platform     10.0.14393/x64 v574 06_5e
    PID          3500
    Application  C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Description  Firefox 50.0.2
    
    Callee Type  LoadLibrary
    
    Branch Trace                      Opcode  To                             
    -------------------------------- -------- --------------------------------
    GetCurrentThreadId +0x9              RET  0x72178586 mozglue.dll ^0383   
    0x76723FB9 kernel32.dll                                                   
    
    strchr +0x67                         RET  0x72178504 mozglue.dll ^0026   
    0x7215E3C7 vcruntime140.dll                                               
    
    strchr +0x67                         RET  0x721784F3 mozglue.dll ^03EB   
    0x7215E3C7 vcruntime140.dll                                               
    
    0x721786BA mozglue.dll               RET  0x72178489 mozglue.dll ^0212   
    
    RtlInitUnicodeStringEx +0x46         RET  LoadLibraryExW +0x4c ^01E7     
    0x778F34E6 ntdll.dll                      0x76A0930C KernelBase.dll       
    
    InterlockedIncrement +0x11           RET  0x5D04A557 Nahimic2DevProps.dll ^001B
    0x767361D1 kernel32.dll                                                   
    
    InterlockedIncrement +0x11           RET  0x5D04A54E Nahimic2DevProps.dll ^0077
    0x767361D1 kernel32.dll                                                   
    
    0x5D0498B1 Nahimic2DevProps.dll      RET  0x5D04A533 Nahimic2DevProps.dll ^004C
    
    0x5D04B190 Nahimic2DevProps.dll      RET  0x5D04A4DD Nahimic2DevProps.dll ^00FC
    
    0x5D0498B1 Nahimic2DevProps.dll      RET  0x5D049AAF Nahimic2DevProps.dll ^00C7
    
    LoadLibraryExW +0x5                ~ RET* 0x5D049AA0 Nahimic2DevProps.dll ^0051
    0x76A092C5 KernelBase.dll                                                 
                ff74240c                 PUSH         DWORD [ESP+0xc]
                33c9                     XOR          ECX, ECX
                ff74240c                 PUSH         DWORD [ESP+0xc]
                e841fdffff               CALL         0x5d0497f0
                8b54240c                 MOV          EDX, [ESP+0xc]
                8bc8                     MOV          ECX, EAX
                e8160a0000               CALL         0x5d04a4d0
                c20c00                   RET          0xc
    
    
    User32InitializeImmEntryTable +0xe0   ~ RET  MonitorFromPoint +0x156 ^00BC   
    0x7716A850 user32.dll                     0x7716A546 user32.dll           
    
    RtlQueryPackageClaims +0x6e        ~ RET  User32InitializeImmEntryTable +0x9b ^0002
    0x7791EF1E ntdll.dll                      0x7716A80B user32.dll           
    
    RtlRetrieveNtUserPfn +0xf8           RET  RtlQueryPackageClaims +0x6b ^004D
    0x7792FCE8 ntdll.dll                      0x7791EF1B ntdll.dll           
    
    RtlQueryPackageClaims +0xf7        ~ RET  RtlQueryPackageClaims +0x51 ^001D
    0x7791EFA7 ntdll.dll                      0x7791EF01 ntdll.dll           
    
    NtQuerySecurityAttributesToken +0xc   ~ RET  RtlQueryPackageClaims +0xed ^0016
    0x7792F18C ntdll.dll                      0x7791EF9D ntdll.dll           
    
    Stack Trace
    #  Address  Module                   Location
    -- -------- ------------------------ ----------------------------------------
    1  721785A8 mozglue.dll             
                8bf0                     MOV          ESI, EAX
                85ff                     TEST         EDI, EDI
                0f85d7000000             JNZ          0x72178689
                8bc6                     MOV          EAX, ESI
                8b8c24d0000000           MOV          ECX, [ESP+0xd0]
                5f                       POP          EDI
                5e                       POP          ESI
                5b                       POP          EBX
                33cc                     XOR          ECX, ESP
                e8ed250000               CALL         0x7217abb2
                81c4c8000000             ADD          ESP, 0xc8
                c21000                   RET          0x10
    
