netmon

Comments

  • I rebooted the PC tonight with the updated BDTS 26.0.34.145 and all HMPA exploit protections settings enabled and at default settings prior to the PC reboot. This included having no exploit exclusion for Windows Explorer (so exploit protection was enabled for Windows Explorer). After reboot and user login everything worked…
  • I updated to BDTS release 26.0.34.145 and rebooted with HMPA exploit protection still disabled on Windows Explorer. After logging in I did reset the HMPA exploit protection settings to default on all the apps I had previously disabled it on: notepad, wordpad, PDF X-Change viewer, OpenWith, Windows Explorer. With BDTS…
  • Update: also need to disable HMPA Exploit mitigations for "Pick an app 10" aka openwith executable. Otherwise double-clicking a e.g. PDF file in Explorer will not open the file in your default PDF application.
  • I found a HMPA support article describing how to add an exclusion for Windows Explorer, so the Windows user Desktop can load. Search for "HMPA - Black screen after latest Bitdefender Update (build 26.0.33.139)". Similar exclusions may need to be added for other applications or Exploit mitigation may need to be disabled…
  • I did further investigation. My issue appears to be related to HitmanPro.Alert and not Malwarebytes. With HitmanPro.Alert exploit mitigation enabled and running Bitdefender Total Security 26.0.33.139, various Windows applications will start and immediately crash without displaying their GUI e.g. explorer (so no user…
  • I have a similar issue, and it is reproducible. I can successfully boot Windows 10 Pro 22H2 fully updated to user login screen, select user / enter password, and authenticate, but then the user Windows desktop never displays. I just get a totally blank screen with nothing visible at all. CTRL-ALT-DEL at this point allows…
  • Sorry, I missed that. I think you just found a defect. I'm a user so assumed STEALTH would be the correct setting, but had not actually tested my setup. Actually what you need to do (and I just tested this) is turn STEALTH mode off *and* also set the firewall default application behavior to ALLOW. Which seems to me that it…
  • Maybe disabled due to network STEALTH mode? Try Protection {B shield icon} > View Features > Firewall: Settings {gear icon} > Stealth Mode: Edit Stealth settings > Turn Off
  • For the two atc.xml files you need to edit the ones on your system to be similar to the ones posted in the forum i.e. contain all the same keys although some values will be different. The xml files contain version numbered directory names, and those directory names have to match the directories that actually exist on your…
  • You can test using Firefox with SSleuth add-on, disable DES/3DES ciphers using SSleuth, and then view results using this web site with Bitdefender SSL scanning enabled and disabled: https://www.ssllabs.com/ssltest/viewMyClient.html With Bitdefender SSL scanning enabled and Firefox DES/3DES ciphers disabled, the Bitdefender…
  • Also just noticed that the Bitdefender uninstaller does not remove the Bitdefender installed personal certificate from the Windows certificate store. I assume that the same issue occurs for the Firefox certificate store, but Firefox was not installed on that PC.
  • /index.php?/profile/201429-sorin-g/&do=hovercard" data-mentionid="201429" href="<___base_url___>/index.php?/profile/201429-sorin-g/" rel="">@Sorin G., can you please comment? Is this event 7026 on WIndows 7 normal or abnormal? Does it mean ATD is not working correctly? In Process Explorer I can see each process has a…
  • Thanks to your post I checked my system, and have found the same event 7026 error, even although it appears to be working. I posted details over in the Advanced Threat Defense topic. /index.php?/topic/76646-advanced-threat-defense/&do=embed&comment=275033&embedComment=275033&embedDo=findComment"…
  • Now I am not sure that ATC is actually working on my Win 7 system since the atc boot-start driver failed to load. Can you check your Event Viewers? This may be a conflict just on my system since I notice HitmanPro.Alert driver is also failing to start. * In the gui Advanced Threat Defense is constant ON (blue) * atc.xml…
  • I have imported other (non-BItdefender) certificates into Firefox before using that process and it worked or gave me an error if the certificate was bad. I'm just guessing but one option could be one of your other security tools is blocking the certificate installation. That would be a reasonable measure considering how…
  • 1 hour ago, Tambourineman said: So I will need to research how to import A certificate safely. Maybe this post about importing Firefox certificates by Bitdefender technical support will help?…
  • Based on martin69's post, and as someone with a working config, I can verify atc.xml and LGKC\atc.xml are identical text on my system except for the last folder listed in the three folder paths for <signatures>, <gemmasig> and <gemmacemid>. LGKC seems to be Last Good copy, as it refers to older folders for each of the…
  • As long as you understand the consequences of this use change you can find it here: Bitdefender > Protection {B shield icon) > View Features > Web Protection > Settings (gear icon) > Scan SSL: (set of off) I am using Bitdefender Total Security 2018 v22.0.10.131 (clean install, not upgrade), use Firefox 55.0.3 (64-bit).…
  • This may not help, but as a counter-example I am having none of these issues with Bitdefender. Note all installs were clean installs of Bitdefender Total Security 2018 v22.0.10.141, and not an upgrade from a previous Bitdefender version: * Win 7 64-bit fully patched - ok (first thoroughly removed competitive AV product,…
  • I was a new user, clean install, of Bitdefender Total Security 2018, and am having no issues with Thunderbird 52.3.0 (32-bit). I can delete emails without any delay. I did not add any exceptions etc for Thunderbird.
  • Well Bitdefender appears to be the only AV that detects it as bad. Results from VirusTotal: https://www.virustotal.com/#/url/310e17fee782fbf677a575cfa991796eb2e1a189f892a842524e09944be64c33/detection All clean, although no result listed for Kaspersky or Sophos (Sophos on my Android phone thought the URL was ok). The Tech…
  • Note: if you need to discover/add this printer, you also need a rule for port tcp/80 (http). May be just easier to add on blank rule for all protocols? Here is the tcp/80 rule: Add a "discovery" rule: Settings tab: Apply this rule to all applications: YES Permission: ALLOW Network Type: ANY NETWORK Protocol: TCP Direction:…
  • Well the URL should be https://..... but Bitdefender still blocks the top level page. Interestingly sub pages work eg google the site name and look at the Bitdefender icons. False positive?
  • The laptop was WiFi (Windows 7). The printer was wired. They are on different local IP subnets (using VLANs in home network).
  • You might be missing a rule for SNMP status traffic from the printer. I had to manually create a Firewall rule for all applications to enable UDP outbound traffic to the remote IP address <printer> port 161 (SNMP).
  • Re Malwarebytes: I just installed Bitdefender Total Protection 2018 this week on two computers both with the latest Malwarebytes Premium already installed and running with active protection - one Win10, one WIn7 (both 64-bit). Neither Bitdefender install indicated Malwarebytes was incompatible or prompted me to uninstall…
  • Also: under Anti-Theft, Wipe, before executing the wipe command prompt for the current Bitdefender Central password and a new Google Authenticator code to verify the user is authorized. For obvious reasons I've not tested if it currently prompts for the password (it should, I just don't know). Also provide instructions on…
  • Odd - that rule allows all traffic to/from the printer ip address, and worked for me on a Brother laser printer. Did you try rebooting your computer after creating the rule? It might be possible the print spooler or a printer specific application was hung from an earlier printing attempt before you created the rule. Does…
  • I just had to fix this on my computer this morning. This rule assumes all traffic to/from the printer IP address can be trusted. I'm going to work to narrow this down, but this should work. In Bitdefender select {B} icon, View Features, Firewall {settings/gear} icon, Add rule: Settings tab: Apply this rule to all…
Default Avatar