I noticed it when I did my first Macriuim Image of the day. Typically it will start at 120 MB/s and drop to about 65 near the middle of the image and the rise back up again at the end. With V5 it started at 105mb/s and dropped all the way to 13mb/s and stayed there. Subsequent images are with CBT and normally take around 45 seconds. With V5 they took about 2:30 minutes. Then with Acronis, the normal daily incremental is around 3-4 minutes. With v5 it took over 7 minutes. Finally IFW which normally takes around 4 minutes, was chuggging along very slowly. At eight minutes I switched from v5 back go v4 and the speed went back to normal. Reproducing is easy just image with V5 on.
Didn't notice a CryptoGuard v5 slowdown with an incremental just now. No CBT. Still can't get Event List though (#1439).
In fact it shows the oldest Laatste melding (the first of 23 notifications). All known issues btw: SAM and Sandboxie related.
After going all day yesterday with a couple of reboots, and no issues, this morning during boot up I got and RDP alert. System booted but it was a mess and the RDP stuff was all locked. I hit the power reset and did another boot up and all was well. Generated the token file just in case. Will monitor.
Got an intercept with CCleaner 5.56 (portable) ... could be the experimental CryptoGuard v5. Event List panel still 'dies', though I can get to HmP.A events in Event Viewer (albeit with 'snap-in not responding' sometimes.
I manually upgraded from 3.7.9 Build 779 Release Candidate to 3.8.0 Build 839 CTP 1. Looks like a very exciting upgrade! The only anomaly I have experienced so far is I received a Malware Blocked alert after trying to fire up TDSSKiller v3.1.0.28. It may be because it generates a couple of hits on VirusTotal? Also, I noticed that the HMPA description for the event (see attachment) appears to be in latin?!?!
"Sophos AV" is detecting it as Malware/Generic-S and is therefore causing the alert. You can try this now:
With CCleaner portable 5.56 a cryptoguard-alert/risk reduction (normal file deletion). Detection: Generic.Ransom.N
@ronny,@markloman I repeated the Imaging test and still see the lag on the Crypto v5. If you can't reproduce and others don't see it, then I suspect it's a conflict with Pumpernickel, in which case I will just stay with Crypto v4. But you might want to test with some other dedicated Ransomware programs. Pete PS other than that this version is really nice. Well done
Pete, I also don't use Image Guardian and have Pumpernickel on the same machine and not noticing a slowdown with CryptoGuard v5 ticked (no 'scientific' testing though!).
I see the slow down making a image (MR), about 16mb/s torwards the last part and stays until finished with Crypto 5. I thought it might have been the net-frame update for April. This is Windows 7x64.
We're going to address this, no worries. Will take 2 to 3 weeks though. Stay tuned! You can switch to CG4 in the meantime. Thanks guys!!
Bad USB Mitigation keeps disabling itself. Is anyone else seeing this? I'm using HMPA 3.79 build 779. I saw the same behavior in the build prior to this. I'm using Windows 10 x64 Pro version 1709.
Should probably be posted in the non-beta thread now: https://www.wilderssecurity.com/thr...iscussion-thread.324841/page-615#post-2823552 Now that you mentioned it, I checked and it was disabled on the machine recently upgraded to 779 (Win 10 Home v1803). Don't know when it happened. Not seeing it on build 839 CTP1 though ... (Win 10 Pro v1809).
I think my problem may just be a timeout issue. I can open Event Viewer, though it may take a little while.
Hi All Is anyone having an issue with the Anti-Malware component? Mine (under Build 839) is showing as enabled but when I attempt to run a scan...a few seconds after the start of the scan I get a 'Failed' label appearing to replace the 'Anti-Malware' label in the main GUI. I was getting this on the same system when running the latest stable build (779). Have never seen that before and cannot work out why it is happening. Have noticed it before but then I have not run a scan for a week or so hence not really sure as to when the issue started. Do not have the 1903 Windows build installed BTW. Thanks in advance, Baldrick