Possible conflicts with security software?

Discussion in 'other anti-malware software' started by dw426, Jun 15, 2007.

Thread Status:
Not open for further replies.
  1. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    SOLVED Possible conflicts with security software?

    Hi guys, I have an issue I can't quite figure out. Here's a rundown of the security I have:

    1.Router

    2. Firefox with AdBlockPlus and NoScript extensions

    3. Avast Home AV

    4. Online Armor trial firewall

    5. DefenseWall trial

    6. SuperAntiSpyware Free

    7. SpywareBlaster

    Now that you know my setup, here is my problem. I'm aware that Online Armor and DefenseWall have web-checking abilities, meaning they check webpages and filter out bad things. I THINK Avast does this partly too as the Avast globe spins when loading a page. My issue is when using Internet Explorer, Online Armor warns me of ActiveX on MSNs' homepage.

    I choose to block it, and then the page loads VERY slowly and then goes black except for the title bar at the top. It completely freezes the browser and I have to force it closed. I have no such issues with Firefox. Do I just have 1 too many filters trying to act at once and freezing things up? Also, Online Armor seems to have an AV within it because it wanted me to scan for viruses upon setup.

    I downloaded the firewall trial only though. Is this going to interfere with Avast? I may possibly go back to using the free version of Avira as since I installed Avast things have slowed down a bit. Not saying the program is bad at all, maybe it just not right on my setup. Anyway, thanks for reading this and I look forward to your replies.

    EDIT: I have since tried shutting down On-Access scanner/Providers in Avast and loading the page. The page loads very quickly now, but then immediately freezes solid. So maybe a conflict between OA and DefenseWall?
     
    Last edited: Jun 17, 2007
  2. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    I'm running Avast!'s webshield and standard shields only. I also have OA2 without the AV+. The scanner you mentioned is a basic scanner that shouldn't interfere with anything. I also have spyware blaster, and SAS free. I was able to get to msn in both ie and firefox. Firefox loads it fast and perfect. I did have to refresh 2-3 times in IE7 to get it to load up though. It was hanging on me. I tried disabling both programs web shields alternating them and it didn't make a difference here. The page loads with an error almost every time. OA didn't mention the ActiveX control when I tried. My settings may be different too. Also, my settings may be different in IE as I don't use it.

    Avast has many shields that can be disabled if your not using them. That may speed things up. OA2's Web shield and Avast's Web shield seem to be working fine together on my machine. Not sure if this feature is available in your version of OA, but click My Web Sites and look at the msn site and you can change it to trusted. Mine is currently set as unknown and I don't get the ActiveX prompts. I also tried setting it to untrusted and that didn't change anything.

    I'm not familiar with DW, so I can't help with that. I am running Sandboxie though with FF and that makes no difference. I think there may be a problem with the website because of the errors. Maybe someone else can give it a try in IE. Also, for reference what version of IE and what version of Windows are you using? I'm using IE7 and Windows XP home SP2.

    Something I didn't do that you may try is clearing your browsers cache and then try again.
     
  3. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Hi Innerpeace, thanks for replying. I'm actually having no trouble at all when I access MSNs' homepage in Firefox. The ActiveX control there seems to be used in a part of the webpage where various news items flash on and off. Other than that 1 ActiveX warning the page loads fine in IE. But once it's loaded completely it just freezes solid, I can't even type another URL in the address bar.

    So, I'm beginning to think it's that particular page itself, but I don't truly know. I'll report back after a couple of different things I'm going to try.
     
  4. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Good luck and let us know how it goes. If you want me to try something, give me a yell. Cheers
     
  5. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Well, that was a lot quicker than I thought it would be. This time I went in SuperAntiSpyware and changed IE7's homepage to Google.com. Unfortunately it had the exact same effect, it froze like ice. I'm using IE7 on Windows SP2 by the way. I really wouldn't care if it weren't for the fact that there are a handful of websites I have to use that only work properly in IE.

