Unscheduled scan runs 1Hr after system start-up (every time)

Internet Defender (5 Device, 3Yr licence)

Windows 10 Pro (build 19043.1586)

Ryzen 5800x, 32GB RAM, 1xNVMe (OS), 1xSSD, 3xHDDs

 

I have already posted this fault on Reddit and also had some back and forth with email support. Someone else has replied on Reddit that they have the same issue, and we have both narrowed it down to being BitDefender (henceforth referred to as BD). The email support takes multiple days to get a reply and so far all Ive got back is try reinstalling – which I already did whilst waiting.

 

Exactly 1 hour after my system has booted into Windows, BD (more specifically bdservicehost.exe) begins a scan of all of my system drives which lasts about 10 minutes and then stops.

 

I have no scheduled scans set – never have. Nothing appears in the Notification tab, other than initially these scans coincided with system updates. BD system updates are set to 1 hour by default, but I have since changed it to 2 hours and the scans still occur after one hour (the update runs as it should later).

 

Just to get this out of the way, I have already reinstalled the client and later went as far as uninstalling it completely and installing it again fresh from a new download. When BD was completely uninstalled, I monitored my system and nothing occurred after one hour in terms of unusual disk access. Indicating to me that the scans are caused by BD alone.

 

The reason this is an issue to me, is because I have 3 high-capacity mechanical drives. These are all set to sleep after 20mins and two of them are slow archive drives that can be noisy when doing a lot of activity. I do not want these scans running every single time I turn on this system. I want control of this scan and the ability to choose when it occurs and what drives it can or cannot scan.

 

I captured video of my disk activity in Resource Monitor and so I am able to describe roughly what BD does during these scans:

 

vulnerability.scan.exe appears and reads CryptnetUrlCache

At the same time bdservicehost.exe begins reads of .dll files within the Windows System32 folder

 

tiworker.exe runs briefly and then bdservicehost.exe proceeds to read through the contents of all drives in my system (in alphabetical drive letter order)

 

As each drive scan is occurring, bdservicehost.exe is both reading and writing to the NTFS Master File Table file for the drive it is currently working through.

 

It takes about 10 minutes for BD to work its way through all my drives and files.

The last thing bdservicehost.exe does is read the System Volume Information on the boot drive.

 

The only thing I haven’t done, is run the uninstall tool which BD support sent me a link to. I’m not too keen on running this .exe file unless I really have to. At the very least I imagine this may wipe out my exceptions and preferences, but at worst it could wreck my system since it seems bugs in the BD client are not exactly unusual and so my trust in BD at the moment is not that strong.

 

If you have seen similar behaviour on your system I would really appreciate it if you could reply to this and share your experiences.

Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

«1

Comments

  • lechiffre
    lechiffre ✭✭✭

    Very similar problem here. Scans my large mechanical drive and gives it a battering for 10-15 minutes multiple times per day.

    It happens to me about an hour after definitions updates. I always get "vulnerability notifications" afterwards so I don't think it's the AV engine ltself, more the vulnerability scanner. Trying to stop it is impossible. I tried to stop it through profiles. There's a setting that says something like "suspend background tasks" in profiles. I tried to enable that in the work profile, only BD won't let you. I swapped to gaming profile where that setting is already enabled only BD defender kept swapping it back to work profile. Basically as far as I can tell BD doesn't give a crap about what you as a user wants, it's doing it's own thing and you can play with the settings if you like but it's not going to make the slightest difference to BD.

    I was going to link my thread, but you've already posted on it.

    The only solution that worked for was just to uninstall bitdefender completely. I'm now looking for another anti-virus provider.

  • Ironbuket
    Ironbuket ✭✭✭

    I’m in contact with BD support and they are investigating this. I’ve sent over BD logs of when this occurs and hopefully that will enable them to find what has gone wrong here. Even though I have the Protection > Vulnerability section of BD switched off and have added exceptions to say don’t scan any of my mechanical drives, these scans still occur after every system startup and include all drives in my system which does not seem right to me. I also ran MalwareBytes just in case and it found nothing.

    NB: I can imagine that these scans may go unnoticed by many users: If you only have SSDs in your system, you may not notice these scans. If you have mechanical drives in your system and use them constantly, you may not notice these scans. The only reason I do is because I have 3 mechanical drives which I don’t run any programs from them and they only contain data. My system is quiet when my hard drives are sleeping and I notice when they spin up. Also, because my system is pretty fast, I don’t get a slowdown. I can imagine, systems with a lot of loud fans or systems where the mechanical drives are in use all the time could easily hide this behaviour from the user.

