HitmanPro.ALERT Support and Discussion Thread

no sense in whining about problems with an old, outdated version of a program..

you will have to install the current version of HMPA if you want to leave the problems with the old version behind..

 

sure, what ever

 

Judging your post, I'm not sure whether you do or do not comprehend HMPA3's Keystroke Encryption concept.
I got a little confused reading your post.
Well, HMPA3's Keystroke Encryption concept can be confusing.
In short:
With HMPA Keystroke Encryption enabled, you should only notice it's activity when not only HMPA "Keystroke Encryption" is enabled", but also "Show colored window border around protected applications" and "Show live Keystroke Encryption in colored window border" are enabled in HMPA settings. In that case, Keystroke Encryption is made visible in the live Keystroke Encryption indicator, as shown on page 5 of the HMPA 3 Getting Started Manual.
Other than that, there should be no encryption visible in applications. If there is, then probably the encrypted keys aren't correctly decrypted, and then that's a bug, I suppose, to be fixed by Erik and Mark.
Perhaps Erik or Mark, or someone else, can explain better than I did.

 

For your information,
the HitmanPro.Alert 3.0.42 build 190 changelog (compared to build 189) only specifies "Fixed compatibility issue with some third-party security software on Windows XP."
bjm_ uses Windows 8.1.
There is no reason specified why build 189 would be outdated for bjm_, using not Windows XP, but Windows 8.1.

 

When you added PasswordSafe which template did you use?

 

@Victek I know you use WSA. I do not see any evidence of Keystroke Encryption at all for some versions now, currently 190 (no orange flyouts, borders, etc.) though I used to see these. I am assuming this is due to this being disabled in HMP.A because of the anti-keylogger in WSA Identity Protection. Can you confirm it is the same for you?

 

Initially I had some problems until I discovered that I needed to "allow" HMPA in WSA PC Security, Identity Protection and the list of Active Processes after each HMPA update. As long as I remember to do this all of the HMPA features generally work. I'm currently running build 189 and I don't see the live encryption indicator (flyout) in IE 11, but it has been working consistently in Firefox and Chrome.

 

Thanks @Victek. Yes, I have been doing the same, on your advice some time back. But I see nothing in Firefox (or IE11). But maybe that is how it should work, considering Erik's earlier explanation that HMP.A Keystroke Encryption sh/would disable itself if it detected another active anti-keylogger (WSA Identity Protection in this case). But we don't have a consistent experience in this regard.

 

I expect you're aware of these settings, but just in case:

 

Yes, all those settings are correct ...

 

to make it simple:

point 1: HMPA's encrytion was not working when i was using the "passwordsafe" program.. that means that, when i was typing data into the program's dialogue-boxes, the keystrokes were not being encrypted, at least i was not seeing the HMPA message, saying that the keystrokes were being encrypted..

point 2: i noticed that data (passwords) that i pasted (not typed) into dialogue-boxes, in "firefox", from windows "clipboard", was not encrypted, at least i didn't see HMPA's message, saying that the data was being encrypted, as it was transferred from "clipboard" to "firefox"..

maybe "surfright" would say "that is by design.. only keystrokes are encrypted".. OK..

so, another point i was making is that, since i have to copy-n-paste my passwords, where no keystrokes are used when i am entering my passwords into dialogue-boxes, in "firefox", and since HMPA only encrypts keystrokes, HMPA's encryption doesn't do me any good, since my passwords are the only thing that actually needs to be encrypted (with a couple of rare exceptions)..

i use long, unique, complex passwords for each-and-every account that i have.. it would not be practical for me to type them (there could be typos).. i have to copy-n-paste them..

anyway, i will have to work that out.. i can't think of a way to work around the issue with windows "clipboard", and with pasting data (passwords) from the clipboard into dialogue-boxes, in "firefox", as far as HMPA goes.. it wouldn't be practical for HMPA to encrypt everything that is copied to windows "clipboard", and it might be pointless for HMPA to encrypt data that is transferred from "clipboard" into a dialogue-box, in "firefox"..

so the only point was my conclusion that HMPA's encryption seems to be useless, for me.. i am thinking that what i need is for the data (my passwords) in windows "clipboard" to be protected, somehow.. or else i need to find an alternative to using windows clipboard, to copy-n-paste my passwords..

i went to the "passwordsafe" webpage, to see if there was an update for the program.. then i went to their forum, and i saw, posted in the forum, that the "passwordsafe" program has an alternative to using windows "clipboard", which i didn't know about, before.. i am going to look into that.. it also has an auto-complete function, but i have never tried using that, not on a regular basis.. i can look into that, too.. i have tried testing the auto-complete function, and it worked, the one time that i tested it, in the past.. however i recently tried testing it again, on another webpage, and it didn't work right, that time..

