HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    8,167
    Location:
    Among the gum trees
    Code:
    Log Name:      Application
    Source:        HitmanPro.Alert
    Date:          21/02/2020 11:43:05 AM
    Event ID:      911
    Task Category: Mitigation
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      David-HP
    Description:
    Mitigation   WipeGuard
    Timestamp    2020-02-21T00:43:05
    
    Platform     10.0.18363/x64 v795 06_5e
    PID          8132
    Feature      001F0AB0000001A6
    Application  C:\Users\David\Downloads\rufus-3.8p.exe
    Created      2020-02-21T00:15:50
    Modified     2020-02-21T00:15:51
    Description  Rufus 3.8
    
    Master Boot Record (MBR)
    Volume:(null)
    LBA=0, Len=1
    
    0000  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0010  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0020  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0030  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0040  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0050  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0060  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0070  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0080  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0090  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00A0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00B0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00C0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00D0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00E0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00F0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0100  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0110  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0120  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0130  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0140  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0150  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0160  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0170  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0180  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0190  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    01A0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    01B0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    01C0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    01D0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    01E0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    01F0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    
    
    Loaded Modules
    -----------------------------------------------------------------------------
    00400000-00728000 C:\Users\David\Downloads\rufus-3.8p.exe
                      3.8.1580.0 (Akeo Consulting)
    77CF0000-77E8A000 C:\Windows\SYSTEM32\ntdll.dll
                      10.0.18362.657 (Microsoft Corporation)
    77C00000-77CE0000 C:\Windows\System32\KERNEL32.dll
                      10.0.18362.329 (Microsoft Corporation)
    753C0000-754B0000 C:\Windows\System32\hmpalert.dll
                      3.7.13.795 (SurfRight B.V.)
    75D10000-75F0D000 C:\Windows\System32\KERNELBASE.dll
                      10.0.18362.628 (Microsoft Corporation)
    72B80000-72C1F000 C:\Windows\SYSTEM32\apphelp.dll
                      10.0.18362.1 (Microsoft Corporation)
    76820000-76899000 C:\Windows\System32\ADVAPI32.dll
                      10.0.18362.329 (Microsoft Corporation)
    75770000-7582F000 C:\Windows\System32\msvcrt.dll
                      7.0.18362.1 (Microsoft Corporation)
    77AE0000-77B56000 C:\Windows\System32\sechost.dll
                      10.0.18362.267 (Microsoft Corporation)
    770F0000-771AB000 C:\Windows\System32\RPCRT4.dll
                      10.0.18362.628 (Microsoft Corporation)
    754C0000-754E0000 C:\Windows\System32\SspiCli.dll
                      10.0.18362.1 (Microsoft Corporation)
    754B0000-754BA000 C:\Windows\System32\CRYPTBASE.dll
                      10.0.18362.1 (Microsoft Corporation)
    76E00000-76E5F000 C:\Windows\System32\bcryptPrimitives.dll
                      10.0.18362.295 (Microsoft Corporation)
    77040000-770F0000 C:\Windows\System32\COMDLG32.DLL
                      10.0.18362.418 (Microsoft Corporation)
    768A0000-76B15000 C:\Windows\System32\combase.dll
                      10.0.18362.628 (Microsoft Corporation)
    76B40000-76C5F000 C:\Windows\System32\ucrtbase.dll
                      10.0.18362.387 (Microsoft Corporation)
    77B60000-77BE4000 C:\Windows\System32\shcore.dll
                      10.0.18362.1 (Microsoft Corporation)
    76C60000-76DF7000 C:\Windows\System32\USER32.dll
                      10.0.18362.657 (Microsoft Corporation)
    76EE0000-76EF7000 C:\Windows\System32\win32u.dll
                      10.0.18362.657 (Microsoft Corporation)
    75CE0000-75D01000 C:\Windows\System32\GDI32.dll
                      10.0.18362.1 (Microsoft Corporation)
    76140000-7629A000 C:\Windows\System32\gdi32full.dll
                      10.0.18362.535 (Microsoft Corporation)
    76E60000-76EDC000 C:\Windows\System32\msvcp_win.dll
                      10.0.18362.387 (Microsoft Corporation)
    75530000-75574000 C:\Windows\System32\SHLWAPI.dll
                      10.0.18362.1 (Microsoft Corporation)
    762A0000-7681A000 C:\Windows\System32\SHELL32.dll
                      10.0.18362.628 (Microsoft Corporation)
    77350000-7738B000 C:\Windows\System32\cfgmgr32.dll
                      10.0.18362.387 (Microsoft Corporation)
    77470000-77A35000 C:\Windows\System32\windows.storage.dll
                      10.0.18362.628 (Microsoft Corporation)
    76F10000-76F27000 C:\Windows\System32\profapi.dll
                      10.0.18362.1 (Microsoft Corporation)
    77390000-773D3000 C:\Windows\System32\powrprof.dll
                      10.0.18362.1 (Microsoft Corporation)
    773E0000-773ED000 C:\Windows\System32\UMPDC.dll
                      -.-.-.- (-)
    76F00000-76F0F000 C:\Windows\System32\kernel.appcore.dll
                      10.0.18362.1 (Microsoft Corporation)
    75580000-75593000 C:\Windows\System32\cryptsp.dll
                      10.0.18362.1 (Microsoft Corporation)
    75FB0000-760AB000 C:\Windows\System32\CRYPT32.dll
                      10.0.18362.592 (Microsoft Corporation)
    75F10000-75F1E000 C:\Windows\System32\MSASN1.dll
                      10.0.18362.1 (Microsoft Corporation)
    75670000-75767000 C:\Windows\System32\ole32.dll
                      10.0.18362.113 (Microsoft Corporation)
    75890000-75CD9000 C:\Windows\System32\SETUPAPI.dll
                      10.0.18362.1 (Microsoft Corporation)
