ZA Pro's TrueVectorService shut off by...

Discussion in 'other firewalls' started by Perman, Jun 7, 2007.

Thread Status:
Not open for further replies.
  1. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: This is what has happened today. After upgrade Prevx2 to build 12 and during updating McAfee AS Enterprise's database, Za pro's truevector service was suddenly shut off. I reboot trying to bring it back to normal. The system just would not load it up, and hung right there. I repeat several times to no avail. Why would a service so esential as it can be turned off by another app ? Strange and let me worry. Has anyone had any clue? I have since removed ZA pro in Safe Mode. I will not reinstall it until I have received a reasonable explanation. Puzzle indeed.
     
  2. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    I'm the wrong guy to answer this one. I went through 200+ posts trying to optimize ZA pro with help from Stem and others and a lot of flack from the lurkers. Bottom line it has bugs they won't admit and unknown call homes to the mother ship!

    IMO scrap it install another FW ASAP, especially if you don't have a router out front. Why not try COMODO and join in on our learning thread ?
     
  3. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,723
    Location:
    localhost
    The best is to contact Prevx support... so they can troubleshoot the conflict in their latest Prevx build...

    I am not running Prevx at the moment... waiting for final VISTA release.

    Cheers,
    Fax
     
  4. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: Thank you guys' replies. I have since re-enlist McAfee Desktop F.w. v.8.5 and works smoothly. And meantime Prevx2 has updated twice since my encounter to build 20, I do not know whether my problem has been addressed with these updates. Hi, Escalader, I tested Comodo F.w. before settling down w/ McAfee, it has excellent functionality, user interface etc, very impressive indeed. BUT it has conflict issues w/ my existing apps, such as DU meter,O&O clever cache etc, causing system hang(extrem high CPU, memory usage), I have to let it go. Otherwise, a brilliant design work. As to ZA pro, I might give it another try,but will be very reluctantly, I mean ,ZA Pro's heart-TrueVectorService can be shut off by something? How good this piece of J--K can be?
     
  5. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hi Perman:

    Right I hear you, rare these days I know with all the advocates about! TrueVector shut down! That is a BUG, pure and simple and all the explanations in the world will not make it go away. You are wise to seek alternatives. I did that for different but well posted reasons. :D

    I'm working with Stem on the optimization of CFW V2.4 settings on another learning thread since I'm testing it on my setup. Have a look sometime if you get bored:D

    So in that spirit, can I have your permission to post your issues with CFW version ? over on their forum?

    If you prefer you could do that yourself, PM the details to me or Stem?
    They are working on a beta V3 and your items may help improve the product. We have already found a bug maybe 2 and their forum welcomes this data since their developers are participating in the forum there!

    Many moons ago I had the McAfee FW but dropped it, for the life of me I can't remember why? Let me know how it goes on that one!

    Take care!
     
  6. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, Escalader: I have my endorsement to post my issues onto Comodo's f.w. forum. I think they do have high spirits and respectable determinations to make their products standing above the crowd. My O/S is winxp home sp2, 512 mb RAM, P4. I have Avast home, DeepFreeze, BlackIce, ComodoBoClean , McAfeeAS enterprise 8.5 sa and Prevx2 running background at that time. Thanks.
     
  7. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Okay, will do, if they have questions I'll forward them to you! :cool:
     
  8. EASTER.2010

    EASTER.2010 Guest

    I can't believe i.m still reading True Vector problems after all this time. :eek:

    I ran into issues with that same service WAAAAY BACK when we all used Windows 98/Me. Zone Labs never really cured it permanantly back then so i ditched it for Kerio which is still going strong to this day.

    True Vector used to suddenly and without warning knock me off the internet too numerously untill i got fed up with it.
     
  9. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, Easter, Pleased to hear this. Now I can tell myself; ZA go he--. Never touch my box again, ever. I am so surprised that after all these years(since 98/me era), ZA never had any chance to fix its heart-I mean TrueVectorService. In stead of transplant, they still rely on pacemaker to buy more times, I mean ZA may very well stay afloat on a borrowed time. Pity.
     
