HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    I've tried Cyber Ghost VPN with Alert 3. No issues.
    image.jpg

    I will see if I can get a Boleh VPN account.
     
  2. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I will try HMPA with Boleh VPN again soon. Maybe Eset Smart Security was the cause of the problem. It just didn't seem that way though because the problem did not go away until after I uninstalled HMPA.
     
  3. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    I managed to get a Boleh VPN account!

    No DNS leakage:

    Boleh VPN.png

    I will try installing ESET as well, see if that changes anything.
     
  4. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    Is a (peak) cpu-usage of 19% normal? Build 79.
     

    Attached Files:

  5. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    Looks like its the plugincontainer with flash (see Krusty's Conversation-post).
     

    Attached Files:

  6. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    I also managed to install Alert CTP3 + ESET + Boleh VPN:

    BolehVPN_ESET_Alert_DNSLeakTest.png
     
  7. Paul R

    Paul R Registered Member

    Joined:
    Aug 5, 2014
    Posts:
    59
    Location:
    Bury, Lancashire
    Sorry if already answered somewhere in this thread but just started using this software,

    When I'm running Chrome it is usually Sandboxed via SBIE, now the border is green & it says HPA safe browsing. has HPA stopped SBIE from running Chrome sandboxed now? or is it i just can't see the yellow border now?

    Also SABconnect++ didn't work until i closed off Stack Pivot, Control-flow integrity & load library, presume this is normal for an extension that needs to connect to local host?
     
  8. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    If both Alert and SBIE are in Chrome you should see both Green and Yellow borders.
    Have you added the \Device\NamedPipe\hmpalert via Sandbox Settings > Resource Access > File Access > Full Access > Edit/Add button?

    sbie.png

    I've tried this config myself on Windows 7 x86. I can leave all mitigations enabled.

    What version of Windows are you using?
     
  9. Paul R

    Paul R Registered Member

    Joined:
    Aug 5, 2014
    Posts:
    59
    Location:
    Bury, Lancashire
    Ahh thanks erikloman, never really had to to tweak SBIE as its only the free version and it automatically sandboxed the default browser, doing what you said has got SAB working again with full protection :thumb:

    I now seem to have lost the Green boarder though and regained the yellow one.

    I am using 8.1
     
  10. WSFfan

    WSFfan Registered Member

    Joined:
    May 10, 2012
    Posts:
    374
    Location:
    The Earth
    After applying \Device\NamedPipe\hmpalert via Sandbox Settings > Resource Access > File Access > Full Access > Edit/Add button,reloaded the Sandboxie configuration.Then ran Internet Explorer 11 sandboxed,i could see the flyout,tested keylogger exploits(both 32 and 64 bits),but HMPA couldn't scramble the text.:rolleyes:
     
    Last edited: Sep 4, 2014
  11. heikwith

    heikwith Registered Member

    Joined:
    Jul 29, 2002
    Posts:
    91
    Erik,
    in Vista I get in IE9 a BLUE Flyout window.
    In Windows 8.1 in IE11 it is Green, as expected.
    Is this ok ? If yes, why that difference ?
    I am running now in both systems with 3.0.12.79ctp3 and hitmanpro 3.7.9.224Final.
    But it was also the same with 3.0.12.73ctp2.
     
  12. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Blue flyout = Exploit Mitigations only
    Green flyout = Safe Browsing (Intruder monitor) and possibly Exploit Mitigations

    Click on the IE icon under the green tile and make sure the Intruder monitor is checked.
     
  13. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Thank you Erik! I'm now starting to wonder if it was just a case of bad timing. Maybe Boleh VPN was having problems with their servers during the time I tested Eset Smart Security, and HMPA. If Eset can't find a problem either then I will have to contact Boleh if it happens again. They have been having problems with their servers recently in which the user looses internet access after connecting to one of their routes. This is very much unlike Boleh's past reliability. They have been so dependable over the years until recently. Maybe it was due to a misconfiguration of their servers. I'm still waiting on an answer from Eset. If I discover the problem I will let you know. Thank You!
     
  14. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Are you sure the DNS detect both times was not that of your ISP? If so then maybe Boleh was just having problems with their servers during the period of time I was testing HMPA, and Eset Smart Security.
     
  15. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Hello,

    FWIW, I see Erik installed ESS V7....buy you had the issue with the V8 Beta right?

    I just thought to be sure you both test the same version and combo :)
     
  16. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    You did not install Eset Smart Security 8 beta. I was using the new beta of Eset Smart Security which can be found here https://forum.eset.com/topic/2984-eset-smart-security-and-eset-nod32-antivirus-8-beta-available/[plain]
     
    Last edited: Sep 4, 2014
  17. heikwith

    heikwith Registered Member

    Joined:
    Jul 29, 2002
    Posts:
    91
    ctp3 in vista with IE9.jpg
    Sorry, but there is only an IE icon under de BLUE tile.
    I removed 3.0.12.79ctp3 and after reboot I installed ctp3 again.
    Again the same.
     
    Last edited: Sep 4, 2014
  18. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,854
    All is working well for me. 0 problems with CTP 3.
     
  19. WSFfan

    WSFfan Registered Member

    Joined:
    May 10, 2012
    Posts:
    374
    Location:
    The Earth
    Could you check the following issue?
     
  20. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    I can confirm that only the / character is indeed not scrambled. Expect a fix in CTP4.
     
  21. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,854
    How can I see if my keystrokes are being scrambled anyways?

    EDIT: Nevermind, I found it in the HMP.A test file. I ran the keylogging exploit, and at first everything I was typing in Chrome was readable in the exploit, but then later it was not. Is there a delay before the encryption kicks in?
     
    Last edited: Sep 5, 2014
  22. heikwith

    heikwith Registered Member

    Joined:
    Jul 29, 2002
    Posts:
    91
    Why is in ctp3 Passive Vaccination default ?
    In ctp2 Active Vaccination was default in my Vista system.
    I am sure about that, because I could not run Adwcleaner in ctp2.
    First I tried to run Adwcleaner with disabled vaccination.
    That worked and later on I tried Adwcleaner also with Passive vaccination.
    That worked also.
    It is possible that I forgot to change it back in Active vaccination.
    That means, that the remove of ctp2 and ctp3 does not clean the vaccination status.
    Can this also have something to do with my other problem (Blue IE9 Flyout) ?
     
  23. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    581
    Location:
    Hengelo
    HitmanPro.Alert 3 CTP2 and CTP3 do not reset the settings upon installation of a newer version. Activate Vaccination is the default but if you have changed it earlier, this change remains. In the final version, users have the option to set the recommended settings upon manual install of a newer version.
    About the Internet Explorer 9 issue though, I am puzzled why it doesn't show beneath the Safe Browsing tile. Do you have a 32-bit or 64-bit installation of Windows Vista?
     
  24. heikwith

    heikwith Registered Member

    Joined:
    Jul 29, 2002
    Posts:
    91
    32-Bit Vista Home Premium SP2 fully updated
     
  25. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    581
    Location:
    Hengelo
    Thanks for the link. I just installed ESET Smart Security 8 BETA and redid the DNS Leak Test. DNS Leak Test thinks I am in the United Kingdom but my current location is actually Spain. I can't find a leak.
    ESET8 + BolehVPN + Alert + DNSLeakTest.png
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.