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • NoviceInTHX
    edited March 2022

    Hello Ironbuket and lechiffre,

    Bitdefender Internet Security Trial version (ends in 7 days)

    I will purchase it then.

    Windows 10 Home (build 19044.1586)

    Ryzen 3700X, 64GB RAM, 1xNVMe,1xSSD, 1xHDD


    I have no such issue so far.

    Did you check all panes in Task Scheduler (especially a repertoire in Active Tasks) and Task Scheduler Library on Windows 10 Pro? Did you also check an odd file that keep residing in User Temp folder (C:\Users\xxxxxxxx\AppData\Local\Temp) and System Temp folder (C:\Windows\Temp)?

    What about the following Registry entries?

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run

    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce

    HKEY_USERS\S-1-5-21-883946393-39836420-3516008404-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

    HKEY_USERS\S-1-5-21-883946393-39836420-3516008404-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

    (∵I have just one admin account on my Windows 10 Home)


    Hope you'll find the cause.

  • Ironbuket
    Ironbuket ✭✭✭

    Hi NoviceInTHX

    There are no tasks in my Task Scheduler with a 'last run time' that matches the last time of a scan.

    All the run reg entries you are talking about would see something happen at startup, not an hour later.

    Nobody else logs in to this system.

    I have never set any manual scans, so I dont think this can be a bug as a result of the vanishing scheduled scans that other users reported. Though I suspect it may be related to that fault. Another user Im on contact with on Reddit also confirmed they never set any manual scans and have the same thing happening for them.

    The scans coincide with some events in the Application log, but I think they are caused by the scan running rather than causing the scan to run.

    Security-SPP: Offline downlevel migration succeeded.

    Security-SPP: The Software Protection service has completed licensing status check.

    I see these same entries appear when BD is uninstalled, but they appear at different times and no scan or disk activity occurs when they run when BD is not installed.

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • I have the same idea as you, your computer’s hard disk may be broken.

    Please press the Win + R buttons to open the Run dialog. Type cmd and click “OK” to open the Windows command prompt.

    Type

    wmic

    and hit Enter. When the WMI interface is ready, type:

    disk drive gets status

    and press Enter again. You will see the status of your hard disk after a short delay.

    Then, we always use HD Tune to measure the drive's performance, scan for errors, check the health status (S.M.A.R.T.), try this tool to see if there is a bad sector or another health issue on your disk.

    Note backup your important data in advance, if the disk has something wrong, it will stop working at any time.

  • Ironbuket
    Ironbuket ✭✭✭

    Hi williammartin, that theory makes absolutely zero sense. I have 5 drives, your theory is that they all developed a fault at the same time? Including the solid state ones? And so instead of windows detecting the faults and attempting to fix it during a startup, BD tries to do it exactly 1hr after each system startup.

    Just to humour you, I ran this anyway and got 5 OKs

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • Ironbuket
    Ironbuket ✭✭✭

    For anyone following this, I read on Reddit that BD are working on a fix for this that will be pushed out in an outdate. No ETA atm though.

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • Ironbuket
    Ironbuket ✭✭✭

    I think BD support may have gone insane. I received a reply this morning stating 'Please note that the encountered behaviour is normal.'

    The scans run on drives excluded from scans within their own client - yep that sounds completely normal...

    Im now left with either uninstalling and pursing a refund or trying to fix this bug myself. I tried changing the system time to skip past the scan trigger, but of course that didnt work. The client must be keeping its own internal clock counter so it can always run these scans exactly 1hr after system startup.

    It is completely 'normal' that this is 1Hr and not 2, or 5 or available for the user to control. BD has gone nuts? 😕

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • Ironbuket
    Ironbuket ✭✭✭

    I have managed to hide the drives from the BD scan using a ****** which offlines the drives with diskpart before the scan starts and then onlines them again after. Come on BD, customers should not have to do this...

