HitmanPro.ALERT Support and Discussion Thread

Further to the above post - I am experiencing similar issue i.e. HMP.A 3.1.0 build 328, Webroot Indentity Shield on, no consistency in seeing indication of orange encryption flyout (bottom right, sometimes) when typing e.g. this post or in search bar (never) in Firefox. No orange border in either case.
This may have been addressed previously in this thread, but does HMP.A Keystroke Encryption 'step aside' if it detects other keylogger protection software e.g. that provided by WSA Identity Shield.
I ask because in prior builds I think I saw the orange flyout (bottom right) more consistently.
If I move my cursor to the top of the screen (which then shows the green border), I do see a box bottom right indicating 'Safe browsing, Exploit Mitigations, Keystroke Encyption' - does that mean the latter is active and overriding WSA Identity Shield?
Just wondering what is meant to happen @erikloman ?

 

Thanks for info.

 

Firefox 41.0.2 not showing fonts (build 328 beta/W10 x64). Caused by Block untrusted fonts?

 

No problems with the new build except that the tray context menu stays in the same language even if you change it in settings (until you reboot the computer I think)

 

3.1.0 Build 328 installed and working fine for me I saw and enabled the new "block untrusted fonts" feature. Is there a reason it is not enabled by default?

 

This is behavior by Microsoft's design. The Block Untrusted Fonts feature blocks all fonts not located in the C:\Windows\Fonts\ folder.
This means that embedded fonts (in documents) and fonts loaded from internet are not loading when the feature is enabled.

Font parsing is done in the kernel, this poses a threat. An excellent example is the Duqu malware which is notorious known for abusing embedded fonts to gain elevated privileges. More information here: https://threatpost.com/of-truetype-font-vulnerabilities-and-the-windows-kernel/101263/

If you want to allow fonts from the internet, I recommend keeping the Untrusted Fonts mitigation set to Disabled.

 

It is disabled by default because of this: https://www.wilderssecurity.com/thre...iscussion-thread.324841/page-290#post-2538031

 

We can see something "step aside" by Identity Shield Off. Keystroke encryption has an entirely different presentation with Identity Shield Off.

I've never seen an Alert Risk reduction real protect event. Maybe, the Alert Risk reduction module "steps aside" for Webroot. Webroot touts an array of protection from threats accessing personal data. e.g., man-in-the-browser.
My attention on Keystroke encryption is simply because I can see it.
I've not seen an Alert Safe browsing, Exploit mitigation nor Risk reduction real protect event.
No dispute that it's 100% preferable not to see than see a real protect event.

We've been advised Alert Keystroke encryption steps aside for another keystroke encryption. Does Webroot Keylogger protection "appear as" Keystroke encryption to Alert. Anything else "appears as" to Alert..?
Acknowledge, Surfright in-house testing every iteration is not feasible nor expected.
So, we rely/trust user feedback as to Alert Safe browsing, Exploit mitigation n' Risk reduction real protect.

Reasonable concern is that maybe, I'm degrading overall protect by Webroot+Alert.

 

Thanks for info. Log can be found via Event viewer : Application and Service Logs/Microsoft/Windows/Win32k/Operational

Beschrijving: C:\Program Files (x86)\Mozilla Firefox\firefox.exe heeft geprobeerd een lettertype te laden dat wordt beperkt door het beleid voor het laden van lettertypen.
FontType: Geheugen
FontPath:
Geblokkeerd: true

 

Where @bjm_? I don't recall seeing where Surfright explicitly says this - maybe I missed it ...

 

Um, as I recall users asked about Keyscrambler or Zenmana.
Sorry, I did not think to bookmark messages.
If I want Alert Keystroke encryption when logging in to KeePass. I'll turn Off Identity Shield.

 

So does this deal include HMP.Alert like the normal license does? Just asking because it doesn't explicitly say it.

 

yesss

 

erik, i like the new Alert home page!

3.1.328 works like a charm, good work!!

 

New Alert home page?

 

ehm...only page, sorry , my english is not so good
Anyway, take a look here http://www.surfright.nl/en/alert

 

@erikloman
Updated the translation with EOP protection related strings. Look at your inbox.

If anyone else needs them/wants to translate, I think that's all, but I could miss some string:

Code:

481=Block untrusted fonts
482=Stop elevation of privilege attacks
483=Stop elevation of privilege (EOP) attacks via untrusted fonts. Windows 10 only.
484=Restart the computer for the changes to take effect.
912=Audit

---

Spoiler

When you have time, look at this: https://www.wilderssecurity.com/thre...iscussion-thread.236732/page-276#post-2537947

 

Just bought the Halloween special, 3 pcs for 2 years. Thank you to the devs of this great product. I look fwd to using and supporting your work for years to come.

 

Hi erikloman

HitmanPro.Alert 3.1.0.328 BETA working with no problems here.

With Regards
Take Care
TheQuest

 

Using Win 10 and installed HitmanPro.Alert 3.1.0.328 BETA....can log in to my banking sites ok except for PayPal....using lastpass...it goes in to a continuous loop of trying to log in......anyone seen this before?

 

Not a problem here.

 

Erik and Mark,
Is it OK and safe to add the Win10 application, 'Groove Music' to the protected applications - Media? What about other Win10 applications?

Thanks.

 

Now this morning all is ok with logging in to PayPal....must have been a glitch with PayPal....sorry everyone....

 

Installed HMPA 3.1.0.328 today (Clean Install). Keyboard stopped working. Keyboard refused to work in browsers, in the "search programs and files" box, at a command prompt, everywhere! Also ctrl-shift-esc refused to bring up Task Manager. Uninstalled program and rebooted - keyboard problem persisted. Removed "Unknown USB device" from Device Manager and scanned for hardware changes - keyboard funcionality restored. Re-installed HMPA - problem recurred. Also running MBAE free edition and MSE AV (Yeah! I know it's not the greatest but it has a light footprint) on an Optiplex 780 running W7 Professional 32 bit with all updates, patches etc installed.

Any suggestions?

 

Interesting! What brand and type of keyboard do you have?