    2  5D04A5BF Nahimic2DevProps.dll   
    
    Process Trace
    1  C:\Program Files (x86)\Mozilla Firefox\firefox.exe [3500]
    2  C:\Windows\explorer.exe [2332]
    3  C:\Windows\System32\userinit.exe [1836]
    4  C:\Windows\System32\winlogon.exe [2380]
    C:\Windows\System32\WinLogon.exe -SpecialSession
    5  C:\Windows\System32\smss.exe [5212]
    \SystemRoot\System32\smss.exe 000000d0 0000007c C:\Windows\System32\WinLogon.exe -SpecialSession
    6  C:\Windows\System32\smss.exe [384]
    \SystemRoot\System32\smss.exe
    7   [4]
    
    Thumbprint
    fa4736bbf22a530addebc962c5be50a7bb4e6ecf819359016c17adbab8f7b030
    & Microsoft Word:

    Code:
    Mitigation   ROP
    
    Platform     10.0.14393/x64 v574 06_5e
    PID          2996
    Application  C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
    Description  Microsoft Word 16
    
    Callee Type  LoadLibrary
    
    Branch Trace                      Opcode  To                             
    -------------------------------- -------- --------------------------------
    RtlInitUnicodeStringEx +0x46         RET  LoadLibraryExW +0x4c ^020E     
    0x772E34E6 ntdll.dll                      0x76E8930C KernelBase.dll       
    
    InterlockedIncrement +0x11           RET  0x70BEA557 Nahimic2DevProps.dll ^0025
    0x771961D1 kernel32.dll                                                   
    
    InterlockedIncrement +0x11           RET  0x70BEA54E Nahimic2DevProps.dll ^004A
    0x771961D1 kernel32.dll                                                   
    
    0x70BE98B1 Nahimic2DevProps.dll      RET  0x70BEA533 Nahimic2DevProps.dll ^0011
    
    0x70BEB190 Nahimic2DevProps.dll      RET  0x70BEA4DD Nahimic2DevProps.dll ^01A3
    
    0x70BE98B1 Nahimic2DevProps.dll      RET  0x70BE9AAF Nahimic2DevProps.dll ^008D
    
    LoadLibraryExW +0x5                ~ RET* 0x70BE9AA0 Nahimic2DevProps.dll ^0035
    0x76E892C5 KernelBase.dll                                                 
                ff74240c                 PUSH         DWORD [ESP+0xc]
                33c9                     XOR          ECX, ECX
                ff74240c                 PUSH         DWORD [ESP+0xc]
                e841fdffff               CALL         0x70be97f0
                8b54240c                 MOV          EDX, [ESP+0xc]
                8bc8                     MOV          ECX, EAX
                e8160a0000               CALL         0x70bea4d0
                c20c00                   RET          0xc
    
    
    User32InitializeImmEntryTable +0xe0   ~ RET  MonitorFromPoint +0x156 ^0141   
    0x76A6A850 user32.dll                     0x76A6A546 user32.dll           
    
    RtlQueryPackageClaims +0x6e        ~ RET  User32InitializeImmEntryTable +0x9b ^0002
    0x7730EF1E ntdll.dll                      0x76A6A80B user32.dll           
    
    RtlRetrieveNtUserPfn +0xf8           RET  RtlQueryPackageClaims +0x6b ^003C
    0x7731FCE8 ntdll.dll                      0x7730EF1B ntdll.dll           
    
    RtlQueryPackageClaims +0xf7        ~ RET  RtlQueryPackageClaims +0x51 ^001D
    0x7730EFA7 ntdll.dll                      0x7730EF01 ntdll.dll           
    
    NtQuerySecurityAttributesToken +0xc   ~ RET  RtlQueryPackageClaims +0xed ^0016
    0x7731F18C ntdll.dll                      0x7730EF9D ntdll.dll           
    
    Wow64SystemServiceEx +0x257          RET  TurboDispatchJumpAddressEnd +0xb ^0003
    0x6C3B6FA7 wow64.dll                      0x6C411CF7 wow64cpu.dll         
    
