If you turn off Real-Time Protection how long before "it turns back on

As for the Hearthstone issue: have you tried EXCLUDING its folder or something? Any error message when WD is active and you run it?

eLPuSHeR said:

As for the Hearthstone issue: have you tried EXCLUDING its folder or something? Any error message when WD is active and you run it?

Yes - Here on Build 17063, I believe I have tried every option available within the Windows Defender UI: Excluding the related Blizzard and Hearthstone folders, allowing the programs through firewall, disabling firewall, disabling cloud-delivered protection, and disabling all of the Exploit protection settings.

Hearthstone still won't run, in those scenarios, I believe.
The only thing that works, is to turn off Real-time protection.
You can test it yourself rather easily, just install the free game.

My main feedback item is here: https://aka.ms/E7jgg4
The log file (at C:\Users\[Username]\AppData\Local\Blizzard\Hearthstone\Logs) says:

Code:

2017-12-24 08:30:43.301: [BattleNet] [Main] Unexpected state changes WaitForInitRPC -> InitRPC (Void LogWarning(System.String, System.String) at :0)
2017-12-24 08:30:58.472: [BattleNet] [SslSocket] Exception while ending client authentication. System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: The server stopped the handshake.
  at Mono.Security.Protocol.Tls.SslClientStream.SafeReceiveRecord (System.IO.Stream s) [0x00000] in <filename unknown>:0 
  at Mono.Security.Protocol.Tls.SslClientStream.OnNegotiateHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 
  at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 
  --- End of inner exception stack trace ---
  at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 
   at bgs.SslSocket.OnAuthenticateAsClient(IAsyncResult ar)
------------------------------- (Void LogError(System.String, System.String) at :0)

We're not going to troubleshoot this issue here, unless you have another workaround or solution that works. I suggest you install the game, verify the error I gave you, verify the workaround, and if you're up for a challenge, try to find another workaround or solution. Thanks.

In the meantime, this thread should focus on its subject.

Thanks,
Jacob

I guess Build 17063 is an insider build or something, right?

If so, then maybe there is some bug with WD, but is it only affecting ONE GAME?

Could you check WD's detections using Powershell?

Get-MpThreat
Get-MpThreatDetection

Maybe there is something there not being properly notified.

PS - If on Steam, did you do a filecache validation for the game?
PS2 - Can you scan the game with another util like Dencal suggested?

Layback Bear said:

bo elam please share your secret methods used to be secure without security programs.

I believe something of this value should be shared.

After all we are here to help, share and learn with/from each other.

Jack

Hi Jack. Achieving security for your personal computers is not rocket science. Thats not a secret, a couple of guys in this thread aim to discourage members from learning and make it appear as it is not something that can be achieved by normal regular users like us. But they are wrong. You are asking me to share, I am glad to do it.

I ll try to make it short and easy to capture the essence of what I have been saying. You said something about my, "secret methods used to be secure without security programs". I havent said that I don't use any security programs. The bullies said that. Read my posts in this thread so you ll see that repetitiously I have said that I dont use scanners but use security techniques that don't require virus definitions to protect my computers. Not using an AV doesn't mean that I don't use security programs. Because I do.

Real quick. What is the weakness of depending on antiviruses for protection? Antiviruses need constant updates to keep up with the new malware that comes out every day. As new malware gets released, your antivirus cant protect you immediately as it takes days or weeks before a signature gets developed. Between the time the new malware comes out and your AV develops the signature for it, you are unprotected. That is the weakness of the AV.

So, what is the solution? How can you protect yourself effectively? My point was that there are security techniques that can protect without the need of constant updates or definitions. They dont have the weakness of the AV as they dont rely on constant updates to protect the computer. This techniques are proactive and protect your computer from zero day threats. This techniques protect your computer against fresh malware, from day one. You are never unprotected.

What programs I use for security? I use 2 programs, Sandboxie and NoScript. NoScript is an script blocker for Firefox and Sandboxie is a sandbox program that you can use to isolate every program and file that runs in your computer from the file system, the registry and other programs. When you run programs and files in the sandbox, they cant touch the system. So, I guess you can say my secret is that every program and file that run in my computers run sandboxed every time they run during their lifetime in the computer. It works for me. Read this short thread from a couple of days ago, is related to those 2 programs, I take part on it and take it as proof that I use security programs and that I am not a lunatic or dumb, as I have been called.
NoScript 10.x Under Firefox 57.x - Sandboxie Support

In my personal case, when I started using Sandboxie, I used it along an AV. That is the recommended way for using Sandboxie as the AV protects you against malware that is known to the AV, and Sandboxie handles the rest. Combining techniques is really the perfect way to protect yourself. Eventually, I stopped using the AV, but that's not what I am recommending. That is not something that is to be recommended or encouraged to do. What I am suggesting is that there are better techniques to protect computers than AV, Sandboxing is just one of them. Finding whats best for you is the key.

Achieving strong efective security not only depends on the programs you use, it also depends on your habits. But lets leave that for another day. HTH.

Bo