HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,942
    Location:
    USA
    FWIW I leave the Safety notification set to "once per logon session" because I find the notifications distracting, but if you like the confirmation each time then change it to "at application start". I do change Vaccination to Active and BadUsb to Enabled, and I've never had any issues as a result; I'm not aware of any downside.
     
  2. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    163
    Is this worth turning on?

    2019-09-16_161103.jpg
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    20,977
    Not without reason it is by default off.
    You can enable it for more protection but you should be prepared for more alerts.
     
  4. RonnyT

    RonnyT Registered Member

    Joined:
    Aug 9, 2016
    Posts:
    189
    Location:
    Planet Earth
    Hi Barry77,
    Can you please raise a support ticket with support@hitmanpro.com for this issue?
     
  5. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    172
    Location:
    VPN city
    I don't think I ever had that option off out of the box. Even a few build versions ago. The "Maximum protection" option was selected by default during my first install.
     
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    20,977
     
  7. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    163
    Turning on BADUSB causes me to see a blue screen (partmgr.sys) the first time I turn on my PC. USB ports always have 3 devices:

    1. USB 2.0: Fitbit dongle
    2. USB 3.0: Samsung SSD 850 PRO 256 GB
    3. USB 3.0: Samsung Portable SSD T5

    Windows 64bit Pro v.1903 build: 18362.356 HitmanPro.Alert 3.7.10 build 789. The other settings are at the recommended values.
     
  8. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    764
    Location:
    USA
    What's the difference between active and passive vaccination?
     
  9. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    20,977
    Active/Passive Vaccination:
     
  10. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    764
    Location:
    USA
    Thanks! Good info!

    It would be cool if they would add some helpful flyout tool tips to the HMPA UI.
     
  11. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    172
    Location:
    VPN city
    I've noticed in my own testing that HMP.Alert! will auto-block known malware, but as far as I can tell it will only do that when the malware is launched from an application that is actively being protected by HMP.Alert!.

    I have three suggestions:
    1. Make that malware protection cover the whole system, not just applications that are actively protected by the product. (That is to say, if that's not already happening and I was just doing something wrong)
    2. Add virustotal based application whitelisting into the mix that would auto-block anything unknown to VT. Also giving the user the option to turn on a feature that would only allow that VT rating AFTER the rating is at least a day old.
    3. Make sure that malware protection covering the whole system will not conflict with a standalone.

    If you were to make HMP.Alert! do those things, I think many more people would be willing to buy it. Especially since malware protection like that would absolutely be one-upping MBAM and Zemana.
     
  12. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    764
    Location:
    USA
    I prefer HMPA just the way it is, as signature-less exploit protection. It's focus is on behavior.

    There are general anti-malware programs available, but as soon as you start integrating whitelists, blacklists, real-time scanning, etc. you make the program a heavier load on the system, and with more potential for conflicts with your AV.
     
  13. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    7,182
    Location:
    Among the gum trees
    +1
     
  14. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,284
    Location:
    USA
    +2
     
  15. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,684
    Location:
    Under a bushel ...
    +3
     
  16. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    850
    Location:
    Baden Germany
    +4
     
  17. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    418
    I'm happy to report that, under HMP.A build 789, my Windows 7 system did not BSOD with a manual HMP scan.

    Thank You to the Surfright/Sophos team for addressing this issue! :thumb::thumb:
     
  18. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    163
    I cannot run PublicDNS.exe (https://www.trishtech.com/public-dns-server-tool/) because it does not allow HitmanPro.Aler(v.3.7.10 build 789). Windows 10 Pro 64bit 1903 build 18362.356

    2019-09-20_175258.jpg

    Napló neve: Application
    Forrás: HitmanPro.Alert
    Dátum: 2019. 09. 20. 17:43:00
    Eseményazonosító:911
    Feladatkategória:Mitigation
    Szint: Hiba
    Kulcsszavak: Klasszikus
    Felhasználó: n.a.
    Számítógép: DESKTOP-J0VB0BC
    Leírás:
    Mitigation Lockdown
    Timestamp 2019-09-20T15:43:00

    Platform 10.0.18362/x64 v789 06_9e
    PID 6248
    Feature 001F1A361FBF01B2
    Application C:\Program Files\Far Manager\Far.exe
    Created 2019-08-23T02:15:34
    Modified 2019-08-23T02:15:34
    Description File and archive manager 3.0

