HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    1,806
    Location:
    the Netherlands
    Ah, thanks, Adric.
    I thought you meant a malware scanner.
    Regarding scanning (comparing) before synchronizing, I have no issues with FreeFileSync, but then, I don't sync to NAS drives, but to an ordinary second internal drive and external USB 3.0 drives, so I can't tell if synchronizing to NAS drives would be affected.
     
  2. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,061
    I ran another test using filever.exe against a large directory and the performance hit was 37%. So it seems HMPA is interfering in some way or another.
     
    Last edited: Jun 19, 2018
  3. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,032
    Location:
    At the door ...
    Same here with Bvckup 2, so could be the NAS factor.
     
  4. Aldon

    Aldon Registered Member

    Joined:
    Jun 23, 2018
    Posts:
    1
    Location:
    The Netherlands
    Since a couple of days I have installed the WebBrowser Chromium Versie 69.0.3470.0 on a Windows 8.1 OS and suddenly It comes to my attention I don't see the usual announcement of Exploit protection HMP-Alert normally shows in the upper right corner of the screen at the moment an application has started.
    Is this because Chromium runs in its own SandBox and protects itself from Malware-exploits due to this Sandbox?

    I hope my English is well enough to understand, Because it isn't my native language.

    Thanks in advance for any reaction!
     
  5. RonnyT

    RonnyT Registered Member

    Joined:
    Aug 9, 2016
    Posts:
    98
    Location:
    Planet Earth
    Hi Aldon,

    If you like dutch support please contact us on support@hitmanpro.com

    Can you verify if the browser is running under a protection profile?
    Open HitmanPro.Alert GUI switch to Advanced interface (gear icon top right) click on the blue button while Chromium is running.
    Select running applications and see if it's "Protected" if not click on the process and add it to the browsers profile.

    Once you have restarted all chromium processes it should now run protected.
     
  6. pilipali

    pilipali Registered Member

    Joined:
    Nov 24, 2017
    Posts:
    13
    Location:
    Finland
    Updated to version 3.7.8 build 750. I noticed that Microsoft Edge does not work, loads for some time but then closes itself. Disabling safe browsing or exploit mitigations won't work. tried resetting settings, no help.
     
  7. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    612
    Location:
    USA
    This is the first mention I've seen on this thread about a build 750 release. Yet no announcement?

    Just looked on the download page for release history and see this!

    https://www.hitmanpro.com/en-us/whatsnewalert.aspx
     
  8. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,720
    Location:
    USA
    750 is a release candidate and was announced in the beta forum. See here:

    HitmanPro.Alert BETA
     
  9. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    612
    Location:
    USA
  10. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    1,806
    Location:
    the Netherlands
    Yes, HMPA 3.7.8.750 was a release candidate, but today it is released as the new stable version.
    Users running the previous stable release version 3.7.6.739 are automatically upgraded to 3.7.8.750.
     
  11. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    612
    Location:
    USA
    My point was there was no official announcement of the latest release in this thread, as has been the norm prior to now.
     
  12. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    1,806
    Location:
    the Netherlands
    Yes, I know, and you are right.
    I suppose Erik, Mark and RonnyT forgot, or were too busy to post an announcement of the latest release in this thread.
     
  13. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    612
    Location:
    USA
    I am using the registry option to prevent automatic upgrades. So I usually just wait for a new stable release announcement, and then find a time to download and test the new version.
     
  14. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    1,806
    Location:
    the Netherlands
    I can understand that it is inconvenient if no announcement for the new stable release is posted in this thread.
    Perhaps Erik, Mark, or RonnyT will post the announcement later today, or tomorrow.
     
  15. RonnyT

    RonnyT Registered Member

    Joined:
    Aug 9, 2016
    Posts:
    98
    Location:
    Planet Earth
    Are you perhaps running Windows Defender Application Guard?
     
  16. pilipali

    pilipali Registered Member

    Joined:
    Nov 24, 2017
    Posts:
    13
    Location:
    Finland
    No.
     