    77320000-77339000 C:\Windows\System32\bcrypt.dll
                      10.0.18362.267 (Microsoft Corporation)
    754E0000-75526000 C:\Windows\System32\WINTRUST.dll
                      10.0.18362.387 (Microsoft Corporation)
    72970000-72B7F000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.657_none_2e72ec50278a619e\COMCTL32.DLL
                      6.10.18362.657 (Microsoft Corporation)
    76110000-76135000 C:\Windows\System32\IMM32.DLL
                      10.0.18362.387 (Microsoft Corporation)
    752A0000-7533C000 C:\Program Files (x86)\0patch\Agent\0PatchLoader.dll
                      19.11.15.10650 (Acros Security)
    75290000-75298000 C:\Windows\SYSTEM32\VERSION.dll
                      10.0.18362.1 (Microsoft Corporation)
    75100000-7528F000 C:\Windows\SYSTEM32\dbghelp.dll
                      10.0.18362.1 (Microsoft Corporation)
    750D0000-750F4000 C:\Windows\SYSTEM32\dbgcore.DLL
                      10.0.18362.1 (Microsoft Corporation)
    750A0000-750C9000 C:\Windows\SYSTEM32\ntmarta.dll
                      10.0.18362.1 (Microsoft Corporation)
    76B20000-76B3B000 C:\Windows\System32\imagehlp.dll
                      10.0.18362.1 (Microsoft Corporation)
    75050000-7507F000 C:\Windows\system32\rsaenh.dll
                      10.0.18362.1 (Microsoft Corporation)
    74E40000-74EBA000 C:\Windows\system32\uxtheme.dll
                      10.0.18362.449 (Microsoft Corporation)
    728F0000-7296A000 C:\Windows\SYSTEM32\Riched20.DLL
                      5.31.23.1231 (Microsoft Corporation)
    728D0000-728E7000 C:\Windows\SYSTEM32\USP10.dll
                      10.0.18362.476 (Microsoft Corporation)
    72890000-728C1000 C:\Windows\SYSTEM32\msls31.dll
                      3.10.349.0 (Microsoft Corporation)
    773F0000-77470000 C:\Windows\System32\clbcatq.dll
                      2001.12.10941.16384 (Microsoft Corporation)
    76F30000-77033000 C:\Windows\System32\MSCTF.dll
                      10.0.18362.535 (Microsoft Corporation)
    77A40000-77AD2000 C:\Windows\System32\OLEAUT32.dll
                      10.0.18362.535 (Microsoft Corporation)
    73DB0000-73E34000 C:\Windows\System32\TextInputFramework.dll
                      10.0.18362.207 (Microsoft Corporation)
    73B50000-73DAE000 C:\Windows\System32\CoreUIComponents.dll
                      10.0.18362.207 (Microsoft Corporation)
    73AC0000-73B49000 C:\Windows\System32\CoreMessaging.dll
                      10.0.18362.1 (Microsoft Corporation)
    739E0000-73ABA000 C:\Windows\SYSTEM32\wintypes.dll
                      10.0.18362.628 (Microsoft Corporation)
    74600000-74829000 C:\Windows\System32\iertutil.dll
                      11.0.18362.628 (Microsoft Corporation)
    73870000-739D9000 C:\Windows\SYSTEM32\WindowsCodecs.dll
                      10.0.18362.1 (Microsoft Corporation)
    72880000-72888000 C:\Windows\system32\IconCodecService.dll
                      10.0.18362.1 (Microsoft Corporation)
    73580000-73703000 C:\Windows\system32\explorerframe.dll
                      10.0.18362.418 (Microsoft Corporation)
    734D0000-734F3000 C:\Windows\SYSTEM32\DEVOBJ.dll
                      10.0.18362.387 (Microsoft Corporation)
    741A0000-745FC000 C:\Windows\SYSTEM32\WinInet.DLL
                      11.0.18362.657 (Microsoft Corporation)
    73ED0000-73F95000 C:\Windows\system32\propsys.dll
                      7.0.18362.267 (Microsoft Corporation)
    72710000-72877000 C:\Windows\SYSTEM32\DUI70.dll
                      10.0.18362.1 (Microsoft Corporation)
    72690000-72707000 C:\Windows\SYSTEM32\DUser.dll
                      10.0.18362.1 (Microsoft Corporation)
    74EC0000-74EE5000 C:\Windows\SYSTEM32\dwmapi.dll
                      10.0.18362.267 (Microsoft Corporation)
    72600000-72682000 C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
                      10.0.18362.1 (Microsoft Corporation)
    725E0000-725FB000 C:\Windows\SYSTEM32\edputil.dll
                      10.0.18362.1 (Microsoft Corporation)
    72590000-725DA000 C:\Windows\System32\thumbcache.dll
                      10.0.18362.1 (Microsoft Corporation)
    72510000-72583000 C:\Windows\SYSTEM32\policymanager.dll
                      10.0.18362.387 (Microsoft Corporation)
    724A0000-72505000 C:\Windows\SYSTEM32\msvcp110_win.dll
                      10.0.18362.1 (Microsoft Corporation)
    73270000-732A1000 C:\Windows\system32\dataexchange.dll
                      10.0.18362.1 (Microsoft Corporation)
    73090000-7326E000 C:\Windows\system32\d3d11.dll
                      10.0.18362.387 (Microsoft Corporation)
    72F20000-73089000 C:\Windows\system32\dcomp.dll
                      10.0.18362.387 (Microsoft Corporation)
    72E50000-72F11000 C:\Windows\system32\dxgi.dll
                      10.0.18362.387 (Microsoft Corporation)
    72E30000-72E49000 C:\Windows\SYSTEM32\dxcore.dll
                      10.0.18362.1 (Microsoft Corporation)
    72C40000-72E24000 C:\Windows\system32\twinapi.appcore.dll
                      10.0.18362.592 (Microsoft Corporation)
    72C20000-72C3F000 C:\Windows\system32\RMCLIENT.dll
                      10.0.18362.267 (Microsoft Corporation)
    720A0000-721EF000 C:\Windows\System32\Windows.Globalization.dll
                      10.0.18362.86 (Microsoft Corporation)
    72050000-72095000 C:\Windows\System32\Bcp47Langs.dll
                      10.0.18362.657 (Microsoft Corporation)
    72020000-72043000 C:\Windows\System32\bcp47mrm.dll
                      10.0.18362.657 (Microsoft Corporation)
    72000000-7201C000 C:\Windows\SYSTEM32\globinputhost.dll
                      10.0.18362.657 (Microsoft Corporation)
    71FF0000-72000000 C:\Windows\System32\AssignedAccessRuntime.dll
                      10.0.18362.387 (Microsoft Corporation)
    71F30000-71FB5000 C:\Windows\System32\StructuredQuery.dll
                      7.0.18362.657 (Microsoft Corporation)
    71F20000-71F2D000 C:\Windows\SYSTEM32\atlthunk.dll
                      10.0.18362.1 (Microsoft Corporation)
    71E90000-71F1B000 C:\Windows\System32\Windows.StateRepositoryPS.dll
                      10.0.18362.1 (Microsoft Corporation)
    71DF0000-71E8D000 C:\Windows\system32\Windows.Storage.Search.dll
                      10.0.18362.387 (Microsoft Corporation)
    75370000-75388000 C:\Windows\SYSTEM32\MPR.dll
                      10.0.18362.1 (Microsoft Corporation)
    760B0000-7610E000 C:\Windows\System32\coml2.dll
                      10.0.18362.1 (Microsoft Corporation)
    71DE0000-71DE9000 C:\Windows\System32\drprov.dll
                      10.0.18362.1 (Microsoft Corporation)
    74FA0000-74FE9000 C:\Windows\System32\WINSTA.dll
                      10.0.18362.53 (Microsoft Corporation)
    71DD0000-71DDB000 C:\Windows\SYSTEM32\LINKINFO.dll