    Filename C:\4\PublicDNS.exe
    Created By C:\Program Files\Far Manager\Far.exe

    Command line:
    "C:\4\PublicDNS.exe"

    Loaded Modules
    -----------------------------------------------------------------------------
    00007FF6A6840000-00007FF6A6D9A000 Far.exe (Eugene Roshal & Far Grou),
    version: 3.0.0.5454 x64
    00007FFB75D20000-00007FFB75F10000 ntdll.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB728D0000-00007FFB729E8000 hmpalert.dll (SurfRight B.V.),
    version: 3.7.10.789
    00007FFB74960000-00007FFB74A12000 KERNEL32.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB72F80000-00007FFB73223000 KERNELBASE.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB745F0000-00007FFB74783000 USER32.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB72D60000-00007FFB72D81000 win32u.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB75580000-00007FFB755A6000 GDI32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB73A30000-00007FFB73BC4000 gdi32full.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB72E90000-00007FFB72F2E000 msvcp_win.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB72D90000-00007FFB72E8A000 ucrtbase.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB75740000-00007FFB757E3000 ADVAPI32.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB74540000-00007FFB745DE000 msvcrt.dll (Microsoft Corporation),
    version: 7.0.18362.1 (WinBuild.160101.0800)
    00007FFB743D0000-00007FFB74467000 sechost.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB74160000-00007FFB74280000 RPCRT4.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB74E90000-00007FFB75575000 SHELL32.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB72F30000-00007FFB72F7A000 cfgmgr32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB74320000-00007FFB743C9000 shcore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB759A0000-00007FFB75CD6000 combase.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB73230000-00007FFB732B0000 bcryptPrimitives.dll (Microsoft Corporation),
    version: 10.0.18362.295 (WinBuild.160101.0800)
    00007FFB732B0000-00007FFB73A2E000 windows.storage.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB72C90000-00007FFB72CAF000 profapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB72C00000-00007FFB72C4A000 powrprof.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB72BF0000-00007FFB72C00000 UMPDC.dll (),
    version:
    00007FFB74800000-00007FFB74852000 shlwapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB72C70000-00007FFB72C81000 kernel.appcore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB73C30000-00007FFB73C47000 cryptsp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB73F80000-00007FFB740D6000 ole32.dll (Microsoft Corporation),
    version: 10.0.18362.113 (WinBuild.160101.0800)
    00007FFB742B0000-00007FFB742B8000 PSAPI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB74A20000-00007FFB74E90000 SETUPAPI.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB73C50000-00007FFB73C76000 bcrypt.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB75660000-00007FFB75730000 COMDLG32.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB4CA10000-00007FFB4CA99000 WINSPOOL.DRV (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB6A160000-00007FFB6A177000 NETAPI32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB675C0000-00007FFB675DB000 MPR.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB66220000-00007FFB6622C000 Secur32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB6AC90000-00007FFB6AC9A000 VERSION.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB72AE0000-00007FFB72B05000 USERENV.dll (Microsoft Corporation),
    version: 10.0.18362.175 (WinBuild.160101.0800)
    00007FFB66230000-00007FFB664B5000 COMCTL32.dll (Microsoft Corporation),
    version: 6.10 (WinBuild.160101.0800)
    00007FFB6F490000-00007FFB6F57F000 PROPSYS.dll (Microsoft Corporation),
    version: 7.0.18362.267 (WinBuild.160101.0800)
