HitmanPro.Alert BETA

Discussion in 'other anti-malware software' started by erikloman, May 30, 2017.

  1. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,560
    Some of us are using Build 849 which why we aren't using this RC
     
  2. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    800
    Same here.
     
  3. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    763
    Location:
    USA
    Understood, but Mark indicated Monday that a general release (excluding users running the newer 8xx technology previews) would be "later in the week", then Tuesday it appeared. Just wondering if somebody jumped the gun is all...
     
    Last edited: Oct 21, 2019
  4. L10090

    L10090 Registered Member

    Joined:
    Feb 13, 2015
    Posts:
    300
    Location:
    Netherlands
    W7-X64 Prof. Installed build 791 RC over build 789. Up till now no issues what so ever.
     
  5. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,675
    Location:
    Under a bushel ...
    It did auto-update Tuesday on my stable machine also, guess they deemed it ready to go.
     
  6. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    538
    Location:
    Hengelo
    HitmanPro.Alert 3.8.0 Build 853 Community Technology Preview 3

    Changelog (compared to build 849)
    • Added JIT Guard which prevents the use of Win32 API calls from just-in-time (JIT) memory in web browsers. This new mitigation is currently enabled on Firefox-based web browsers and thwarts attacks on vulnerabilities like CVE-2019-9810.
    • Added license expiration reminder. Users that renew their license will receive a discount of 15% on a new license when buying one via the new reminder message.
    • Improved the new CryptoGuard 5 anti-ransomware engine.
    • Fixed issue that prevented users from upgrading Windows 7 straight to Windows 10.
    • Fixed issue that prevented users from installing Windows 7 updates.
    • Several other minor improvements.
    Screenshot
    JITGuard3.PNG

    Figure 1: JIT Guard

    Download

    https://dl.surfright.nl/hmpalert3b853.exe

    Notes
    • Do NOT install this on a machine of which you only have access over Remote Desktop as it will lock you out from admin access, you need hands on keyboard to generate the 2fa token.
    • Do NOT return from this 8xx CTP to version 7xx stable without first removing c:\programdata\hitmanpro.alert\excalibur.db
    • Supports Windows XP :D up to Windows 10 19H2.
    • Footprint 4.8 MB o_O
    • All code compiled with Visual Studio 2019 16.3.
    We're currently upgrading users running CTP1 and CTP2 to this CTP3.
     
  7. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    800
    No problems upgrading build 853 CTP3 (from CTP2).

    Win10 1903 build 18362.418 x64/Norton Security v22.19.8.65
     
  8. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,560
    I also upgraded from CTP2 tp CTP3. All is running fine. Did test imaging again, and it is fine. This program is just getting better and better
     
  9. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,675
    Location:
    Under a bushel ...
    +1 (auto-updated on reboot)) but with Emsisoft, not Norton.
     
    Last edited: Oct 22, 2019
  10. focus

    focus Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    433
    Location:
    USA
    Auto update to 853 CTP3 this morning. W10x65 Pro. All is good.
     
  11. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    871
    Location:
    Land o fruits and nuts, and more crime.
  12. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    889
    Auto update and manual update failed, as usual (TEMP/TMP on RAM disk).

    Will try an uninstall & clean install later today.
     
  13. abbs

    abbs Registered Member

    Joined:
    Sep 14, 2018
    Posts:
    11
    Location:
    Nederlands
    No problems upgrading Versie 3.8.0 build 853 CTP3

    Windows 10 pro Versie 1903 build 18362.418 (Emsisoft Anti-Malweare)
     
  14. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    889
    Uninstall & clean install did work.
     
  15. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,257
    Location:
    Outer space
    Upgrading worked fine (w10 v1809).
     
  16. ViVek

    ViVek Registered Member

    Joined:
    Aug 7, 2008
    Posts:
    568
    Location:
    Moon
    Dh5hneja7rg51qURT96tb&)Qxdnwsupvr6Xnmtl1o1mdNhf7biazsonmnf4fmjL

    Upgraded from CTP2 to CTP3 and got Keystroke Encryption problem.

    Keystroke Encryption disabled:

    Windows XP here.

    Thanks :)

    Keystroke Encryption enabled:

    Otddh42h)P0aiicb



    R8ef0z9KX
     
  17. HempOil

    HempOil Registered Member

    Joined:
    Jun 15, 2015
    Posts:
    170
    Location:
    Canada
    Auto updated from CTP2 to 3. No issues evident after reboot, and no entries found in the HMP.A Event Log.
     
