Taken Threatfire for a spin and oh dear....

Hi

Been reading a few posts re Threatfire and having tried Cyberhawk for a while thought I'd see what it was like.

On various reboots certain apps wouldnt load in sys tray and then would. Said apps couldn't be opened manually ( specifically SafeSpace and Returnil)

SafeSpace was working in Task Manager but sys tray said it wasn't connected, failed to launch and thought memory was corrupt.

Last reboot TF wouldn't load and THEN..... Revo Uninstaller wouldnt load, Threatfire's uninstall wouldn't work and the Add/Remove Programs won't work.

Seems TF doesn't like being uninstalled

Not saying it's TF's fault but it would appear to have serious conflicts with certain other apps.

 

Some conflicts have been noted. What other security apps. do you have installed? Any other HIPS?

 

if yoy're running XP go to services in control panel make sure it is set on manual not auto then try that should do the trick.

 

Hi 19monty64

Yeah Online Armor

OA loaded fine each boot. It was SafeSpace and Returnil that were unhappy.

In fairness to Threatfire I might unload OA temporarily and see if I can find where the conflict lies

 

Hi 2good

Sorry, which service are you referring to ?

 

Some have noted a conflict between OA & TF. Try TF minus OA. Escalader uninstalled TF for the OA learning thread for that reason. Try TF for a bit to decide which one you like better. Both are very light and efficient in my experience, but not together. HTH

 

Hi thanks

Ok I'll test. If the conflict does lie there OA is the keeper for me in any event for various reasons

Worth seeing how TF works with Returnil and SafeSpace.

I'll post back.

 

Hi,
TF and OA free are not on speaking terms, I can assure you that.
Also I would look at free RAM. I have trouble running TF with DeepFreeze(similar to SafeSpace or Returnil) on 512 RAM box; DF will not function properly. But there is no such difficulties on 1 gb box. Good luck.

 

I'm behind a router, so the FW isn't an issue for me. TF is as quiet as BoClean, so you may want to test it out with some "FP's" or leak-tests to get an idea of how it performs. It has root-kit scan too, for those that have issues with Avira's r-k scanner.

 

Hi

Always found Cyberhawk eerily quiet as well.

Without going OT there are various features in OA that make it the long term keeper but I'm going to see if it is definitely OA and not the other two that TF has trouble with.

@perman -thanks for that also

 

I'm torn between OA & TF, both being long-term keepers. I just wish they'd get along!!!

 

Right

Couple of reboots without OA, and Returnil and Safespace and Revo for that matter are all quite happy.

Interestingly on the first TF install, on completion of the install it asked for a reboot to properly install drivers. Not so the second time. Some find of driver conflict ?

Anyway, as always, just goes to show running two HIPS type apps together will usually run into problems.

On this occassion, just very quickly

 

I can't remember having any trouble running OA Free with ThreatFire, but it's been a few weeks since I had them installed together. You would think they should be able to get along as OA Free seems good in that area, and TF runs well with both Webroot Desktop Firewall and ZA Antispyware. You know considering how fortunate we are as "Hobbyists" to have so many choices of free security software today verses even a year or so ago, you'd think we would be happy with running one HIPS, but Noooo!. LOL. I myself am still torn between keeping ZA AS and TF, or going back to either OA Free or WDF. I do feel however, that with either one of those two I wouldn't need TF.

 

What we need is more computers to handle all our faves. I'd be happy with 2 or 3 more. Then we just need to somehow get the days extended for more hours!

 

Is anyone using ThreatFire with either ZA Pro, ZA Antispyware, or the ZA ISS? They all have the Triple Defense Firewall and I was wondering if you feel TF is needed because of what all the Firewall protects against? I understand TF is a Behavior Blocking HIPS and a very good one at that. However I am debating just how much protection I really need.

 

I read up at ZA's forum before installing (ver.408 ). I just couldn't work up the nerve, and I'm too beta'd out to try the more stable (beta)version that they're recommending

 

Hi, folks:

I am using ZA AS with TF, no conflicts.
The reasons behind my enlisting TF are:
(1) it is an excellent freeware
(2) it does not slowdown system(RAM tolerable) nor net surfing
(3) it is very quiet, fewer F.P.
(4) it is a second Safety, capable of stopping malware's touch down just few
yards from end zone.
(5) it is an on-going project provided by another responsible corporate friend

Unless someday somehow its ceiling falls from above, it is a keeper for me.

 

Hi Old Monk , every time you install security software they seem to startup automaticly,if you go in control panel under administrative tools you'll find all the software that start automaticly, if you click on Threatfire and disable ie or on manual you should be able to uninstall it.

 

Thanks Perman. I always liked using TF and so far I am liking what I see with ZA AS. I like 19monty64 was fearful of installing it, especially after reading the Zone Labs Forums in the past. However having heard some good things about it recently, it helped me with my decision to do so. I'm on a wireless PC behind a Wireless Router Firewall and in the past didn't feel I needed a Software FW, but because of the added OS Firewall and the Wireless Protection ZA offers, it makes me feel better about having one installed. Now that you have confirmed that TF is a nice addition to ZA AS, I may finally get over my indecisiveness about whether I should keep them or go back to WDF. Thanks. I do wonder however exactly how the Wireless Protection actually works.

 

Hi, Wordward:

You are welcome.
As to ZA's wireless protection, it works this way, seems to me anyway.
When your wireless device picks up any open network within your vicinity and is attempting to hook on, ZA will alert you and giving you two options. It is not an absolutely foolproof protection, but it at least offers user an extra layer of security. Especially when you use public Wi-Fi hot spots. Good luck and take care.
P.S. another way to protect your wireless , if it is on auto mode, is to
go to control panel>network connection>wireless network>properties>advanced> choose "Access point(infrastructure)network only" The default setting is "any available network" and it is not very safe.

 

With my D-Link, ZAP can be used to allow you to configure the security of my router so that the use of ZAP is enforced for all or selected users. Haven't tried it yet (yes...yet) but it at least allows that option. And yes, TF stays...

 

Beta tested for OA so I have an affinity . Also, love the concept of Banking Mode and alerts on Active X content. OA is I think more fully featured and flexible but that's just IMHO. I do try and remain objective.

So true monty, so true

Again Wordward very true. But isnt it fun . Now no signature based apps on my machine at all and 2 out of the 3 are free!!

Thanks 2good, got there via Safe Mode and all went well.

 

I personally do NOT recommend running TF alongside another HIPS/behavior blocker, as I've experienced all sorts of erratic symptoms while doing this, from missed detections from either and/or both to an unstoppable cascade of popups from the other program. For some reason, with TF drivers installed, all parent processes will request to modify the memory space of their child - this, combined with TF's aggressive self-defense methods, may be to blame.

On the bright side, you don't need other HIPS/behavior blockers with TF installed, and vice versa. So just pick the one you like, no need to worry about "decreased" (which, in reality, is nothing but redundant) protection.

 

...with a router-TF
...without-OA
...testPC-both, and then some...

 

Thanks solcroft for that explanation on TF

... that sounds like fun

Bit like Battling-Tops ( bet no-one remembers those) - last man standing