    00007FFB74470000-00007FFB74534000 OLEAUT32.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB72050000-00007FFB7208A000 IPHLPAPI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB72090000-00007FFB7209C000 NETUTILS.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB6D980000-00007FFB6D998000 SAMCLI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB6A130000-00007FFB6A156000 SRVCLI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB72B10000-00007FFB72B3F000 SSPICLI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB74280000-00007FFB742AE000 IMM32.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB70E50000-00007FFB70EE9000 uxtheme.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB53C20000-00007FFB53EE1000 Start10_64.dll (Stardock Software, Inc),
    version: 1.7.1.0
    00007FFB75860000-00007FFB75995000 MSCTF.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB755B0000-00007FFB75652000 clbcatq.dll (Microsoft Corporation),
    version: 2001.12.10941.16384 (WinBuild.160101.080
    00007FFB46320000-00007FFB46525000 explorerframe.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB6F350000-00007FFB6F36E000 LuaMacro.dll (Eugene Roshal & Far Grou),
    version: 3.0 build 698
    00000000001D0000-0000000000245000 lua51.dll (),
    version:
    00007FFB55EC0000-00007FFB55F32000 luafar3.dll (Eugene Roshal & Far Grou),
    version: 3.1 build 1
    0000000000250000-0000000000265000 lpeg.dll (),
    version:
    00007FFB62670000-00007FFB626AD000 PortaDev.dll (Artem Senichev),
    version: 3.11.0.4040
    00007FFB6D8E0000-00007FFB6D97E000 PortableDeviceApi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB729F0000-00007FFB72A1A000 DEVOBJ.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB73BD0000-00007FFB73C2C000 WINTRUST.dll (Microsoft Corporation),
    version: 10.0.18362.145 (WinBuild.160101.0800)
    00007FFB72C50000-00007FFB72C62000 MSASN1.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB73C80000-00007FFB73DC9000 CRYPT32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB6ADF0000-00007FFB6AE20000 PortableDeviceTypes.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB60C90000-00007FFB60CB6000 TmpPanel.dll (Eugene Roshal & Far Grou),
    version: 3.0 build 108
    00007FFB6CEE0000-00007FFB6CF8E000 mscms.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB6CEC0000-00007FFB6CED7000 ColorAdapterClient.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB59680000-00007FFB596C3000 icm32.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB4EDA0000-00007FFB4EDA7000 msimg32.dll (Microsoft Corporation),
    version: 10.0.18362.175 (WinBuild.160101.0800)
    00007FFB6C4F0000-00007FFB6CC5B000 OneCoreUAPCommonProxyStub.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB71B30000-00007FFB71B61000 ntmarta.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB471E0000-00007FFB47200000 CLDAPI.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB65EE0000-00007FFB65EEA000 FLTLIB.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB513B0000-00007FFB514E5000 Windows.StateRepositoryPS.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB70C70000-00007FFB70CFF000 apphelp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB55F40000-00007FFB55FA0000 DropboxExt64.27.0.dll (Dropbox, Inc.),
    version: 1.0.27.0
    00007FFB4A930000-00007FFB4A9AE000 ntshrui.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB4B440000-00007FFB4B452000 cscapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB748E0000-00007FFB74956000 coml2.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB4E690000-00007FFB4E69D000 LINKINFO.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB66770000-00007FFB66E5A000 ieframe.dll (Microsoft Corporation),
    version: 11.00.18362.329 (WinBuild.160101.0800)
    00007FFB664C0000-00007FFB66766000 iertutil.dll (Microsoft Corporation),
    version: 11.00.18362.329 (WinBuild.160101.0800)
    00007FFB6D030000-00007FFB6D120000 WINHTTP.dll (Microsoft Corporation),
    version: 10.0.18362.207 (WinBuild.160101.0800)
    00007FFB6ED40000-00007FFB6ED57000 WKSCLI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB6CD70000-00007FFB6CDC1000 msIso.dll (Microsoft Corporation),
    version: 11.00.18362.329 (WinBuild.160101.0800)
    00007FFB62C60000-00007FFB62C73000 virtdisk.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB70BC0000-00007FFB70BCA000 c_is2022.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB59220000-00007FFB5925C000 c_g18030.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB62230000-00007FFB62239000 c_gsm7.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB60DB0000-00007FFB60DB9000 c_iscii.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB59170000-00007FFB591A0000 4Observer.dll (),