                      10.0.18362.1 (Microsoft Corporation)
    71DB0000-71DC2000 C:\Windows\System32\ntlanman.dll
                      10.0.18362.1 (Microsoft Corporation)
    71D90000-71DA9000 C:\Windows\System32\davclnt.dll
                      10.0.18362.1 (Microsoft Corporation)
    71D80000-71D8A000 C:\Windows\System32\DAVHLPR.dll
                      10.0.18362.1 (Microsoft Corporation)
    71D70000-71D80000 C:\Windows\System32\wkscli.dll
                      10.0.18362.1 (Microsoft Corporation)
    71D60000-71D6E000 C:\Windows\SYSTEM32\cscapi.dll
                      10.0.18362.1 (Microsoft Corporation)
    75360000-7536B000 C:\Windows\System32\netutils.dll
                      10.0.18362.1 (Microsoft Corporation)
    71CD0000-71D52000 C:\Windows\System32\twinapi.dll
                      10.0.18362.628 (Microsoft Corporation)
    71C80000-71CC3000 C:\Windows\System32\dlnashext.dll
                      10.0.18362.1 (Microsoft Corporation)
    71C30000-71C79000 C:\Windows\System32\PlayToDevice.dll
                      10.0.18362.1 (Microsoft Corporation)
    71C10000-71C2B000 C:\Windows\System32\DevDispItemProvider.dll
                      10.0.18362.1 (Microsoft Corporation)
    0A830000-0AA3C000 C:\Program Files\Norton Security\Engine32\22.20.1.69\buShell.dll
                      10.14.0.17 (Symantec Corporation)
    73FA0000-74109000 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.657_none_5f5ddf35821cdb6c\gdiplus.dll
                      10.0.18362.657 (Microsoft Corporation)
    719E0000-719F3000 C:\Windows\system32\NetworkExplorer.dll
                      10.0.18362.1 (Microsoft Corporation)
    719C0000-719DD000 C:\Program Files\Norton Security\Engine32\22.20.1.69\EFACli.dll
                      7.3.2.15 (Symantec Corporation)
    71940000-719B3000 C:\Program Files\Norton Security\Engine32\22.20.1.69\MSVCP140.dll
                      14.14.26405.0 (Microsoft Corporation)
    71920000-71935000 C:\Program Files\Norton Security\Engine32\22.20.1.69\VCRUNTIME140.dll
                      14.14.26405.0 (Microsoft Corporation)
    73500000-73562000 C:\Windows\System32\MMDevApi.dll
                      10.0.18362.387 (Microsoft Corporation)
    71900000-71918000 C:\Program Files\Norton Security\Engine32\22.20.1.69\ccVrTrst.dll
                      17.2.3.37 (Symantec Corporation)
    71850000-718F9000 C:\Program Files\Norton Security\Engine32\22.20.1.69\ccLib.dll
                      16.0.2.6 (Symantec Corporation)
    75830000-7588E000 C:\Windows\System32\ws2_32.dll
                      10.0.18362.387 (Microsoft Corporation)
    717C0000-7184C000 C:\Windows\system32\wpdshext.dll
                      10.0.18362.1 (Microsoft Corporation)
    71760000-717B7000 C:\Program Files\Norton Security\Engine32\22.20.1.69\ccSet.dll
                      17.2.3.37 (Symantec Corporation)
    716D0000-71753000 C:\Windows\System32\PortableDeviceApi.dll
                      10.0.18362.1 (Microsoft Corporation)
    716A0000-716C7000 C:\Windows\System32\PortableDeviceTypes.dll
                      10.0.18362.1 (Microsoft Corporation)
    71630000-71691000 C:\Windows\SYSTEM32\ntshrui.dll
                      10.0.18362.329 (Microsoft Corporation)
    75340000-7535C000 C:\Windows\SYSTEM32\srvcli.dll
                      10.0.18362.1 (Microsoft Corporation)
    715F0000-71630000 C:\Windows\system32\audiodev.dll
                      10.0.18362.1 (Microsoft Corporation)
    713E0000-715ED000 C:\Windows\system32\WMVCore.DLL
                      12.0.18362.418 (Microsoft Corporation)
    713A0000-713DD000 C:\Windows\system32\WMASF.DLL
                      12.0.18362.1 (Microsoft Corporation)
    71290000-71396000 C:\Windows\system32\mfperfhelper.dll
                      10.0.18362.1 (Microsoft Corporation)
    73740000-73764000 C:\Windows\system32\WINMM.dll
                      10.0.18362.1 (Microsoft Corporation)
    73710000-73733000 C:\Windows\system32\WINMMBASE.dll
                      10.0.18362.1 (Microsoft Corporation)
    71240000-71289000 C:\Windows\System32\ActXPrxy.dll
                      10.0.18362.329 (Microsoft Corporation)
    71220000-7123B000 C:\Windows\SYSTEM32\CLDAPI.dll
                      10.0.18362.1 (Microsoft Corporation)
    753B0000-753B8000 C:\Windows\SYSTEM32\FLTLIB.DLL
                      10.0.18362.1 (Microsoft Corporation)
    74180000-74192000 C:\Windows\SYSTEM32\ondemandconnroutehelper.dll
                      10.0.18362.1 (Microsoft Corporation)
    74D80000-74E3D000 C:\Windows\SYSTEM32\winhttp.dll
                      10.0.18362.449 (Microsoft Corporation)
    74D40000-74D72000 C:\Windows\SYSTEM32\IPHLPAPI.DLL
                      10.0.18362.1 (Microsoft Corporation)
    74C20000-74C72000 C:\Windows\system32\mswsock.dll
                      10.0.18362.1 (Microsoft Corporation)
    75660000-75667000 C:\Windows\System32\NSI.dll
                      10.0.18362.449 (Microsoft Corporation)
    74C10000-74C18000 C:\Windows\SYSTEM32\WINNSI.DLL
                      10.0.18362.449 (Microsoft Corporation)
    74830000-749DB000 C:\Windows\SYSTEM32\urlmon.dll
                      11.0.18362.628 (Microsoft Corporation)
    74B70000-74C01000 C:\Windows\SYSTEM32\DNSAPI.dll
                      10.0.18362.267 (Microsoft Corporation)
    74B60000-74B68000 C:\Windows\System32\rasadhlp.dll
                      10.0.18362.1 (Microsoft Corporation)
    74B00000-74B51000 C:\Windows\System32\fwpuclnt.dll
                      10.0.18362.113 (Microsoft Corporation)
    74A80000-74AF6000 C:\Windows\System32\schannel.dll
                      10.0.18362.418 (Microsoft Corporation)
    74A70000-74A80000 C:\Windows\SYSTEM32\mskeyprotect.dll
                      10.0.18362.1 (Microsoft Corporation)
    74A40000-74A61000 C:\Windows\SYSTEM32\ncrypt.dll
                      10.0.18362.1 (Microsoft Corporation)
    74A10000-74A38000 C:\Windows\SYSTEM32\NTASN1.dll
                      10.0.18362.1 (Microsoft Corporation)
    749E0000-749E8000 C:\Windows\SYSTEM32\DPAPI.DLL
                      10.0.18362.1 (Microsoft Corporation)
    75000000-75026000 C:\Windows\System32\cryptnet.dll
                      10.0.18362.1 (Microsoft Corporation)
    74D20000-74D33000 C:\Windows\SYSTEM32\dhcpcsvc6.DLL
                      10.0.18362.267 (Microsoft Corporation)
    74D00000-74D15000 C:\Windows\SYSTEM32\dhcpcsvc.DLL
                      10.0.18362.267 (Microsoft Corporation)
    74C80000-74CF7000 C:\Windows\SYSTEM32\webio.dll
                      10.0.18362.628 (Microsoft Corporation)
    749F0000-74A0F000 C:\Windows\system32\ncryptsslp.dll
                      10.0.18362.1 (Microsoft Corporation)
    72490000-724A0000 C:\Windows\System32\vds_ps.dll
                      10.0.18362.1 (Microsoft Corporation)
    
