HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    I had this once in the lab. I was unable to narrow it down and deemed it as a single incident.

    If you reboot the problem should go away. If not I would like know how this problem can be triggered.
     
  2. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,457
    Logoff will also fix the slow-down. I can trigger the problem everytime using my fileman. I sent you the dump.

    Back to my other question - will there be a feature or is it possible to temporarily disable CTP4?
     
    Last edited: Oct 3, 2014
  3. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Erik

    Just upgraded my XP Tablet. Went fine, except now Firefox sandboxed doesn't display the safe browsing notice at the top of the windows, and the scanning now no longer works, when it did before.

    Note all my upgrade and before references are related back to the Pre4 build.

    Pete
     
  4. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    You can disable features in the Advanced interface. Switch to it using the Gear icon next to the minimize button.
     
  5. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,457
    I understand that specific items can be disabled. I meant completely disable HMPA. When I kill the tasks, Alert starts itself again. I just had my 3rd BSOD. Let me know if you want the dumps. I will be uninstalling soon, unless you need me to do some tests for you. CTP4Crash2.jpg
     
  6. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Yes. Send me the dumps. The uninstall because it is not working for you atm. I will try to analyze the dumps and come up with a fix.
     
  7. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,457
    If you don't find anything in the dumps, I can send you the exe file that causes the OS slow-down when alert is active.
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,406
    Location:
    The Netherlands
    Congrats with the new release. :thumb:

    About "Application Lockdown", is this comparable to "anti-exe" (white-listing), or is it more intelligent?

    About "Network Lockdown", can you tell a bit more about this? Is this protection against malware that is already running?
     
  9. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,457
    Erik,
    FYI, CTP4 leaves about 90% of the reg entries and files on the system after running uninstall. A lot more stuff than with CTP2
     
  10. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,058
    The product key that I got for testing (and which was accepted by CTP1, 2, and 3) is no longer accepted by CTP4, while it is valid until July 2015 according to HitmanPro.

    If I try to activate this key in CTP4 a dialog "A generic error occurred." pops up.

    On the bright side: no more iTunes crashes.
     
  11. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Files are removed after reboot. I agree uninstall needs to improve.
     
  12. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Its totally not whitelisting. See release notes in the PDF in the zip.
     
  13. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,058
    Sorry, my mistake; apparently I did not reboot after uninstalling HPA2 and somehow I seem to have started HPA2 again by running the HPA3 executable?

    After a reboot the product key was accepted.
     
  14. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,457
    View attachment 244644
    As an info, after reboot these files are still present
    Code:
    HitmanPro.key
    HitmanPro.lic
    excalibur.db
    excalibur.db-wal
    hmpnet.sys 
    Plus these Reg entries
    CTP4Reg.jpg
     
  15. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    908
    Location:
    Canada
    Uninstalled MBAE to give newest version a try, no problems so far.
     
  16. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    908
    Location:
    Canada
    Well..Exploit Mitigations worked for a few hours, now it says no license.
     
  17. WSFfan

    WSFfan Registered Member

    Joined:
    May 10, 2012
    Posts:
    374
    Location:
    The Earth
  18. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,304
    Location:
    Kent. UK by the sea
    Hi erikloman

    v90 CTP4, Administrative Events could get filled with these errors [cleaned up with bat] :-

    Take Care
    TheQuest :cool:
     

    Attached Files:

  19. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Do you have a dump of those crashes?
     
  20. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
  21. SLE

    SLE Registered Member

    Joined:
    Jun 30, 2011
    Posts:
    361
    HMP.Alert CTP4

    Win8.1x64

    (1)
    This issue is still present

    (2)
    After a longer time or after wakeup from StandBye Firefox and Thunderbird (both running in Sandboxie Sandboxes) don't have an internet connection any longer. Killing of those processes via TaskManager or ProcessHacker isn't possible.

    Going to try if Sandboxie is the probelem or which mitigations are the problem.

    Edit: Event viewer shows the same entries like @TheQuest for those times where it happened.

    (3)
    One BSOD this mornig (after browser disconnection issue). I can upload minidump and kernel memory dmp (800 MB) somewhere if needed.
     
    Last edited: Oct 4, 2014
  22. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Would like the dump. Please send zip via www.wetransfer.com to erik@surfright.com
     
  23. SLE

    SLE Registered Member

    Joined:
    Jun 30, 2011
    Posts:
    361
  24. heikwith

    heikwith Registered Member

    Joined:
    Jul 29, 2002
    Posts:
    91
    HitmanPro.Alert 2.6.5 can totally disabled by stopping (temporarely) the service. Try this in ctp4
    Erik, is this allowed manner in ctp4 and also for the future ?

    Adric, follow this please.
     
    Last edited: Oct 4, 2014
  25. WSFfan

    WSFfan Registered Member

    Joined:
    May 10, 2012
    Posts:
    374
    Location:
    The Earth
    Just tested this on W10 TP 64-bit,it looks like the issue hasn't been fixed.:doubt:
     
    Last edited: Oct 4, 2014
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.