    version: 1, 11, 2, 0
    00007FFB59040000-00007FFB59068000 msi.so (),
    version:
    0000000058440000-00000000584D8000 MSVCP100.dll (Microsoft Corporation),
    version: 10.00.40219.325
    0000000058360000-0000000058432000 MSVCR100.dll (Microsoft Corporation),
    version: 10.00.40219.325
    00007FFB67150000-00007FFB675B6000 msi.dll (Microsoft Corporation),
    version: 5.0.18362.207
    00007FFB55E90000-00007FFB55EBC000 nsis.so (),
    version:
    00007FFB60C20000-00007FFB60C2A000 wise.so (),
    version:
    00007FFB594E0000-00007FFB594F8000 zlib1.dll (),
    version: 1.2.8
    00007FFB59620000-00007FFB59628000 vp.so (),
    version:
    00007FFB59440000-00007FFB5944D000 relic.so (),
    version:
    00007FFB55BF0000-00007FFB55C3C000 pst.so (),
    version:
    00007FFB55E60000-00007FFB55E83000 valve.so (),
    version:
    00007FFB571C0000-00007FFB571D1000 udfimg.so (),
    version:
    00007FFB55DA0000-00007FFB55DB3000 isoimg.so (),
    version:
    00007FFB55D80000-00007FFB55D94000 LIBBZ2.dll (),
    version:
    00007FFB59210000-00007FFB5921B000 x23cat.so (),
    version:
    00007FFB58FC0000-00007FFB58FCA000 mbox.so (),
    version:
    00007FFB55970000-00007FFB559BA000 gobject-2.0.dll (The GLib developer commu),
    version: 2.28.8.0
    00007FFB54EC0000-00007FFB54F0B000 gmime.dll (),
    version:
    00007FFB44B20000-00007FFB44C3A000 glib-2.0.dll (The GLib developer commu),
    version: 2.28.8.0
    00007FFB757F0000-00007FFB7585F000 WS2_32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB58E30000-00007FFB58E3A000 mime.so (),
    version:
    00007FFB55A30000-00007FFB55A46000 vdisk.so (),
    version:
    00007FFB60BB0000-00007FFB60C14000 mscoree.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB60B00000-00007FFB60BA9000 mscoreei.dll (Microsoft Corporation),
    version: 4.8.3752.0 built by: NET48REL1
    00007FFB5EFF0000-00007FFB5FAB7000 clr.dll (Microsoft Corporation),
    version: 4.8.4010.0 built by: NET48REL1LAST_B
    00007FFB60D30000-00007FFB60D46000 VCRUNTIME140_CLR0400.dll (Microsoft Corporation),
    version: 14.10.25028.0 built by: VCTOOLSD15RTM
    00007FFB602C0000-00007FFB6037D000 ucrtbase_clr0400.dll (Microsoft Corporation),
    version: 14.10.25028.0 built by: VCTOOLSD15RTM
    00007FFB5D9F0000-00007FFB5EFEE000 mscorlib.ni.dll (Microsoft Corporation),
    version: 4.8.4010.0 built by: NET48REL1LAST_B
    00007FFB59CD0000-00007FFB59E1E000 clrjit.dll (Microsoft Corporation),
    version: 4.8.4010.0 built by: NET48REL1LAST_B
    00007FFB54E70000-00007FFB54EB8000 mpq.so (),
    version:
    00007FFB56110000-00007FFB565E6000 WININET.dll (Microsoft Corporation),
    version: 11.00.18362.329 (WinBuild.160101.0800)
    00007FFB409F0000-00007FFB40B4D000 pdf.so (),
    version:
    00007FFB55A10000-00007FFB55A2D000 ishield.so (),
    version:
    00007FFB55650000-00007FFB55662000 sfact.so (),
    version:
    00007FFB54C50000-00007FFB54C65000 gentee.so (),
    version:
    00007FFB607C0000-00007FFB60996000 urlmon.dll (Microsoft Corporation),
    version: 11.00.18362.356 (WinBuild.160101.0800)
    00007FFB72510000-00007FFB7251C000 CRYPTBASE.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB5CD80000-00007FFB5D9F0000 System.ni.dll (Microsoft Corporation),
    version: 4.8.4001.0 built by: NET48REL1LAST_C
    00007FFB59E20000-00007FFB5A6CB000 System.Xml.ni.dll (Microsoft Corporation),
    version: 4.8.3752.0 built by: NET48REL1
    00007FFB71EB0000-00007FFB71EE3000 rsaenh.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB3F760000-00007FFB3F866000 arclite.dll (Eugene Roshal & Far Grou),
    version: 3.0.310
    00000000581B0000-0000000058355000 7z.dll (Igor Pavlov),
    version: 19.00
    00007FFB47200000-00007FFB47223000 edputil.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB6E520000-00007FFB6E673000 wintypes.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB4E6F0000-00007FFB4E783000 appresolver.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB63730000-00007FFB6378D000 Bcp47Langs.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB719E0000-00007FFB71A07000 SLC.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB719B0000-00007FFB719D6000 sppc.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB51EF0000-00007FFB51F69000 OneCoreCommonProxyStub.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)