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • camarie
    camarie Principal Software Developer BD Staff

    It might be possible to be the Vulnerability scanner involved, but this does not scan disk drives. The disk activity is (asumming full scan)

    • looks for drive types to check the autorun status (local: call one Windows function for each disk type to determine if is removable)
    • checks application (local: checks a handful of registry entries, well-known disk files and such to read what version of applications - Chrome, Firefox etc. - are installed)
    • Wifi scan (again, some registry queries, and Wlansvc profile enumeration - which can be a few directions and XML files); router scan - scan for browsers cache (enumeration, find the file, read *one* file)
    • Windows update can, indeed, offer a batter to the disk where the update database is kept, but to scan 5 disks, no way
    • Indicators of Risk scan might be a cause, but this is a collection of small/short routines, usually reduced to checking registry, system configuration, Windows calls - some of them might indeed prove costly, but no "scan all disks"

    We are indeed investigating seriously what might cause this (at least, at this time, assuming the culprit is the automatic run of vulnerability scanner) and follow up with details as soon as we identify what exactly runs and why it causes all disks to be scanned.

  • Ironbuket
    Ironbuket ✭✭✭

    Yesterday we switched over to summer time where I am and this morning (next system startup) the unwanted scan ran 2Hrs after startup instead of 1 as it has been doing so up until now. This may mean that other people are seeing this scan occur 2hrs after system up depending on where they are in the world. Seems a bit weird, not sure how the math involved in working out when to run the scan is varying in that way. I have my update period set to 8hrs currently - so it isnt that. I have every drive in my system (apart from the OS) excluded from scans and this is just ignored and they all get scanned. I have looked at an older second W10 system I have which uses the same BD licence and that also has these unwanted scans running. To me this eliminates any possibility of it being something caused by my system.

    NB: This is not windows update. I have taken multiple videos of the disk activity any time I hear the drives power up. Windows own activity tends to occur right after the system is powered up or later and at what seem random times. These only last a minute or so at the longest. The BD scans last nearly 10mins. If I hide my drives it takes 6mins.

    I know why you might think it was Windows related, but the activities that Windows may do are usually on a 24hr cycle in the task manager. So once it has done it, it wont do it again for a while. If I turn on my system the BD scan will run withing 1-2hrs. If I then restart the system, it will do it again. It will do it every time the system is restarted. If the system is left on for many hours, BD does not do another scan. This only occurs after a system restart.

    The BD scan causes 100% disk usage on my older other system. On my main system, Im just concerned about the noise and potential needless wear, but on older systems you may see a serious performance hit if you were using the drives for something else at the time.

    On my main system, I see CPU usage of about 1-2% at idle before a scan. During the scan this can go as high at 15%. And this is on a 5800x. All the other issues aside, how much electricity in the world is being wasted by all these BD clients running wasteful scans?

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • camarie
    camarie Principal Software Developer BD Staff

    Well, these automated scans are offered for a reason. Obviously the general scan does not fit all the usage scenario - your comments shows clearly you want this to not happen.

    What I can tell you at this time is this there are two separate tasks that are on my watch:

    • first that prevents automatic background tasks if the Vulnerability module is set to OFF in main interface; this one I implemented it and it is in tests already, and it should solve completely the issue by simply not allowing automated scans to run at all if disabled (manual scans will still can run if the user clicks Vulnerability Scan)
    • second, "scan 1 hour after boot" that you reported; there are multiple things that I need to dig into, such as 100% disk usage and CPU 15% and what exactly is happening.

    "NB: This is not windows update." Sorry for not being more specific; I was not referring to an accidental Windows update - obviously WU does not start every time one hour after boot - but to the Windows Update component from Vulnerability Scan, which we do invoke on scanning if the corresponding flag in settings is enabled - and this WU scan, executed by our scan, can be quite costly. This was what I had in mind.

    And about this - can I ask you some more details in this thread in future messages? First things first, obviously, I'll review all the scanners and whatever activity (CPU and especially disk) might do, but maybe there are particular conditions (computer in sleep for example) on which we might want to skip or at least postpone the scan - I am not sure yet myself on how would be better, but at least I would like to have feedback on various usage scenarios.

  • Ironbuket
    Ironbuket ✭✭✭

    Well the scan is back to 1Hr again today, so yesterday was just a blip. I have sleep disabled on my system (Sleep = Never). Hibernate is disabled. BD email support already have my system logs and have responded that the behaviour is normal or that the logs dont contain anything - im not sure which as the responses were confusing.

