ZoneAlarm 7.0.337

Discussion in 'other anti-malware software' started by Sjoeii, Mar 19, 2007.

Thread Status:
Not open for further replies.
  1. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Hi!

    ~snip~

    ...and going back to the subject of the post, if you only use the basic functions of the ZA firewall, there is no reason to update to 7, moreover if you have problems with it. Version 7 has been updated mainly in relation to malware issues (new ZA antispyware engine, KAV SDK, smartdefence and OSfirewall).

    Fax
     
    Last edited by a moderator: Mar 26, 2007
  2. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Fax, As a ZA forum Guru, do you find that more people use ZASS and disable parts of the app they don't use, or do more people use the stand alone firewall? I used ZASS, and after a while I had disabled or never activated maybe half of the app. I began to wonder if I should switch to ZApro or go for the stand alone. :)
     
  3. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    ~snip~

    @twl845
    Uhhm, to be honest I have no idea... I personally use all ZASS 7 features. BUT I have stopped using other tools, like SS or TH or OA. To be precise I have stopped using other tools since KIS 6... never found anything that KIS did not...than switched to ZASS (I like the privacy features and the firewall as compared to KIS).

    Cheers,
    Fax
     
    Last edited by a moderator: Mar 26, 2007
  4. oldshep

    oldshep Registered Member

    Joined:
    Dec 19, 2006
    Posts:
    139
    ~snip~

    But back on topic (or maybe its a separate topic) it appears to me at least that as vendors like ZA add more capability and features to their software, it becomes more difficult to use additional stand-alone apps (i.e. dedicated AS programs like Spyware Doctor and Spysweeper). It would be nice to have only one app running and taking care of all security functions on a PC. The trouble is that in order to do that, the user needs supreme confidence in the reliability of that app. Hopefully, such reliability will be forthcoming.

    The counter argument - for a layered approach with several security apps is often made on this forum. At present, I am ambivalent - Desktop running CPF, NOD32, Spysweeper. Laptop running ZAISS 7.0.337. I follow developments for each approach with interest.

    Oldshep
     
    Last edited by a moderator: Mar 26, 2007
  5. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    ~snip~

    ...and yes Oldshep, I agree with you. I was myself for a layered approach, but everytime I was updating to latest version of one of my tools I had to troubleshoot for a couple of days to get everything back to work properly. So, I got bored... and went to single do-it-all approach, at least now I have to master my knowledge only on one tool...

    Well, I have still working licenses for NOD, KIS, OA, Prevx, SS and I like these tools.... may be one day I will come back to them :D

    Cheers,
    Fax
     
    Last edited by a moderator: Mar 26, 2007
  6. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hello All:

    ZoneAlarm 7.0.337 Pro still "allows" users a layered approach. This works, more slowly but it works.

    There are timing issues with ZA interaction with SS. I'll post more on that later today unless power goes off!

    ZA Suite uses KAV so they have implemented part of a layered approach by replacing their original AV with a better 3 rd party tool. So it seems the technical ZA designers like a "layer", or mix and match.

    If a layer is actually in place, the learning curve has already been climbed on building it and the new versions have never been more than a hour or two. Simple updates are automatic.
     
  7. Larrylesq

    Larrylesq Registered Member

    Joined:
    Feb 26, 2007
    Posts:
    5
    To Escalader:

    I eagerly await your timing results for ZoneAlarm 7.0.337 using SS. This was a huge problem with the previous version of both ZA & SS. Like I noted before, my understanding is that SS solved the issue with a recent upgrade release - but I have to wonder if the most recent ZA 7.0.337 messed with SS's work around? So, yes - your results will be very informative!

    With KAV it would take years (over statement I know) for a scan to complete - your results on this will also be very helpful.

    Thanks for all of your efforts!

    ~snip~

    Larry
     
    Last edited by a moderator: Mar 26, 2007
  8. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Hi!
    are you testing ZA Pro with OSfirewall active? Some SS shield will conflict with ZA... Probably the best, if you use all SS shields, is to turn OFF OSfirewall.

    and...indeed you are right... ZASS is already a layered approach.

    Fax
     
    Last edited: Mar 25, 2007
  9. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hello All:

    Here are the timing results on 1 PC ONLY. Use at your own risk.

    The observation is that Spy Sweeper 5.3 is the only one of my 3 tools in the layered approach that is significantly impacted in it's scan time.

    When not scanning the CPU behaves normally.

    The common factor is ZA Pro 7.0.337.

    My PC is a Dell 4700, interleaved double CPU, Pentium 4, 3.00 Ghz, 1.5GB RAM.

    Thats it for now. Scan_Time_Tests.JPG
     
  10. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Hi!
    What were the features turned ON and OFF within ZA?

