HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    651
    Location:
    Far East
    Hi

    I'm using HMPA and BD Free Antivirus and I can assure you there's no issue between them. FYI, BD Free Antivirus do comes with Active Threat Control.

    However, when I install BD Free Anti-ransomware I can see some compatibility issues. This also happens when I previously tested the BD AV Plus 2016 version

    I suggest you disable the antiransom component in BD.

    Thanks
     
    Last edited: Dec 26, 2016
  2. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,569
    Location:
    Among the gum trees
    Hi @erikloman ,

    I emailed you guys a couple of days ago about transferring my license from my dead laptop to my new PC. Can you help? The new PC is here.

    Thanks,
    Krusty
     
  3. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,569
    Location:
    Among the gum trees
    Yeah, my thoughts too.

    Thanks.
     
  4. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Send me a PM. During Christmas period support is at half strength.
     
  5. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,569
    Location:
    Among the gum trees
    Thank you Sir. PM sent.
     
  6. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    I have a laymen question...

    Does HMP have to be installed if I want to run the computer scan in HMP.A ?
    I seem to get through the "Download" aspect when I click on Scan, but then it says "Failed".
    I am not sure if it is downloading signatures (read on website that analysis is cloud-based), or if it is downloading HMP.

    I suspect my settings are too tight, will try and figure it out tomorrow...

    EDIT: Found some relevant posts on page 500, but I had already made rules for HMP.A in WFC...

    @anonskii - when you say HMP n Alert, do you mean HMP "and" HMP.A ? lol... damn this heatwave is doing my head in, might sit on my ThermalTake instead of letting the laptop rest on it...
     
    Last edited: Dec 29, 2016
  7. maniac2003

    maniac2003 Registered Member

    Joined:
    Apr 12, 2007
    Posts:
    120
    Location:
    Netherlands
    HMP.A starts HMP for a scan. AFAIK HMP must or will be installed.
     
  8. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    Aha, so if I want to avoid it, just don't click on it... any chance to remove the Scan button entirely?
     
  9. maniac2003

    maniac2003 Registered Member

    Joined:
    Apr 12, 2007
    Posts:
    120
    Location:
    Netherlands
    Why?
    Why would you have Alert installed without the proper scan tools to act when something is detected. Doesn't make sense to me.
     
  10. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,131
    Location:
    USA
    What should happen is Alert downloads the latest version of HitmanPro and then starts the scan. I believe a workaround for the "fail" is to download and install HitmanPro manually. Then Alert should call the installed version of HitmanPro and start the scan.
     
  11. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    42,809
    It downloads HMP, if it's not installed. Can be a firewall-related problem.
     
  12. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    42,809
    Correct :thumb:
     
  13. Telos

    Telos Registered Member

    Joined:
    Jul 26, 2016
    Posts:
    171
    Location:
    Baana
    Not exactly. The HMP.A scan downloads a temporary HMP executable to ...AppData\Local\Temp where it is executed. It is basically the HMP quick scan. It does not install HMP
    FWIW, you can install HMP by manually executing the temp file from ...AppData\Local\Temp. Worked for me anyway.
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    Happy new year 2017 to all my friends in the forum.:)
     
  15. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,280
    Location:
    UK
    any offers coming up in the next month for hitmanproalert?
     
  16. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Send me a PM. Wilders members get free licenses.
     
  17. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Thanks Erik
     
  18. Well I wish everyone a happy year, not only friends ;)
     
  19. Joel Clendineng

    Joel Clendineng Registered Member

    Joined:
    Nov 2, 2016
    Posts:
    10
    Location:
    USA
    Thanks Erik! And all the devs. I first got hmp a year ago and just got a new license this year, its great to have the support of this forum and I feel more secure because of it. Im running a domain firewall/ips, with bitdefender paid on my pc and hmp as an option that does what most other avs do not do, key encryption and exploit protection. Happy new year and thanks again! This forum has been bookmarked for a very long time and will continue to be!

    Side note, Ive tried avg, kaspersky, comodo, and most of the free/paid options and found bitdefender to be the best by far, though a bit buggy at times, making it more likely to be vulnerable I suppose. What are people here using as a secondary to hmp? I do have a full hardware firewall, so I mainly try to guard against exploits once somethings slipped through it.
     
  20. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    Yeah good correction.to every one in the forum.:)
     
  21. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    77,435
    Location:
    U.S.A.
    Removed Off Topic Posts. Let's Focus Only On the Topic, and Not Each Other!
     
  22. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,131
    Location:
    USA
    When you say HMP do you mean HitmanPro.Alert (usually shortened to HMPA) or HitmanPro which is a different product?

