UnHackMe Corporative Edition - Technical Details
Allows you to protect any number of computers in the local network.
Coprorative Edition includes UnHackMeCorporative.exe.
UnHackMeCorporative.exe is used for customizing all settings on the user computers.
Getting Started
- Open UnHackMeCorporative.exe.
- Choose the "Common Parameters" tab.
- Set the checking period in minutes and seconds.
- Tick the "Hide icon" parameter to run UnHackMe in the invisible mode.
UnHackMe will work in the backround and a user could not close it using UnHackMe icon in the system tray.
But a use can close UnHackMe monitor (hackmon.exe) using Task Manager, Processes. - Click on the "Open Excusion List" to set up false positive items if it is required.
UnHackMe will skip the items in the Exclusion list.
Set up the Actions
Open the Actions tab.
- Tick the parameter "Write to Event Log".
UnHackMe will add its record to the Application journal. - "Lock network card" - disable network connection. It's useful to block rootkit propogation.
To active connection again you need to open Control Panel, Network. Right click on the connection and choose Activate in the popup menu. - Posting log to Web Form.
You should setup special cgi script on your web server. Refer to "Web Posting" tab. - Sending alert to local network administartor.
Specify the administrative computer on the "Admin Contacts" tab. UnHackMe sends a short message using "net send" protocol. - Sending alert by e-mail.
You ought to specify admin e-mail on the "Admin contacts" tab. - Executing a program.
If you want to execute your program, type the full program name in the edit box. - Automatically stopping a rootkit.
Be careful with this option, because UnHackMe automatically kills a rootkit without asking user permission. Reboot is required.
Click on the OK button to save settings and close UnHackMe Corporative. This will create the "corp.ini" file in the UnHackMe Corporative folder.
Installing UnHackMe on a user computers
- Download the latest version of UnHackMe from web site:
http://www.greatis.com/unhackme.zip - Install UnHackMe on your computer.
It will be the basic folder for installation.
Usually it is "C:\Program Files\UnHackMe". - If all users have access to the shared network drive, create a folder on this drive for UnHackMe corp.ini file.
Set the read permissions for users and the full rights for admins.
Copy the "corp.ini" file to the folder.
For example: s:\programs\unhackme.
It must be the mapped drive, not the UNC path like \\server\program\unhackme.
If you do not have common drive, copy the "corp.ini" to the UnHackMe folder. - Copy "aspr_keys.ini" file (unlock code), received from Greatis Software, to the UnHackMe folder.
- Open "Compil32.exe".
It is "Inno Setup" compiler for installation. - Choose File, Open and locate for "unhackmecorp.iss" file.
- Check the path names in the file with your paths and correct it if required.
- If you use "corp.ini on the network drive, go to the end of the file and locate for the text in the Registry chapter:
Root: HKCU; Subkey: Software\Greatis\Unhackme; ValueType: string; ValueName: " UnHackMeCorp"; ValueData: "{app}\corp.ini"
Change the "ValueData" to your network path.
Set the Root to "HKLM" if you want to use UnHackMe for all users on the computer. - Press F9 to create the installation file.
Silent Install
If you want to silently install UnHackMe using logon script or Microsoft SMS software you may use switches:
- /SILENT, /VERYSILENT - When Setup is silent the wizard and the background window are not displayed but the installation progress window is. When a setup is very silent this installation progress window is not displayed. Everything else is normal so for example error messages during installation are displayed and the startup prompt is (if you haven't disabled it with DisableStartupPrompt or the '/SP-' command line option explained above)
- /SP- Disables the "This will install... Do you wish to continue?" prompt at the beginning of Setup. Of course, this will have no effect if the DisableStartupPrompt [Setup] section directive was set to yes.
- /SUPPRESSMSGBOXES Instructs Setup to suppress message boxes. Only has an effect when combined with '/SILENT' and '/VERYSILENT'.
- /NOCANCEL Prevents the user from cancelling during the installation process, by disabling the Cancel button and ignoring clicks on the close button. Useful along with '/SILENT' or '/VERYSILENT'.
- /NORESTART
Example:
unhackmecorp300.exe /SP- /VERYSILENT /SUPPRESSMSGBOXES /NOCANCEL
System requirements
Windows 9x, 2000/2003/XP/2008/Vista/Seven or higher 32 or 64 bit.512 Mb RAM
CD/DVD drive or USB stick.
Purchase now!
Purchase includes:
• UnHackMe Single License - Electronic Delivery
• Warrior CD Image - Electronic Delivery
People say:
LisaThis solution works great. Thanks!
Jim
Works as advertised. Keep up your good work guys!