    I ran the application capture log before and only stopped after one of these scans ran, so for BD support to tell me there is nothing unusual in the logs seems bizarre. At the very least there must be something in there that says why BD is scanning the drives I would have thought. I asked for the password for the log file (it is encrypted) so maybe I can find it for them, but it hasnt been provided. (Case = 1007239418)

    Both I and the other person on Reddit with exactly the same problem, tried turning off the entire Vulnerability module weeks ago. It has no effect at all. I even went through the entire client and turned everything off that had an off switch and this made no difference. The only way I found to stop the scans was to uninstall BD. When I do that there is no unusual disk activity after 1Hr of system up.

    I have taken a video of the scan activity in resource monitor and am planning to upload it. Im a bit worried about it accidently sharing something that would be a security issue for me, which is why I havent done it yet. Let me know if this is something you would be interested in.

    My feeling is that it may be related to TiWorker.exe which seems to run at the same time as the scans start. BUT this doesnt run exactly 1hr after startup if BD is uninstalled. TiWorker.exe does run on a clean system, but at other times and doesnt scan drives. At the very least, if Windows is the trigger for these scans, it is BD that triggers Windows into doing this at the 1Hr mark which then triggers BD, i.e. BD is the root cause.

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • camarie
    camarie Principal Software Developer BD Staff

    TiWorker.exe is a part of Trusted Installer service; I'm not sure why this would be related to/triggered by VU scan, since we don't do any installation (at least, not in the automatic scan process). The thing here is the automatic scan runs although it seems it should not, and this is what I have changed last week and will appear in the next update.

    Meanwhile I will continue to check also other possibilities, although I think the desired behavior is now as you wanted. Not to say the current behavior is wrong - it is simply so by design, a design we decided to change in accord to your feedback and internal observations.

  • Ironbuket
    Ironbuket ✭✭✭

    Ive edited and uploaded my video to YouTube. I'll try to send the link to you in a private message.

    I dont think your design should be changed because of me. It should be changed because it is wrong. If you have a look at the video Ive uploaded, I dont see how any rational person could think this was acceptable to force on anyone's system and give them no control of when it occurs or what can be excluded from it.

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • I completely agree with IronBucket.

    Bitdefender should at the very least allow control of "when" (what time of day!) and 'how often' this scan does occur.

  • Ironbuket
    Ironbuket ✭✭✭

    Hi Camarie, thanks for your private reply about this and your explanation that this is an additional scan which was deliberately put in place to address a vulnerability to all computers. It doesn’t explain though why this has to run 1Hr after startup and why it has to run at every startup. Even if it ran as soon as the system started up it would be better because all the drives have spun up anyway at that time and to some extent the activity would be hidden among all the other activity going on.

    But even if it worked that way, I personally think that would still be wrong. If I restart my system 10 times today, I get 10 scans. Why? Why does it need to scan more than once a day? Why does it need to scan the same files over and over that have not changed since the previous scan? This seems to have been implemented incredibly poorly and whoever is responsible should have a talking to imho.

    This also brings up the question of why BD support on the forums and email (multiple support people). Couldn’t have said weeks ago, ‘Oh, that is a deliberate scan that does X’ instead of telling me they can’t see anything wrong and implying there is something wrong with my system. Why do support personnel not know about this ‘feature’? How many BD customers have contacted support about performance hits and been told the problem is with the customer instead of the client?

    I can imagine a lot of customers just giving up and changing to a different AV. I almost did myself, it was only the 3yr licence I have that made it worth me persevering in trying to get BD to realise this was a problem with their client and not with me.

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • camarie
    camarie Principal Software Developer BD Staff

    This also brings up the question of why BD support on the forums and email (multiple support people). Couldn’t have said weeks ago, ‘Oh, that is a deliberate scan that does X’ instead of telling me they can’t see anything wrong and implying there is something wrong with my system. Why do support personnel not know about this ‘feature’? 

    The support does not know everything. While I totally get your point, this post-boot 1 hr scan is not something exposed in the interface, it is something in the internal development documentation and usually such a decision was a compromise in itself. Placing a scan at boot can be costly, not to mention something involving Windows Update, which can slow and even delay the logon process, something that would not only spark comments, but even might infuriate users. In general, we avoid to perform operations right when Windows start - unless they are absolutely necessary - because we do not want to impact the boot experience; this is the main reason there are such scans occurring, say, 1 hour after boot.

