HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    9,512
    Sophos Patches RCE and Memory Disclosure Vulnerabilities in HitmanPro.Alert
    Issues found in input/output control (IOCTL) message handler
    October 25, 2018

    https://news.softpedia.com/news/sop...lnerabilities-in-hitmanpro-alert-523443.shtml
     
  2. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,316
    Location:
    Under a bushel ...
    Anti-Malware - bit of an edge case, I know ...
    Code:
    Malware found:
    Gen:Variant.Symmi.37359
    C:\Program Files (x86)\Majorgeeks.com\Software Updates and News\files\MajorGeeks_Scheduler.exe
    Mitigation   MalwareBlocked
    
    Platform     10.0.17134/x64 v765 06_45
    PID          26128
    Application  C:\Program Files (x86)\Majorgeeks.com\Software Updates and News\files\MajorGeeks_Scheduler.exe
    Description  Gen:Variant.Symmi.37359
    
    SHA256:   e1b5a49cf89b6dad527a20154dc73a69940eeddd40d4f75bf9a95ddd7f2dc8de
    
     
    Last edited: Oct 27, 2018
  3. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    123
    Is Thunderbird worth protecting against with hitmanpro.alert? Which group (office or browser or other?) to do if it's worth protecting.
     
  4. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    1,986
    Location:
    the Netherlands
    July 31, 2016, Mark Loman wrote,
    If nevertheless you do want to protect Thunderbird by HMPA, it should be added under the Office category.
    July 31, 2016, Mark Loman wrote,
     
  5. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    123
    Thanks!
     
  6. MarcSahr

    MarcSahr Registered Member

    Joined:
    Oct 28, 2018
    Posts:
    1
    Location:
    FOREST HILLS, NY
    New here and new with HitmanPro Alert (but long time Malwarebytes user). Having a problem updating from Java 181 to Java 191. Ran the update and of course the HitmanPro Alert says in notification that Java is protected and java says it cannot install. Tried to disable everything. Disabled Mitigation, Risk reduction, etc. Ran as administrator, Still would not install. Finally uninstalled the Hitman Pro Alert program and rebooted and was able to update Java. When I went to reinstall it gave me an error 0 and had to fix that and reboot again and reinstall HitmanPro Alert. Is there a trick to installing new versions of programs? Let's say I want to update google chrome am I going to have to do this crap again (uninstall HitmanPro Alert, etc?) Do I need to add an exclusion? Please advise any help would be appreciated.
     
  7. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    123
    I would like a new feature. Exception function at Risk Reduction, but especially for Credential Theft protection, as there are many programs that can not work without warning (such as F-secure online scanner and Dr.Web Cure It).
    On the other hand, do not block anything without warning! This is very important! For example, HitmanPro.Alert can block Fix Win 10 without warning (https://www.thewindowsclub.com/fixwin-for-windows-10).
     
    Last edited: Nov 1, 2018
  8. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    382
    Huh, interesting. I use the F-Secure Online Scanner too, and HMP.A doesn't warn me or stop me from using it. Maybe it's not HMP.A but something else about the PC that's leading to the warning?
     
  9. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    123
    Do you use the latest F-Secure Online Scanner? Recently updated. F-Secure Online Scanner was blocked by HMPA. If I turn off "Credential Theft protection" then all OK. Sorry, HMPA warned me.That is why the exception is necessary. The "Credential Theft Protection" turn off then on is not a solution.

    2018-11-03_060140.jpg
     

    Attached Files:

    Last edited: Nov 3, 2018
  10. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    382
    I've been using version 1.0.265.0. Have they come out with a newer one?

    I agree, it would be annoying and inconvenient if HMP.A blocked it and there was no way to create a specific exception.
     
  11. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    123
    2018-11-03_203918.jpg

    Verzio 8.1.16.171
     
  12. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    382
    Ah, I was looking at the file properties for that 1.0.265.0. By clicking on the "?" in the GUI, it tells me that the version is 7.20.70.147.

    It seems I am a bit behind the times. :)
     
  13. __simon__

    __simon__ Registered Member

    Joined:
    Apr 28, 2013
    Posts:
    13
    Location:
    UK
    I still get garbled searches from Win+S in Windows 10 and swallowed key presses in Chrome. I'll check again on the next version. [Disabling keystroke encryption works around these problems.]
     
  14. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    123
    It is very annoying that I have to turn off Credential Theft Protection permanently if I want to use the Dr.Web Cure It or the F-Secure online scanner. Sometimes I forget to turn it back on. That's why I'm angry. Why is there no possibility to exception here?
     
  15. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    123
    It is very annoying not to indicate HitmanPro.Alert when blocking Ultimate Windows Tweaker 4.5 (https://www.thewindowsclub.com/ultimate-windows-tweaker-4-windows-10). Without warning blocking should not happen!