    I'm trying to look here and there but since before today I've not used DefenseWall or Avast and Online Armor, I'm not real sure what settings I need to be looking at. I pretty much left all 3 on default settings.

    EDIT: Innerpeace, just to try one other thing I clicked on Windows Update in the Start menu, was taken to the update page with no problems and was able to surf a few other pages trouble-free. But if I simply click on IE and get taken to the homepage, the issue comes right back.
     
    Last edited: Jun 15, 2007
  6. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Hey, I just thought of something. Does DW have policies that run programs with limited user accounts? OA2 does this too with certain programs. It's called 'run safer'. Double click OA2 icon, click programs, find IE7 (mine shows 2 IE entries) this one will have Advanced options when you right click the correct one. Then see if the 'Run safer' box is checked or unchecked. This could be part of the problem. Again, I'm not sure what features are available in DW.

    I just ran ccleaner, paused Avasts webshield, stopped OA2s web shield and then loaded IE7 with google as my homepage. I then loaded msn with no problem, but there was this error which I clicked to view. I then ran ccleaner again, then enabled the web shields and tried again and the page loaded slowly, but it loaded with no errors.

    There is also an extension that can load IE within firefox, it's call ietab. https://addons.mozilla.org/en-US/firefox/addon/1419 I'm not sure if that would help in your situation or not.
     

    Attached Files:

  7. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Hey Innerpeace, yep, the IE entry in OA did have Run Safer checkmarked. I'm half afraid to disable that as I don't want to lessen my protection. Interestingly, I realized that by opening up CCleaner and asking it to check for updates, it would open IE and go to their homepage. Sure enough it did and I surfed trouble-free from their website.

    It only starts giving me issues if I open IE the normal way. I have noticed I have 2 IE and Outlook Express icons in my Start Menu now. I'm not sure if one is unprotected and the other is or what.
     
  8. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    I think DefenseWall isolates your risky programs, so your safe. OA2 does a similar thing with it's run safer, so there could be a conflict. Do you have process explorer? It's like a 'souped up' task manager and there is a way to check for sure if your running as admin or not. What other security software do you have? Even your on demands. Some of them have the option to protect your home page and could be conflicting. I usually stick to one and then when I install new security programs and updates, I search around to make sure they don't duplicate the protection. Try disabling the SAS home page protection and see if that helps. I don't see any setting in OA2 that would protect the homepage, so I think your safe there.

    I wish somebody that had DW would stop by and say hello to help with the settings.

    If your running DW, try this. Right click OA2 icon and then select 'deactivate hips feature'. run ccleaner and try IE7 again. If it works, then it's probably a conflict with OA2 and DW duplicating protections. When your finished, you can re-enable protection if you wish.

    Edit: looking at the OA website, the program is suppose to protect your home pages. I'm not sure if it possible to disable this or not, but you only want one program doing this.
     
    Last edited: Jun 15, 2007
  9. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    I THINK we've found the issue. I shut HIPS off in OA, rebooted, and now opening IE normally and surfing causes no issue whatsoever. But now I'm a little worried about leaving HIPS off in OA. I liked it warning me about applets and ActiveX and such trying to load, but I also like how DW protects me too. I wonder, does DW let such things run and then gets rid of them when you close out a browser session such as Sandboxie does?

    If that is the case, I would guess it would be safe to leave HIPS disabled in OA as anything I do withing the Untrusted browser in DW would be undone once the browser is closed. I'm pretty new to this whole HIPS and Sandbox stuff, so I don't really know what to look out for as far as conflicts and what is better than what.
     
  10. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Were you planning on buying OA2 after the trial, or just let it go the the free firewall with limited features? If so you might ask at the forum if disabling the HIPS is the same thing as the free limited version. I could ask if you want. I can't answer the part about DW vs. OA2. One thing I am worried about is what part of the HIPS is disabled. Many firewalls needs HIPS to be completely effective to prevent leaks. I'm very new to sandboxes and HIPS too.