    Last edited: Oct 23, 2019
  18. L10090

    L10090 Registered Member

    Joined:
    Feb 13, 2015
    Posts:
    300
    Location:
    Netherlands
    W10 b1903 (test system): Auto updated from CTP2 to 3. No issues evident after reboot
     
  19. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    7,159
    Location:
    Among the gum trees
    After installing the latest Kaspersky Security Cloud Free I was getting CredGuard alerts while KSCF was installing and on a system restart. Eventually I uninstalled Alert CTP3 as I was just trying to let KSCF settle in. Unfortunately, I do not have the alert. I have since installed the latest Release version of Alert and all seems well.
    Code:
    Log Name:      Application
    Source:        HitmanPro.Alert
    Date:          29/10/2019 4:44:45 PM
    Event ID:      911
    Task Category: Mitigation
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      Dave-PC
    Description:
    Mitigation   CredGuard
    Timestamp    2019-10-29T05:44:45
    
    Platform     10.0.18362/x64 v853 06_25
    PID          8764
    Feature      003D0830000001A6
    Application  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe
    Created      2019-10-29T05:43:25
    Description  Kaspersky Anti-Virus 20.0.14
    
    \REGISTRY\MACHINE\SAM\SAM\Domains\Account
    
    Dropped Files
    1  C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\cat_engineAB3BDF70-3CEC-D14C-ACE9-6946D7FD8F6D
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    2  C:\ProgramData\Kaspersky Lab\AVP20.0\Data\persistent_q.db-journal
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    3  C:\ProgramData\Kaspersky Lab\AVP20.0\Data\persistent_q.db
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    4  C:\ProgramData\Kaspersky Lab\AVP20.0\Data\persistent_q.db-shm
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    5  C:\ProgramData\Kaspersky Lab\AVP20.0\Data\persistent_q.db-wal
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    6  C:\ProgramData\Kaspersky Lab\AVP20.0\Report\0C\segments.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    7  C:\ProgramData\Kaspersky Lab\AVP20.0\Report\0C\00000001_events.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    8  C:\ProgramData\Kaspersky Lab\AVP20.0\Report\0C\00000001_objdt.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    9  C:\ProgramData\Kaspersky Lab\AVP20.0\Report\0C\00000001_objbt.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    10 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\0C\00000001_objid.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    11 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\25\segments.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    12 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\25\00000001_events.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    13 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\25\00000001_objdt.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    14 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\25\00000001_objbt.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    15 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\25\00000001_objid.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    16 C:\ProgramData\Kaspersky Lab\44B023B4-E9E6-924A-ACC8-C5B5E3CA7F78
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    17 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\cat_engine990B873F-656E-5649-9C2F-0F997A3E0C4C
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    18 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\report.rpt
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    19 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\hdhm_temp_drives_6DCC1C99-CF54-314D-A961-CFBE8618C0B0
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    20 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\last_settings.xml
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    21 C:\Users\Public\Desktop\Kaspersky Passwords.lnk
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
            Read by \Device\HarddiskVolume2\Windows\explorer.exe [6264]
                    \Device\HarddiskVolume2\Windows\System32\SearchProtocolHost.exe [2104]
    22 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\stor_saas.bin
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    23 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\settings_saas.kvdb-wal
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    24 C:\ProgramData\Kaspersky Lab\AVP20.0\Encryption\containers.db-journal
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    25 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\profiles.xml.tmp1678
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    26 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\stor_AVP.bin
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    27 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\Database\reports.db-shm
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    28 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\Database\reports.db-wal
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    29 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\iswift.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    30 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\avengine.dll.e6d2df80e11dcc9e57c2877fd8de1f67_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    31 C:\ProgramData\Kaspersky Lab\AVP20.0\3225235d3e6716b5d381203161018a53321d71a5e251a1605d34263a3e6716b1
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    32 C:\ProgramData\Kaspersky Lab\AVP20.0\Temp\ioc72CA0C45-749F-3345-9552-EFB2893EBA8B.p7x
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
            Read by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    33 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\wlengine.dll.5074250125131bd6a0842583c51cbd6d_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    34 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\intctrl.kdl.0f848ac05e68f41c7afe1f8dd82923b1_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    35 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\kavbase.kdl.8ea4e38801593012747546ce4b2680ac_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    36 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\cat_engine243B18F4-3C97-9D42-ADC7-6B8729EEAB6C
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    37 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\kavbase_00000000
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    38 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\vlns.kdl.342d2c338e39149c9ef52d87c5cf3862_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    39 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\kavbase.2547694865ef1225.kmc
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    40 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\si_monitor.dll.d37220ecb715f59a66c797dafb8b265a_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    41 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\klavemu.kdl.5c2d58c8a66f54916402b2d633dcacc0_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    42 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\crls\tmp\D1669591-E741-F54B-89F5-69F9BC951432
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    43 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\kjim.kdl.2f7127e1d8b9f263caf9f3e51000f340_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    
    Thumbprints
    368a1bad9d915f938d0b558b13bad211bf6c227c2d202e95f10b55dc77c94562
    
