HitmanPro.ALERT Support and Discussion Thread

I have Sandboxie installed, but I don't run Office 2013 inside a sandbox I believe (only Firefox).

 

Sandboxie has no support for click-to run Office. So Office 365 based versions of Office 2013 won't run sandboxed, while regular pro versions do.

 

Thanks much!

I was wondering how the website gets to see it as normal if what I'm typing gets encrypted/scrambled. At some point it needs to get unscrambled, how does the website see it then without exposing the info to the possible spyware that the scrambling is intended to protect against?

I guess my bottom line is that I have a sense of how HTTPS encryption works (private/public keys and all that), but I don't understand how the encryption used by HMP.A works. It needs to let the website know somehow, at some point, what the right keystrokes were.

To be sure, I'm not asking for any "methods and techniques" to be revealed here (heaven knows the bad guys have enough going for them already). But suppose a war-weary techie were to scoff at me and say, "That's just for show, it's not really doing anything for you," then what could I reply to them? I do know at least one person who would react like that. Other than avoiding the conversation, what would one tell them in support of HMP.A ?

 

Erik solved my problem by discovering that I still had EMET 5.1 on my PC (I really thought I uninstalled it recently and it was not listed in Windows' "Uninstall or change a program" feature, but I could still start the GUI).

After I uninstalled EMET 5.1 with Revo Uninstaller (Portable) Office 2013 and IE11 work fine on my PC with HitmanPro.Alert build 167!

 

HMPA keystroke encryption has nothing to do with HTTPS....nor anything to do with how data is viewed. HMPA keystroke encryption is simply
intended to deter keyloggers. http://www.webopedia.com/TERM/K/keylogger.html
Think keystroke not data traffic encryption...
The keystroke encryption technique involves processing at a low level within the operating system kernel for a computer. The encryption process takes place after you type each character but before the associated data has been sent to the application you are using, such as the Web browser program. Intervening at this stage prevents malware from being able to access the keystrokes you type. Before being sent to the application you are using, your keystrokes are encrypted, then unencrypted once they reach the application, so that between these two points the data remains encrypted and therefore inaccessible to the malware. One limitation is that keystroke encryption software typically only thwarts software keyloggers though, not hardware keylogging devices. Um, and remember there are 'screen loggers'.

 

I'm running the latest v4.17.1, but HMPA is currently not installed, I will try to install the newest version. But still, it was clearly HMPA that was causing the problems, not the other way around. Or are you suggesting that Sandboxie should make design changes in order to make it fully compatible with HMPA? I'm a bit confused.

 

Well, I know they're busy, but if you ask the question 4 times, you would expect at least one reply. But I was the only one reporting these problems, that also played a role I think.

 

installed hmpa_155 on xp, running great after a few tweaks. I had sbie 3.76 on xp and did not play well with hmpa, but went back to sbie 4.16 (after recent downgrade), added the suggested code line to sbie.ini and both are playing together aok now! (read a recent post saying that 3.76 was sufficient or optimum for xp but my experience is that is not exactly correct)
Is there a link that explains how keyboard encryption works in hmpa? I think it's working without any bumps, a pleasant surprise based on previous experience with key encryption apps.

 

At startup hmpalert.exe 15 mb and the other 10 mb. If the memory usage increases again during the day Ill report back.

 

An hour and 20 minutes later: 27 mb and 1 mb memory usage (W7 64 bits/build 167/Norton Security 2015).

 

Ok, at this point 47 mb and 1 mb. Strange I/O-activity? Or maybe System Explorer delivers wrong data? W7 64 bits/build 167/Norton Security 2015.

 

Hi deugniet,

Something does sound rather odd on your machine. Using Windows 7 Task Manager viewing All Users, HMP.A is using a total of 13,800 K.

 

I fully agree, W7-x64, hpa167 + hp238, now running for >5hours

 

Weird indeed. According to Windows task manager hmpalert.exe uses 53 mb. I will uninstall build 167, restart W7 and reinstall build 167.

 

Reinstalled build 167. Memory usage stable at 17 mb and 1 mb at the moment. Ill report back if it increases again.

 

Keystroke encryption protects information you type in the browser and is decrypted in the browser. Encrypted keystrokes are not passed to websites.

 

Increased again, till now to 24 mb (from 17 mb at startup). Uninstalled build 167, waiting for next RC.

 

Trying to update Chrome Portable via PortableApps.com, with latter protected using template 'Other': 'Attack Intercepted'.
I subsequently removed mitigations for PortableApps.com, so now unprotected, and tried again with no issues.
Question: Should I not protect PortableApps.com, or use another template, or could attack be legitimate?

 

Mine shows the average it uses, I only have HMPA on my system.

 

You should not protect a browser with a different template.