    If I restart my system 10 times today, I get 10 scans. 

    Completely agree with you: the decisions on "should be start the operation X which might be costly" have room for improvement - your observation on 10 reboots today being particularily important - to the point where this can be made more cooperative in the product (if there is one scan, try to postpone another; if there was another scan of that type do not do another one until a certain amount of time is passed etc.). Obviously we did not design features around exceptional usage, such as 10 restarts, but these things happens for whatever reasons (failed updates, stubborn drivers) and we should consider them as part of the decision as well.

    I will do a draft of proposal today and push it to the team today, at least to have a better control and history of such operations, and I thank you especially, and the other members of community for the feedback.

    For the problem itself: the issue was reproduced - albeit not so drastically as it happens on your machine, with disk on 100% and CPU 85% - by me and by the team implementing the scanner process. They will come up with a fix in the next days (I hope) and they will release it - the affected files will arrive as signatures and will not require a product update (at least at this moment). The other changes will have to go into the normal prioritization process and I cannot say at this time when or in what form they will be released.

  • Ironbuket
    Ironbuket ✭✭✭

    Just FYI, I don’t restart my system 10 times a day. Maybe 4 or 5 would be a max for me, most often maybe 2 or 3. I don’t leave my main PC on all the time every day. I don’t think this is unusual. I switch it off and turn it back on later in the day when I might use it again. Before I worked out how to hide my drives, I was leaving my system on longer unused just to avoid having to deal with the scans from restarting it later. I would turn on my system in the evening and have to set a timer so I could turn the system off before it got to 1Hr. My only alternative being to uninstall BD and reinstall it next time I switched my system on, which for obvious reasons was not something I wanted to do.

    Please note that the thing absent from the video I sent you was what happens to mechanical drives. They get hammered with 100% usage for longer periods because they are slower than solid state drives and, in my case, have a much greater capacity. The scanning of the mechanical drives was my initial reason for pursuing this, but I did not show it in my video because those drives are where all my data is stored and I wasn’t happy about even just sharing the file names.

    Please try to be careful about how you talk about the timing of the scans, because it can come across as if you are justifying what occurred. There is no justification for this. Arbitrarily choosing 1Hr after startup is careless and obviously untested. Would it not have been possible to check if the system was in use for something else first, such as happens with the profiles to avoid AV load when the PC is doing something else? After 1Hr we are going to hammer your system and we don’t care at all what you might be doing at that point? That is not a position you can defend, please don’t try, as you risk starting to sound like a lawyer trying to avoid liability.

    I’m still confused by what you and the other BD support people keep saying; that my system is somehow unique or unusual. If anything, I would think my system gets less impact from this than other systems. 15% CPU load for me is not that great and obviously this would be higher on an older machine. I also don’t use an SSD or HDD as my OS drive. So, the 88% usage hit on my NVME at least left me with a bit left over so the whole system didn’t lock up. If I used an SSD or HDD for my OS I would be screwed.

    I think maybe your PR people should go through recent cases (when did this start, Jan-Feb?) and work out how many irate customers complaining about performance issues may have been affected by this and been fobbed off by BD support who were not even aware these forced scans were going on. It seems your own application logger doesn’t even show anything to BD support, so even if a customer did pursue this matter, they would have got nowhere with BD support.

    I don’t want to have a go at you personally, you are the only person that really helped with this. But, I think someone in BD should be coming forward and saying publicly to all users that we ducked up, we are sorry and we are going to fix it. They should also be looking at whatever team or individual did this and put in place training and testing so it can’t happen again.

    Of course, BD is right to put in measures to protect us, but if you are going to do something like this again in the future, I would suggest an email sent around to all customers informing them you are implementing a forced scan of systems that will run 1Hr after system startup and that in the longer term you will be looking at giving users control of this and integrating it into the client. Not just force it on everyone and don’t even tell your support staff, that have to deal with complaints, that you even did it...

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • camarie
    camarie Principal Software Developer BD Staff

    The situation is more complex. If we implement something we want to make it available to the users - and not just for fun of it, but really because it is necessary - but it always be the tradeoff between the "let the user full control and do only on demand, informed operations", at the risk of not running that type of scan at all and let the user without a clue, and "the user doesn't want to be bothered, so we should run automatic scans to catch problems". If the scan is light, such an automatic scan should go unnoticed in terms of resources, but in certain cases that light scan can transform in a heavier one.