    Process Trace
    1  C:\Users\David\Downloads\rufus-3.8p.exe [8132] 2020-02-21T00:42:26
    2  C:\Windows\explorer.exe [7068] 2020-02-21T00:31:03
    3  C:\Windows\System32\userinit.exe [6244] 2020-02-21T00:31:01 26.1s
    4  C:\Windows\System32\winlogon.exe [756] 2020-02-21T00:30:41
       winlogon.exe
    5  C:\Windows\System32\smss.exe [684] 2020-02-21T00:30:41 93ms
       \SystemRoot\System32\smss.exe 000000f0 00000084
    6  C:\Windows\System32\smss.exe [380] 2020-02-21T00:30:38
       \SystemRoot\System32\smss.exe
    7   [4] 2020-02-21T00:30:38
    
    Thumbprint
    f004a8b84c64c9f05b5b3c0c8117050b52e1a7f4c5317d4e5d73ef16c50a6b02
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="HitmanPro.Alert" />
        <EventID Qualifiers="0">911</EventID>
        <Level>2</Level>
        <Task>9</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2020-02-21T00:43:05.467449200Z" />
        <EventRecordID>60244</EventRecordID>
        <Channel>Application</Channel>
        <Computer>David-HP</Computer>
        <Security />
      </System>
      <EventData>
        <Data>C:\Users\David\Downloads\rufus-3.8p.exe</Data>
        <Data>WipeGuard</Data>
        <Data>Mitigation   WipeGuard
    Timestamp    2020-02-21T00:43:05
    
    Platform     10.0.18363/x64 v795 06_5e
    PID          8132
    Feature      001F0AB0000001A6
    Application  C:\Users\David\Downloads\rufus-3.8p.exe
    Created      2020-02-21T00:15:50
    Modified     2020-02-21T00:15:51
    Description  Rufus 3.8
    
    Master Boot Record (MBR)
    Volume:(null)
    LBA=0, Len=1
    
    0000  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0010  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0020  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0030  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0040  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0050  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0060  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0070  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0080  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0090  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00A0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00B0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00C0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00D0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00E0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00F0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0100  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0110  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0120  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0130  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0140  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0150  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0160  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0170  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0180  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    0190  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    01A0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    01B0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    01C0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    01D0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    01E0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    01F0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    
    
