HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    1,620
    Location:
    the Netherlands
    It was June when Erik said,
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    19,295
    Ah. Thanks SM
     
  3. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    502
    Yeah, that real-time scanner would be a real lot more usable if exclusions were possible :)
     
  4. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    4,841
    Location:
    Among the gum trees
    From past experience I know I have to use Passive Vaccination when installing / upgrading Netgear Genie but I just got this when upgrading to the latest version.
    Code:
    Log Name:      Application
    Source:        HitmanPro.Alert
    Date:          24/11/2017 8:51:02 AM
    Event ID:      911
    Task Category: Mitigation
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      David-HP
    Description:
    Mitigation   Lockdown
    
    Platform     10.0.16299/x64 v723 06_5e
    PID          7056
    Application  C:\Program Files (x86)\NETGEAR Genie\wpinst.exe
    Description  wpinst.exe
    
    Filename     C:\Users\David\AppData\Local\Temp\wpinst64.exe
    Created By   C:\Program Files (x86)\NETGEAR Genie\wpinst.exe
    
    
    Process Trace
    1  C:\Program Files (x86)\NETGEAR Genie\wpinst.exe [7056]
    2  C:\Users\David\AppData\Local\NETGEARGenie\update_temp\NETGEARGenie-install.exe [4504]
    C:/Users/David/AppData/Local/NETGEARGenie/update_temp/NETGEARGenie-install.exe
    3  C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [9236]
    4  C:\Windows\explorer.exe [7252]
    5  C:\Windows\System32\userinit.exe [2676]
    6  C:\Windows\System32\winlogon.exe [780]
    winlogon.exe
    7  C:\Windows\System32\smss.exe [664]
    \SystemRoot\System32\smss.exe 000000dc 00000080
    
    Thumbprint
    a1430adc96c80ff18655b510d868acdac7eb0f130413ae6943d77f96ae999399
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="HitmanPro.Alert" />
        <EventID Qualifiers="0">911</EventID>
        <Level>2</Level>
        <Task>9</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2017-11-23T21:51:02.108924700Z" />
        <EventRecordID>6928</EventRecordID>
        <Channel>Application</Channel>
        <Computer>David-HP</Computer>
        <Security />
      </System>
      <EventData>
        <Data>C:\Program Files (x86)\NETGEAR Genie\wpinst.exe</Data>
        <Data>Lockdown</Data>
        <Data>Mitigation   Lockdown
    
    Platform     10.0.16299/x64 v723 06_5e
    PID          7056
    Application  C:\Program Files (x86)\NETGEAR Genie\wpinst.exe
    Description  wpinst.exe
    
    Filename     C:\Users\David\AppData\Local\Temp\wpinst64.exe
    Created By   C:\Program Files (x86)\NETGEAR Genie\wpinst.exe
    
    
    Process Trace
    1  C:\Program Files (x86)\NETGEAR Genie\wpinst.exe [7056]
    2  C:\Users\David\AppData\Local\NETGEARGenie\update_temp\NETGEARGenie-install.exe [4504]
    C:/Users/David/AppData/Local/NETGEARGenie/update_temp/NETGEARGenie-install.exe
    3  C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [9236]
    4  C:\Windows\explorer.exe [7252]
    5  C:\Windows\System32\userinit.exe [2676]
    6  C:\Windows\System32\winlogon.exe [780]
    winlogon.exe
    7  C:\Windows\System32\smss.exe [664]
    \SystemRoot\System32\smss.exe 000000dc 00000080
    
    Thumbprint
    a1430adc96c80ff18655b510d868acdac7eb0f130413ae6943d77f96ae999399</Data>
      </EventData>
    </Event>
    I do have Netgear Genie added to HMP.A's protected programs in the Other category. Netgear Genie appears to have upgraded successfully.
     
  5. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,947
    Location:
    Outer space
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    3,042
    This is the reason why you got the Lockdown Mitigation. The protected program dropped a file in a a temporary directory and launched it.
    You can disable "Application Lockdown" for the protected program temporarily, but all files have been successfully updated ("appears to have upgraded successfully"). In this case you don't "need to".
    For example Opera is triggering the Lockdown Mitigation while it is upgrading, but nevertheless the upgrade was successfull: "I received the notification from HMP.A, Opera was still able to automatically update to the latest version" #12865
    The "Holiday Promotion 50% off" is available for all License Options.
    After a click on the Buy button a new page is opened, and you can choose other License Options.
     
