Recent posts

#31

ReHIPS / Re: Rehips 2.5: system crash a...

Last post by fixer - February 03, 2022, 02:19:17 PM

Some critical process indeed unexpectedly died. svchost in session 0, to be exact. But doesn't look like you're using the latest ReHIPS 2.5.0 release. More like some 2.5.0 RC version.
1. Does it happen on latest 2.5.0 release?
2. Looks like the process crashed with ACCESS VIOLATION. But from this dump it's impossible to say what caused the exception. Any events about exception in windows journals?

HookDll may do some non-standard stuff to unload itself. So maybe you enabled some policy that forces system processes (since it's a system svchost process) to operate only the standard way, it may trigger the policy. Something like denying code execution from dynamically allocated memory or forcing additional checks to fight ROP-exploits.

#32

ReHIPS / Re: Uninstalling a program aft...

Last post by maskelilincoln - January 30, 2022, 02:17:21 AM

I deleted both so I couldn't uninstall the rehips software.

So you need to add a services check to the uninstaller.

#33

ReHIPS / Re: Did you BYPASS my firewall...

Last post by fixer - January 29, 2022, 04:29:13 PM

it is embedded inside the license key, correct?

Yup.

#34

ReHIPS / Re: Did you BYPASS my firewall...

Last post by lunarlander - January 28, 2022, 11:32:02 PM

Thanks fixer.

I was wondering how the program got my name, so it is embedded inside the license key, correct?

#35

ReHIPS / Re: Rehips 2.5: system crash a...

Last post by fixer - January 28, 2022, 03:57:12 PM

Thank you, file received. Will take a look.

#36

ReHIPS / Re: Did you BYPASS my firewall...

Last post by fixer - January 28, 2022, 03:56:43 PM

It can't connect to the Internet, hence key validation happens offline.

#37

ReHIPS / Did you BYPASS my firewall?

Last post by lunarlander - January 28, 2022, 10:54:38 AM

Hi ReHIPs developers,

Did you bypass my Windows Firewall in allowing the Buy process? I DO NOT have any outbound rules in my firewall allowing ReHIPS to go outbound, and yet the buy option allows me to validate the purchase Key.

#38

ReHIPS / Re: Rehips 2.5: system crash a...

Last post by droncula - January 27, 2022, 11:08:00 PM

Hello Fixer,

Thanks for the respons. I have send you a PM with a download link to to the memory dump file.

Kind regards,

Droncula

#39

ReHIPS / Re: Rehips 2.5: system crash a...

Last post by fixer - January 27, 2022, 01:40:15 PM

Hello, droncula. And welcome to our forum.
Uploading the crash-dump and sending me link in PM might help find cause of crash. But it won't necessary help find the policy responsible. If I were debugging the issue, I'd try to apply only half of policies until I find the one responsible.
P.S. Looks like some critical process dies, but by bugcheck code it's impossible to say why.

#40

ReHIPS / Rehips 2.5: system crash at sh...

Last post by droncula - January 25, 2022, 11:44:42 PM

Hello all

I have a rather strange issue with Rehips 2.5. I can install Rehips fine and it is working correct. But the system crashrf with a reboot or shutdown. The system also rebooted when I try to stop or stop/restart the Rehips service.

In the eventlog there is an entry with eventid 1001: The computer has rebooted from a bugcheck.  The bugcheck was: 0x000000ef (..). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: <ID>.

I traced the issue back to some local group policies. I am working with a set of policies to harden my machines. On a clean VM Rehips is working fine. When I load the local group policies with LGPO and restart the VM, the issue is back. For the moment I am not able to find which policy setting or combo is causing the issue.

Does anyone have an idea?

Thanks

Kind regards,