    Loaded Modules
    -----------------------------------------------------------------------------
    00400000-00728000 C:\Users\David\Downloads\rufus-3.8p.exe
                      3.8.1580.0 (Akeo Consulting)
    77CF0000-77E8A000 C:\Windows\SYSTEM32\ntdll.dll
                      10.0.18362.657 (Microsoft Corporation)
    77C00000-77CE0000 C:\Windows\System32\KERNEL32.dll
                      10.0.18362.329 (Microsoft Corporation)
    753C0000-754B0000 C:\Windows\System32\hmpalert.dll
                      3.7.13.795 (SurfRight B.V.)
    75D10000-75F0D000 C:\Windows\System32\KERNELBASE.dll
                      10.0.18362.628 (Microsoft Corporation)
    72B80000-72C1F000 C:\Windows\SYSTEM32\apphelp.dll
                      10.0.18362.1 (Microsoft Corporation)
    76820000-76899000 C:\Windows\System32\ADVAPI32.dll
                      10.0.18362.329 (Microsoft Corporation)
    75770000-7582F000 C:\Windows\System32\msvcrt.dll
                      7.0.18362.1 (Microsoft Corporation)
    77AE0000-77B56000 C:\Windows\System32\sechost.dll
                      10.0.18362.267 (Microsoft Corporation)
    770F0000-771AB000 C:\Windows\System32\RPCRT4.dll
                      10.0.18362.628 (Microsoft Corporation)
    754C0000-754E0000 C:\Windows\System32\SspiCli.dll
                      10.0.18362.1 (Microsoft Corporation)
    754B0000-754BA000 C:\Windows\System32\CRYPTBASE.dll
                      10.0.18362.1 (Microsoft Corporation)
    76E00000-76E5F000 C:\Windows\System32\bcryptPrimitives.dll
                      10.0.18362.295 (Microsoft Corporation)
    77040000-770F0000 C:\Windows\System32\COMDLG32.DLL
                      10.0.18362.418 (Microsoft Corporation)
    768A0000-76B15000 C:\Windows\System32\combase.dll
                      10.0.18362.628 (Microsoft Corporation)
    76B40000-76C5F000 C:\Windows\System32\ucrtbase.dll
                      10.0.18362.387 (Microsoft Corporation)
    77B60000-77BE4000 C:\Windows\System32\shcore.dll
                      10.0.18362.1 (Microsoft Corporation)
    76C60000-76DF7000 C:\Windows\System32\USER32.dll
                      10.0.18362.657 (Microsoft Corporation)
    76EE0000-76EF7000 C:\Windows\System32\win32u.dll
                      10.0.18362.657 (Microsoft Corporation)
    75CE0000-75D01000 C:\Windows\System32\GDI32.dll
                      10.0.18362.1 (Microsoft Corporation)
    76140000-7629A000 C:\Windows\System32\gdi32full.dll
                      10.0.18362.535 (Microsoft Corporation)
    76E60000-76EDC000 C:\Windows\System32\msvcp_win.dll
                      10.0.18362.387 (Microsoft Corporation)
    75530000-75574000 C:\Windows\System32\SHLWAPI.dll
                      10.0.18362.1 (Microsoft Corporation)
    762A0000-7681A000 C:\Windows\System32\SHELL32.dll
                      10.0.18362.628 (Microsoft Corporation)
    77350000-7738B000 C:\Windows\System32\cfgmgr32.dll
                      10.0.18362.387 (Microsoft Corporation)
    77470000-77A35000 C:\Windows\System32\windows.storage.dll
                      10.0.18362.628 (Microsoft Corporation)
    76F10000-76F27000 C:\Windows\System32\profapi.dll
                      10.0.18362.1 (Microsoft Corporation)
    77390000-773D3000 C:\Windows\System32\powrprof.dll
                      10.0.18362.1 (Microsoft Corporation)
    773E0000-773ED000 C:\Windows\System32\UMPDC.dll
                      -.-.-.- (-)
    76F00000-76F0F000 C:\Windows\System32\kernel.appcore.dll
                      10.0.18362.1 (Microsoft Corporation)
    75580000-75593000 C:\Windows\System32\cryptsp.dll
                      10.0.18362.1 (Microsoft Corporation)
    75FB0000-760AB000 C:\Windows\System32\CRYPT32.dll
                      10.0.18362.592 (Microsoft Corporation)
    75F10000-75F1E000 C:\Windows\System32\MSASN1.dll
                      10.0.18362.1 (Microsoft Corporation)
    75670000-75767000 C:\Windows\System32\ole32.dll
                      10.0.18362.113 (Microsoft Corporation)
    75890000-75CD9000 C:\Windows\System32\SETUPAPI.dll
                      10.0.18362.1 (Microsoft Corporation)
    77320000-77339000 C:\Windows\System32\bcrypt.dll
                      10.0.18362.267 (Microsoft Corporation)
    754E0000-75526000 C:\Windows\System32\WINTRUST.dll
                      10.0.18362.387 (Microsoft Corporation)
    72970000-72B7F000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.657_none_2e72ec50278a619e\COMCTL32.DLL
                      6.10.18362.657 (Microsoft Corporation)
    76110000-76135000 C:\Windows\System32\IMM32.DLL
                      10.0.18362.387 (Microsoft Corporation)
    752A0000-7533C000 C:\Program Files (x86)\0patch\Agent\0PatchLoader.dll
                      19.11.15.10650 (Acros Security)
    75290000-75298000 C:\Windows\SYSTEM32\VERSION.dll
                      10.0.18362.1 (Microsoft Corporation)
    75100000-7528F000 C:\Windows\SYSTEM32\dbghelp.dll
                      10.0.18362.1 (Microsoft Corporation)
    750D0000-750F4000 C:\Windows\SYSTEM32\dbgcore.DLL
                      10.0.18362.1 (Microsoft Corporation)
    750A0000-750C9000 C:\Windows\SYSTEM32\ntmarta.dll
                      10.0.18362.1 (Microsoft Corporation)
    76B20000-76B3B000 C:\Windows\System32\imagehlp.dll
                      10.0.18362.1 (Microsoft Corporation)
    75050000-7507F000 C:\Windows\system32\rsaenh.dll
                      10.0.18362.1 (Microsoft Corporation)
    74E40000-74EBA000 C:\Windows\system32\uxtheme.dll
                      10.0.18362.449 (Microsoft Corporation)
    728F0000-7296A000 C:\Windows\SYSTEM32\Riched20.DLL
                      5.31.23.1231 (Microsoft Corporation)
    728D0000-728E7000 C:\Windows\SYSTEM32\USP10.dll
                      10.0.18362.476 (Microsoft Corporation)
    72890000-728C1000 C:\Windows\SYSTEM32\msls31.dll
                      3.10.349.0 (Microsoft Corporation)