    Process Trace
    1 C:\Program Files\Far Manager\Far.exe [6248] 2019-09-20T15:40:22
    2 C:\Windows\explorer.exe [5456] 2019-09-20T02:28:15
    3 C:\Windows\System32\userinit.exe [5300] 2019-09-20T02:28:14 23.5s
    4 C:\Windows\System32\winlogon.exe [396] 2019-09-20T02:28:11
    winlogon.exe
    5 C:\Windows\System32\smss.exe [792] 2019-09-20T02:28:11 287ms
    \SystemRoot\System32\smss.exe 00000140 00000084

    Thumbprint
    6d2ef8923eb64c871c9faba89d82c5b3fce9b26381972695a864d262a1f16e4f
    Esemény XML:
    <Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='HitmanPro.Alert'/><EventID Qualifiers='0'>911</EventID><Level>2</Level><Task>9</Task><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2019-09-20T15:43:00.498334200Z'/><EventRecordID>12633</EventRecordID><Channel>Application</Channel><Computer>DESKTOP-J0VB0BC</Computer><Security/></System><EventData><Data>C:\Program Files\Far Manager\Far.exe</Data><Data>Lockdown</Data><Data>Mitigation Lockdown
    Timestamp 2019-09-20T15:43:00

    Platform 10.0.18362/x64 v789 06_9e
    PID 6248
    Feature 001F1A361FBF01B2
    Application C:\Program Files\Far Manager\Far.exe
    Created 2019-08-23T02:15:34
    Modified 2019-08-23T02:15:34
    Description File and archive manager 3.0

    Filename C:\4\PublicDNS.exe
    Created By C:\Program Files\Far Manager\Far.exe

    Command line:
    "C:\4\PublicDNS.exe"

