Recent posts

#51

ReHIPS / Re: is HitmanPro Alert still a...

Last post by droncula - March 24, 2022, 11:51:02 PM

Hello

I tested Hitman Pro Alert with ReHips. The key protection function and safety notification are still working so I guess the other parts are also working.

Kind regards,

#52

ReHIPS / Re: Rehips 2.5: system crash a...

Last post by droncula - March 24, 2022, 11:47:43 PM

Hello Fixer

Do I need to download a new version of Rehips?

Thanks

#53

ReHIPS / Re: Rehips 2.5: system crash a...

Last post by fixer - March 01, 2022, 04:48:13 PM

Fixed.

#54

ReHIPS / Re: Rehips 2.5: system crash a...

Last post by fixer - February 16, 2022, 08:20:15 AM

This includes a policy requiring all binaries loaded in these processes to be signed by microsoft, as well as a policy disallowing dynamically-generated code.

Most likely it's because of "disallowing dynamically-generated code". Thank you for your report, will try to find some compatible solution.

#55

ReHIPS / Re: Rehips 2.5: system crash a...

Last post by droncula - February 15, 2022, 11:15:45 PM

Hello Fixer

After rebuilding my policy configuration it seems that the policy "Enable svchost.exe mitigration options" is causing the issue. More info about the policy: https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.ServiceControlManager::SvchostProcessMitigationEnable.

On a brand new system, I have set my policy settings and installed Rehips 2.5. For the moment I have no issues anymore. I will test it on an other machine to be sure.

Kind regards,

#56

ReHIPS / Re: Rehips 2.5: system crash a...

Last post by fixer - February 09, 2022, 10:07:11 AM

Any way I could reproduce it on our test PCs? Maybe some policy rules that make OS crash after I install them?

#57

ReHIPS / Re: Rehips 2.5: system crash a...

Last post by droncula - February 08, 2022, 11:50:53 PM

Hello Fixer,

Thanks for looking into it. It seems the issue is there when I install version 2.5.

I am going to make a clean VM and retest it.

The only events I see are the "The computer has rebooted from a bugcheck.  The bugcheck was: 0x000000ef (0xffffda0f7db7b2c0, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: aea74302-cbac-4e40-a1b7-ef67e98d3b16." and that a critical one that the computer recovers from a severe error.

Kind regards,

#58

ReHIPS / Re: Uninstalling a program aft...

Last post by fixer - February 03, 2022, 02:59:39 PM

Steps we tried:
1. Disable ReHIPS from main GUI window in Control Center.
2. Close Control Center.
3. Disable both services.
4. Delete both services.
5. Uninstall ReHIPS.
Everything went fine. In theory it shouldn't cause any problems as one of the first things the uninstaller does is stopping and deleting both services.

0. Did we miss something? Or any way to reproduce it?
1. Are you sure you're using the latest 2.5.0 release?
2. What exactly went wrong? What was the problem?

#59

ReHIPS / Re: Rehips 2.5: system crash a...

Last post by fixer - February 03, 2022, 02:19:17 PM

Some critical process indeed unexpectedly died. svchost in session 0, to be exact. But doesn't look like you're using the latest ReHIPS 2.5.0 release. More like some 2.5.0 RC version.
1. Does it happen on latest 2.5.0 release?
2. Looks like the process crashed with ACCESS VIOLATION. But from this dump it's impossible to say what caused the exception. Any events about exception in windows journals?

HookDll may do some non-standard stuff to unload itself. So maybe you enabled some policy that forces system processes (since it's a system svchost process) to operate only the standard way, it may trigger the policy. Something like denying code execution from dynamically allocated memory or forcing additional checks to fight ROP-exploits.

#60

ReHIPS / Re: Uninstalling a program aft...

Last post by maskelilincoln - January 30, 2022, 02:17:21 AM

I deleted both so I couldn't uninstall the rehips software.

So you need to add a services check to the uninstaller.