HitmanPro.ALERT Support and Discussion Thread

Me and a lot of other people had this problem because of our custom DNS settings.
If you are using OpenDNS, it is problematic.
Use Google DNS, or just set your system and router at default DNS

 

I just noticed that 3.6.5.592 is the latest release posted on the HitmanPro download website. HMPA already auto-updated to 3.6.6.593.

 

I had to pull the plug on OpenDNS. Ever since switching to Google Public DNS [8.8.8.8] [8.8.4.4] have not had any issues ... https://developers.google.com/speed/public-dns/

 

The changelog is showing build 592, but the download is build 593. The changelog lags behind

 

Getting alert whenever I visit Flickr (photo sharing) with HMPA 3.6.7 602. Not sure if they have been hacked or F.P.
Also noticed that since I emptied CryptoGuard folder (had 18 files) it has remained empty. CryptoGuard was re-enabled.

 

That was it Tinstaafl! OpenDNS strikes again. After changing my router's DNS address to Google Public DNS addresses, no problems downloading from Hitmanpro.com. Thanks!

 

Glad to hear you got it sorted out. I have been on and off Google DNS a few times, but I have yet to find something that works better. Always end up back there!

Kind of scary that OpenDNS has been having these issues for weeks now, considering that they are owned by Cisco now...

 

Off topic but Norton ConnectSafe works for me.

https://dns.norton.com/privacy.html

 

I guess that one's ok, if you want your web filtered for you. Google does not filter anything.

 

Dear Erik,

False Alert running wipe program:
I got the following error with Wipe when doing a deletion file with Gutman method.
Check the attached file

It's safe : ~ Removed VirusTotal Results as per Policy ~

 

This is no false alert and CryptoGuard is working as intended.
Temporarily disable CryptoGuard before you are going to securely deleting files:

 

@Ashanta:
Not a false alert, but expected behavior.
Temporary disable crypto-gard, if you want to shred.

 

Hi Ashanta,
That was not a false positive, but a consequence of what WipeFile does and what CryptoGuard is meant to prevent.
If you like to use WipeFile or similar to shred files or folders, first disable CryptoGuard, then shred what you like, and after that re-enable CryptoGuard.

This is related to what Erik said, on April 1, 2015,

 

@mood @Hiltihome @Stupendous Man
Thank you !

 

By the way, where is the path of the blocked files ?

 

HMPA Cryptoguard drops things into C:\Windows\CryptoGuard

 

Thank you.

What's the files with alphanumeric names on this folder ?

 

CryptoGuard proactively makes backup copies of certain files, so that it can roll them back if a real crypto attack occurs. You can safely ignore them.

 

When I tested it there is no reaction by HMP.A. All that happens is the target process launches and crashes immediately.

 

that's strange ...
Erik, is this expected?

 

Are you saying that HMPA blocks and the problem is only that it doesn't alert?

 

too much imagination/free interpretation (imo)...

No reaction = Alert seems to be blind (maybe PoC is not working properly or Alert interfer with its expected flow??)..

 

Anybody here running HMP.A (and maybe other security measures) with no AV such as Kaspersky, Norton, etc.?

 

With Windows Defender enabled or disabled?

 

Not on my main computer. But I do have another PC without HMPA, that I mostly use for home entertainment, where I switch off the realtime AV. In that case just relying on VoodooShield and Malwarebytes Anti-Exploit to protect it. I use the AV there only as an on-demand scanner.

Since I have been testing VoodooShield, and now that I "get it", I think that maybe something like that combined with HMPA could be all you need. Assuming that your PC was really clean to begin with. The concept of only allowing whitelisted executables to run seems bulletproof to me. Pure prevention! Plus with HMPA or something like that watching your back for anything sneaky you're probably ok!

But YMMV, so assume at your own risk!