Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot change antivirus process priority


  • This topic is locked This topic is locked
55 replies to this topic

#1 passacaglia

passacaglia

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:10:46 PM

Posted 30 May 2015 - 12:55 AM

When running the Bitdefender Total Security Antivirus I do it with no other processes running. But it takes a lot of time to perform a system scan.

 

Whereas in Task Manager all other processes are at 0% of CPU, the Bitdefender process ("seccenter.exe") is running at 01%. Task Manager calls this priority "Normal".

 

In normal mode I am not allowed to change the priority. In safe mode yes. But when I reboot to normal mode the priority has gone back to normal.

 

I also tried changing the affinity so that the process would run in only one core (or two cores), but that didn't work either.

 

I have used the elevated cmd prompt: wmic process where name="seccenter.exe" CALL setpriority 128

 

128 is high priority and the cmd syntax requires the use of those quotation marks

 

I tried this both in normal mode and in safe mode without success.

 

Task Manager was always set to show processes from all users in order to recognize Administrator privilege and Bitdefender was clicked in order to show the "seccenter.exe" process. If seccender.exe does not appear in the Task Manager, the cmd will be invalid.

 

Although my objective is to get the antivirus to scan quicker, and any help on that subject will be greatly appreciated, I would also like to know how to change the priority in any specific process.

 

Thank you very much for all the help I may receive.

 

PC: http://speccy.piriform.com/results/MATk3ABbHglPGpOaGBDFQO4Attached File  sfcdetails.txt   46.05KB   1 downloads


Edited by hamluis, 30 May 2015 - 04:57 AM.
Moved from Win 7 to AV/AM Software - Hamluis.


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:46 PM

Posted 30 May 2015 - 01:00 AM

Hi passacaglia :)

Your Speccy link isn't working, so we cannot see the snapshot. Also, if your Antivirus program isn't performing well, did you try to completely uninstall it (and run the uninstalling tool for it) and reinstall it yet? Most of the time, a clean uninstall and reinstall will solve most of the issues a program can have. I would give that a try first. What version of Bitdefender Total Security do you have? 2015 I presume?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:10:46 PM

Posted 30 May 2015 - 01:21 AM

Hi Aura :-))

 

Thanks for your immediate reply.

 

Here is Speccy link again  http://speccy.piriform.com/results/EEKAp01RicNwfcHMJXo7b8f

 

If that doesn't work I guess I'll have to uninstall and re-install Speccy again

 

I have the Bitsecurity 2015 version. I have uninstalled it and installed again twice.

 

The brochure says that the Photon feature adjusts the scan velocity to the computer's configuration.

 

I also tried running it with no external HDDs and also with all HDDs connected, but the result was the same.

 

I ran a chkdsk just to see if there was something there. At about 65% of the index check it almost froze and crawled very slowly to about 67% after which it ran normally again. So I ran a sfc /scannow, which said I had some corrupted files it could not fix. Just in case that is the problem I attached the sfc.txt report.

 

Another info I was forgetting. I uninstalled Bitdefender with Revo Uninstaller Pro. Would that have something to do with the problem?



#4 RobertHD

RobertHD

  • Members
  • 348 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere in Oz
  • Local time:11:16 AM

Posted 30 May 2015 - 01:24 AM

He's running Bitdefender Total Security 2015 I see it in his speccy in his processes. Also it's not BitSecurity.....

 

Here it is:

Process ID: 
4012
User: 
ERNESTO
Domain: 
ERNESTO-PC
Path: 
C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
Memory Usage: 
12 MB
Peak Memory Usage: 
12 MB

Edited by RobertHD, 30 May 2015 - 01:32 AM.

Robert James Crawley Klopp


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:46 PM

Posted 30 May 2015 - 06:47 AM

...Although my objective is to get the antivirus to scan quicker, and any help on that subject will be greatly appreciated...


The speed and ability to complete an anti-virus or anti-malware scan depends on a variety of factors.
  • The program itself and how its scanning engine is designed to scan: using a signature database vs heuristic scanning or a combination of both.
    ...see How an Anti-virus Program Works.
  • Options to scan for rootkits, adware, riskware and potentially unwanted programs (PUPS).
  • Options to scan memory, boot sectors, registry and alternate data streams (ADS).
  • Type of scan performed: Deep, Quick or Custom scanning.
  • What action has to be performed when malware is detected.
  • A computer's hard drive size.
  • Disk size and used capacity (number of files that have to be scanned).
  • Types of files (.exe, .dll, .sys, .cab, archived, compressed, packed, email, etc) that are scanned.
  • Whether external drives are included in the scan.
  • Competition for and utilization of system/CPU resources by the scanner.
  • Other running processes and programs in the background.
  • Whether the scanning engine stalls, hangs or freezes.
  • Interference from malware.
  • Interference from other security programs attempting to scan at the same time.
  • Interference from other programs attempting to update (download/install) components from the Internet.
  • Interference from the user (whether or not you use the computer during the scan).
Note: Using two or more program security scanning engines at the same time can cause each to interfere with the other, cause systems hangs, false detections, unreliable results and other unpredictable behavior.

To speed up a scan, clean out temporary (junk) files first, temporarily disable any other real-time protection tools, close all open programs, perform a Quick Scan instead of a Full one and do not use the computer during the scan.

In most cases when performing routine security checks, only a Quick Scan is needed since it checks the areas of your computer most likely to contain malware...the most prevalent and common places where malware typically hides. A Full Scan is generally recommended for heavily infected systems.

BTW...giving a process a higher priority does not make it go faster...it just means it gets a higher priority when more than one process wants to access the CPU at the same time. Further, priority inversion can result when a high priority task is indirectly preempted by a medium priority task effectively delaying execution or lowering priority because it can be indefinitely blocked by a lower priority process.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:46 PM

Posted 30 May 2015 - 08:44 AM

For comparison purposes, are you able to run a "Quick Scan" with Windows Defender? Does it takes a long time as well or not? And you can clean your temp files using TFC.

http://www.bleepingcomputer.com/download/tfc/

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:10:46 PM

Posted 30 May 2015 - 09:28 AM

quietman7

thank you for all the wealth of information you have provided

when running scans i use all available options (rootkits, compressed files, memory, boot sectors, registry, etc.)

quick scans last slightly over 1 minute so that's no problem

i perform about 2 daily scans. One, a full system scan and two, a custom full scan of drive C:

i occasionally perform scans in safe mode.

I did not use JRT.exe so a short while ago I performed one. At the beginning all results were fine. Not so at the end.

 

[C:\Users\ERNESTO\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\ERNESTO\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\ERNESTO\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\ERNESTO\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 

i have performed scans after a clean boot

 

i cannot vouch for having all the interferences you mention, some of which i don't understand: but i do have a interference from Malwarebytes Premium which is scanning in real time and updating itself every two hours. Plus scheduled threat scans every 6 hours.

 

Maybe I should disable it temporarily while running Bitdefender

 

I have no other real time antivirus scans. But I occasionally use Rogue Killer, AdwCleaner, and Emsisoft Emergency Kit. Also RKill before running Bitdefender and Kaspersky TDSS rootkit removal tool.

 

I never use more than one security engine at the same time.

 

You may wonder why the overkill. The reason is that I do not follow safe surfing guidelines and have to deal with malware/viruses frequently.

 

quietman7. I know you are one of the most qualified experts in Bleeping Computer (i've read many of your posts). Is there something I'missing that I should do which I haven't (except for safe surfing)? My HDD is 1 TB and has very little information in it since my most sensitive (better said "what I don't want to lose") information is on external HDDs.

 

When I'm invaded by a particularly vicious piece of script, as a last resort I use that which we are not supposed to write about. It normally deletes 3 or 4 things other programs have missed, and most probably other things which it has the bad habit of not letting me know.

 

However, I don't have the knowledge of how to interpret the log so I just leave it then an there until some good samaritan comes along and teaches me.

 

And I really would like to know, but each time I go to the malware course place there are no openings. ("come back later") And it´s amazing all the times I've "come back later" and found the same instruction posted.

 

As I mentioned before, I run the antivirus without any other open programs. But, as you say, there are probably programs and processes running in the background. But, then again, Task Manager shows all processes at 0% CPU excepting Bitdefender that is running at 1%


Edited by passacaglia, 30 May 2015 - 09:31 AM.


#8 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:10:46 PM

Posted 30 May 2015 - 09:42 AM

Hello Aura

 

No problem running a quick scan with Windows Defender

 

Took about 2 and a half minutes. Slightly slower than Bitdefender

 

I clean my temps using CCleaner several times a day. Is that OK?



#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:46 PM

Posted 30 May 2015 - 10:01 AM

Yes, it's good. By the way, when you go in the Task Manager and look at the processes list, do you click on Show processes from all users before?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:10:46 PM

Posted 30 May 2015 - 11:18 AM

yes I do in order to show I have administrative priviliges

 

by the way, though it does not seem to matter, why can't I change process priorities?


Edited by passacaglia, 30 May 2015 - 11:21 AM.


#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:46 PM

Posted 30 May 2015 - 04:13 PM

i perform about 2 daily scans. One, a full system scan and two, a custom full scan of drive C:
i occasionally perform scans in safe mode.

