HitmanPro.ALERT Support and Discussion Thread

Peter2150 et al,
So, #6348 having to retrieve one of the files from the crypto folder will remain as one off.
So, #6337 will remain as one off unless I can duplicate.
Curious we both had an autorollback event that didn't really work
Curious, how c:\windows\cryptoguard found it's way into Direct Access.
As I extrapolate ... c:\windows\cryptoguard Direct Access degraded autorollback...or, Start Run restrictions degraded autorollback.
Hmm....
Edit: Do I need c:\windows\cryptoguard Exclusion in Shadow Mode. Are the contents of cryptoguard folder needed after an autorollback event while in Shadow.
By your test Sandbox #6349. Do you have Drop rights checked.

 

FWIW ~ with 196 and earlier v3 builds. KeyPass (for me) goes to 'Other' with blue border and encrypting.

 

I had to restart Opera 12.15 because it periodically locks up. I have Vivaldi browser running simultaneously. After restarting Opera 12.15, I have lost keystroke encryption, but retained it for Vivaldi browser...I notice that an extra hmpalert. exe started at 5:46 am as per process explorer.

 

Your eyes need checking.

 

what exactly are you trying to say with this statement? , of course it does , but that doesnt explain why in hell secure desktop mode wont function anymore while ticked in the security options of keepass aka nothing has changed in my keepass settings , all i did was upgrade hitmanpro alert, please fix , thanks

 

Apparently, I'm not saying anything of interest...Where do I find secure desktop mode in Options
Please remain calm and open minded

 

I had to shutdown Opera 12.15 because it became non responsive, and restart it a short time ago. After, the restart I have got back keystroke encryption.

 

Yes, I appreciate value of SD regarding ransomware.
I was wondering about the revert folder created by rollback event and the c:\windows\crytpoguard folder. Seems, I have c:\windows\crytoguard in Sandboxie Direct Access so, at some point I must have thought cryptoguard needs outside sandbox for day to day. And at some point I also added SD cryptoguard exclusion.
Don't I need changes to cryptoguard folder committed.
I'm trying to pick apart auto rollback hiccup #6337

 

Aha, seems I'm always at some point in a learning curve and I'm a slow learner.
Thanks

 

its under options>security>options>enter master key on secure desktop


btw im calm , not sure what mightve given the impression of me not being so, all i did was report an currently unsolved bug that needs fixing, and a request to improve the keystroke encryption algorithm , since zemana antilogger seems to do a better job at it, thats all

 

Hmmm...
Fresh install of Windows 8.1 x64 and no keystroke encryption indicator is visible on both stable and latest beta...

 

Check your settings.

Advanced Interface > Safety Notification > At Application Start.

Also, check Coloured window border settings.

 

I left all settings on default.

 

That could be why?

 

Nevermind. I'm stupid. I have unchecked this option by accident

 

Thanks, found > enter master key on secure desktop. Master Password dialog looks the same for me. So, sorry...can't confirm as I'm not familiar with what secure desktop looks like sans Alert. Never had secure desktop checked.

 

@ erikloman et al,
pdf desktop folder with 5 pdf files. AxCrypt test.
Pic 1) CryptoGuard Off > Pic 2) CryptoGuard Off w pdf's encrypted > Pic 1) pdf's decrypted > Pic 3) CryptoGuard On - encrypt w Attack Intercept at pdf 4 w pdf 3 stripped > Pic 4) showing Attack Intercept at pdf 4 > Pic 5) showing pdf 3 stripped > Pic 6) showing pdf 3 in reverted > Pic 7) showing opening pdf 3 in reverted.

 

Test Protocol = only HitmanPro.Alert and Norton in tray. Test from desktop. Machine as quiet as possible.
My earlier test with encrypted png's and stripped png had SBIE and ERP and AG in play and open directory.
My test protocol must be flawed as I'm not able to stimulate an Attack Intercept early enough upon pdf folder encrypt call nor prompt auto rollback.
pdf 1 and 2 are encrypted. pdf 3 is stripped. pdf 4 and 5 remain as is. Speculation = Attack Intercept occurs at some point between 3 and 4, 5 and only evidence of rollback is stripped pdf 3 in reverted.

 

Yeah, I lost a png and pdf. I moved png back to Pictures n' could not decrypt.
Moved pdf back to desktop folder n' cannot open.
Forget the png test ...too many variables. pdf was clean test with unexpected results.
I had 5 pristine files in. I expected 5 pristine files out.

 

can someone explain me why the latest stable version isn't again released into autoupdate channel?? ...