    Napló neve: Application
    Forrás: Application Error
    Dátum: 2018. 11. 14. 6:08:10
    Eseményazonosító:1000
    Feladatkategória:(100)
    Szint: Hiba
    Kulcsszavak: Klasszikus
    Felhasználó: n.a.
    Számítógép: DESKTOP-J0VB0BC
    Leírás:
    A hibát okozó alkalmazás neve: Ultimate Windows Tweaker 4.5.exe, verzió: 4.5.0.0, időbélyeg: 0x5be5465f
    A hibát okozó modul neve: KERNELBASE.dll, verzió: 10.0.17134.407, időbélyeg: 0x99042cc0
    Kivételkód: 0xe0434352
    Hiba pozíciója: 0x000000000003a388
    A hibát okozó folyamat azonosítója: 0xa34
    A hibát okozó alkalmazás indításának időpontja: 0x01d47bd8094b658f
    A hibát okozó alkalmazás elérési útja: C:\Program Files (x86)\Ultimate Windows Tweaker 4.5\Ultimate Windows Tweaker 4.5.exe
    A hibát okozó modul elérési útja: C:\WINDOWS\System32\KERNELBASE.dll
    Jelentés azonosítója: fd01fb37-c227-4538-b804-8a255ab79882
    A hibát okozó csomag teljes neve:
    A hibát okozó csomag relatív alkalmazásazonosítója:
    Esemény XML:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
    <Provider Name="Application Error" />
    <EventID Qualifiers="0">1000</EventID>
    <Level>2</Level>
    <Task>100</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2018-11-14T05:08:10.336655900Z" />
    <EventRecordID>47385</EventRecordID>
    <Channel>Application</Channel>
    <Computer>DESKTOP-J0VB0BC</Computer>
    <Security />
    </System>
    <EventData>
    <Data>Ultimate Windows Tweaker 4.5.exe</Data>
    <Data>4.5.0.0</Data>
    <Data>5be5465f</Data>
    <Data>KERNELBASE.dll</Data>
    <Data>10.0.17134.407</Data>
    <Data>99042cc0</Data>
    <Data>e0434352</Data>
    <Data>000000000003a388</Data>
    <Data>a34</Data>
    <Data>01d47bd8094b658f</Data>
    <Data>C:\Program Files (x86)\Ultimate Windows Tweaker 4.5\Ultimate Windows Tweaker 4.5.exe</Data>
    <Data>C:\WINDOWS\System32\KERNELBASE.dll</Data>
    <Data>fd01fb37-c227-4538-b804-8a255ab79882</Data>
    <Data>
    </Data>
    <Data>
    </Data>
    </EventData>
    </Event>
    ------------------------------------
    Forrás
    Ultimate Windows Tweaker 4.5

    Összegzés
    Működésképtelenné vált

    Dátum
    ‎2018. ‎11. ‎14. 6:08

    Állapot
    Jelentés elküldve

    Leírás
    A hibát okozó alkalmazás elérési útja: C:\Program Files (x86)\Ultimate Windows Tweaker 4.5\Ultimate Windows Tweaker 4.5.exe

    Probléma-aláírás
    Problémaesemény neve: APPCRASH
    Alkalmazásnév: Ultimate Windows Tweaker 4.5.exe
    Alkalmazásverzió: 4.5.0.0
    Alkalmazás időbélyegzője: 5be5465f
    Hiba – modul neve: KERNELBASE.dll
    Hiba – modul verziója: 10.0.17134.407
    Hiba – modul időbélyegzője: 99042cc0
    Kivételkód: e0434352
    Kivétel – eltolás: 000000000003a388
    Operációs rendszer verziója: 10.0.17134.2.0.0.256.48
    Területibeállítás-azonosító: 1038
    További információk 1: 81a2
    További információk 2: 81a27dec76123abc482f6cd38098e989
    További információk 3: 7b78
    További információk 4: 7b7886e54408fcf7a46cf12bfc24cd86

    További adatok a problémáról
    Gyűjtőazonosító: c49c6b3b1082bac1af6b9a9a6cb1b84b (2264073225723033675)
     
  16. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    9,512
    The application wasn't blocked, it has simply crashed.
     
  17. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    123
    @mood

    But it does HitmanPro.Alert cause, because when I make the Ultimate Windows Tweaker between exceptions of Exploit mitigation, everything's been fine since then. I tried many times vice-versa. So it was already at Ultimate Windows Tweaker 4.4.1 too.
     
    Last edited: Nov 14, 2018
  18. OB1W4N5

    OB1W4N5 Registered Member

    Joined:
    Jul 27, 2015
    Posts:
    20
    I guess I'll be that guy and ask if there is any Black Friday/Cyber Monday deal upcoming or active for HMPA as my subscription is ending sooner than I realized. If so tha'td be awesome and if not, that's cool too. Thanks!
     