    Loaded Modules
    -----------------------------------------------------------------------------
    00007FF6A6840000-00007FF6A6D9A000 Far.exe (Eugene Roshal &amp; Far Grou),
    version: 3.0.0.5454 x64
    00007FFB75D20000-00007FFB75F10000 ntdll.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB728D0000-00007FFB729E8000 hmpalert.dll (SurfRight B.V.),
    version: 3.7.10.789
    00007FFB74960000-00007FFB74A12000 KERNEL32.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB72F80000-00007FFB73223000 KERNELBASE.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB745F0000-00007FFB74783000 USER32.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB72D60000-00007FFB72D81000 win32u.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB75580000-00007FFB755A6000 GDI32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB73A30000-00007FFB73BC4000 gdi32full.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB72E90000-00007FFB72F2E000 msvcp_win.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB72D90000-00007FFB72E8A000 ucrtbase.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB75740000-00007FFB757E3000 ADVAPI32.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB74540000-00007FFB745DE000 msvcrt.dll (Microsoft Corporation),
    version: 7.0.18362.1 (WinBuild.160101.0800)
    00007FFB743D0000-00007FFB74467000 sechost.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB74160000-00007FFB74280000 RPCRT4.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB74E90000-00007FFB75575000 SHELL32.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB72F30000-00007FFB72F7A000 cfgmgr32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB74320000-00007FFB743C9000 shcore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB759A0000-00007FFB75CD6000 combase.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB73230000-00007FFB732B0000 bcryptPrimitives.dll (Microsoft Corporation),
    version: 10.0.18362.295 (WinBuild.160101.0800)
    00007FFB732B0000-00007FFB73A2E000 windows.storage.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB72C90000-00007FFB72CAF000 profapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB72C00000-00007FFB72C4A000 powrprof.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB72BF0000-00007FFB72C00000 UMPDC.dll (),
    version:
    00007FFB74800000-00007FFB74852000 shlwapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB72C70000-00007FFB72C81000 kernel.appcore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB73C30000-00007FFB73C47000 cryptsp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB73F80000-00007FFB740D6000 ole32.dll (Microsoft Corporation),
    version: 10.0.18362.113 (WinBuild.160101.0800)
    00007FFB742B0000-00007FFB742B8000 PSAPI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB74A20000-00007FFB74E90000 SETUPAPI.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB73C50000-00007FFB73C76000 bcrypt.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB75660000-00007FFB75730000 COMDLG32.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB4CA10000-00007FFB4CA99000 WINSPOOL.DRV (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB6A160000-00007FFB6A177000 NETAPI32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB675C0000-00007FFB675DB000 MPR.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB66220000-00007FFB6622C000 Secur32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB6AC90000-00007FFB6AC9A000 VERSION.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB72AE0000-00007FFB72B05000 USERENV.dll (Microsoft Corporation),
    version: 10.0.18362.175 (WinBuild.160101.0800)
    00007FFB66230000-00007FFB664B5000 COMCTL32.dll (Microsoft Corporation),
    version: 6.10 (WinBuild.160101.0800)
    00007FFB6F490000-00007FFB6F57F000 PROPSYS.dll (Microsoft Corporation),
    version: 7.0.18362.267 (WinBuild.160101.0800)
    00007FFB74470000-00007FFB74534000 OLEAUT32.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB72050000-00007FFB7208A000 IPHLPAPI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB72090000-00007FFB7209C000 NETUTILS.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB6D980000-00007FFB6D998000 SAMCLI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB6A130000-00007FFB6A156000 SRVCLI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB72B10000-00007FFB72B3F000 SSPICLI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB74280000-00007FFB742AE000 IMM32.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB70E50000-00007FFB70EE9000 uxtheme.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB53C20000-00007FFB53EE1000 Start10_64.dll (Stardock Software, Inc),
    version: 1.7.1.0
    00007FFB75860000-00007FFB75995000 MSCTF.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB755B0000-00007FFB75652000 clbcatq.dll (Microsoft Corporation),
    version: 2001.12.10941.16384 (WinBuild.160101.080
    00007FFB46320000-00007FFB46525000 explorerframe.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB6F350000-00007FFB6F36E000 LuaMacro.dll (Eugene Roshal &amp; Far Grou),
    version: 3.0 build 698
    00000000001D0000-0000000000245000 lua51.dll (),
    version:
    00007FFB55EC0000-00007FFB55F32000 luafar3.dll (Eugene Roshal &amp; Far Grou),
    version: 3.1 build 1
    0000000000250000-0000000000265000 lpeg.dll (),
    version:
    00007FFB62670000-00007FFB626AD000 PortaDev.dll (Artem Senichev),
    version: 3.11.0.4040
    00007FFB6D8E0000-00007FFB6D97E000 PortableDeviceApi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB729F0000-00007FFB72A1A000 DEVOBJ.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB73BD0000-00007FFB73C2C000 WINTRUST.dll (Microsoft Corporation),
    version: 10.0.18362.145 (WinBuild.160101.0800)
    00007FFB72C50000-00007FFB72C62000 MSASN1.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB73C80000-00007FFB73DC9000 CRYPT32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB6ADF0000-00007FFB6AE20000 PortableDeviceTypes.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB60C90000-00007FFB60CB6000 TmpPanel.dll (Eugene Roshal &amp; Far Grou),
    version: 3.0 build 108
    00007FFB6CEE0000-00007FFB6CF8E000 mscms.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB6CEC0000-00007FFB6CED7000 ColorAdapterClient.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB59680000-00007FFB596C3000 icm32.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB4EDA0000-00007FFB4EDA7000 msimg32.dll (Microsoft Corporation),
    version: 10.0.18362.175 (WinBuild.160101.0800)