    Thanks,
    Fax
     
  11. Larrylesq

    Larrylesq Registered Member

    Joined:
    Feb 26, 2007
    Posts:
    5
    Escalader:

    Wow, that is interesting! Do you think that the changes in ZA 7.0.337 may have made the recent SS update antiquated? I was hoping that these issues were resolved with the most recent updates/versions. Apparently not.

    Any advice that you can provide?

    With Respect,

    Larry
     
  12. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Nope, I have no advice at this time.

    No changes in ZA or SS settings before or after ZA update.

    Third party testing will help avoid all these unnecessary problems.

    Maybe technical support at SS and ZA will work on this now but that is probably a faint hope since we have been told vendors don't monitor our forum.

    It is wrong for vendors who ever they are to release and expect the users to fill in forms to help them debug. M$ does it , it happens all the time, but we don't have to like it.

    I'm popping over to my other forums now to post the same timing results to broaden the range of viewers.

    I claim no ownership of the attachment so anybody reading this feel free to use as you see fit. I would only ask that any technical advice you get comes back here for members.:cool:
     
  13. greenhorn113

    greenhorn113 Registered Member

    Joined:
    Nov 14, 2006
    Posts:
    149
    Location:
    England
    Thought I should add my recent experience to this thread,for a good while I have been using za pro with no problems until Friday after updating to 7.0.337 then constant BSOD and even windows security center red shield no firewall installed previously indicating za pro upto date etc.
    Now trialing KIS 6.0.2.614 as hopefully a fully featured security suite to cover firewall, av & as by the way the za license changed from previously approx 200 days remaining to over 600 days which made no sense.
     
  14. snapdragin

    snapdragin Registered Member

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Even after several requests to stay on topic were made, the off-topic posts and comments continued which resulted in this thread's temporary removal for cleanup. Those off-topic posts and comments have now been removed bringing the thread back to the technical discussion, and it's return to the forum.

    I will restate our policy again for those who may have missed my earlier post: It has always been Wilders Security Forum's policy that we don't engage in discussing the staff actions or management of other forums or websites here.

    No other posts discussing who got banned, and by whom, and where, will be allowed here.
     
  15. oldshep

    oldshep Registered Member

    Joined:
    Dec 19, 2006
    Posts:
    139
    Back on-line:D
    More stuff on ZA 7.0.377 and Spysweeper:

    First, many thanks to Escalader for the excellent data on interaction between BD, SS, and ZAP 7.0.377. My brother did his upgrade to ZAP 7.0.377. He has NAV, ZAP, and SS running on his Dell laptop. He ran an SS scan overnight and it finished normally (no crashes) but he didn't pay attention to the scan time so I can't add another data point for you at this time. I told him to rerun the scan w/ ZAP on and off and write down the scan times but he hasn't informed me of the outcome yet.

    The data Escalader provided motivated me to do some testing with my ZAISS 7.0.337 and Spysweeper. I will report my findings here. First, the machine I'm using is a Lenovo Laptop T60 - Dual core 1.8 Ghz CPU, 1 Gb RAM. Only software installed aside from the security apps is Windows XP SP2, MS Office, and a CAD viewer program. I should also mention that this is a different machine from the one I used when I was having trouble with ZAP 7.0.302 and SS.

    First thing I did was update to the latest release of SS [ZAISS off during the install]. I then ran an AV/AS sweep with ZAISS 7.0.377 w/ SS off. The scan time was ~21 minutes for AV and 1 min. for AS. I also made a note of browsing speed.

    Next I turned ZAISS off and ran a max custom sweep w/ SS. This scan time was 13 minutes. I then did a quick scan with SS and the scan time was 4 minutes.

    Next I turned on both SS and ZAISS (all SS shields off) and ran the following scans w/ the durations recorded:
    ZAISS AV/AS - 19 min. / 1 min., SS Full custom sweep - 15 min., SS Quick scan Sweep 5.5 min.

    The final set of tests I ran with ZAISS on and with SS on and all shields active (except SS AV which I don't have and "Common add sites" shield which I usually leave off). The scans and durations are as follows:
    ZAISS AV/AS - 21 min. / 1min., SS Quick sweep - 4.5 min. I also took note of browsing speed with everything on and found no noticeable slowdown.

    I then set both programs to load at startup with all SS shields (except as noted) on. So far after 1 day of use and several reboots I see no noticeable issues w/ compatibility on this machine between ZAISS 7.0.377 and SS 5.3. You could say there is a minor increase in scan times for SS (15-25%) but I don't consider this a major problem.