    773F0000-77470000 C:\Windows\System32\clbcatq.dll
                      2001.12.10941.16384 (Microsoft Corporation)
    76F30000-77033000 C:\Windows\System32\MSCTF.dll
                      10.0.18362.535 (Microsoft Corporation)
    77A40000-77AD2000 C:\Windows\System32\OLEAUT32.dll
                      10.0.18362.535 (Microsoft Corporation)
    73DB0000-73E34000 C:\Windows\System32\TextInputFramework.dll
                      10.0.18362.207 (Microsoft Corporation)
    73B50000-73DAE000 C:\Windows\System32\CoreUIComponents.dll
                      10.0.18362.207 (Microsoft Corporation)
    73AC0000-73B49000 C:\Windows\System32\CoreMessaging.dll
                      10.0.18362.1 (Microsoft Corporation)
    739E0000-73ABA000 C:\Windows\SYSTEM32\wintypes.dll
                      10.0.18362.628 (Microsoft Corporation)
    74600000-74829000 C:\Windows\System32\iertutil.dll
                      11.0.18362.628 (Microsoft Corporation)
    73870000-739D9000 C:\Windows\SYSTEM32\WindowsCodecs.dll
                      10.0.18362.1 (Microsoft Corporation)
    72880000-72888000 C:\Windows\system32\IconCodecService.dll
                      10.0.18362.1 (Microsoft Corporation)
    73580000-73703000 C:\Windows\system32\explorerframe.dll
                      10.0.18362.418 (Microsoft Corporation)
    734D0000-734F3000 C:\Windows\SYSTEM32\DEVOBJ.dll
                      10.0.18362.387 (Microsoft Corporation)
    741A0000-745FC000 C:\Windows\SYSTEM32\WinInet.DLL
                      11.0.18362.657 (Microsoft Corporation)
    73ED0000-73F95000 C:\Windows\system32\propsys.dll
                      7.0.18362.267 (Microsoft Corporation)
    72710000-72877000 C:\Windows\SYSTEM32\DUI70.dll
                      10.0.18362.1 (Microsoft Corporation)
    72690000-72707000 C:\Windows\SYSTEM32\DUser.dll
                      10.0.18362.1 (Microsoft Corporation)
    74EC0000-74EE5000 C:\Windows\SYSTEM32\dwmapi.dll
                      10.0.18362.267 (Microsoft Corporation)
    72600000-72682000 C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
                      10.0.18362.1 (Microsoft Corporation)
    725E0000-725FB000 C:\Windows\SYSTEM32\edputil.dll
                      10.0.18362.1 (Microsoft Corporation)
    72590000-725DA000 C:\Windows\System32\thumbcache.dll
                      10.0.18362.1 (Microsoft Corporation)
    72510000-72583000 C:\Windows\SYSTEM32\policymanager.dll
                      10.0.18362.387 (Microsoft Corporation)
    724A0000-72505000 C:\Windows\SYSTEM32\msvcp110_win.dll
                      10.0.18362.1 (Microsoft Corporation)
    73270000-732A1000 C:\Windows\system32\dataexchange.dll
                      10.0.18362.1 (Microsoft Corporation)
    73090000-7326E000 C:\Windows\system32\d3d11.dll
                      10.0.18362.387 (Microsoft Corporation)
    72F20000-73089000 C:\Windows\system32\dcomp.dll
                      10.0.18362.387 (Microsoft Corporation)
    72E50000-72F11000 C:\Windows\system32\dxgi.dll
                      10.0.18362.387 (Microsoft Corporation)
    72E30000-72E49000 C:\Windows\SYSTEM32\dxcore.dll
                      10.0.18362.1 (Microsoft Corporation)
    72C40000-72E24000 C:\Windows\system32\twinapi.appcore.dll
                      10.0.18362.592 (Microsoft Corporation)
    72C20000-72C3F000 C:\Windows\system32\RMCLIENT.dll
                      10.0.18362.267 (Microsoft Corporation)
    720A0000-721EF000 C:\Windows\System32\Windows.Globalization.dll
                      10.0.18362.86 (Microsoft Corporation)
    72050000-72095000 C:\Windows\System32\Bcp47Langs.dll
                      10.0.18362.657 (Microsoft Corporation)
    72020000-72043000 C:\Windows\System32\bcp47mrm.dll
                      10.0.18362.657 (Microsoft Corporation)
    72000000-7201C000 C:\Windows\SYSTEM32\globinputhost.dll
                      10.0.18362.657 (Microsoft Corporation)
    71FF0000-72000000 C:\Windows\System32\AssignedAccessRuntime.dll
                      10.0.18362.387 (Microsoft Corporation)
    71F30000-71FB5000 C:\Windows\System32\StructuredQuery.dll
                      7.0.18362.657 (Microsoft Corporation)
    71F20000-71F2D000 C:\Windows\SYSTEM32\atlthunk.dll
                      10.0.18362.1 (Microsoft Corporation)
    71E90000-71F1B000 C:\Windows\System32\Windows.StateRepositoryPS.dll
                      10.0.18362.1 (Microsoft Corporation)
    71DF0000-71E8D000 C:\Windows\system32\Windows.Storage.Search.dll
                      10.0.18362.387 (Microsoft Corporation)
    75370000-75388000 C:\Windows\SYSTEM32\MPR.dll
                      10.0.18362.1 (Microsoft Corporation)
    760B0000-7610E000 C:\Windows\System32\coml2.dll
                      10.0.18362.1 (Microsoft Corporation)
    71DE0000-71DE9000 C:\Windows\System32\drprov.dll
                      10.0.18362.1 (Microsoft Corporation)
    74FA0000-74FE9000 C:\Windows\System32\WINSTA.dll
                      10.0.18362.53 (Microsoft Corporation)
    71DD0000-71DDB000 C:\Windows\SYSTEM32\LINKINFO.dll
                      10.0.18362.1 (Microsoft Corporation)
    71DB0000-71DC2000 C:\Windows\System32\ntlanman.dll
                      10.0.18362.1 (Microsoft Corporation)
    71D90000-71DA9000 C:\Windows\System32\davclnt.dll
                      10.0.18362.1 (Microsoft Corporation)
    71D80000-71D8A000 C:\Windows\System32\DAVHLPR.dll
                      10.0.18362.1 (Microsoft Corporation)
    71D70000-71D80000 C:\Windows\System32\wkscli.dll
                      10.0.18362.1 (Microsoft Corporation)
    71D60000-71D6E000 C:\Windows\SYSTEM32\cscapi.dll
                      10.0.18362.1 (Microsoft Corporation)
    75360000-7536B000 C:\Windows\System32\netutils.dll
                      10.0.18362.1 (Microsoft Corporation)
    71CD0000-71D52000 C:\Windows\System32\twinapi.dll
                      10.0.18362.628 (Microsoft Corporation)
    71C80000-71CC3000 C:\Windows\System32\dlnashext.dll
