Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.
I've tried Cyber Ghost VPN with Alert 3. No issues.
I will see if I can get a Boleh VPN account.
I will try HMPA with Boleh VPN again soon. Maybe Eset Smart Security was the cause of the problem. It just didn't seem that way though because the problem did not go away until after I uninstalled HMPA.
I managed to get a Boleh VPN account!
No DNS leakage:
I will try installing ESET as well, see if that changes anything.
Is a (peak) cpu-usage of 19% normal? Build 79.
Looks like its the plugincontainer with flash (see Krusty's Conversation-post).
I also managed to install Alert CTP3 + ESET + Boleh VPN:
Sorry if already answered somewhere in this thread but just started using this software,
When I'm running Chrome it is usually Sandboxed via SBIE, now the border is green & it says HPA safe browsing. has HPA stopped SBIE from running Chrome sandboxed now? or is it i just can't see the yellow border now?
Also SABconnect++ didn't work until i closed off Stack Pivot, Control-flow integrity & load library, presume this is normal for an extension that needs to connect to local host?
If both Alert and SBIE are in Chrome you should see both Green and Yellow borders.
Have you added the \Device\NamedPipe\hmpalert via Sandbox Settings > Resource Access > File Access > Full Access > Edit/Add button?
I've tried this config myself on Windows 7 x86. I can leave all mitigations enabled.
What version of Windows are you using?
Ahh thanks erikloman, never really had to to tweak SBIE as its only the free version and it automatically sandboxed the default browser, doing what you said has got SAB working again with full protection
I now seem to have lost the Green boarder though and regained the yellow one.
I am using 8.1
After applying \Device\NamedPipe\hmpalert via Sandbox Settings > Resource Access > File Access > Full Access > Edit/Add button,reloaded the Sandboxie configuration.Then ran Internet Explorer 11 sandboxed,i could see the flyout,tested keylogger exploits(both 32 and 64 bits),but HMPA couldn't scramble the text.
in Vista I get in IE9 a BLUE Flyout window.
In Windows 8.1 in IE11 it is Green, as expected.
Is this ok ? If yes, why that difference ?
I am running now in both systems with 22.214.171.124ctp3 and hitmanpro 126.96.36.199Final.
But it was also the same with 188.8.131.52ctp2.
Blue flyout = Exploit Mitigations only
Green flyout = Safe Browsing (Intruder monitor) and possibly Exploit Mitigations
Click on the IE icon under the green tile and make sure the Intruder monitor is checked.
Thank you Erik! I'm now starting to wonder if it was just a case of bad timing. Maybe Boleh VPN was having problems with their servers during the time I tested Eset Smart Security, and HMPA. If Eset can't find a problem either then I will have to contact Boleh if it happens again. They have been having problems with their servers recently in which the user looses internet access after connecting to one of their routes. This is very much unlike Boleh's past reliability. They have been so dependable over the years until recently. Maybe it was due to a misconfiguration of their servers. I'm still waiting on an answer from Eset. If I discover the problem I will let you know. Thank You!
Are you sure the DNS detect both times was not that of your ISP? If so then maybe Boleh was just having problems with their servers during the period of time I was testing HMPA, and Eset Smart Security.
FWIW, I see Erik installed ESS V7....buy you had the issue with the V8 Beta right?
I just thought to be sure you both test the same version and combo
You did not install Eset Smart Security 8 beta. I was using the new beta of Eset Smart Security which can be found here https://forum.eset.com/topic/2984-eset-smart-security-and-eset-nod32-antivirus-8-beta-available/[plain]
Sorry, but there is only an IE icon under de BLUE tile.
I removed 184.108.40.206ctp3 and after reboot I installed ctp3 again.
Again the same.
All is working well for me. 0 problems with CTP 3.
Could you check the following issue?
I can confirm that only the / character is indeed not scrambled. Expect a fix in CTP4.
How can I see if my keystrokes are being scrambled anyways?
EDIT: Nevermind, I found it in the HMP.A test file. I ran the keylogging exploit, and at first everything I was typing in Chrome was readable in the exploit, but then later it was not. Is there a delay before the encryption kicks in?
Why is in ctp3 Passive Vaccination default ?
In ctp2 Active Vaccination was default in my Vista system.
I am sure about that, because I could not run Adwcleaner in ctp2.
First I tried to run Adwcleaner with disabled vaccination.
That worked and later on I tried Adwcleaner also with Passive vaccination.
That worked also.
It is possible that I forgot to change it back in Active vaccination.
That means, that the remove of ctp2 and ctp3 does not clean the vaccination status.
Can this also have something to do with my other problem (Blue IE9 Flyout) ?
HitmanPro.Alert 3 CTP2 and CTP3 do not reset the settings upon installation of a newer version. Activate Vaccination is the default but if you have changed it earlier, this change remains. In the final version, users have the option to set the recommended settings upon manual install of a newer version.
About the Internet Explorer 9 issue though, I am puzzled why it doesn't show beneath the Safe Browsing tile. Do you have a 32-bit or 64-bit installation of Windows Vista?
32-Bit Vista Home Premium SP2 fully updated
Thanks for the link. I just installed ESET Smart Security 8 BETA and redid the DNS Leak Test. DNS Leak Test thinks I am in the United Kingdom but my current location is actually Spain. I can't find a leak.