  7. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    1,620
    Location:
    the Netherlands
    Indeed, as mood says.
    If you click "Buy Now", the shop page opens, on which you can choose other options than 1 PC 1 Year.
    The other options are 3 PC 1 Year, 1 PC 3 Year, and 3 PC 3 Year, all with reduced prices.

    Oddly, I see it is not 50% off, but only 39% off!
    For instance, 1 PC 1 Year € 18.15 where the full price is € 29.95, and 3 PC 3 Year € 56.27 where the full price is € 92.95. That is not 50% off, but only 39% off.
     
  8. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    4,841
    Location:
    Among the gum trees
  9. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    4,841
    Location:
    Among the gum trees
    Thanks mood. I figured that was the case but thanks for explaining the mitigation, that helps.
     
  10. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    3,042
    "50% off" (excluding VAT) :)
    If you buy it, the final price includes the VAT.
    I'm glad to help :)
     
  11. pilipali

    pilipali Registered Member

    Joined:
    Nov 24, 2017
    Posts:
    5
    Location:
    Finland
    Hi
    I updated Hitman pro alert from build 604 to build 723 by installing over. I had trial license but now I have paid version. Now, I notice that Opera browser takes longer time to load than with build 604 and it does not load ghostery extension at the same time (or it has been disabled and each time have to manually enable it afterwards). It is really annoying! Could program update do this, I had not this problem before and I have not made changes to Opera browser. If I disable exploit mitigations fro Opera, browser loads faster. I am using Opera 49.0.2725.47 and I am using Windows 10 64 bit (1709), I also have Avast free 17.8.2318.
     
  12. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    1,620
    Location:
    the Netherlands
    Ah, thanks very much, mood.
    I overlooked that line about VAT.
    In my defense, I can't remember that SurfRight, before being part of Sophos, made offers this way, offering 50% off on one page, excluding VAT, and then adding VAT on the next page. Or perhaps SurfRight did the same before Sophos, but I forgot. :confused:
     
  13. lawdude

    lawdude Registered Member

    Joined:
    Sep 20, 2015
    Posts:
    22
    I still have 244 days left on my subscription. If I buy now to get the lower price, does subscription begin on purchase date or when I activate?
     
  14. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    479
    Location:
    Hengelo
    It begins when you activate. Do not activate the key until the existing activation expires.
     
  15. pilipali

    pilipali Registered Member

    Joined:
    Nov 24, 2017
    Posts:
    5
    Location:
    Finland
    Why does windows process manager show 2 HitmanPro.Alert processes? Is this normal?
     
  16. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,582
    Location:
    USA
    I'm also seeing that in Windows Task Manager. I don't know why it's displayed twice there, but in Process Explorer it is only listed once under services.
     
  17. pilipali

    pilipali Registered Member

    Joined:
    Nov 24, 2017
    Posts:
    5
    Location:
    Finland
    Sorry, I meant task manager.
     

    Attached Files:

  18. focus

    focus Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    312
    Location:
    USA
    Thanks for this reminder, last time was messy. And Thanks for the excellent deal, purchased another 3 years.
     
  19. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    3,201
    Location:
    DC Metro Area
    One is a User service "...hmpa.exe/tray"
    One is a SYSTEM service "...hmpa.exe/service"
     
  20. lawdude

    lawdude Registered Member

    Joined:
    Sep 20, 2015
    Posts:
    22
    Gotchya. Now, if I will only be able to remember where the confirmation email is 244 days from now.
     
  21. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,947
    Location:
    Outer space
    Thanks!


    Afaik it was really 50% off including VAT in the past.
     
  22. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,958
    Location:
    Last Breath Farm
    Does a HitmanPro.Alert subscription include a HitmanPro subscription?
     
  23. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    4,841
    Location:
    Among the gum trees
    Yes, but not the other way around.
     
  24. LodeHere

    LodeHere Registered Member

    Joined:
    Nov 25, 2017
    Posts:
    2
    Location:
    Amsterdam
    Since the latest Alert3 update the other day there is an issue with Sandboxie on my laptop. Alert3 fags it and the option to do a scan appears, as well as a Sandboxie panel with an error warning.
     
  25. LodeHere

    LodeHere Registered Member

    Joined:
    Nov 25, 2017
    Posts:
    2
    Location:
    Amsterdam
    Correction: "Alert3 flags it..."
    I see no option to edit my above post.
     
Loading...