    0x6C3C7A54 wow64.dll                 RET  Wow64SystemServiceEx +0x244 ^0018
                                              0x6C3B6F94 wow64.dll           
    
    0x6C3B7A98 wow64.dll                 RET  Wow64SystemServiceEx +0x155 ^0006
                                              0x6C3B6EA5 wow64.dll           
    
    Stack Trace
    #  Address  Module                   Location
    -- -------- ------------------------ ----------------------------------------
    1  76E893F8 KernelBase.dll           LoadLibraryExW +0x138
    
    2  70BEA5BF Nahimic2DevProps.dll   
                89442418                 MOV          [ESP+0x18], EAX
                ff1594c0bf70             CALL         DWORD [0x70bfc094]
                8b0b                     MOV          ECX, [EBX]
                89442410                 MOV          [ESP+0x10], EAX
                8b4904                   MOV          ECX, [ECX+0x4]
                c1e906                   SHR          ECX, 0x6
                f6c101                   TEST         CL, 0x1
                7552                     JNZ          0x70bea62c
                8b93e8000000             MOV          EDX, [EBX+0xe8]
                f7c200100000             TEST         EDX, 0x1000
                7544                     JNZ          0x70bea62c
                85ff                     TEST         EDI, EDI
                7440                     JZ           0x70bea62c
                b8a80bc070               MOV          EAX, 0x70c00ba8
                668b0f                   MOV          CX, [EDI]
                663b08                   CMP          CX, [EAX]
    
    
    Process Trace
    1  C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [2996]
    2  C:\Windows\explorer.exe [3308]
    3  C:\Windows\System32\userinit.exe [3196]
    4  C:\Windows\System32\winlogon.exe [724]
    winlogon.exe
    
    Thumbprint
    3a94e97ff537f979b0ae19d91e25862aef504cc5080f15b4084c8abdf630f75b
     
  18. guest

    guest Guest

    i do

    yes and yes.

    alternatively installing HMPA first will not (normally) harm you either, HMPA will just be already in the Baseline made by RX rather than in a snapshot. This scenario is only valid if you want to do a backup of your system (before installing RX ) including HMPA.
     
  19. ohgood

    ohgood Registered Member

    Joined:
    Apr 3, 2015
    Posts:
    39
    Location:
    cold upper midwest
    Thank you guest! I'm clean installing w 7 64 right now. I may have more questions ...
     
  20. MikeRepairs

    MikeRepairs Registered Member

    Joined:
    Mar 26, 2014
    Posts:
    80
    Location:
    Kissimmee, FL
    Is HMPA compatible with the new Malwarebytes 3.0?
    I am a reseller for both.
    I usually install MBAM and HMPA, but now that MBAM 3.0 has anti exploit and anti ransom... what should I do?
     
  21. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    1,292
    Location:
    USA, MICHIGAN
    I uninstalled HMPA looong ago to many problems/conflicts I don't think it'll ever get out of BETA what a joke:thumbd::thumbd:. MBAM 3 looks promising and have had good luck with it on my PC's, once more bugs get worked out I'm installing it on more PC's.
     
  22. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,558
    Location:
    Among the gum trees
    If you're installing both I'd suggest at least disabling Exploit Protection n MB 3.0.
    I could say the same about MB 3.0.
     
  23. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    907
    Location:
    USA
    Are there any other HMPA users using Oracle VirtualBoxo_O
     
  24. mirage22

    mirage22 Registered Member

    Joined:
    Apr 20, 2016
    Posts:
    51
    I do, extensively. But i haven't updated after I saw this complaint.

    I believe a feature was added to HMPA where such problems can be mitigated remotely by sending an update which does not need our intervention to upgrade the program. I wonder why isn't that feature being invoked and an update sent so that the Vbox issue is resolved. It's been quite a few days since this problem was highlighted.
     
  25. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I have both on, and actually I have both anti exploits turned on now. I've run thru the HMPA test stuff and it seems to be working. I am watching it closely.

    Pete
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.