Results 1 to 10 of 12

Threaded View

  1. #1
    ROG Enthusiast Array
    Join Date
    May 2021
    Reputation
    10
    Posts
    37

    Latest Armory (5.2.12.0 ) causing malware alert (Hitman Pro)

    I don't usually upgrade Armoury as I've had issues doing that before. But unfortunately Armoury decided to upgrade itself. The install of course failed, so I had to use uninstall tool and reinstall. The reinstall worked, however upon launching Armoury I get a pop-up from Hitman Pro (anti-malware) with the following info:

    Mitigation CookieGuard
    Timestamp 2022-08-02T22:38:57

    Platform 10.0.19044/x64 v945 06_a5
    PID 4324
    Feature 037D1A30000011B6
    Application C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    Created 2021-04-01T19:18:23
    Description Microsoft Edge 103

    Remote debugging port enabled for this browser

    Loaded Modules (12)
    -----------------------------------------------------------------------------
    00007FF7228A0000-00007FF722C20000 msedge.exe (Microsoft Corporation),
    version: 103.0.1264.77
    00007FF8AA4F0000-00007FF8AA6E8000 ntdll.dll (Microsoft Corporation),
    version: 10.0.19041.1806 (WinBuild.160101.0800)
    00007FF8AA240000-00007FF8AA2FD000 KERNEL32.dll (Microsoft Corporation),
    version: 10.0.19041.1806 (WinBuild.160101.0800)
    00007FF8A78A0000-00007FF8A79BB000 hmpalert.dll (SurfRight B.V.),
    version: 3.8.21.945
    00007FF8A7D40000-00007FF8A800E000 KERNELBASE.dll (Microsoft Corporation),
    version: 10.0.19041.1826 (WinBuild.160101.0800)
    00007FF85EAC0000-00007FF85EC15000 msedge_elf.dll (Microsoft Corporation),
    version: 103.0.1264.77
    00007FF8A9F40000-00007FF8A9FEE000 ADVAPI32.dll (Microsoft Corporation),
    version: 10.0.19041.1682 (WinBuild.160101.0800)
    00007FF8A9240000-00007FF8A92DE000 msvcrt.dll (Microsoft Corporation),
    version: 7.0.19041.546 (WinBuild.160101.0800)
    00007FF8A9E90000-00007FF8A9F2C000 sechost.dll (Microsoft Corporation),
    version: 10.0.19041.1586 (WinBuild.160101.0800)
    00007FF8A9D50000-00007FF8A9E75000 RPCRT4.dll (Microsoft Corporation),
    version: 10.0.19041.1806 (WinBuild.160101.0800)
    00007FF8A74C0000-00007FF8A74CC000 CRYPTBASE.DLL (Microsoft Corporation),
    version: 10.0.19041.546 (WinBuild.160101.0800)
    00007FF8A8310000-00007FF8A8392000 bcryptPrimitives.dll (Microsoft Corporation),
    version: 10.0.19041.1415 (WinBuild.160101.0800)

    Process Trace
    1 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [4324]
    C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe http://127.0.0.1:1042/6318?cmd=alert --headless --disable-gpu --remote-debugging-port=0
    2 C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [15204]
    3 C:\Windows\System32\svchost.exe [1788]
    C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
    4 C:\Windows\System32\services.exe [1172]
    5 C:\Windows\System32\wininit.exe [1100]
    wininit.exe

    Services
    1788 Schedule

    Dropped Files

    Thumbprints
    538d38646d7dab691c8a58fdca5ee27ee1610c76f73f451396 cb953790cf1354 (pfn-rd -> asus_framework.exe)
    815d5b79944a3162126afe6e135ce1b37b93a7324c89050923 4cf448ac593f32 (pfn-rd -> svchost.exe)

    ____________________________

    Armoury still loads, but when I try going to the Ryujin device, I get the same issue and hence can't access the device.

    Here are my software levels:

    Item Version
    ---- -------
    Armoury Crate UWP App 5.2.12.0
    ROG Live Service 1.5.10.0
    Aura Service (Lighting Service) 3.05.66
    Armoury Crate lite service 5.2.10
    Aura Wallpaper Service Not installed
    ASUS AIOFan HAL 1.1.47.0
    ASUS AURA Extension Card HAL 1.1.0.18
    ASUS AURA Motherboard HAL 1.3.4.0
    AacVGA 0.0.5.2
    KingstonDram 1.1.12
    AURA DRAM Component 1.1.18
    ENE RGB HAL 1.1.39.18
    ENE_EHD_M2_HAL 1.0.9.12
    PHISON HAL 1.0.9.0
    Patriot Viper DRAM RGB 1.0.9.4
    Patriot Viper M2 SSD RGB 1.1.0.2
    Universal Holtek RGB DRAM 1.0.0.3
    WD_BLACK AN1500 1.0.14.0

    Please let me know if you need any further info. System is Windows 10. I have also contacted Hitman Pro support about this.

    Thanks.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •