Taken Threatfire for a spin and oh dear....

Discussion in 'other anti-malware software' started by Old Monk, Nov 15, 2007.

Thread Status:
Not open for further replies.
  1. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Hi

    Been reading a few posts re Threatfire and having tried Cyberhawk for a while thought I'd see what it was like.

    :ouch: :ouch: On various reboots certain apps wouldnt load in sys tray and then would. Said apps couldn't be opened manually ( specifically SafeSpace and Returnil)

    SafeSpace was working in Task Manager but sys tray said it wasn't connected, failed to launch and thought memory was corrupt.

    Last reboot TF wouldn't load and THEN..... Revo Uninstaller wouldnt load, Threatfire's uninstall wouldn't work and the Add/Remove Programs won't work.

    Seems TF doesn't like being uninstalled :D

    Not saying it's TF's fault but it would appear to have serious conflicts with certain other apps.
     
  2. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    Some conflicts have been noted. What other security apps. do you have installed? Any other HIPS?
     
  3. 2good

    2good Guest

    if yoy're running XP go to services in control panel make sure it is set on manual not auto then try that should do the trick.
     
  4. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Hi 19monty64

    Yeah Online Armor :cool:

    OA loaded fine each boot. It was SafeSpace and Returnil that were unhappy.

    In fairness to Threatfire I might unload OA temporarily and see if I can find where the conflict lies
     
  5. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Hi 2good

    Sorry, which service are you referring to ?
     
  6. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    Some have noted a conflict between OA & TF. Try TF minus OA. Escalader uninstalled TF for the OA learning thread for that reason. Try TF for a bit to decide which one you like better. Both are very light and efficient in my experience, but not together. HTH
     
  7. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Hi thanks

    Ok I'll test. If the conflict does lie there OA is the keeper for me in any event for various reasons

    Worth seeing how TF works with Returnil and SafeSpace.

    I'll post back.
     
  8. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi,
    TF and OA free are not on speaking terms, I can assure you that.
    Also I would look at free RAM. I have trouble running TF with DeepFreeze(similar to SafeSpace or Returnil) on 512 RAM box; DF will not function properly. But there is no such difficulties on 1 gb box. Good luck.
     
  9. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    I'm behind a router, so the FW isn't an issue for me. TF is as quiet as BoClean, so you may want to test it out with some "FP's" or leak-tests to get an idea of how it performs. It has root-kit scan too, for those that have issues with Avira's r-k scanner.
     
  10. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Hi

    Always found Cyberhawk eerily quiet as well.

    Without going OT there are various features in OA that make it the long term keeper but I'm going to see if it is definitely OA and not the other two that TF has trouble with.

    @perman -thanks for that also :)
     
  11. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    I'm torn between OA & TF, both being long-term keepers. I just wish they'd get along!!!
     
  12. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Right

    Couple of reboots without OA, and Returnil and Safespace and Revo for that matter are all quite happy.

    Interestingly on the first TF install, on completion of the install it asked for a reboot to properly install drivers. Not so the second time. Some find of driver conflict ? :doubt:

    Anyway, as always, just goes to show running two HIPS type apps together will usually run into problems.

    On this occassion, just very quickly :D
     
  13. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    I can't remember having any trouble running OA Free with ThreatFire, but it's been a few weeks since I had them installed together. You would think they should be able to get along as OA Free seems good in that area, and TF runs well with both Webroot Desktop Firewall and ZA Antispyware. You know considering how fortunate we are as "Hobbyists" to have so many choices of free security software today verses even a year or so ago, you'd think we would be happy with running one HIPS, but Noooo!. LOL. I myself am still torn between keeping ZA AS and TF, or going back to either OA Free or WDF. I do feel however, that with either one of those two I wouldn't need TF.
     
  14. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    What we need is more computers to handle all our faves. I'd be happy with 2 or 3 more. Then we just need to somehow get the days extended for more hours! :D :blink: o_O
     
  15. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    Is anyone using ThreatFire with either ZA Pro, ZA Antispyware, or the ZA ISS? They all have the Triple Defense Firewall and I was wondering if you feel TF is needed because of what all the Firewall protects against? I understand TF is a Behavior Blocking HIPS and a very good one at that. However I am debating just how much protection I really need.
     
  16. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    I read up at ZA's forum before installing (ver.408 ). I just couldn't work up the nerve, and I'm too beta'd out to try the more stable (beta)version that they're recommendingo_O
     
  17. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks:

    I am using ZA AS with TF, no conflicts.
    The reasons behind my enlisting TF are:
    (1) it is an excellent freeware
    (2) it does not slowdown system(RAM tolerable) nor net surfing
    (3) it is very quiet, fewer F.P.
    (4) it is a second Safety, capable of stopping malware's touch down just few
    yards from end zone.
    (5) it is an on-going project provided by another responsible corporate friend

    Unless someday somehow its ceiling falls from above, it is a keeper for me.
     
  18. 2good

    2good Guest

    Hi Old Monk , every time you install security software they seem to startup automaticly,if you go in control panel under administrative tools you'll find all the software that start automaticly, if you click on Threatfire and disable ie or on manual you should be able to uninstall it.
     
  19. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    Thanks Perman. I always liked using TF and so far I am liking what I see with ZA AS. I like 19monty64 was fearful of installing it, especially after reading the Zone Labs Forums in the past. However having heard some good things about it recently, it helped me with my decision to do so. I'm on a wireless PC behind a Wireless Router Firewall and in the past didn't feel I needed a Software FW, but because of the added OS Firewall and the Wireless Protection ZA offers, it makes me feel better about having one installed. Now that you have confirmed that TF is a nice addition to ZA AS, I may finally get over my indecisiveness about whether I should keep them or go back to WDF. Thanks. I do wonder however exactly how the Wireless Protection actually works.
     
  20. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, Wordward:

    You are welcome.
    As to ZA's wireless protection, it works this way, seems to me anyway.
    When your wireless device picks up any open network within your vicinity and is attempting to hook on, ZA will alert you and giving you two options. It is not an absolutely foolproof protection, but it at least offers user an extra layer of security. Especially when you use public Wi-Fi hot spots. Good luck and take care.
    P.S. another way to protect your wireless , if it is on auto mode, is to
    go to control panel>network connection>wireless network>properties>advanced> choose "Access point(infrastructure)network only" The default setting is "any available network" and it is not very safe.
     
  21. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    With my D-Link, ZAP can be used to allow you to configure the security of my router so that the use of ZAP is enforced for all or selected users. Haven't tried it yet (yes...yet) but it at least allows that option. And yes, TF stays...
     
  22. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Beta tested for OA so I have an affinity :) . Also, love the concept of Banking Mode and alerts on Active X content. OA is I think more fully featured and flexible but that's just IMHO. I do try and remain objective.

    So true monty, so true :D

    Again Wordward very true. But isnt it fun :cool: . Now no signature based apps on my machine at all and 2 out of the 3 are free!!

    Thanks 2good, got there via Safe Mode and all went well.
     
  23. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    I personally do NOT recommend running TF alongside another HIPS/behavior blocker, as I've experienced all sorts of erratic symptoms while doing this, from missed detections from either and/or both to an unstoppable cascade of popups from the other program. For some reason, with TF drivers installed, all parent processes will request to modify the memory space of their child - this, combined with TF's aggressive self-defense methods, may be to blame.

    On the bright side, you don't need other HIPS/behavior blockers with TF installed, and vice versa. So just pick the one you like, no need to worry about "decreased" (which, in reality, is nothing but redundant) protection.
     
  24. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    ...with a router-TF
    ...without-OA
    ...testPC-both, and then some... :D
     
  25. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Thanks solcroft for that explanation on TF

    ... that sounds like fun :D

    Bit like Battling-Tops ( bet no-one remembers those) - last man standing :ouch: :ouch:
     
Thread Status:
Not open for further replies.