    Picking a time for such a scan without bothering the user is not an easy task, and it can be influenced by many factors. 1hr after boot was not an unreasonable or untested decision - although I understand what makes you being not so happy with it.

    Anyways, we are revamping the vulnerability scan section, most likely using regular Windows scheduled tasks so we will both eliminate the running it at every boot and make it less intrusive as well.

  • Ironbuket
    Ironbuket ✭✭✭

    Just FYI, if you unmount a drive mid-forced scan, BD seems to have a fit and ramps up to 20% CPU. This would be a totally possible scenario, seeing as this is a stealth forced scan that a user wouldnt know about unless they read this thread.

    I still dont understand why the same files, that were created years ago and have not been accessed for over a year, have to be scanned over and over and over in a forced way. Often multiple times a day. Im sure the person that did this can spin some BS answer, but it seems moronic to me.

    Equally, I still dont think there has been a clear explanation of why drive and folder exclusions get ignored. Is the person responsible for this stupidity still working for BD? Can you at least transfer them to a mailroom or something where they might do less damage?

    If the person that thought it was a great idea not to send a memo to the support staff about this 'daily' forced scan is not the same person, they should probably be replaced also.

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • Ironbuket
    Ironbuket ✭✭✭

    I guess the big client update pushed out yesterday didnt include this fix? I let it run this morning and got 100% activity on my hard drive for over 5mins. Cant see any scheduled task that was associated with it and still nothing in the event logs that indicates what triggers this. The idea of the client changes is to make this more visible and controllable by the user. Something has gone wrong or just hasnt been done yet?

    Will the drive exclusions actually work when this finally gets pushed out to the client?

    Maybe was a one off, but I saw 100% usage on my NVME for a few secs during today's forced scan.

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • Ironbuket
    Ironbuket ✭✭✭

    I dont want to get my hopes up, but this morning is the first time in over a month the forced scan didnt run 1hr after system startup. Cant see how the user controls the period of the scan, does it run at another time now? Where can we control this from? I cant see it in the task manager, where is it listed? Does it take notice of the drive exclusions now, as I had these on - maybe that is the change?

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • Ironbuket
    Ironbuket ✭✭✭

    Lucky I didnt get my hopes up. Restarted computer same day and 1hr after system up I get another forced scan. Is this ever going to be fixed? Can you at least release some documentation on how this scan decides if it will run or not? Is there something that prevents it from running? I would like to know so I can do that instead of having to hide my drives all the time. Im getting really sick of this, Ive started looking for another supplier.

    If you hadnt worked it out already, when I mentioned previously the damage whoever did this has caused. I was talking about reputation damage. I chose BD for its low system impact as much as for how good it is at security. Running forced scans on my system multiple times per day is the complete opposite of low system impact.

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • RedsFan
    RedsFan ✭✭✭

    I think you have to wait for latest product update ( .65 )

  • Ironbuket
    Ironbuket ✭✭✭

    WTF? These forced scans are getting worse not better. I turned on my system this morning as as normal I hid my drives so they wouldnt be scanned when the forced 1hr scan ran. As usual it ran the scan and after that was finished i remounted my drives again. About 40mins later the scan ran again (without a system reboot inbetween)... It was bad enough having this scan run every reboot, now it is being forced multiple times without a reboot?

    Ive really had it with this now, your shty software is ruining the use of my computer. I now have to revolve my life around your shty implentantion of these scans. Unmounting and remounting drives and setting timers so I know what your shty scans are going to run. Turning off my system to avoid scans. A few days I was told and this would be fixed, what happened to that? Im uninstalling and looking for something else. I will be trying to get a refund for the remaining 2yrs of my licence, but Im expecting some BS reason why you cant do that.

    I used to tell everyone I knew to choose BD because it was a low impact client. What is wrong with your development team, you are ruining the brand - have ruined it for me. I will be telling everyone to avoid BD from now on.

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • camarie
    camarie Principal Software Developer BD Staff
    edited April 2022

    As a temporary solution for the users experiencing this to disable the Vulnerability module until the next scheduled update will fix this.

  • Hi,

    Same here.

    The vulnerability scanner is disabled, but there are 1 or 2 automatic scans per day.

  • I'm having similar problems with BD scanning an external (mechanical) HD that is use for backups. It pins the drive to 100%. I'd like this to be fixed with an update but I'm about to just uninstall the product and move on to something else. I run a "silent pc" and the constant chatter of this external drive every time I turn on my computer is driving me nuts. I've never had this problem with other security software.

  • lechiffre
    lechiffre ✭✭✭

    Hi I had this problem a while back, my comment near top of thread, and other threads of my own. I thought I would check back to see if any progress had been made. I purchased 3 year license, and ended up uninstalling product it hammered my mechanical hard drive for movies storage so much. JN234 like you it took my mechanical hard drive to 100% every day for 10 minutes. Not good wear and tear for the lifetime of the drive.

    The vulnerability scanner is soooo annoying. Camarie I appreciate you replying to this thread. It helps us as users to know that the developers acknowledge the existence of a problem. At least maybe there will be a solution in the future. For your solution "As a temporary solution for the users experiencing this to disable the Vulnerability module until the next scheduled update will fix this." I was never able to disable vulnerability scanner. The program pretty much ignores user options, give them a UI buttion but don't do anything if they click it.

    Camarie I think you guys need to think harder about the overall purpose of an anti-virus program. We pay money for this to be safe from bad effects but your software makes bad effects. Why pay money if it has bad effects? You have to allow the user some control. You take the attitude that removing user control is better for the users. You know what else stops me catching a virus? If you disable ethernet and block all internet. Disable USB ports. Disbale PC power on button. Then I never catch a virus ever! But I cannot use my PC! There needs to be a balance, and I think you guys have the balance wrong right now. You need to allow the users controll over the software. If you want to lock it down tight by default fine, but you need to let experienced users make changes if they want to. Put them in advanced settings with warnings if it makes you happy, but allow users control over their own computers. The user is not the enemy, the user is a paying customer.

    I am an IT professional and I paid for your product for 3 years, and ended up uninstalling the product because of this problem. When I consider anti-virus for my customers do you think I will recommend a product that I uninstalled because of issues? Deciding to remove control from users is going to negatively impact sales and the reputation of the product. I think it is a bad move.

    If you want to avoid simple users from making bad decisions in the AV product then just make it a bit difficult to get to the advanced settings. Put the settings in the registry, or in a text config file that has to be edited, or command line switches to the AV program. They way only experienced users get to even see the advanced options. But allow advanced users the option to have control over their own PC please. One size does not suit all. My personal preference would be a way to enable a hidden adavanced settings tab in the GUI that is disabled by default. Advanced users can enable the tab, default users don't even know it exists. The name of this forum is Bitdefender Expert Community, even by calling it that you must see that some users have more "expert" knowledge than others?

    Please fix this. Thank you to Camarie for acknowledging the issues and engaging with the community. Also thank you to Ironbuket for getting Bitdefender to take this seriously. I hope it gets fixed.

  • TireofBit
    TireofBit
    edited April 2022

    I been having this problems for a few months now, always 1h after booting PC, my 2 mechanical HD and my SSD one by one goes to 100% for like 10 mins, been searching for a solution but guess that the Bitdefender staff dosn't care about it, the saddest part is that I uninstalled the paid version y try the free version and you now what, IT DOESN'T HAVE THIS PROBLEM, only the paid or trial version has it

  • RedsFan
    RedsFan ✭✭✭
    edited April 2022

    That would mean its something in settings on total security , but what could cause this problem .... devs ?

    I do not have the problem because i'm using Antivirus free , i thought it was already solved for paid versions...

  • I wanted to post a complaint about this, but it seems I'm not alone.

    The Antivirus Shield (bdservicehost - Bitdefender Virus Shield) does a full system scan, every day at 10pm. This is not a vulnerability scanner, at least not in my case, I never had it enabled. Even if I disable the shield in options, it doesn't care. It does a scan every day.

    And I don't want it to do this.

  • TireofBit
    TireofBit
    edited April 2022

    Certainly it has to be the Vulnerability Scan portion of the software, It goes on a schedule even if it's deactivated 

  • Well in my case it's the virus shield. I just do not want any automatic, scheduled scanning.

  • Yes it shows like that for me to, but after its done go to Notifications and then to warnings and you'll see notifications related to vulnerability and the time will match with that annoying automatic scanning

  • Ironbuket
    Ironbuket ✭✭✭

    Has anyone tried this sicne the May update and how are things now? Im hestitating to reinstall this and try it out as Im getting along fine with the alterntive product Ive switched over to when BD fked this up

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • Hello @Ironbuket,

    The developers found a fix, but it's currently in a staging environment and will be deployed with the next product update.