    00007FFB6C4F0000-00007FFB6CC5B000 OneCoreUAPCommonProxyStub.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB71B30000-00007FFB71B61000 ntmarta.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB471E0000-00007FFB47200000 CLDAPI.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB65EE0000-00007FFB65EEA000 FLTLIB.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB513B0000-00007FFB514E5000 Windows.StateRepositoryPS.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB70C70000-00007FFB70CFF000 apphelp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB55F40000-00007FFB55FA0000 DropboxExt64.27.0.dll (Dropbox, Inc.),
    version: 1.0.27.0
    00007FFB4A930000-00007FFB4A9AE000 ntshrui.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFB4B440000-00007FFB4B452000 cscapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB748E0000-00007FFB74956000 coml2.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB4E690000-00007FFB4E69D000 LINKINFO.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB66770000-00007FFB66E5A000 ieframe.dll (Microsoft Corporation),
    version: 11.00.18362.329 (WinBuild.160101.0800)
    00007FFB664C0000-00007FFB66766000 iertutil.dll (Microsoft Corporation),
    version: 11.00.18362.329 (WinBuild.160101.0800)
    00007FFB6D030000-00007FFB6D120000 WINHTTP.dll (Microsoft Corporation),
    version: 10.0.18362.207 (WinBuild.160101.0800)
    00007FFB6ED40000-00007FFB6ED57000 WKSCLI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB6CD70000-00007FFB6CDC1000 msIso.dll (Microsoft Corporation),
    version: 11.00.18362.329 (WinBuild.160101.0800)
    00007FFB62C60000-00007FFB62C73000 virtdisk.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB70BC0000-00007FFB70BCA000 c_is2022.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB59220000-00007FFB5925C000 c_g18030.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB62230000-00007FFB62239000 c_gsm7.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB60DB0000-00007FFB60DB9000 c_iscii.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB59170000-00007FFB591A0000 4Observer.dll (),
    version: 1, 11, 2, 0
    00007FFB59040000-00007FFB59068000 msi.so (),
    version:
    0000000058440000-00000000584D8000 MSVCP100.dll (Microsoft Corporation),
    version: 10.00.40219.325
    0000000058360000-0000000058432000 MSVCR100.dll (Microsoft Corporation),
    version: 10.00.40219.325
    00007FFB67150000-00007FFB675B6000 msi.dll (Microsoft Corporation),
    version: 5.0.18362.207
    00007FFB55E90000-00007FFB55EBC000 nsis.so (),
    version:
    00007FFB60C20000-00007FFB60C2A000 wise.so (),
    version:
    00007FFB594E0000-00007FFB594F8000 zlib1.dll (),
    version: 1.2.8
    00007FFB59620000-00007FFB59628000 vp.so (),
    version:
    00007FFB59440000-00007FFB5944D000 relic.so (),
    version:
    00007FFB55BF0000-00007FFB55C3C000 pst.so (),
    version:
    00007FFB55E60000-00007FFB55E83000 valve.so (),
    version:
    00007FFB571C0000-00007FFB571D1000 udfimg.so (),
    version:
    00007FFB55DA0000-00007FFB55DB3000 isoimg.so (),
    version:
    00007FFB55D80000-00007FFB55D94000 LIBBZ2.dll (),
    version:
    00007FFB59210000-00007FFB5921B000 x23cat.so (),
    version:
    00007FFB58FC0000-00007FFB58FCA000 mbox.so (),
    version:
    00007FFB55970000-00007FFB559BA000 gobject-2.0.dll (The GLib developer commu),
    version: 2.28.8.0
    00007FFB54EC0000-00007FFB54F0B000 gmime.dll (),
    version:
    00007FFB44B20000-00007FFB44C3A000 glib-2.0.dll (The GLib developer commu),
    version: 2.28.8.0
    00007FFB757F0000-00007FFB7585F000 WS2_32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB58E30000-00007FFB58E3A000 mime.so (),
    version:
    00007FFB55A30000-00007FFB55A46000 vdisk.so (),
    version:
    00007FFB60BB0000-00007FFB60C14000 mscoree.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB60B00000-00007FFB60BA9000 mscoreei.dll (Microsoft Corporation),
    version: 4.8.3752.0 built by: NET48REL1
    00007FFB5EFF0000-00007FFB5FAB7000 clr.dll (Microsoft Corporation),
    version: 4.8.4010.0 built by: NET48REL1LAST_B
    00007FFB60D30000-00007FFB60D46000 VCRUNTIME140_CLR0400.dll (Microsoft Corporation),
    version: 14.10.25028.0 built by: VCTOOLSD15RTM
    00007FFB602C0000-00007FFB6037D000 ucrtbase_clr0400.dll (Microsoft Corporation),
    version: 14.10.25028.0 built by: VCTOOLSD15RTM
    00007FFB5D9F0000-00007FFB5EFEE000 mscorlib.ni.dll (Microsoft Corporation),
    version: 4.8.4010.0 built by: NET48REL1LAST_B
    00007FFB59CD0000-00007FFB59E1E000 clrjit.dll (Microsoft Corporation),
    version: 4.8.4010.0 built by: NET48REL1LAST_B
    00007FFB54E70000-00007FFB54EB8000 mpq.so (),
    version:
    00007FFB56110000-00007FFB565E6000 WININET.dll (Microsoft Corporation),
    version: 11.00.18362.329 (WinBuild.160101.0800)
    00007FFB409F0000-00007FFB40B4D000 pdf.so (),
    version:
    00007FFB55A10000-00007FFB55A2D000 ishield.so (),
    version:
    00007FFB55650000-00007FFB55662000 sfact.so (),
    version:
    00007FFB54C50000-00007FFB54C65000 gentee.so (),
    version:
    00007FFB607C0000-00007FFB60996000 urlmon.dll (Microsoft Corporation),
    version: 11.00.18362.356 (WinBuild.160101.0800)
    00007FFB72510000-00007FFB7251C000 CRYPTBASE.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB5CD80000-00007FFB5D9F0000 System.ni.dll (Microsoft Corporation),
    version: 4.8.4001.0 built by: NET48REL1LAST_C
    00007FFB59E20000-00007FFB5A6CB000 System.Xml.ni.dll (Microsoft Corporation),
    version: 4.8.3752.0 built by: NET48REL1
    00007FFB71EB0000-00007FFB71EE3000 rsaenh.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB3F760000-00007FFB3F866000 arclite.dll (Eugene Roshal &amp; Far Grou),
    version: 3.0.310
    00000000581B0000-0000000058355000 7z.dll (Igor Pavlov),
    version: 19.00
    00007FFB47200000-00007FFB47223000 edputil.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB6E520000-00007FFB6E673000 wintypes.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFB4E6F0000-00007FFB4E783000 appresolver.dll (Microsoft Corporation),
    version: 10.0.18362.356 (WinBuild.160101.0800)
    00007FFB63730000-00007FFB6378D000 Bcp47Langs.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB719E0000-00007FFB71A07000 SLC.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB719B0000-00007FFB719D6000 sppc.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFB51EF0000-00007FFB51F69000 OneCoreCommonProxyStub.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)

