B-have (behavioral Scanner) Causes Everything To Crash

Hi,


I am running BitDefender Antivirus 2009 on Vista SP1 (32-bit) with Outpost Firewall, Mamutu and SuperAntiSpyware also installed.


When I enable "Behavioral Scanner" in Antivirus Settings, I see every app that is opened crash. Even when the Behavioral Scanner is set to low.


I am attaching the error log of the same alongside. Here is a brief description of contents:


1. Enable Behavioral Scanner and then open Internet Explorer. It crashes.


2. To check error dump I try opening Windows Error Control, it also crashes


3. I try to check Windows Event Viewer, but even Microsoft Management Console crashes.


4. I disable Behavioral Scanner, now Windows Event Viewer opens cleanly. I see in the crash log, mention of user32.dll


5. So I check user32.dll on VirusTotal.com and VirScan.org. The file is clean.


6. I again re-enable Behavioral Scanner and add user32.dll as excluded applications.


7. Open Internet Explorer, it crashes. I disable Behavioral Scanner and capture the error log.


Any suggestion, help ?? Can't understand what maybe wrong ? :huh:

/applications/core/interface/file/attachment.php?id=4875" data-fileid="4875" rel="">BD_err.txt

Comments

  • dw2108
    edited March 2009

    I've had this problem too, because the BHAVE virtual machine is checking for adware, malware, spyware, etc. The good news is that the BHAVE VM gets to know eventually which apps are good apps and which apps exhibit malicious behavior, but the BHAVE VM takes time to inspect all the apps VERY CLOSELY before it makes up its automated mind to trust something. So you may want to try this. Disable SAS, bring it up, eneable BHAVE BUT NOT SAS, and let your PC run overnight. This way, BD will get to know each app that's a good guy.


    Mamutu is trying to do the job of BD, and vice versa. So you may wish to consider a strategy for browsing untrusted web sites -- e.g., Mamutu w/o BHAVE on some sites and BHAVE with no Mamutu on others. Outpost is also competing with BD, so BHAVE has to get to learn what Outpost is doing. With BD 200x, I try various strategies, but you've got a great deal of kill power running and some apps will try to go after the other, because you're not running a simple "set it and forget it" combination with all those apps. But either way you're gonna be VERY safe!


    Hope this helps,


    Dave


    PS! I FORGOT THE MOST IMPORTANT THING! EXCLUDE CERTAIN APPS FROM MONITORING OTHERS. E.g., set Mamutu to ignore the BD service exe's and vice versa. This way they won't attack each other.

  • Ok, I tried many combinations. And it seems Mamutu is the culprit.


    Now I am running BitDefender AV 2009 (with B-HAVE), Outpost Pro Firewall, SuperAntiSpyware Pro all alongside each other without any problems.


    I have started a thread at Emsisoft forum. They usually are very fast in response, so the air should be clear soon enough.


    http://forum.emsisoft.com/Default.aspx?g=posts&t=4631


    Thanks, Dave. I should have thought of that. Guess, I was trusting Mamutu and their word too much.

  • Niels
    Niels
    edited March 2009

    Dear VijayIND,


    Can you please try to exclude the following in Mamutu:


    Click on start,computer,Program Files,BitDefender 2009 and exclude the BitDefender Innerfire folder. That is the folder where the the modules of B-HAVE are stored. Or just exclude midas32.dll,neurons.dll and the other files.


    Kind regards,


    Niels

  • Hi Niels,


    I tried what you said and added Innerfire to Mamutu exclude list.


    But still, the crash occurs :(