    Edit: https://www.wilderssecurity.com/showthread.php?t=177094 This is a recent discussion that may help some of your DW questions.
     
  11. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    That's a GREAT question, I could be putting myself at a real bad risk not having HIPS on in OA. I was thinking of buying both OA and DefenseWall as they are highly touted programs on this board. I tend to come here for reviews of software I want to try instead of looking at most of the computer magazine sites. I've noticed they tend to test on old machines and I worry that maybe their virus/malware samples they use in testing are new enough to really give a good idea of how such security software works.

    As far as the issue at hand, I seem to be looking at either getting rid of OA and keeping DW with a firewall like Comodo (which I believe also uses HIPS and may cause issues), or keeping OA and going with SandBoxie, which also seems to be well-liked here.
     
  12. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    I'm using OA2 and Sandboxie with no problems. If DW and OA2 don't get along, you could find out how to tweak the individual settings that are conflicting. Comodo does have basic HIPS, and it's new version 3 is suppose to have a lot of HIPS capabilities. It will probably be comparable to OA2.

    I would post at tallemu.com forums and ask them about compatibility and or how to tweak them to get along. They are very helpful there, but it is a slow forum.

    Off topic: can you do me a favor and open OA2 and when you do, does your Avast icon keep spinning? Also, can you right-click the Avast icon and click Avast log viewer and then look under the 'Error' and 'Warning' boxes to see if you have a lot of tallemu/onlinearmor entries. I found a work around, but I just wondered if I was alone with this issue. Thanks, innerpeace
     
  13. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Hey Innerpeace, I opened up OA and the Avast Icon didn't even move. I checked the Avast log and have absolutely no emergency/critical logs. I guess I have a lot of reading ahead of me to do, I hate to get rid of either program. I'll head over to the forum you suggested and see what I come up with.
     
  14. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Ok, you could also post at the DW forums too as I hear their very helpful also. The developer posts here at Wilders alot. Thanks for checking out the Avast things for me.

    Cheers, innerpeace
     
  15. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England

    DW doesn't block ActiveX's. Not sure about applets. And no it doesn't get rid of stuff when you close it like Sandboxie. I'm no expert on DW but i've constantly been told it runs vulnerable apps as 'untrusted'. Which means that if you run IE untrusted then anything running through it is also untrusted. Therefore anything untrusted doesn't get access to critical system location's where harm could be done. Think i got that right, but i'm sure someone will correct me if i'm wrong.

    muf
     
  16. tamdam

    tamdam Registered Member

    Joined:
    Feb 8, 2007
    Posts:
    88
    Yep,that's right

    I don't think DW duplicates web browser settings, cache etc. like SandBoxie does, it just denies the web browser access to critical files. Which means any activeX control you install has no access to critical system files, and folders you specify in the "secured areas".

    As for conflicting with OA2, I don't know, but I'd say both being HIPS theres a good chance for conflict. I don't think its necessary to have both - one or the other provides good protection. I personally use DW + Comodo FW mainly because its less popups than OA2, and I prefer sandbox HIPS over behaviour based ones, and also because its cheaper. But OA2 is also excellent - can't go wrong with either solution. But I wouldn't use both together.
     
  17. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Hi guys, thanks for all the replies here, you've been a lot of help. I was unable to post at the OA and DW forums as my lovely ISP decided the email servers were going to go down. I've decided, at least for the time being, that I would just keep using the trial of Defensewall and switch back to Comodos firewall. ( I agree with Tamdam, a whole lot of popups with OA. Not that it's a bad thing, but if I can keep good security and keep things easy on the other people in the household, then all the better).
     
    Last edited: Jun 16, 2007
  18. MaB69

    MaB69 Registered Member

    Joined:
    Dec 9, 2005
    Posts:
    540
    Location:
    Paris
    Hi dw426,

    Did you tried to uninstall Avast's Network Shield ?