    Regards

    Premium Security & Bitdefender Endpoint Security Tools user

  • lechiffre
    lechiffre ✭✭✭

    Will someone be the test subject and try it out please? I don't want to reinstall this product until I know for sure they have worked out how to tell their asses from their elbows.

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited May 2022

    There are no test subjects since the release will not be publically available for testing. It will go through internal testing and once developers are sure it will not cause any issue, they will release the patched version through automatic updates. It is not an easy task and will require some time to release a patch. Thank you for your patience.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • lechiffre
    lechiffre ✭✭✭

    Is there any method by which we will be notified when the fix for this issue goes live? Or do we just take a gamble every so often? Is there any mechanism whereby a user can sign up to be notified when a particular issue is resolved? How long roughly is "some time" ? A month, a few months? A year? A few years? Any information as always would be great.

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    Currently there is no update available regarding this, because the patch that are released comes with various improvements and are not related to only specific improvements.

    You will have to be in touch with bitdefender support team continuously if you want to get updated on constant intervals.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Ironbuket
    Ironbuket ✭✭✭

    Im glad I didnt wait and switched to another client. I was told by a developer in a private message on April 12th the fix would ship on May 4th. They couldnt even get that right. WTH is wrong with this company? Ive said it multiple times, but I'll say again: A major screw up like this should have been fixed in a hot patch, this is not something that should have to wait for a future scheduled feature update patch. Where do people send the bill for their replacement mechanical drives and their electricity bill?

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • Hello @Ironbuket,

    The issue was resolved in the new release 26.0.16.69.

    We are very sorry for this inconvenience.

    Premium Security & Bitdefender Endpoint Security Tools user

  • Ironbuket
    Ironbuket ✭✭✭

    When is the new release being pushed out to customers?

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • Scott
    Scott Defender of the month mod
    edited May 2022


    It's out now.


    Builds can also be tracked here: https://community.bitdefender.com/en/discussion/90962/the-current-bitdefender-version-build-number-link#latest Everybody is probably on this build by now, as my region, U.S. central time zone, seems to be on the back end of the rollout. Mine updated on the morning of the 12th.

    It can also be tracked here as well, but the build number can be off by a week or so, depending on your region.

    https://www.bitdefender.com/consumer/support/answer/32196/

    All Bitdefender Home Product User Guides:https://www.bitdefender.com/consumer/support/user-guides/

  • Scott
    Scott Defender of the month mod
    edited May 2022

    @Ironbuket Alexandru posted the information on the Products and Release notes thread.



    All Bitdefender Home Product User Guides:https://www.bitdefender.com/consumer/support/user-guides/

  • Ironbuket
    Ironbuket ✭✭✭

    Thanks for the update, I'll give it a go at some point. Does anyone have details on how this 'fix' has been implemented? I was told that the 'fix' would only stop the scan running multiple times, but BD intended to still scan once a day in this way. Does the 'fix' allow this scan to be disabled completely, either via the task scheduler (it was hinted this may be possible), the program settings or that it at least follows the drive exclusions so that drives that you dont want to be hammered with long 100% scans once a day (mechanical drives) arent?

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives

  • lechiffre
    lechiffre ✭✭✭

    Ironbuket. The once a day scan is still an issue for me if it can't be disabled.

    I don't suppose you'll take one for the team and try the new patch out? I don't want to install it again until I'm hearing from others this sillyness has been fixed.

  • Ironbuket
    Ironbuket ✭✭✭

    @lechiffre It is too disruptive to switch AV in the week for me when I need my computer for work and I cant deal with having to restart it or disable drives during work time. I was planning to have a try at the weekend, but I dont like that BD seems to use customers as beta testers and it is up to us to tell them how they messed up. Why dont they have public testing for these patches before they push them out?

    It also worries me greatly how this situation was handled and how they dragged their feet so long to make what should have been an easy fix. I know it is a bit extreme to suggest it, but imagine if there was a bug in the client that deleted files, would they take months to push out a patch to fix it? Either they do have a way to push out hot fixes and just couldnt be bothered, or even more worrying maybe they would not fix any flaw in a client version they push out no matter how serious...

    Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives