Haute Secure

Discussion in 'other anti-malware software' started by Phenom, Mar 30, 2009.

Thread Status:
Not open for further replies.
  1. Phenom

    Phenom Registered Member

    Joined:
    Sep 23, 2008
    Posts:
    61
    Location:
    United States
  2. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    973
    Location:
    Paris
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    is this tool still alive?
     
  4. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    WOT (Web of Trust) is already available for FireFox, this looks like a similar program. They also show it available for IE.
    What does it add to Opera?
    I personally don't see a need for it.
     
  5. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Fine recommendation there Phenom. Some discussions on Wilders already about Haute Secure. Nice to see a 64bit version.
     
  6. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    Well, Haute Secure from Curetesic is a great software: many many great hooks!o_O

    I look on my notes from January, 2008 ...

    Look: with Haute Secure, you have:

    C\Windows\system32\Drivers\ct.sys (kernel-mode hook; start on Boot; it is Curetesic Security Driver),
    12 SSDT from ct.sys,
    Autostart/ShellExecuteHooks: CtBho.dll ( BHO),
    User Mode API hooks (5): APICodeHijack.PushAndRet,
    IRP Hooks (hooked: afd.sys; hooking: ct.sys),
    Many 'Direct reading',
    IE extension modules: BHO: CtBho.dll; Toolbar: CtToolBand.dll,
    Explorer and Browser Addons/ActiveX: CtAdminClass, CtBhoClass, CtHtmlHostClass,
    Additional svchost.exe (thanks CtServ!),:-*
    Tray Agent of course.

    That's enough!
    Do you have all these pleasures?


    PROROOTECT warning
     
  7. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    The Haute Secure forum had activity on March 18 of this year.
    I would have expected more activity with a beta release, unless there just aren't a lot of people using it at the moment.
    So aparently, it's alive.
     
  8. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I got in touch with HauteSecure team, and, I was told that they're still deciding what their next move will be.

    I also gave them a few suggestions, and they thanked me for that. They didn't say that the project was dead, so, let's hope it keeps alive and grows.

    This is indeed a great tool.

    HauteSecure does it's job well, and, more importantly, out of the box, which is great for folks who aren't that techy messing with settings. Specially, if we consider HauteSecure's beta version lacks a Help file.

    I guess that the more people using it and giving feedback at their forum, will make them realize people like it (there's nothing to dislike, actually), and give them morality to keep it?

    Anyway, just wanted to let you know what I was told - HauteSecure's development is on hiatus, but not dead. Just like System Of A Down. :D


    Regards
     
  9. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Yet, isn't it light? Other apps hook less and consume more. They're addicted to resources. :D
     
  10. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    Welcome, m00nbl00d,

    Look also:

    'AVZ Antiviral Toolkit': find many files from 'Haute Secure' ... look some finds on AVZ:

    Suspicious objects: C\Windows\system32\Drivers\ct.sys :( -* ) ... Description: SUSPITION FOR ROOTKIT : Kernel-mode hook. Size in memory: 290816 o_O

    Searching for user mode API hooks:
    Function kernel32.dll: CreateProcessInternalW(101) intercepted, method: APICodeHijack.PushAndRet
    Function kernel32.dll: LoadLibraryExW(580) intercepted, method: APICodeHijack.PushAndRet
    Function ntdll.dll: ... yes, yes ... PushAndRet
    Function advapi32.dll: ...:-* ... PushAndRet
    Function ws2_32.dll: ...:-* ... Ret
    Function wininet.dll: : -* ... Ret.
    Function NtAllocateVirtualMemory(11) intercepted [noparse](805A76D4 / F73AB0E:cool:[/noparse] hook C\Windows\system32\Drivers\ct.sys
    ... ... ...
    ... ... ...

    GMER: 12 SSDT ct.sys !

    Yes, and this one: your NEW:-* svchost.exe: Use Memory 24496 KB, Handles 258, Threads 10.


    PROROOTECT 'Just look. Do not touch'.
     
  11. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Pro, maybe I'm not understanding or misunderstanding you...

    ...why are you posting this FUD? or please explain

    :)
     
    Last edited: Mar 30, 2009
  12. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    It was not me, it was the links between Haute Secure, AVZ and GMER ...this triangle. On January, 2008.

    I have only noted this behavior in my notebook.

    In red, I do not like, it was RED in AVZ, all APICodeHijack.PushAndRet. And ct.sys: 'Suspition For Rootkit' in red.

    Then I uninstalled Haute Secure.

    For me there were too many hooks, I have not kept mentally.

    I cracked and removed, sorry. :-*


    Good Night, PROROOTECT protect you ...
     
  13. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Was built into Opera,
    I believe it still is.......

    http://hautesecure.com/press.aspx

     
  14. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    Thank you Lone Wolf.
    Haute Secure isn't going to add much, if anything, to Opera in that case.
     
  15. Diprivan

    Diprivan Registered Member

    Joined:
    Mar 25, 2006
    Posts:
    66
  16. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    So, it seems.

    And, according to this,
    I wonder if they will provide a similar product?

    Well, HauteSecure had great potential, and is kinda sad to see it go this way, but, life goes on...
    I wonder what this will mean for Opera? I guess it's the end of their partnership?
     
  17. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    same thoughts by me.
     
  18. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I'll still use HauteSecure in my family's system, though. Not to block malicious domains, of course, since that will also be killed, but to protect IE's important security settings against unauthorized modification.
    I know there are other ways, but, HauteSecure does it in a very quiet manner.

    I'll be contacting Iain, one of the guys behind HauteSecure, and ask if he can reveal anything about the future of the application, as in, what will exactly happen, if it will just be redesigned, etc. I hope so.

    But, I dislike the rupture they made. Because, after reading that news again, and I just may have understood it wrong, I believe the protection offered by the technology behind HauteSecure, will only be available to clients, which own domains, to see if their domains are somehow posing a threat to others.

    Maybe I'm misunderstanding it.

    Anyway, if Iain says anything, I'll say a resume of what was told... Even if just a resume of a resume. ;)
     
Loading...
Thread Status:
Not open for further replies.