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="HitmanPro.Alert" />
        <EventID Qualifiers="0">911</EventID>
        <Level>2</Level>
        <Task>9</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2019-10-29T05:44:45.944665000Z" />
        <EventRecordID>20192</EventRecordID>
        <Channel>Application</Channel>
        <Computer>Dave-PC</Computer>
        <Security />
      </System>
      <EventData>
        <Data>C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe</Data>
        <Data>CredGuard</Data>
        <Data>Mitigation   CredGuard
    Timestamp    2019-10-29T05:44:45
    
    Platform     10.0.18362/x64 v853 06_25
    PID          8764
    Feature      003D0830000001A6
    Application  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe
    Created      2019-10-29T05:43:25
    Description  Kaspersky Anti-Virus 20.0.14
    
    \REGISTRY\MACHINE\SAM\SAM\Domains\Account
    
    Dropped Files
    1  C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\cat_engineAB3BDF70-3CEC-D14C-ACE9-6946D7FD8F6D
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    2  C:\ProgramData\Kaspersky Lab\AVP20.0\Data\persistent_q.db-journal
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    3  C:\ProgramData\Kaspersky Lab\AVP20.0\Data\persistent_q.db
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    4  C:\ProgramData\Kaspersky Lab\AVP20.0\Data\persistent_q.db-shm
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    5  C:\ProgramData\Kaspersky Lab\AVP20.0\Data\persistent_q.db-wal
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    6  C:\ProgramData\Kaspersky Lab\AVP20.0\Report\0C\segments.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    7  C:\ProgramData\Kaspersky Lab\AVP20.0\Report\0C\00000001_events.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    8  C:\ProgramData\Kaspersky Lab\AVP20.0\Report\0C\00000001_objdt.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    9  C:\ProgramData\Kaspersky Lab\AVP20.0\Report\0C\00000001_objbt.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    10 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\0C\00000001_objid.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    11 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\25\segments.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    12 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\25\00000001_events.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    13 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\25\00000001_objdt.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    14 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\25\00000001_objbt.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    15 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\25\00000001_objid.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    16 C:\ProgramData\Kaspersky Lab\44B023B4-E9E6-924A-ACC8-C5B5E3CA7F78
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    17 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\cat_engine990B873F-656E-5649-9C2F-0F997A3E0C4C
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    18 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\report.rpt
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    19 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\hdhm_temp_drives_6DCC1C99-CF54-314D-A961-CFBE8618C0B0
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    20 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\last_settings.xml
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    21 C:\Users\Public\Desktop\Kaspersky Passwords.lnk
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
            Read by \Device\HarddiskVolume2\Windows\explorer.exe [6264]
                    \Device\HarddiskVolume2\Windows\System32\SearchProtocolHost.exe [2104]
    22 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\stor_saas.bin
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    23 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\settings_saas.kvdb-wal
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    24 C:\ProgramData\Kaspersky Lab\AVP20.0\Encryption\containers.db-journal
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    25 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\profiles.xml.tmp1678
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    26 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\stor_AVP.bin
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    27 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\Database\reports.db-shm
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    28 C:\ProgramData\Kaspersky Lab\AVP20.0\Report\Database\reports.db-wal
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    29 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\iswift.dat
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    30 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\avengine.dll.e6d2df80e11dcc9e57c2877fd8de1f67_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    31 C:\ProgramData\Kaspersky Lab\AVP20.0\3225235d3e6716b5d381203161018a53321d71a5e251a1605d34263a3e6716b1
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    32 C:\ProgramData\Kaspersky Lab\AVP20.0\Temp\ioc72CA0C45-749F-3345-9552-EFB2893EBA8B.p7x
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
            Read by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    33 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\wlengine.dll.5074250125131bd6a0842583c51cbd6d_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    34 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\intctrl.kdl.0f848ac05e68f41c7afe1f8dd82923b1_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    35 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\kavbase.kdl.8ea4e38801593012747546ce4b2680ac_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    36 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\cat_engine243B18F4-3C97-9D42-ADC7-6B8729EEAB6C
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    37 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\kavbase_00000000
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    38 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\vlns.kdl.342d2c338e39149c9ef52d87c5cf3862_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    39 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\kavbase.2547694865ef1225.kmc
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    40 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\si_monitor.dll.d37220ecb715f59a66c797dafb8b265a_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    41 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\klavemu.kdl.5c2d58c8a66f54916402b2d633dcacc0_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    42 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\crls\tmp\D1669591-E741-F54B-89F5-69F9BC951432
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    43 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\kjim.kdl.2f7127e1d8b9f263caf9f3e51000f340_0.tmp
         Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [8764]
    