  19. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    645
    Location:
    USA
    Good question!
     
  20. ohgood

    ohgood Registered Member

    Joined:
    Apr 3, 2015
    Posts:
    38
    Location:
    cold upper midwest
  21. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,822
    Location:
    USA
    Thanks for taking the hit for the rest of us ;) (I'd like to know too)
     
  22. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    123
    Forrás
    SOX.EXE

    Összegzés
    Működésképtelenné vált

    Dátum
    ‎2018. ‎11. ‎21. 8:24

    Állapot
    Jelentés elküldve

    Leírás
    A hibát okozó alkalmazás elérési útja: C:\Program Files (x86)\auCDtect Task Manager\SOX\sox.exe

    Probléma-aláírás
    Problémaesemény neve: APPCRASH
    Alkalmazásnév: SOX.EXE
    Alkalmazásverzió: 0.0.0.0
    Alkalmazás időbélyegzője: 4a3862aa
    Hiba – modul neve: hmpalert.dll
    Hiba – modul verziója: 3.7.9.759
    Hiba – modul időbélyegzője: 5b992ae9
    Kivételkód: c0000005
    Kivétel – eltolás: 00012a2d
    Operációs rendszer verziója: 10.0.17134.2.0.0.256.48
    Területibeállítás-azonosító: 1038
    További információk 1: 37f9
    További információk 2: 37f90a9b178e3c8ff9826fb07d913cac
    További információk 3: 5d22
    További információk 4: 5d22caf5c2f3a72af21acc776bdd6a4c

    További adatok a problémáról
    Gyűjtőazonosító: 31591be3fe7a0ac70fe70c82d0a582cd (2298819890781717197)

    --------------------------------------------------------------------------------------------------------------------------------

    Napló neve: Application
    Forrás: Application Error
    Dátum: 2018. 11. 21. 8:24:24
    Eseményazonosító:1000
    Feladatkategória:(100)
    Szint: Hiba
    Kulcsszavak: Klasszikus
    Felhasználó: n.a.
    Számítógép: DESKTOP-J0VB0BC
    Leírás:
    A hibát okozó alkalmazás neve: SOX.EXE, verzió: 0.0.0.0, időbélyeg: 0x4a3862aa
    A hibát okozó modul neve: hmpalert.dll, verzió: 3.7.9.759, időbélyeg: 0x5b992ae9
    Kivételkód: 0xc0000005
    Hiba pozíciója: 0x00012a2d
    A hibát okozó folyamat azonosítója: 0x307c
    A hibát okozó alkalmazás indításának időpontja: 0x01d4816b3a40d88c
    A hibát okozó alkalmazás elérési útja: C:\PROGRA~2\AUCDTE~1\SOX\SOX.EXE
    A hibát okozó modul elérési útja: C:\Windows\System32\hmpalert.dll
    Jelentés azonosítója: 0abb80a2-2471-4a70-ad2d-9f8e3d4699d2
    A hibát okozó csomag teljes neve:
    A hibát okozó csomag relatív alkalmazásazonosítója:
    Esemény XML:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
    <Provider Name="Application Error" />
    <EventID Qualifiers="0">1000</EventID>
    <Level>2</Level>
    <Task>100</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2018-11-21T07:24:24.620935100Z" />
    <EventRecordID>48798</EventRecordID>
    <Channel>Application</Channel>
    <Computer>DESKTOP-J0VB0BC</Computer>
    <Security />
    </System>
    <EventData>
    <Data>SOX.EXE</Data>
    <Data>0.0.0.0</Data>
    <Data>4a3862aa</Data>
    <Data>hmpalert.dll</Data>
    <Data>3.7.9.759</Data>
    <Data>5b992ae9</Data>
    <Data>c0000005</Data>
    <Data>00012a2d</Data>
    <Data>307c</Data>
    <Data>01d4816b3a40d88c</Data>
    <Data>C:\PROGRA~2\AUCDTE~1\SOX\SOX.EXE</Data>
    <Data>C:\Windows\System32\hmpalert.dll</Data>
    <Data>0abb80a2-2471-4a70-ad2d-9f8e3d4699d2</Data>
    <Data>
    </Data>
    <Data>
    </Data>
    </EventData>
    </Event>
    ---------------------------------------------------
    No information in HitmanPro. Alert Event. There was no warning at all by HitmanPro.Alert.
     
  23. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    123
    False alarm. HitmanPro.Alert blocked the Firefox.
     

    Attached Files:

  24. keepersjohn

    keepersjohn Registered Member

    Joined:
    Nov 19, 2016
    Posts:
    11
    Location:
    shoreham by sea england
  25. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    382
    Does the current version of HMP.A update its definitions in the background? It used to be that when I ran a manual scan, the box for scans on the left would start out by saying "Downloading" before starting the scan, but now it simply jumps into the scan without saying that it downloaded anything to update itself.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.