Our cyber-vaccination is specialized in known and new "banking Trojans", such as Zeus, SpyEye, Sinowal (also Mebroot and Torpig), Ice-IX, Citadel, Cridex, Shylock and many others.
When you log into online portals (online banking, facebook, eBay, amazon, e-mail accounts etc.) an encrypted connection between your webbrowser and the login server is established. The aim of these SSL-connections is the transmission of your data between your computer and the website. Before the data transfer, however, this set of data is available in plain text in your webbrowser and thus it is readable by everyone. Almost all banking-trojans log into the underlying operating system and position themselves as continuous-flow heaters between Windows and your webbrowser with the aim to steal information and manipulate online transactions without being detected.
Even for a constantly updated antivirus software it is almost impossible to block and fend off banking-trojans at the very moment of the infection: cyber criminals hide themselves from virus labs (cloaking) and create an infection file in real-time for every computer that is supposed to be infected (polymorphism). In order to maximize their camouflage the programmers of those viruses run extensive tests against the detection mechanisms of widely used antivirus software before distributing their “creation” and thus make sure they won’t be detected the first days.
It is highly important to understand that the vaccination provided here does not guarantee defence against infections. This vaccination is supposed to support your antivirus software and to focus where the trojan gets activated. Through a behaviour analysis it sends alarm whenever an unknown program logs into critical system processes. By means of this technique, which is used here, it can detect man-in-the-browser-attacks and therefore directly fend off 99% of all banking-trojans attacks.
No hadn’t a clue, it seems a propagation campaign for this software. It was discussed just not long ago here as well.
What about Heimdal, it comes bundled with (also Secunia PSI is there)
This the whole so-called check campaign, I think is an avira/hitman pro initiative. These two vendors “now seems into bed”
with I n c a p s u l a, v o d a f o n e and i x ! and Heimdal etc.
You are right what you downloaded, see: https://www.virustotal.com/en/file/e81cffedad682f7b33c44867be15a0a2d39021aff66055d529acbc200c864392/analysis/1373025703/ that is hmpalert.exe (seems they are pushing that tool in Europe)
A bit similar operation when MBAM acquired ZeroVulnerability Exploit Shield…
Seems it is just a period where added security layers on top of existing av solutions become very popular,
like the hand on the cradle to lull the user into a dream of added security…
A pity for earlier developers because they developed their creations before the time that it became a hype.
Let us not look at these solutions as a panacea (cure for all ills)…
Still waiting to see a nice easy and ready configurable windows IDS, like linux suricata and snort.
And something that really works and alerts for alledged bot activity, open resolvers, dns anomalies, arp cache monitoring,
and not a tool that silently sits in the background and cannot even “be suspected of any realtime activity”,
it produces a log, I now aim at a ttool like RUBotted.
(Has someone really ever confirned that it is actually doing something?)
Pol,its a great tool,especially if you use FF and you dont want some sneaky addon to get installed in your browsers and redirect you everywhere and its also great if you are already infected with info stealing trojan and plus it warns when something gets past your AV and tries to steal your private info ;D
So you say hmpalert is the latest grand tool to stay clear of banking trojans while cheking the browser.
Saw some good rewievs on that tool and it seems to run without problems alongside avast av.