HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,416
    Location:
    .
    users are reporting malfunctions
     
  2. test

    test Registered Member

    Joined:
    Feb 15, 2010
    Posts:
    488
    Location:
    italy
    ok, major?? (BSoD, crash,...?)
     
  3. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    335
    You can always go back a few posts to find bugs.
     
  4. test

    test Registered Member

    Joined:
    Feb 15, 2010
    Posts:
    488
    Location:
    italy
    Maybe i'm reading another story...

    However my English does not allow me to comment further so i respect your point of view.


    -----------
    *in favore di chi dovesse conoscere l'italiano*
    Come dicevo, quello che vedo è una situazione che gira e rigira vede i soliti utenti lamentarsi legittimamente ma mi chiedo quanto possa incidere la configurazione di sicurezza adottata che, spesso è volentieri, è "overlapping" generando con buona probabilità interferenze di vario tipo come, per l'appunto, quelle solitamente lamentate.
     
    Last edited: Jul 11, 2015
  5. maniac2003

    maniac2003 Registered Member

    Joined:
    Apr 12, 2007
    Posts:
    100
    Location:
    Netherlands
    Ah,that explains the chance that you run into more issues than most of us.
     
  6. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803

    ive so far noticed the secure desktop bug mainly with using keepass as already mentioned , i dont use UAC prompts over here so i wouldnt know about that , but youve already tested that and it seems to be working for you , again secure desktop needs fixing for keepass , since hmpa breaks it as of currently and according to a member has been broken since hmpa 3 released a while back , im suprised this is being ignored as long as it has been by the devs


    and about keystroke encryption improvement? , well first off the algorithm itself that hmpa uses for it is quite a bit weaker in how it encrypts the keystrokes that needs working on , heres a link that has a member describe it


    http://malwaretips.com/threads/keystroke-encryption-in-hitmanpro-alert.46789/
     
  7. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,996
    Location:
    USA
    I read that thread; there is only one comment claiming that "Zemana has a more powerful encryption method than HMPA" and I don't feel that was adequately explained. Can you say why HMPA encryption is "weaker"? Is there a "proof of concept" attack demonstrating that encrypted keystrokes can be captured/decrypted?
     
    Last edited: Jul 11, 2015
  8. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    To me this whole issue is a big so what. Since the encryption only protects from the keyboard to the browser, one should ask how something gets on your system to be able to record the keystrokes. If that can happen you have bigger worries.
     
  9. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    429
    After updating HMP.A to build 196, my PC has been running slow like molasses. Firefox 38 takes 5 minutes to open, IE8 takes 3 minutes to open and another 5 minutes to finish loading the home page. Other programs and tools (Windows Explorer, MS Word, Control Panel) also take inordinately long times to open.

    In addition, I'm not getting the orange encryption flyout in the lower right when typing something in the browser. And the blue or green flyouts in the upper right telling me that Program X is protected as I open it, are not showing either.

    No programs are getting the outline around their window. Ironically, only HMP.A itself gets the outline. And even that program is taking forever to open the interface. I opened it to try disabling some of the protections, but when it finally opens this is what I see:

    HMPA 196.jpg

    Nothing is shown under "Safe browsing" or "Exploit mitigation." Notice, too, the sudden lack of history or license information.

    I've run several malware scans with HMP.A and other programs, and nothing suggests the presence of malware.

    Will uninstall HMP.A and manually reinstall 196. If things still work as badly, I'm going back to an earlier build.

    System: Vista Home Premium x64 SP2, N360, Windows Defender, Spybot Search & Destroy 1.6.2.46.

    UPDATE: Before uninstalling, I rebooted in order to run a Norton Power Eraser rootkit scan (just in case). After Vista rebooted, a little dialog box popped up in the middle of my screen to report that, "HitmanPro.Alert stopped working and was closed. A problem caused the application to stop working correctly. Windows will notify you if a solution is available."

    However, the HMP.A. icon did show up in the notification area, and when I opened the HMP.A interface everything that was missing in the screenshot above showed up again normally. Browsers and programs are opening fine, with their blue or green flyouts.

    But whereas Word is getting the blue outline, the browsers are not getting the HMP.A outline, and no program seems to be getting the orange encryption thingie when I start typing.

    Should I roll back to an earlier build?
     
    Last edited: Jul 11, 2015
  10. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,996
    Location:
    USA
    Yes, if you have a keylogger on your system you've got a bigger problem. The effectiveness of keystroke encryption is an interesting topic though, and very complex. For instance there's this discussion which includes an interview with a KeyScrambler rep:

    http://www.techrepublic.com/blog/it...ncryption-works-to-thwart-keylogging-threats/
     
    Last edited: Jul 11, 2015
  11. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803
    well yeah of course you should always make sure to never get a keylogger onto your system in the first place , but still, keystroke encryption has its uses , as everything in security its only a little but important part of the entire picture ;)
     
    Last edited: Jul 11, 2015
  12. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803
    well as of yet no one has , but that comment has had me worried to be frank with you , thats all , i myself havent checked hmpas alogrithm source code to see how it exactly compares to zemanas algorithm source code , was just kinda worried that hmpa would have a weaker algorithm than zemana , and thus if that claim held any truth , that the hmpa devs would check it out , thats all
     
  13. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,996
    Location:
    USA
    I get it now, thank you :thumb:
     
  14. javagreen

    javagreen Registered Member

    Joined:
    May 2, 2005
    Posts:
    96
    Is there a direct download of build 196? Try as I might, I'm not getting the auto-update to 196. Just says No update and then the check for update option grays out and stays grayed out.
     
  15. busy

    busy Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    109
  16. javagreen

    javagreen Registered Member

    Joined:
    May 2, 2005
    Posts:
    96
  17. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,416
    Location:
    .
  18. PallMall

    PallMall Guest

    I've never had problems either. Reading this thread gives the feeling of a nightmare, many users show the over-protected syndrome and add applications which have no reason to run if HitmanPro.Alert is active, making their system unstable and this thread an everlasting merry-go-round.

    HitmanPro.Alert 3.0.48.196 runs fine here and will run fine on all healthy and non bloated systems. I believe there is a severe mentality problem related to slight paranoia, sorry to say so.
     
  19. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,305
    Location:
    Outer space
    If I read it correctly, the person on malwaretips says Zemana's encryption is more powerful because the logged keystrokes only show "yyy" instead of random characters. But the way encryption works is that it looks like random characters. Perhaps Zemana is doing something else.
     
  20. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,416
    Location:
    .
    :argh:
     
  21. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Zemana uses an algorithm by returning always the same value.
    HitmanPro.Alert uses an algorithm by returns a randomly chosen value which has nothing to do with the pressed key -> hence: random.

    Both offer the same protection as both do not offer encryption as we are just giving some bogus key to sniffers.

    Hope this helps.
     
  22. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
  23. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    429
    @erikloman:

    Any thoughts on this issue?

    The behavior described in the "update" is still occurring.
     
  24. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,305
    Location:
    Outer space
    Build 196 still gives ROP alerts on Youtube with Firefox(v39) and WSA's Identity Shield(now version 9.0.0.64). Win7sp1 64bit and has hardware supported i3 proc.

    Thanks!

    Note that there is now a 3rd zero-day vulnerability from HackingTeam, CVE-2015-5123.
    https://helpx.adobe.com/security/products/flash-player/apsa15-04.html
     
  25. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    825
    No problems with Flash 18.0.0.209 and build 196 (W7 64 bits).
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.