  17. RonnyT

    RonnyT Registered Member

    Joined:
    Aug 9, 2016
    Posts:
    98
    Location:
    Planet Earth
    HitmanPro.Alert 3.7.8 Build 750 Released

    Changelog | Compared to build 739

    • Improved Intruder detection (Safe Browsing) on Trickbot trojan
    • Improved compatibility with Microsoft Office and Internet Explorer 11
    • Improved process startup performance of applications protected with Exploit Mitigations
    • Improved Hardware Assisted Control-Flow Integrity (HA-CFI) performance by increasing the LBR stack-pool
    • Improved Code Cave Mitigation
    • Improved Asynchronous Procedure Call (APC) Mitigation
    • Improved Java exploit mitigation profile; removed obsolete protections for Java processes
    • Improved Thumbprint technology on the CallerCheck exploit mitigation, which now allows us to whitelist e.g. a CreateProcess from the 1Password just-in-time .NET code running inside a web browser or Outlook as a plug-in
    • Fixed a crash occurring during a specific ROP exploit, e.g. during attack on CVE-2018-9958
    • Fixed issue with Microsoft Edge browser on Windows 10 Redstone 4 32-bit (x86)
    • Fixed a false positive in Chrome caused by the Dynamic Heap Spray exploit mitigation
    • Fixed VBScript God Mode false positives in Internet Explorer
    • Fixed potential BSOD caused by CryptoGuard
    • Fixed LoadLib Alert in Firefox when loading NPAPI plugin(s)
    • Fixed Windows 7 hanging on shutdown
    • Fixed WipeGuard running inside Hyper-V guest systems
    • Added list of loaded modules to the alert details of the WipeGuard and CryptoGuard modules, to help with triaging attacks originating from trusted processes
    • Added wmic.exe to Application Lockdown to block abuse in a SquiblyTwo attack; like PowerShell, MSHTA, regsvr32.exe, wmic.exe is a LOLbin – a Living of the Land binary, that can be abused by attackers
    • Added Japanese language to user interface
    Download
    https://dl.surfright.nl/hmpalert3.exe

    Known issue(s):
    • Windows Defender Application Guard fails to start Edge
    The automatic updater has been set to update all our users. You should receive it within the day, automatically.
    Let us know how this build runs on your machine(s). Thanks! :thumb:
     
  18. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    359
    Build 750 still not working on Vista. Same issues as before, multiple programs crashing. It didn't even create a Notification Area icon.

    Uninstalled. Keeping my work PC at build 604.
     
  19. Eebillo

    Eebillo Registered Member

    Joined:
    Jul 13, 2018
    Posts:
    2
    Location:
    rock
    Hello; would just like to ask why a certain program/game i have crashes whenever ran with HitmanPro.Alert installed. I'm not an IT guy at all but we do have this at our pc for online security so I've no idea how to troubleshoot; however I've tried disabling all modules and trying to run the program but it still keeps feeding this crash:

    Application Version: 5.6.3.55206
    Application Timestamp: 599ad65d
    Fault Module Name: ntdll.dll
    Fault Module Version: 6.1.7601.24168
    Fault Module Timestamp: 5b1aad38
    Exception Code: c0000005
    Exception Offset: 0000000000032964
    OS Version: 6.1.7601.2.1.0.256.48
    Locale ID: 1033
    Additional Information 1: 15f6
    Additional Information 2: 15f6512c97c733a716aab66823287880
    Additional Information 3: f12c
    Additional Information 4: f12c8ec93b5f92297f837ac7c6900688

    however as soon as i uninstall hitmanpro.alert and open the same program it starts working again. HitmanPro.Alert is also giving me connectivity issues via my ports with other games we have on our PC. Would running Malwarebytes alongside have something to do with it?
     
  20. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,720
    Location:
    USA
    It might help if you mentioned which program/game.
     
  21. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    1,806
    Location:
    the Netherlands
    As Victek said, the name of the specific program/game may be helpful to developers/ support.
    Also would the alert details be useful, or necessary.
    To get alert details, see this instruction.
    Same here, it may be useful to mention the specific games.
     
  22. RonnyT

    RonnyT Registered Member

    Joined:
    Aug 9, 2016
    Posts:
    98
    Location:
    Planet Earth
    Yes to the "which game" please, and you can try to add the game "exe" to the exploit mitigation "Exclusions".
    Click on the Blue button in the advanced interface -> Applications, scroll all the way to the right and click "Add Exclusion" then navigate to the game executable and add it.

    See if that makes any difference
     
  23. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,061
    How can I whitelist individual files (false positives) that get blocked as malware?
    If I run a scan and select ignore for those files, they are still blocked. I.e nircmd.exe
    and others. I had to set Anti-Malware to disabled in order to use these files. Excluding
    them under Exploit mitigation doesn't help.
    Block.png
     
    Last edited: Jul 13, 2018
  24. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    6,078
    Excluding of files is not possible.
    Turn the "Realtime malware protection off" or else you will get an alert each time.
     
  25. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,061
    Ouch. Sophos would rather you turn off the protection completely rather than allowing you to do whitelisting.:thumbd: Also, scanning with hitmapro.exe allows the option /excludelist=, but this is not possible when scanning from HMPA. The whole Anti-Malware implementation leaves something to be desired. Sufficient options would be a first step.
     
    Last edited: Jul 14, 2018
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.