Ask Questions Here - ReHIPS Features & Unexpected Behaviors

Started by HJLBX, April 11, 2016, 01:56:50 AM

Previous topic - Next topic

Tarnak

It is a known problem, apparently: "DPI scaling problem with some software running on Surface Book"  Google is your friend.  ;)

Tarnak

I have had a problem when booting up and logging in with my password on my Surface Book.  It takes a few minutes for the login window to go away after entering my password.  This only started after I had allowed a popup from ReHips, earlier.

....I wanted to place my image, here, but wasn't permitted to do so....


I have disabled ReHips from starting at boot via Task Manager.  This has enabled me to login without the delay, I mentioned above.   

The following line is taken from the rules log for ReHips:

20/10/2016 0:03:03 AM: Program C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe with PID 1840 executing program C:\Program Files (x86)\Panda Security\Panda Security Protection\bspatch.exe with PID 3876 - allowed with children inspection

Is there a way to reverse any change that occurred by my allowing that popup?

HJLBX

Quote from: Tarnak on October 21, 2016, 03:51:29 AM
I have had a problem when booting up and logging in with my password on my Surface Book.  It takes a few minutes for the login window to go away after entering my password.  This only started after I had allowed a popup from ReHips, earlier.

....I wanted to place my image, here, but wasn't permitted to do so....


I have disabled ReHips from starting at boot via Task Manager.  This has enabled me to login without the delay, I mentioned above.   

The following line is taken from the rules log for ReHips:

20/10/2016 0:03:03 AM: Program C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe with PID 1840 executing program C:\Program Files (x86)\Panda Security\Panda Security Protection\bspatch.exe with PID 3876 - allowed with children inspection

Is there a way to reverse any change that occurred by my allowing that popup?

You are running:


  • Webroot
    Voodooshield
    Panda Security
    ReHIPS


together on a single system = problems because of the overlap of HIPS functionality with process inspection  by multiple programs beginning at boot.

bspatch.exe allows the virus signatures to be updated incrementally; it is a signatures update module.  It will run even if you have the virus component of Panda disabled.

Tarnak

@HJLBX

I believe that I can run these together...All have been running fine on Surface Book.

The only problem is with the introduction of ReHips.  That is the only HIPS specific program in my security setup.  Maybe, I could delay the startup of Rehips, for say, five minutes at bootup?  There is always a way to overcome a problem, surely?

Does anybody from ReHips, other than beta testers, give advice to address problems, when running the software?

P.S. If i reset the rules to default, wouldn't that fix the bspatch.exe problem?

Umbra

#364
@Tarnak

When you have Voodooshield + ReHIPS , you won't need Webroot or Panda. because the point of having Anti-exe is too ditch Real-time AVs (that hog the system).

Anti-exe are superior to AVs , if you have the skill to use anti-exes properly , you already supposed to know that AVs are useless compared to them.

shmu26

getting back to the problem printing from isolated Adobe PDF Reader:
I am not sure what kind of printing I am trying to do.
I just click on print, in Reader, but it doesn't connect to the printer.

aDVll

Quote from: shmu26 on October 26, 2016, 09:55:03 AM
getting back to the problem printing from isolated Adobe PDF Reader:
I am not sure what kind of printing I am trying to do.
I just click on print, in Reader, but it doesn't connect to the printer.
Anything blocked? Can you share logs while you try to print?
To start i would try allowing network access to adobe reader in case in does some local communication to print the file. That's what it should need.
For example for me.

QuoteC:\Windows\System32\svchost.exe with PID 788 executing program C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe with PID 1132 - allowed with children inspection
C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe with PID 1132 execution - allowed

shmu26

Hi, thanks
This time around, I reinstalled ReHIPS from scratch, and to my surprise, I have no problem printing from isolated Adobe Reader.
This is in spite of the fact that according to the settings, it does not seem to have access to print spool, see screenshot.
So I don't know how it prints, but it does.

aDVll

Only write is blocked. Glad you solved it and i see you have network enabled so maybe i was right.

Umbra


Blomkist

Can I buy a license thru the application link or this is just for the stable release version?

Umbra

Quote from: Blomkist on November 27, 2016, 12:58:03 AM
Can I buy a license thru the application link or this is just for the stable release version?

i guess it is for the old stable version, but after you can convert it by contacting the support/devs here. They will do for you.
better ask first before purchasing.

shmu26

I bought through link, and the key I received was only good for old edition.
But Fixer gave me the key I needed, through PM.

Blomkist

Thanks for the replies, I will test it for few days and see if it can be put permanently on my system.

shmu26

you should be able to test it just fine with the demo version, with the exception of Chrome, because Chrome starts a lot of processes.
If you want to test chrome in isolation, and you have extensions, you will probably have to use a default profile that has no extensions. Then, you hopefully won't go over the limit...