i am not saying that there is anything wrong with HMPA's encryption, or with the HMPA program.. i am saying that i don't see a real need for HMPA's encryption, in my case, since its encrytion isn't used when i am pasting (not typing) my passwords into dialog-boxes, in "firefox", at least i don't see HMPA's message, saying that encryption is being used when i am pasting (not typing) my passwords into dialogue-boxes, in "firefox".. and, also, that i am not seeing that HMPA's encrytion is being used when i am typing into dialogue-boxes in the "passwordsafe" program, at least i don't see HMPA's message, saying that encrytion is being used.. and, yes, i see HMPA's message, saying that my keystrokes are being encrypted, when i am typing into dialogue-boxes, in "firefox" (unless i disable HMPA's encrytion and/or turn off HMPA's encryption-message)..

 

1. Since you had to add PasswordSafe manually to HMPA can you please say which template you used? As I stated earlier keystroke encryption is not a feature in all templates.

2. For the record Surfright has never stated that HMPA keystroke encryption protects copy/pastes operations from the Windows Clipboard.

 

when i was adding "passwordsafe" to the list of programs that are protected by HMPA, first i tried using the "other-mitigation template", then i tried using the "browser-mitigation template", but the keystroke-encryption didn't seem to be working in either case..

maybe surfright will have to set things up if they want HMPA's keystroke-encrytion to work with the "passwordsafe" program..

"bjm_" said that "keypass was added to HMPA's 'other'" and that HMPA's encryption works with it, when entering the master-password.. the way that that is worded, "keypass was added to HMPA's 'other'", it sounds like "surfright" set that up as opposed to bjm_'s adding "keypass" to HMPA's protection himself..

i am not really concerned about my "issues" with HMPA's keystroke-encryption.. since i don't see any real benefit from using it, since i don't type my passwords (except when i am entering my master-password in the passwordsafe program), i have it disabled.. however, i still think it would be good if the keystroke-encryption was able to be used with the "passwordsafe" program, the same as it is with the "keypass" password-manager..

p.s. i probably will enable the keystroke-encryption for the rare cases where i need to enter my credit card number or my bank account number..

 

With the update 190, I find that HMP alert encryps the output on flash based simulators also, so the text comes out all wrong.

 

Received a call from a family member today that the PC was not working: BSOD, SYSTEM_SERVICE_EXCEPTION, hmpalert.sys

I'm not sure what HMPA build is running there.

 

when they say the computer is not working, i take it that they are not able to boot the computer due to repeating BSOD's everytime they try to boot it..

to work around the problem, they could try booting the computer into "safe mode with networking", download sysinternals' "autoruns", then, run "autoruns" and delete the couple of "surfright" regkeys, under "services" and under "drivers".. they should be able to boot the computer after that, if the problem is with the HMPA program..

it might be possible to just boot the computer into "safe mode" and then uninstall the HMPA program, running the uninstall from windows "add/remove".. after uninstalling the HMPA program, they should be able to boot the computer, if the HMPA program is the problem..

 

No problems with Firefox 38.0.5 (W7 64 bits/build 189).

 

Sorry, I was unclear about this. I told them to reboot. After a long check disk cycle the PC booted fine.

So I hope this was "one of a kind", but I still wanted to report it to the HMPA developers.

 

Blue Screen dumps are written to C:\Windows\Minidumps\ . Do you think you can retrieve the dump?

 

189 Keystroke Encryption returned to Firefox....

 

Hello,

This is to alert you of an issue of HMP.A with new ESET Smart Security 9 Beta. HMP.A will not allow you to launch the "Banking and Payment Protection" browser. With HMP.A installed, ESET's BPP browser will not launch. If I uninstall HMP.A, ESET's BPP browser launches with no issues as expected. The BPP browser module uses your default browser. I have tried using both IE11 and Chrome as my default browser and both have the same issues. There are no warnings given from HMP.A via a pop-up message nor anything in the event viewer. I realize ESS 9 was just released in beta but wanted to give you the heads up of a conflict between the two. The issue is 100 % reproducible with ESS 9.0.111.0 Beta and HMP.A 3.0.42.190 on a fully updated/patched Windows 8.1 pro 64 bit system.

Edited to add: This has also been reported to the ESET devs via their beta feedback channel...

 

I'm visiting them this weekend. I will put it on my to do list.