    MaB
     
  19. CogitoErgoSum

    CogitoErgoSum Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    641
    Location:
    Cerritos, California
  20. Riverrun

    Riverrun Registered Member

    Joined:
    Feb 19, 2007
    Posts:
    376
    Location:
    ~
    Glad you got you're problem is sorted. I'm testing DW as well at the moment. Last night, I had the first real hassle with it. I was upgrading to Media Player 11 and DW kept blocking the downlad. I tried everything I could think off, removing MP from untrusted, running it as trusted, disabling protection and in the finish, I had to uninstall DW in order to upgrade. It was a pain, I can tell you. It's back on now because of the protection it affords but it's not as simple to use as it seems on the surface and I for one am on a learning curve with this program.
     
    Last edited: Jun 16, 2007
  21. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Well Riverrun, I haven't tried downloading and trying to install any programs through DW yet, but yes, you're right, for a newb like me, it's not a very easy to understand program. I'm still attempting to try different things based on posts I read here in the forums. My next line of thinking was to get rid of Avast, OA2 and DW and just replace it all with Avira free, Comodo and Sandboxie.


    I understand from reading here however, there is an issue with Comodo and LinkscannerPro, which is a piece of software I really have interest in trying out. If LinkscannerPro along with Firefox, Sandboxie, Avira and Comodo keeps me reasonably safe, I'd save money and a lot of these conflict issues. I guess I would still need some sort of HIPS software, though SSM and Cyberhawk type stuff I just can't get my head around.

    *sigh* If Linux would have just worked out a little better for me, I might not even be having to worry about all this. But I'll play the cards I got dealt and do what I can :)
     
  22. Riverrun

    Riverrun Registered Member

    Joined:
    Feb 19, 2007
    Posts:
    376
    Location:
    ~
    I'm a newbie as well but I love the solid protection DW provides. Don't give up on it just yet but try to learn more about it. Every HIPS is difficult and DW seems the easiest of the lot. DW is worth the effort, I think.
     
  23. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    I'll keep trying yes, I don't want to give in too quick. I am however going to either have to pick it over OA2 or OA2 over it as they certainly don't like each other, at least on my system.. I have all the installation files so I can always reinstall once I've tested and figured out exactly what works best for me.
     
  24. Riverrun

    Riverrun Registered Member

    Joined:
    Feb 19, 2007
    Posts:
    376
    Location:
    ~
    By the way dw426, I'm running SandboxIE (trusted) and DW together and no conflicts. SandboxIE woulden't terminate in the untrusted mode but since I changed it's status, things are back to normal and I have the benefit of these two great programs.

    I run my browser in SandboxIE and since the browser is untrusted, DW is active as well and provides extra protection.
     
  25. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Well, I've had a little more time to play around with different things, and the confusion just keeps trucking along :) My current test setup is :

    OA2 (the firewall is really really nice, I'd like to give it more time)

    LinkscannerPro trial

    SandBoxie (DefenseWall for some reason never shuts down properly and I have to use task manager to kill it, so it's sidelined for now)

    SAS Free (Is this program taking a LOT longer to load than previous versions or am I nuts?)

    SpywareBlaster

    Avira Free

    Router

    Does anyone else notice that if you run say Firefox in Sandboxie that sometimes LinkScannerPro gives a wrong scan result unless you manually scan it again? If I run Firefox unsandboxed, I get accurate results the first time from LinkScannerPro.

    Other than that weird little thing, I feel that I've got a reasonably secure setup and my computer is finally booting up without taking a month and now responds pretty quickly while surfing. Of course me being the newb, I'm open to any suggestions to changes/alternatives/settings. If anyone has an idea about that Sandboxie/Linkscanner issue I'm all ears :)
     
Loading...
Thread Status:
Not open for further replies.