                      10.0.18362.1 (Microsoft Corporation)
    71C30000-71C79000 C:\Windows\System32\PlayToDevice.dll
                      10.0.18362.1 (Microsoft Corporation)
    71C10000-71C2B000 C:\Windows\System32\DevDispItemProvider.dll
                      10.0.18362.1 (Microsoft Corporation)
    0A830000-0AA3C000 C:\Program Files\Norton Security\Engine32\22.20.1.69\buShell.dll
                      10.14.0.17 (Symantec Corporation)
    73FA0000-74109000 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.657_none_5f5ddf35821cdb6c\gdiplus.dll
                      10.0.18362.657 (Microsoft Corporation)
    719E0000-719F3000 C:\Windows\system32\NetworkExplorer.dll
                      10.0.18362.1 (Microsoft Corporation)
    719C0000-719DD000 C:\Program Files\Norton Security\Engine32\22.20.1.69\EFACli.dll
                      7.3.2.15 (Symantec Corporation)
    71940000-719B3000 C:\Program Files\Norton Security\Engine32\22.20.1.69\MSVCP140.dll
                      14.14.26405.0 (Microsoft Corporation)
    71920000-71935000 C:\Program Files\Norton Security\Engine32\22.20.1.69\VCRUNTIME140.dll
                      14.14.26405.0 (Microsoft Corporation)
    73500000-73562000 C:\Windows\System32\MMDevApi.dll
                      10.0.18362.387 (Microsoft Corporation)
    71900000-71918000 C:\Program Files\Norton Security\Engine32\22.20.1.69\ccVrTrst.dll
                      17.2.3.37 (Symantec Corporation)
    71850000-718F9000 C:\Program Files\Norton Security\Engine32\22.20.1.69\ccLib.dll
                      16.0.2.6 (Symantec Corporation)
    75830000-7588E000 C:\Windows\System32\ws2_32.dll
                      10.0.18362.387 (Microsoft Corporation)
    717C0000-7184C000 C:\Windows\system32\wpdshext.dll
                      10.0.18362.1 (Microsoft Corporation)
    71760000-717B7000 C:\Program Files\Norton Security\Engine32\22.20.1.69\ccSet.dll
                      17.2.3.37 (Symantec Corporation)
    716D0000-71753000 C:\Windows\System32\PortableDeviceApi.dll
                      10.0.18362.1 (Microsoft Corporation)
    716A0000-716C7000 C:\Windows\System32\PortableDeviceTypes.dll
                      10.0.18362.1 (Microsoft Corporation)
    71630000-71691000 C:\Windows\SYSTEM32\ntshrui.dll
                      10.0.18362.329 (Microsoft Corporation)
    75340000-7535C000 C:\Windows\SYSTEM32\srvcli.dll
                      10.0.18362.1 (Microsoft Corporation)
    715F0000-71630000 C:\Windows\system32\audiodev.dll
                      10.0.18362.1 (Microsoft Corporation)
    713E0000-715ED000 C:\Windows\system32\WMVCore.DLL
                      12.0.18362.418 (Microsoft Corporation)
    713A0000-713DD000 C:\Windows\system32\WMASF.DLL
                      12.0.18362.1 (Microsoft Corporation)
    71290000-71396000 C:\Windows\system32\mfperfhelper.dll
                      10.0.18362.1 (Microsoft Corporation)
    73740000-73764000 C:\Windows\system32\WINMM.dll
                      10.0.18362.1 (Microsoft Corporation)
    73710000-73733000 C:\Windows\system32\WINMMBASE.dll
                      10.0.18362.1 (Microsoft Corporation)
    71240000-71289000 C:\Windows\System32\ActXPrxy.dll
                      10.0.18362.329 (Microsoft Corporation)
    71220000-7123B000 C:\Windows\SYSTEM32\CLDAPI.dll
                      10.0.18362.1 (Microsoft Corporation)
    753B0000-753B8000 C:\Windows\SYSTEM32\FLTLIB.DLL
                      10.0.18362.1 (Microsoft Corporation)
    74180000-74192000 C:\Windows\SYSTEM32\ondemandconnroutehelper.dll
                      10.0.18362.1 (Microsoft Corporation)
    74D80000-74E3D000 C:\Windows\SYSTEM32\winhttp.dll
                      10.0.18362.449 (Microsoft Corporation)
    74D40000-74D72000 C:\Windows\SYSTEM32\IPHLPAPI.DLL
                      10.0.18362.1 (Microsoft Corporation)
    74C20000-74C72000 C:\Windows\system32\mswsock.dll
                      10.0.18362.1 (Microsoft Corporation)
    75660000-75667000 C:\Windows\System32\NSI.dll
                      10.0.18362.449 (Microsoft Corporation)
    74C10000-74C18000 C:\Windows\SYSTEM32\WINNSI.DLL
                      10.0.18362.449 (Microsoft Corporation)
    74830000-749DB000 C:\Windows\SYSTEM32\urlmon.dll
                      11.0.18362.628 (Microsoft Corporation)
    74B70000-74C01000 C:\Windows\SYSTEM32\DNSAPI.dll
                      10.0.18362.267 (Microsoft Corporation)
    74B60000-74B68000 C:\Windows\System32\rasadhlp.dll
                      10.0.18362.1 (Microsoft Corporation)
    74B00000-74B51000 C:\Windows\System32\fwpuclnt.dll
                      10.0.18362.113 (Microsoft Corporation)
    74A80000-74AF6000 C:\Windows\System32\schannel.dll
                      10.0.18362.418 (Microsoft Corporation)
    74A70000-74A80000 C:\Windows\SYSTEM32\mskeyprotect.dll
                      10.0.18362.1 (Microsoft Corporation)
    74A40000-74A61000 C:\Windows\SYSTEM32\ncrypt.dll
                      10.0.18362.1 (Microsoft Corporation)
    74A10000-74A38000 C:\Windows\SYSTEM32\NTASN1.dll
                      10.0.18362.1 (Microsoft Corporation)
    749E0000-749E8000 C:\Windows\SYSTEM32\DPAPI.DLL
                      10.0.18362.1 (Microsoft Corporation)
    75000000-75026000 C:\Windows\System32\cryptnet.dll
                      10.0.18362.1 (Microsoft Corporation)
    74D20000-74D33000 C:\Windows\SYSTEM32\dhcpcsvc6.DLL
                      10.0.18362.267 (Microsoft Corporation)
    74D00000-74D15000 C:\Windows\SYSTEM32\dhcpcsvc.DLL
                      10.0.18362.267 (Microsoft Corporation)
    74C80000-74CF7000 C:\Windows\SYSTEM32\webio.dll
                      10.0.18362.628 (Microsoft Corporation)
    749F0000-74A0F000 C:\Windows\system32\ncryptsslp.dll
                      10.0.18362.1 (Microsoft Corporation)
    72490000-724A0000 C:\Windows\System32\vds_ps.dll
                      10.0.18362.1 (Microsoft Corporation)
    