  10. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Perman:

    The guys over there want to know what version CFW you were on when these issues arose for you? They seem to think the bugs are fixed, but that would have to be confirmed / tested. Let me know please.

    These CFW bug posts are OT so I hoping the moderator will move them to the CFW learning thread?
     
    Last edited: Jun 10, 2007
  11. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi,Escalader: I d/l from comodo's web site on June 7/07 v. 2.4. Something else to add to : I believe I have SuperAdBlocker and AVG AS running real time as well. I know these two apps use up a lot of RAM. Hope this helpful.
     
  12. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,723
    Location:
    localhost
    Its somehow normal that conflicts can be introduced by new build of security tools. Both ZA and Prevx hooks at kernel level and small design change can lead to incompatibilities.

    I had (long time ago) a conflict between Prevx and ZA, it required a prevx kernel driver re-design... but prevx support is very reactive and fixed it in a relatively short time.

    EDIT: Another simple explanation is that during the reboot/shutdown, the system didn't release ZA system files, This can cause ZA database corruption. Resetting the ZA database in SAFE MODE could have fixed the problem without the need to uninstall. Its a good norm that during an update of security tool (e.g. Prevx) to shutdown ZA or (if you are not behind a router doing NAT) to disable the ZA OSfirewall. By the way I see that some users have problems with latest 20.21 update too...

    Cheers,
    Fax
     
    Last edited: Jun 11, 2007
  13. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, Fax, thanks for your post. Yes, I had ZA pro truevector problem earlier w/ prevx1, then prev1 fixed it. The latest problem occurs as soon as build 20 is updated. I will try to rectify the puzzle later following your advice. Thanks.
     
  14. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Perman - Like Escalader I finally had enough of the BS with ZA and switched to Comodo. I have had NO problems since. :D
     
  15. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,723
    Location:
    localhost
    Your welcome!
    I am waiting for a VISTA UAC compatible Prevx in order to install it back on my machine...

    Looking forward to it.

    Cheers,
    Fax
     
  16. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    It is helpful, I'll add this to the Beta Post I made there for you. :D

    I'm wondering now what your whole set up is security wise. It is possible to get conflicts with real time security software. My 1st question to the CFW guys was does it play well with SS 5.3 and BD AV10. They confirmed it did and so far they have been right!

    Have a look at the list in my signature and please provide your own. If you don't want to publish your own software (which is understandable) just PM me.
     
  17. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Yes, very easily.
    Most problems are not so apparent as a service/program being shut down. Underlying problems/conflicts can cause protection failures without notification/apparent problem.
     
  18. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, Stem , Thanks for the expert's advice. Can you be more specific, using layman' languages ? I like to learn more from you, and I am sure that friends here would like to, too. Thanks.
     
  19. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, Escalader: I have no reservation in releasing my defense lineups, if it can be utilized to perfect a good app. They are: all are recent versions.
    Virtualization: Deepfreeze Home
    FireWall : McAfee Desktop firewall
    AV : Avast home
    CIPS : Prevx2
    IDS : Winpatrol plus
    IPS : BlackIce PC Protection
    AS : McAfee AS Enterprise
    AT : ComodoBOClean
    Utilities : O&O Clever Cache Pro v.6.1
    O&O Defrag Pro.10
    DU meter, PC Thrust
    Window Blind 4.6
    Paragon Hard Disk Manager Pro.8.5 and
    TuneUp Utilities 2007 plus some reg cleaners,
    D/L manager, Disk/Internet cleaner etc

    On demand : SAS free
    O/S : P4, 512 MB ram, WinXP, home sp2, D-Link wireless router, cable

    Hope these helpful, any suggestions re this lineup are very much appreciated.
     
  20. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Using laymen, not so easy, but will try:

    I then first need to put forward a situation that could possibly give ref to this.

