Big Problem with Threatfire

I wanted to test threatfire with the trojan simulator.I disabled Antivir real time guard and downloaded the trojan simulator using Opera.I run the file and threatfire gave the alert as expected.But the alert was:known threat quarantined and you have to restart your computer.
I restarted and what: there was no Opera.It deleted my opera browser.I uninstalled threatfire and installed Opera again.
I wanted to share my experience.

 

maybe u pressed open file instead of save to a dir and the file was still in teh cache when it was quarantined hence the opera installation damage...a restore of your quarantined file and ccleaner(or mere cache clearing) would have saved ya the hustle.

 

A similar thing happened to me last year with the Sleipnir Browser. You should've been able to restore it from quarantine although that didn't work in my case.

 

YEP,

ThreatFire takes along the parent process in some instances. Therefore ALWAYS choose to set a RESTORE point before quarantaine

Cheers Kees

 

Hm...wasn't aware it did...anyway,if you create a restore point for every prompt u get from TF u'd better go for a 2Tb HDD.