HitmanPro.ALERT Support and Discussion Thread

Like I said....for me. I can wait. My friend runs Comcast Norton Security Suite. My friend likes to see Alert.3 working. The absence of FF encrypting creates doubt for my friend regarding Alert.3.

 

Well, since I only suggested a Trial and I was in good favor until FF no encrypting. I can sure use all the luck you offer.

 

I know that and you know that....now, how do I convince my friend that's convinced legal and illegal are logging every keystroke. Just Because You're Paranoid Doesn't Mean They Aren't After You

 

True, its not like any of us would ever be guilty of doing such a thing.

 

The solution for the paranoid is easy; just intercept all your traffic and check for abnormal patterns.

 

why is there no green border around my IE but there is with Chrome using HPA.

 

Does the test tool still exist and work ? because I downloaded a ~ctp4.zip from their website and HMP.Alert didn't intercept two of the tests ( I didn't run all the tests ) , and I think it is in URLMon section (64 and 32 bit)

Any idea ?

 

Look here for the latest testtool version, which is working fine for me.

http://www.surfright.nl/en/downloads/

 

I didn't think that it will be there !

Anyway , just tested it , all URLMon exploits in 32-bit exe intercepted , but the only URLMon exploit in 64-bit exe crashing the testing tool , don't know why

Abdullah

 

Confirmed, I re-tested the hmpalert testtool 64bit, URLmon with hmpalert187 (my previous test was some time ago) and it failed.

 

ok but what about my question. I mean this is a HPA support thread isn't it?

 

Question for the developers:

I recently had an incident where HitmanPro.Alert v 3.0.41 build 187 was installed and all mitigations was enabled. despite this, A malicious site was encountered that hosted multiple exploits. I got the alert which briefly displayed. It appears that the exploit bypassed all built in browser sandboxing. The browser and all process associated with it were closed, it closed explorer.exe and one other Windows service.

Does this mean that the exploit was completely mitigated and it saved me or did HitmanPro.Alert fail?

System Specs:
Windows 7 SP1 up-to-date 64-bit
ESET Smart Security v8
Adobe Flash 17.0.0.169
No Java
Office 2013 was up to date

I can't disclose too many details because it has been reported to the vendor.

Also, HitmanPro.Alert keeps showing up in the Windows Problem Reports and Solutions Center showing that is crashed (nearly on a daily basis). All are BEX errors.

On another note, How can we pull Windows Error Reports when these things happen (the dump files)?

Thank you!

 

I sent you a DM!

 

We're overhauling the Exploit Test Tools a bit as some anti-exploit solutions inadvertently block some of the tests with an unintended mitigation (e.g. block the technique on sellcode instead of the specific technique), as some of you noticed. The most current Exploit Test Tools are available from our website (scroll down): http://www.surfright.nl/en/downloads/

 

Erik and Mark,

I've got some good news for you, bad news for me. I temporarily uninstalled Norton Security with Backup v22.2 on one machine ready to install their latest beta but before I installed the beta I opened Firefox 37.0.2 and checked the Keystroke Encryption. Guess what? Without Norton (or any other AV) installed the Keystroke Encryption was working as expected again. Apparently there is a conflict with Norton and HMP.A.

I hope that helps.

Cheers.

 

Can someone make a dump of the browser process that has malfunctioning keystroke encryption? Just use Task Manager and right-click on for example firefox.exe and choose dump.

 

I'm on it. I'll PM you shortly.

 

Via www.wetransfer.com a zip (containing a IE11-dmp). I see a fly out but no green border with IE11 (W7 64 bits/build 187).

 

Do you mean NO actual keystroke encryption done and/or NO keystroke encryption flyouts?

 

The same for me. I have keystroke encryption issue also.

 

Spyshelter Premium has a keystroke encryption feature; is it enabled?