    Thumbprints
    368a1bad9d915f938d0b558b13bad211bf6c227c2d202e95f10b55dc77c94562
    </Data>
      </EventData>
    </Event>
    Cheers.
     
    Last edited: Oct 29, 2019
  20. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,637
    Location:
    Location Unknown
    What will the future hold for HMP.A now that trend micro has been sold? It is time to start looking for alternatives?
     
  21. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    7,159
    Location:
    Among the gum trees
    :confused: What has Trend Micro got to do with HMP.A??
     
  22. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,637
    Location:
    Location Unknown
    Oops. My mistake. I confused sophos with Trend micro.
     
  23. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    7,159
    Location:
    Among the gum trees
    I found that before installing KSCF I could temporarily disable Credential Theft Protection in Alert until after KSCF is installed and updated I don't need to uninstall CTP3.
     
  24. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    7,159
    Location:
    Among the gum trees
    Sigh... After leaving this machine idle for a while I suddenly got another Alert notification.
    Log Name: Application
    Source: HitmanPro.Alert
    Date: 4/11/2019 3:50:37 PM
    Event ID: 911
    Task Category: Mitigation
    Level: Error
    Keywords: Classic
    User: N/A
    Computer: Dave-PC
    Description:
    Mitigation CredGuard
    Timestamp 2019-11-04T04:50:37

    Platform 10.0.18362/x64 v853 06_25
    PID 3792
    Feature 003D0830000001A6
    Application C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe
    Created 2019-11-04T02:30:26
    Description Kaspersky Anti-Virus 20.0.14

    \REGISTRY\MACHINE\SAM\SAM\Domains\Account

    Dropped Files
    1 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\stor_AVP.bin
    Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [3792]
    2 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\PATCH\1\deleted
    Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [3792]
    3 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\certdb_v2.56b303bf417e3d94c2e3.idx
    Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [3792]
    4 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\kavbase.255241b0127ecc24.kmc
    Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [3792]

    Thumbprints
    368a1bad9d915f938d0b558b13bad211bf6c227c2d202e95f10b55dc77c94562

    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
    <Provider Name="HitmanPro.Alert" />
    <EventID Qualifiers="0">911</EventID>
    <Level>2</Level>
    <Task>9</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-11-04T04:50:37.238279400Z" />
    <EventRecordID>21123</EventRecordID>
    <Channel>Application</Channel>
    <Computer>Dave-PC</Computer>
    <Security />
    </System>
    <EventData>
    <Data>C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe</Data>
    <Data>CredGuard</Data>
    <Data>Mitigation CredGuard
    Timestamp 2019-11-04T04:50:37

    Platform 10.0.18362/x64 v853 06_25
    PID 3792
    Feature 003D0830000001A6
    Application C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe
    Created 2019-11-04T02:30:26
    Description Kaspersky Anti-Virus 20.0.14

    \REGISTRY\MACHINE\SAM\SAM\Domains\Account

    Dropped Files
    1 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\stor_AVP.bin
    Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [3792]
    2 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\PATCH\1\deleted
    Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [3792]
    3 C:\ProgramData\Kaspersky Lab\AVP20.0\Data\certdb_v2.56b303bf417e3d94c2e3.idx
    Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [3792]
    4 C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache\kavbase.255241b0127ecc24.kmc
    Dropped by \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [3792]

    Thumbprints
    368a1bad9d915f938d0b558b13bad211bf6c227c2d202e95f10b55dc77c94562
    </Data>
    </EventData>
    </Event>
     
  25. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    901
    Location:
    UK
    my concern was performance, so reverting to v4 fixed the performance? As long as they keep this optional so can switch like you did its good.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.