    Process Trace
    1  C:\Users\David\Downloads\rufus-3.8p.exe [8132] 2020-02-21T00:42:26
    2  C:\Windows\explorer.exe [7068] 2020-02-21T00:31:03
    3  C:\Windows\System32\userinit.exe [6244] 2020-02-21T00:31:01 26.1s
    4  C:\Windows\System32\winlogon.exe [756] 2020-02-21T00:30:41
       winlogon.exe
    5  C:\Windows\System32\smss.exe [684] 2020-02-21T00:30:41 93ms
       \SystemRoot\System32\smss.exe 000000f0 00000084
    6  C:\Windows\System32\smss.exe [380] 2020-02-21T00:30:38
       \SystemRoot\System32\smss.exe
    7   [4] 2020-02-21T00:30:38
    
    Thumbprint
    f004a8b84c64c9f05b5b3c0c8117050b52e1a7f4c5317d4e5d73ef16c50a6b02</Data>
      </EventData>
    </Event>
    I guess while technically it wasn't a false positive it was still frustraing while trying to create a bootable UFD.
     
  2. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,540
    Location:
    USA
    I had the same problem (still am, in fact) back in January. Posted here about it, got told, "HitmanPro could be compromised or in-memory altered", and no further assistance was forthcoming. Been a licensed user for the last seven years.​
     
  3. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,540
    Location:
    USA
    Support said this is a code bug that will probably be fixed in version 865.
     
  4. heikwith

    heikwith Registered Member

    Joined:
    Jul 29, 2002
    Posts:
    91
  5. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,297
    An error occurred with this part of the page, sorry for the inconvenience.
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    102,880
    Location:
    Texas
    Link repaired.
     
  7. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,166
    Location:
    Under a bushel ...
  8. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    268
    Location:
    Planet Earth
    HitmanPro.Alert 3.8.2 Build 865 Released

    Changelog (compared to build 863):
    • Added CiGuard (part of PrivGuard) that prevents Driver Signing Enforcement (DSE) code integrity abuse (for more details see the blog post here Living off another land).
    • Improved CryptoGuard 5 detection and reporting.
    • Improved APC Mitigation detection.
    • Improved HeapHeapProtect detection.
    • Improved Restart application when changing a mitigation.
    • Improved Tray icon to indicate when service is no longer running.
    • Improved CodeCave mitigation.
    • Fixed SysCall mitigation.
    • Fixed Memory issue when event could not be written to Excalibur.
    • Fixed Thumbprint suppression issue.
    • Fixed Detection of signed applications that start before Cryptography Service has started.
    • Fixed HeapHeapProtect was shown as exploit instead of behavior in event list.
    • All binaries built with Visual C++ 16.4.5 with Spectre mitigations..
    Download
    https://dl.surfright.nl/hmpalert3.exe

    We're currently automatically updating users on 8xx to this build.
    We expect this to be the latest update before we migrate the 7xx user to the 800 series.

    Let us know what you think of this new build, thanks!:thumb:
     
  9. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,166
    Location:
    Under a bushel ...
    Manually updated to build 865, no problem.
     
  10. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    216
    Automatic updated from build 863 to build 865, no problem.
     
  11. Libraman

    Libraman Registered Member

    Joined:
    Apr 26, 2016
    Posts:
    83
    Hello.
    Manually updated without any problems.
    Thks
     
  12. abbs

    abbs Registered Member

    Joined:
    Sep 14, 2018
    Posts:
    26
    Location:
    Nederlands
    After reporting and restarting, HitmanPro.Alerd was updated to version 3.8.2 Build 865.
    No problems Windows 10 pro.
     
  13. Valdez

    Valdez Registered Member

    Joined:
    Apr 21, 2016
    Posts:
    32
    Location:
    ITALIA
    No problem with manual update from 863 to build 865.
    Windows 7 Ultimate.
    Thank you!
     
  14. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    Build 865 no longer running in Safe-mode? At least not for me.
    Don't see anything in the change logs.
    Win7.
     
  15. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    216
    Safe mode? I don't understand you. The "Action mode" may be in "Silent audit" mode (or "Terminate application" mode) but not in "Safe mode". There is no such mode. It had never been.
     
    Last edited: Mar 5, 2020
  16. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,416
    Location:
    Outer space
    865 running fine here on 1909 x64 after autoupdate.
     
  17. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,416
    Location:
    Outer space
    I guess he means Windows Safe mode. I myself have never tried to run Alert in Safe Mode, only HMP, so I don't know,
     
  18. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    216
    Running HitmanPro.Alert in Windows Safe Mode? I don't see much sense. HitmanPro is different, it makes sense to run in Windows Safe mode.
     
  19. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    268
    Location:
    Planet Earth
  20. Mr Humphries

    Mr Humphries Registered Member

    Joined:
    Dec 3, 2016
    Posts:
    10
    Location:
    Australia
    This hasn't happened to me since the 22nd of last month. Having only just been autoupdated to 865 of the overall package, I suppose it was possible that they silently updated the scan component back then.
     
  21. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    268
    Location:
    Planet Earth
    Nope, this was a corner-case triggering it, could just as easily appear as disappear, but if all is well this should be fixed now.
     
  22. Mr Humphries

    Mr Humphries Registered Member

    Joined:
    Dec 3, 2016
    Posts:
    10
    Location:
    Australia
    Interesting. I should add currently running with ESET on Windows version 2004 build 19577.
     
  23. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    In build 863 when I booted into safe mode the HMPA icon was in the tray (HMPA service running).

    In build 865 no icon and service not running.

    Side note: I boot to safe-mode regularly to clean up.
    Win7
     
  24. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    891
    Same.
     
  25. Libraman

    Libraman Registered Member

    Joined:
    Apr 26, 2016
    Posts:
    83
    Hi again.
    Yesterday, after manually update 865, blue screen → hmpalert.sys. Restart and everything fine.. until now.
    hmpro.A pantallazo.png
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.