That is overkill and especially a daily Full scan which I noted is not necessary. Also there is really no need for a safe scan. Why not use safe mode? Some security tools like anti-rootkit scanners (ARKs) and scanning programs with anti-rootkit technology use special drivers which are required for the scanning and removal process. These tools are designed to work in normal mode because the drivers will not load in safe mode which lessens the scan's effectiveness. Other security tools are optimized to run from normal mode where they are most effective. For example, scanning with Malwarebytes Anti-Malware in safe or normal mode will work but removal functions are not as powerful in safe mode. Malwarebytes is designed to be at full power when malware is running so safe mode is not necessary when using it. In fact, Malwarebytes loses some effectiveness for detection and removal when used in safe mode because the program includes a special driver which does not work in safe mode. For optimal removal, normal mode is recommended so it does not limit the abilities of such tools.

Further, scanning in safe mode prevents some types of malware from running so it may be missed during the detection process. If the malware is not related to a running process (i.e. malicious .dll) it probably will not make a difference performing a scan in normal or safe mode. A hidden piece of malware such as a rootkit which protects other malicious files and registry keys from deletion may not be detected in either mode without the use of special tools. Additionally, if the scanner you're using does not include definitions for the malware, then they may not detect or remove it regardless of what mode is used. If you're dealing with zero-day malware it's unlikely your anti-virus is going to detect anything. However, programs like Malwarebytes can detect zero-day malware and is one reason they are recommended to supplement your anti-virus software. Also keep in mind that there are various types of malware infections which target the safeboot keyset so booting into safe mode is not always possible.
 

i cannot vouch for having all the interferences you mention, some of which i don't understand: but i do have a interference from Malwarebytes Premium which is scanning in real time and updating itself every two hours. Plus scheduled threat scans every 6 hours.

You can change the frequency of updates and Threat scans to times which do not interfere with your Quick Scans.

How do I schedule a scan or update in Malwarebytes Anti-Malware?

If you have "Scan for rootkits" enabled (new MBAM 2.0 feature), it will increase the length of the average scan time from previous versions and sometimes cause the scanner to stall (hang), freeze) or become unstable. This defeats the purpose of routinely using the recommended THREAT Scan to quickly check the most prevalent places for active malware. As such, it is disabled by default and should remain disabled when perform routine THREAT Scans.

...each time I go to the malware course place there are no openings. ("come back later") And it´s amazing all the times I've "come back later" and found the same instruction posted.

Due to the self-paced structure of training and limited number of instructors here at BC, it is impossible to say with any accuracy when slots will open. New slots are opened up as our existing trainees complete the lower levels of study and move up toward more advanced levels. This is to prevent our volunteer staff being overwhelmed by an influx of new trainees. There is no notification system in place for when slots open so you need to keeping checking back if BC Study Hall is the school you prefer to enroll in. The logistics and management of such a notification system and the fact we have a worldwide membership negate the potential effectiveness and fairness one would expect from it.

If you don't want to wait for an opening here at BleepingComputer, please be aware that training in malware removal is conducted at various other online Unite Schools to include:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:10:46 PM

Posted 30 May 2015 - 04:16 PM

Just clocked bitdefender system scan. With all ext HDD connected it froze at 48% of scan and stayed there. After 27 minutes at 48% I canceled the scan.

 

Removed all external HDD, whitelisted a folder and some files and total internal HDD got reduced to 115 GB. System scan for this took 22 minutes.

 

I plan to replace Bitdefender unless someone has a better idea.



#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:46 PM

Posted 30 May 2015 - 04:28 PM

For the sake of troubleshooting (and if it even works), if you go in Safe Mode and launch a System Scan, how long does it takes (or does it hangs)?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:46 PM

Posted 30 May 2015 - 04:47 PM

If you intend to replace Bitdender, I generally recommend ESET NOD32 Anti-Virus or Emsisoft Anti-Malware as they leave a small footprint...meaning they are not intrusive and do not utilize a lot of system resources.

See my comments in Supplementing your Anti-Virus Program with Anti-Malware Tools as to why I recommend EAM.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#15 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:10:46 PM

Posted 30 May 2015 - 04:50 PM

thank you quietman7 for your suggestions

 

i mentioned in a prior post that the "overkill" I do is because I do not perform "safe surfing". I use torrents to download classical music and books, as well as an occasional documentary movie.

 

I refer to my previous post where my opinion is that there is probably something wrong with the scan speeds of my bitdefender. In other words, I think the software is to blame and not my PC. I believe the clocked speed of scans is very poor.

 

In past years I have had Kaspersky, Norton and Eset Nod32. Maybe I should purchase a new bitdefender or try out a Kaspersky. I don't know which Kaspersky would be more suitable. The AntiVirus, the Internet Security or the Pure. I'll have to check the reviews. Maybe a new Bitdefender will be the right choice

 

Thank you all for your inputs. I have learned a lot, especially from quietman7.

 

If anyone wants to throw into the hat their preferred recommendation for a powerful antivirus, I'm open to all suggestions. And after a couple of days, if no new ideas are submitted, I think it's time to close this thread. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users