    Along with HMPA I'm using the Windows Defender AV which comes with Windows 10. I also run MalwareBytes AntiMalware v3 with real time protections enabled.
     
  23. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,569
    Location:
    Among the gum trees
    False Positive?

    Code:
    Log Name:      Application
    Source:        HitmanPro.Alert
    Date:          3/01/2017 10:45:13 AM
    Event ID:      911
    Task Category: Mitigation
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      Dave-PC
    Description:
    Mitigation   ROP
    
    Platform     10.0.14393/x64 v574 06_25
    PID          4872
    Application  C:\Program Files\Cyberfox\Cyberfox.exe
    Description  Cyberfox 50.1
    
    Callee Type  ProtectVirtualMemory
                 0x00000018BACB5000 (4096 bytes)
    
    Branch Trace                              Opcode  To                                     
    ---------------------------------------- -------- ----------------------------------------
    NS_LogCOMPtrAddRef()                         RET  0x00007FFF49E629B5 xul.dll             
    0x00007FFF4772CF80 xul.dll                                                               
    
    0x00007FFF74B94F95 mozglue.dll               RET  0x00007FFF49E629AB xul.dll             
    
    RtlLeaveCriticalSection +0x39                RET  0x00007FFF74B94F6C mozglue.dll         
    0x00007FFF81230E79 ntdll.dll                                                             
    
    0x00007FFF74B95294 mozglue.dll               RET  0x00007FFF74B94F62 mozglue.dll         
    
    0x00007FFF74B95514 mozglue.dll               RET  malloc +0x1a                           
                                                      0x00007FFF74B9972A mozglue.dll         
    
    RtlLeaveCriticalSection +0x39                RET  0x00007FFF74B954E3 mozglue.dll         
    0x00007FFF81230E79 ntdll.dll                                                             
    
    WaitForMultipleObjectsEx +0x1e5            ~ RET* memset()                               
    0x00007FFF7D7AC3C5 KernelBase.dll                 0x00007FFF7454C780 vcruntime140.dll     
                        4c8bd9                   MOV          R11, RCX
                        0fb6d2                   MOVZX        EDX, DL
                        49b90101010101010101     MOV          R9, 0x101010101010101
                        4c0fafca                 IMUL         R9, RDX
                        4983f810                 CMP          R8, 0x10
                        0f8602010000             JBE          0x7fff7454c8a0
                        66490f6ec1               MOVQ         XMM0, R9
                        660f60c0                 PUNPCKLBW    XMM0, XMM0
                        4981f880000000           CMP          R8, 0x80
                        0f867c000000             JBE          0x7fff7454c830
                        0fba25645a000001         BT           DWORD [RIP+0x5a64], 0x1
                        7322                     JAE          0x7fff7454c7e0
                        8bc2                     MOV          EAX, EDX
                                             (88F049DFF2162356)
    
    
    PostMessageW +0x6a                         ~ RET  0x00007FFF475C4E3A xul.dll             
    0x00007FFF7F1BB00A user32.dll                                                             
    
    NtUserPostMessage +0x14                    ~ RET  PostMessageW +0x53                     
    0x00007FFF7DB51284 win32u.dll                     0x00007FFF7F1BAFF3 user32.dll           
    
    Stack Trace
    #  Address          Module                   Location
    -- ---------------- ------------------------ ----------------------------------------
    1  00007FFF7D7B5DC5 KernelBase.dll           VirtualProtect +0x35
    
    2  00007FFF49D211AA xul.dll                 
                        85c0                     TEST         EAX, EAX
                        0f95c0                   SETNZ        AL
                        4883c428                 ADD          RSP, 0x28
                        c3                       RET         
    
    3  00007FFF4998FA5C xul.dll                 
    4  00007FFF49E629DA xul.dll                 
    5  00007FFF49D26A0B xul.dll                 
    6  00007FFF49D27134 xul.dll                 
    7  00007FFF49D271F8 xul.dll                 
    8  00007FFF49A1D56D xul.dll                 
    9  00007FFF49A11310 xul.dll                 
    10 00007FFF49E55CF9 xul.dll                 
    
    Process Trace
    1  C:\Program Files\Cyberfox\Cyberfox.exe [4872]
    2  C:\Windows\explorer.exe [3768]
    3  C:\Windows\System32\userinit.exe [3480]
    4  C:\Windows\System32\winlogon.exe [708]
    winlogon.exe
    
    Thumbprint
    5b95108d609ab96054d7527b9747b292ed042bed8eec1568fc2ae1c2f9dbdc74
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="HitmanPro.Alert" />
        <EventID Qualifiers="0">911</EventID>
        <Level>2</Level>
        <Task>9</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2017-01-02T23:45:13.638999000Z" />
        <EventRecordID>21693</EventRecordID>
        <Channel>Application</Channel>
        <Computer>Dave-PC</Computer>
        <Security />
      </System>
      <EventData>
        <Data>C:\Program Files\Cyberfox\Cyberfox.exe</Data>
        <Data>ROP</Data>
        <Data>Mitigation   ROP
    
