Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.
Windows 10 x64. With Emsisoft and VoodooShield. So far running without any issue.
updated over the top of previous version, no issues so far.
hey, i have run into an interesting problem. there are some applications that install fine, and run if launched as part of completion of the install process. however, once you close the application, and try to run them again, they appear to fail. according to process explorer, they peg a logical core (12.5% constantly on a 4-core hyperthreaded CPU) and will run like that forever, without ever showing the UI, exiting the process, or even reducing CPU usage. programs i have seen this problem with: curse client (www.curse.com) and tukui client (http://www.tukui.org/dl.php), as well as the ivpn client (www.ivpn.net). i'm a gamer interested in first-hop security
i receive no notifications of any issue, nor does hmp.a generate any sort of incident. the app's UI just never shows.
rebooting doesn't fix the issue, nor did adding them to exclusions (unless i did it wrong). with curse and tukui, i was able to simply uninstall and reinstall the clients in order to run them (once)-- but i have uninstalled hmp.a (fixing the problem) for now as uninstalling/reinstalling to run a program is a huge pain.
i am on windows 10 AU, fully updated. i use bitdefender security 2017. i have no other security products installed (tho i would like to put malwarebytes back on once 3.x is stable).
did a full windows reset last night, added bitdefender and a handful of typical apps (foobar2000, vlc, notepad++, etc), and the issue remains.
i am currently on the latest beta build 3b586, but this issue has been present for awhile, going back to before the current GA release.
any help would be greatly appreciated.
what if you remove BD or add its processes on HMPA exclusions and add HMPA on BD exclusions?
so, if it's a question of removing one or the other-- i will remove hmp.a for now.
i am curious about the idea of mutual exclusions between bd and hmpa, however... i am seeing this with very few and very specific programs. is it actually realistic that just these couple of programs are failing because bd and hmp.a are interfering with each other AND adding each to the other's exclusion list (as opposed to the actual programs which are failing) would solve this?
i would absolutely be trying this right now if i hadn't removed hmp.a already. i will likely try that regardless this week, but i am truly curious if this is the default: "have you tried turning it off and on again?" (which, admittedly is the *right* first question to ask), or whether we have some technical reason/experience to think this will solve my specific problem.
either way, thanks for your post and i will let you know the result when i try.
Hi Erik, installed HMP.A 586 without any issues so far
Just a quick suggestion, maybe you can look into adding more details when providing error messages. When I first tried to install it showed "Failed to install program. Error 0." which I quickly figured was due to me forgetting to disable my security software which blocked the updater's file write operations. However there may be users who need more information regarding what has gone wrong with the installation process in order to solve the issue.
yes because HMPA insert its dll into every processes.
I had this kind of issue where a previous version of HMPA hampered my other security soft to run Chrome.
yes take your time, it is not vital ^^
golden rule with stockpiling security products : test products one without the other (to see if it is related to the product or to the combo) , if not related to the product then add the other one by adding the exclusions to each other, then if you have issues , you know why
totally makes sense. tho i know it's outdated, my previous rule had been: "pick the AV you trust", and then evaluate and implement the "other" security programs that work well with it. things that required me to remove --or even, in most cases, reconfigure-- my AV, even just to test, became no-gos. but the value of static analysis is going down (and has been for awhile). time to move into the 21st century, i guess.
full disclosure: i am a software engineer at a cybersecurity company and have written implementations for integration of multiple AVs (including bitdefender) into our products, tho not all became publicly available. my expertise for both coding and debugging is mostly limited to linux, however. i just use windows for gaming
Same here and I run a morning scan every day.
Seeing that this is the only bugged portion of HMP.A I can live with it.
I agree though it is a little frustrating
After a day, no issues with 586 on primary machine as per signature below.
im not even at your level, just an IT guy who specialized on implementing security for home users/SMBs rather than fixing hardware .
Indeed Windows is best for gamers ^^
for our purposes your experience is way more useful than mine. i know BD's scan API (which is, imo, reasonable and well-written), and i know that when our company evaluated a bunch of AVs, BD won. i haven't had to debug it on an end-user system, or figure out how to get it to work with other security products. i put the disclosure in mostly to explain why i came in with the idea that BD is the one non-negotiable in my security setup.
but i'm here because i don't know this stuff, and appreciate help from those who do-- like you
Guest is a very helpful person. glad he decided to come over from that other forum
Have a look at MemProtect, it is free and uses windows Protected Processes feature. see thread it is a real strong and light tiny driver to protect against exploits (and it is free). same applies for pumpernickel (great against ransomware and also free, from same developer).
Is HitmanPro.Alert 3.6.3 Build 586 final and released?
I had a similar issue with BDIS with HMPA installed. Several processes would start but were never allowed to complete their operation and "open", e.g., Acronis Auto Back Ups, AdGuard GUI, Asus Command Manager. While these processes tried to complete they were stuck at attempting to open and consumed huge amounts of CPU that made my PC nearly unuseable. I never had the problem with HMPA and other AVs. I was doing a trial of BDIS before renewing my Emsisoft IS License. In my case, it was BDIS that was the culprit. Whether or not an interaction between BDIS and HMPA was the ultimate source of the issue I do not know. Unlike yourself, I did the opposite -- I kept HMPA and replaced BDIS with EMIS and the problem disappeared.
I guess on some systems with some programs, BDIS and HMPA may be an unworkable combo.
Not yet. It is still a RC.
Edit: Build 586 can now be downloaded from their website:
@zagtastic , seems that my suspicions are founded
@hawki : and if you create exclusions for both , does it solve the issues?
@Windows_Security i'll check it out, thanks!
@guest and @hawki -- tried reinstalling and adding exclusions. no go ><. same issue. still somewhat hopeful @erikloman will have thoughts on this. have paid for hmp.a and would really like further information about what the problem is and/or a solution.
thanks again for the help and suggestions, guys.
To troubleshoot try turning off Bitdefender Active Threat Control. Some users have a reported a compatibility problem with HMPA.
@erikloman Just lost some work on this.
Of course that is very regrettable, and thank you for reporting, but do remember that build 582 was the previous release candidate, and not the stable release version, yet. Usually, it is not advised to test beta versions and release candidates on production machines. This may sound harsh, but if you do choose to use a beta or release candidate on a production machine, it is your responsibility to be able to handle false positives.
Sounds as if maybe it is another either/or situation, as with some Malwarebytes protections. This description of Bitdefender ATC sounds like it may have some functional overlap with HMPA.
Active Threat Control
We use an innovative technique called behavioral detection to closely monitor your active apps. When Bitdefender Total Security 2017 detects anything suspicious, it takes instant action.
Just restore your backup. Eh you do have one?
Didn't point the finger at HMPA or the crew. Just stated the report along with what happened. This may sound harsh, but you come off a bit aggressive and pessimistic.
It didn't auto-backup for some reason, but it was minimal anyway.
Separate names with a comma.