    Process Trace
    1 C:\Program Files\Far Manager\Far.exe [6248] 2019-09-20T15:40:22
    2 C:\Windows\explorer.exe [5456] 2019-09-20T02:28:15
    3 C:\Windows\System32\userinit.exe [5300] 2019-09-20T02:28:14 23.5s
    4 C:\Windows\System32\winlogon.exe [396] 2019-09-20T02:28:11
    winlogon.exe
    5 C:\Windows\System32\smss.exe [792] 2019-09-20T02:28:11 287ms
    \SystemRoot\System32\smss.exe 00000140 00000084

    Thumbprint
    6d2ef8923eb64c871c9faba89d82c5b3fce9b26381972695a864d262a1f16e4f</Data></EventData></Event>

    I have included Public DNS.exe as an exception, but HitmanPro.Alert still blocks PublicDNS.exe. How can I run the PublicDNS.exe file?
     
    Last edited: Sep 20, 2019
  19. Libraman

    Libraman Registered Member

    Joined:
    Apr 26, 2016
    Posts:
    51
    Hi @feerf56
    I tried and no problems.
    I think that 'Public Dns' is not the responsable. Far Manager.
    Regards
     
  20. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    163
    Just because everything is OK with publicDNS at your PC does not mean that publicDNS is not the problem. Such things are very dependent on other hardware and software environments and operating system setups. This error also occurs when I start publicDNS with Total Commander or the Windows 10 file manager.
    For example, Windows 10 update errors do not occur to all users for the above reasons. Whatever the case, the bug is bug (error is error) and Microsoft will fix it.

    Regards

    • ESET IS 12.2.29.0
    • HitmanPro.Alert 3.7.10 (789)
    • W10 1903

    PS: I don't know what the cause of the error was yesterday, but this morning it didn't come out, I couldn't reproduce it today.

    2019-09-21_064036.jpg

    Maybe I didn't reboot my PC yesterday when I included publicDNS as an exception to HitmanPro.Alert? Could this be the cause of the error?

     
    Last edited: Sep 21, 2019
  21. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    163
    Can I use HitmanPro.Alert legally on my VMWare virtual machine or is it unnecessary because it is protected by Hitmanpro.Alert on my PC?
     
  22. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    20,977
    #15593: "Mitigation Lockdown"
    I guess FAR Manager is one of your protected programs.
    FAR Manager extracted PublicDNS.exe and further execution of this file will be prevented.
    After a reboot the "lock on this" file will be released.
     
  23. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    172
    Location:
    VPN city
    Perhaps you could mitigate conflicts by having HMP.Alert! monitor any antivirus program that registers to the security center.
     
  24. whatsisname

    whatsisname Registered Member

    Joined:
    Sep 28, 2019
    Posts:
    4
    Location:
    uk
    hi all, I recently got hit by a phobos ransomware called .actin that believe got in thru an rdp exploit. I am in the process of sorting the mess and recovery out, and looking at ongoing prevention.

    I am looking at hitmanpro alert. would it have caught the virus and stopped the file encryption process?

    the obvious preventions are now in place, ALL ports now closed on the router, air gap backups etc so hopefully it won't be able to gain access again, but would like to have a mechanism in place in case it does.
     
  25. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    172
    Location:
    VPN city
    You need a good whitelisting application with HIPS and/or some other kind of protection from command lines to go with HMP.Alert!. That way you still have a safety net.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.