    Platform     10.0.14393/x64 v574 06_25
    PID          4872
    Application  C:\Program Files\Cyberfox\Cyberfox.exe
    Description  Cyberfox 50.1
    
    Callee Type  ProtectVirtualMemory
                 0x00000018BACB5000 (4096 bytes)
    
    Branch Trace                              Opcode  To                                     
    ---------------------------------------- -------- ----------------------------------------
    NS_LogCOMPtrAddRef()                         RET  0x00007FFF49E629B5 xul.dll             
    0x00007FFF4772CF80 xul.dll                                                               
    
    0x00007FFF74B94F95 mozglue.dll               RET  0x00007FFF49E629AB xul.dll             
    
    RtlLeaveCriticalSection +0x39                RET  0x00007FFF74B94F6C mozglue.dll         
    0x00007FFF81230E79 ntdll.dll                                                             
    
    0x00007FFF74B95294 mozglue.dll               RET  0x00007FFF74B94F62 mozglue.dll         
    
    0x00007FFF74B95514 mozglue.dll               RET  malloc +0x1a                           
                                                      0x00007FFF74B9972A mozglue.dll         
    
    RtlLeaveCriticalSection +0x39                RET  0x00007FFF74B954E3 mozglue.dll         
    0x00007FFF81230E79 ntdll.dll                                                             
    
    WaitForMultipleObjectsEx +0x1e5            ~ RET* memset()                               
    0x00007FFF7D7AC3C5 KernelBase.dll                 0x00007FFF7454C780 vcruntime140.dll     
                        4c8bd9                   MOV          R11, RCX
                        0fb6d2                   MOVZX        EDX, DL
                        49b90101010101010101     MOV          R9, 0x101010101010101
                        4c0fafca                 IMUL         R9, RDX
                        4983f810                 CMP          R8, 0x10
                        0f8602010000             JBE          0x7fff7454c8a0
                        66490f6ec1               MOVQ         XMM0, R9
                        660f60c0                 PUNPCKLBW    XMM0, XMM0
                        4981f880000000           CMP          R8, 0x80
                        0f867c000000             JBE          0x7fff7454c830
                        0fba25645a000001         BT           DWORD [RIP+0x5a64], 0x1
                        7322                     JAE          0x7fff7454c7e0
                        8bc2                     MOV          EAX, EDX
                                             (88F049DFF2162356)
    
    
    PostMessageW +0x6a                         ~ RET  0x00007FFF475C4E3A xul.dll             
    0x00007FFF7F1BB00A user32.dll                                                             
    
    NtUserPostMessage +0x14                    ~ RET  PostMessageW +0x53                     
    0x00007FFF7DB51284 win32u.dll                     0x00007FFF7F1BAFF3 user32.dll           
    
    Stack Trace
    #  Address          Module                   Location
    -- ---------------- ------------------------ ----------------------------------------
    1  00007FFF7D7B5DC5 KernelBase.dll           VirtualProtect +0x35
    
    2  00007FFF49D211AA xul.dll                 
                        85c0                     TEST         EAX, EAX
                        0f95c0                   SETNZ        AL
                        4883c428                 ADD          RSP, 0x28
                        c3                       RET         
    
    3  00007FFF4998FA5C xul.dll                 
    4  00007FFF49E629DA xul.dll                 
    5  00007FFF49D26A0B xul.dll                 
    6  00007FFF49D27134 xul.dll                 
    7  00007FFF49D271F8 xul.dll                 
    8  00007FFF49A1D56D xul.dll                 
    9  00007FFF49A11310 xul.dll                 
    10 00007FFF49E55CF9 xul.dll                 
    
    Process Trace
    1  C:\Program Files\Cyberfox\Cyberfox.exe [4872]
    2  C:\Windows\explorer.exe [3768]
    3  C:\Windows\System32\userinit.exe [3480]
    4  C:\Windows\System32\winlogon.exe [708]
    winlogon.exe
    
    Thumbprint
    5b95108d609ab96054d7527b9747b292ed042bed8eec1568fc2ae1c2f9dbdc74</Data>
      </EventData>
    </Event>
     
  24. max2

    max2 Registered Member

    Joined:
    Sep 22, 2011
    Posts:
    365
    Will Hitman ever have a lifetime license to buy please? Thanks. Just wondering.
     
  25. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,055
    Location:
    Baden Germany
    No.
    HMP.A and HMP license mechanism does not support lifetime licenses.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.