    So what can we say about this. It seems strange that the ZA suite would work better with Spysweeper than ZAP. It could be argued that the suite doesn't really need an extra AS app. (see the PC MAG review mentioned previously in this thread). ZAP is the program that needs additional AS help. And the suite has more stuff running than ZAP so you'd think it would be more susceptible to compatibility issues.

    I offer a few theories and look forward to any comments:
    1.) There is some unknown problem resident on the 2 computers that were tested that is causing the increased SS scan times with ZAP. (I'll know more on this when my brother reports back with his results).
    2.) There is a bug in ZAP 7.0.377 that doesn't exist in the suite.
    3.) There is some setting adjustment (like program control permissions?) that needs to be made in ZAP to help with compatibility.

    Oldshep
     
  16. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Thanks for your comments on the data, it is gratifying!

    It is good you have minimal negative interaction in your suite setup. For what it is worth I also agree with you that my ZAPro is the one that needs the extra ASW help from SS 5.3. This is a key stone in my layered defense.

    It also confirms that the ZA or SS shields on/off are not part of the solution.

    Your setup has 15%-25% slow down in SS , I could live with that!

    If your brother's tests run like yours with minimal impact on SS then I will have to look to my PC's as the source of the problem. But why the big hit on SS? and no hit on BD10? "It's a puzzlement".... from "the King and I"
     
    Last edited by a moderator: Mar 26, 2007
  17. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    Pardon me if this has been mentioned earlier in the thread, but the most important thing dictating AS scan times is your AV realtime Guard - you must have this disabled while you scan with an AS prog, else you will end up scanning every file twice ( 'cos as the AS churns up the files they get scanned by the AV and then by the AS). So if you are using ZAP with BD as your AV you'd need to disable DB's Guard while you scan.

    Perhaps this could explain the disparity? After all you are disabling ZASS (which includes an AV) while you scan, and you are disabling ZAP while you scan (which has no AV) so what happens to your AV in this latter case?
     
  18. oldshep

    oldshep Registered Member

    Joined:
    Dec 19, 2006
    Posts:
    139
    Hello TopperID,

    I don't think I understand your point. I'm pretty sure Escalader ran a matrix of all possible combinations where each app. (BD, ZAPro 7.0.377, and SS) was either on or off. So I think he did run SS scans with BD off and still got really long SS scan times. (check out his excel attachment).

    My testing was a different setup with ZAISS 7.0.377 and Spysweeper 5.3. When I said that ZAISS was on, that means all part were on (Firewall, AV, and AS)

    Oldshep
     
  19. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Uuuhm, interesting....

    Something I really did not understand so far is if, ZAPRO was tested with OSfirewall turned OFF and if this made any difference...

    Just Curious since ZAP OSfirewall is (may be) the only part "on access" that could delay SS.

    And to make the test even better, you should test also 6.5 and see the differences between the two... I have the impression that external variables like memory available (scanning is memory demanding) is not taken into account.

    Thanks, keep experimenting...
    Fax
     
  20. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    The excel attachment shows a base case with the scan time, (I prefer files/second) for BD, SS and ZA Pro scanning my HDD0 (not yours:cautious:) ALL alone, in other words BD ran it's base scan with no SS and no ZA to establish a base case and so on for the others. Base cases are standard engineering practice.

    Then I turned on the second tool and ran again and then the 3rd tool to develop the other cases.

    Only when ZA Pro NOT present does my PC produce "normal" scan times for SS. The other interesting thing is that ZA Pro's own scan times are NOT effected by the presence of either BD 10 or SS 5.3. So if an odd shield in ZA pro were causing the SS slow down, that same setting has no impact on BD or ZA itself. Thus it appears as if the problem/issue/bug is directed against SS only. Seems weird but there it is.

    I am prepared to do further experiments, but I am hampered by lack of detail in two categories.

    1) How do I find out how many files ZA Pro has processed during it's ASW scan? It it only shows a % of files processed not an actual value the elapsed time shows during scan but disappears when scan finishes. This forces me to stand over the darn thing with a stop watch!

    2) I will repeat every single case for this thread with all shields/features off on those tools in each experiment S1, S2 .... etc. But from ZA Pro I need to have the whole detailed list posted here, can someone please provide that?

    Oldshep, it would be great for this forum if I passed you the excel file so your brother / you could add those tests to the thread? I would need a disposable email address from you/him via PM to be a safe sender! A set of tests with a different PC and replacing BD 10 with NOD would generate a lot of interest here.

    RAM, always effects performance, but since it was the same for all the experiments it is clearly a wash and not part of the explanation.

    While waiting for the missing data, should I submit the attachment to Webroot technical support? It is their SS 5.3 product being degraded so it is likely they my know about this issue and will able to give us more information.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.