    As simplistic as I can think of (no disrespect to anyone)

    You have at home a phone (your PC: frontend, what you see on the PC monotor), you then have the exchange where the phone need to connect to before a call is connected to (Kernal),.. so when you make a call, you are connected to the exchange, then connected/redirected to the number you want. So we would have Phone->exchange-> connection wanted.
    Such as a security application will "hook" into the "exchange", this is basically where your phone calls are going to another exchange, (interception/redirection), so all calls are going to another "exchange" and processed there. This is how (as example) execution prevention" is made (do not allow a call) from a popup.
    Now,... when 2 applications are attempting to intercept these calls at the same time, there are many problems, most mainly on the resolvement/process of these, as each security app will attempt interception/process (it does not work well)
     
  21. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Wow, thats way way more than mine, but that is not saying anything.

    In your earlier post you said "Avast home, DeepFreeze, BlackIce, ComodoBoClean , McAfeeAS enterprise 8.5 sa and Prevx2 were running background"

    Just to confirm, you mean real time right?

    I have highlited your real time one in red, it that the whole list?

    One rule is never have 2 AV's active at the same time so one question is do you? I don't know if you have a conflict or not, but with such a long list the chances seem high.

    Stem may know but others will also weigh in here to help.

    If I were you ( and I'm not) I would send your list here to every single vendor tech support group and ask them if they see any obvious conflicts. Some might even answer. They tend to say yes, get rid of the other guy's tool for marketing reasons, but you can ask.

    I asked SS if they clashed with BD AV 10 and they said no if I leave their AV off in real time. I do that and it has worked for me to date.

    On your current set up, one thing you could try would be regarding:
    AS : McAfee AS Enterprise
    AT : ComodoBOClean

    AS's and AT's tend to be one and the same thing. So you could disable/uninstall one of them and see if your PC performance improves. You are behind a router so your risk is low. Or just disable and use 1 as an on demand if possible. With 512MB and that long list my guess is you are running thin on RAM. Mine is 1.5 MB dual memory with less tools so.... well think about bumping up your RAM anyway.
     
  22. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, Stem; thanks for your mapping up w/ layman's terms. It does help me to understand inside loops.
    Hi, Escalader: Thanks for your advice. At present time, my box runs very sleekly and smoothly, with the aid of O&O Clever cache pro and PC Thrust---memory usage and cup priority are optimized. Both McAfee AS Enterprise and BoClean run very quietly in background, not causing any slowdown at all. I did not re-enlist AVG AS plus and SuperAdBlocker, because their real time guard/monitor suck up too much RAMs. I will keep you posted as time progresses.
     
  23. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Okay Perman, your setup is very interesting and I'd be interested in your rationale for each of these tools you use. To quote you at my own risk of course for each tool what each does in "layman's terms" Some are obvious but for me anyway I have no idea what O&O and PC thrust do for users let alone how you came to choose them? No rush on answering since Stem has me busy or I have him busy in the CFW learning thread! My latest and greatest move was I had some ip's belonging to my own ISP blocked! Now that's :oops: . But I don't care I just keep on trucking anyway!
     
  24. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Well, my explanation was not very good, lets actually look at the low level hooking into the NTkernal, you can then see the possible problems.

    With HIPS type applications, as mentioned, they will hook into the kernal, for this example we will look at the monitoring/interception of program execution. Normally for this I would expect to see a "hook" into "NtCreateSection" (in order to gain full control over process creation on the target machine). If we look at ZA:-
    ZA.jpg

    Then look at SSM:-
    SSM.jpg

    You can see that both programs "hook" and redirect "NtCreateSection"

    Now imagine if both ZA and SSM where to protect their hooks, to ensure that malware could not change/remove these, then there can be serious problems, if for example, on bootup, ZA will place hooks, then SSM places hooks, then ZA may see this, and a fight starts between the programs, and this can then lead to possible non-boot or failure of one of the applications, or even BSOD due to the low-level conflict.

    I know SSM works around this possible problem, but I am not sure how. SSM seems to hook into the already in place hook (if there is one). But dont quote me on that.
     
  25. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, Stem: Thanks for the detailed illustrations. No wonder security gurus have been saying all along: do not squeeze too many low level hooking apps into that privileged kernel section, otherwise troubles are self making indeed. Thanks.
     
Loading...
Thread Status:
Not open for further replies.