Mini Spy

Loading...

Latest Threads

Loading...
 

ThreatFire Level 5

Discussion in 'All Other Security Software' started by Gnosis, Aug 30, 2012.

  1. Gnosis

    Gnosis Well-Known Member

    Reputation:
    0
    Joined:
    Apr 26, 2011
    Messages:
    2,476
    Likes Received:
    210
    I am really pleased with Threatfire. I use it to complement Sandboxie, as a few of you already know. I always keep it at Level 5 since I do not use any other realtime protection such as Avira, Avast, AVG, Norton, Kaspersky, etc.

    Threatfire at level 5 is a whole other animal than it is at level 3. Novice users might prefer level 2 or 3 when running it along side a real time AV. I like level 5 because it is not only an aggressive behavior blocker, but it acts like a software firewall as well. When Windows updates XP, I know about each little behind-the-scenes activity. It is no different when Dr. Web wants to extract scan statistics from my usage of their product; Threatfire informs me of PUP(s) and then is capable of blocking that action. I feel like anything that runs in the background will be exposed with Threatfire AV at level 5. That is the piece of mind that I pursue incessantly, yet not obsessively.
     
  2. madyrocksin

    madyrocksin Regular Member

    Reputation:
    0
    Joined:
    Jul 30, 2012
    Messages:
    534
    Likes Received:
    1
    how is it different from Paranoid mode in HIPS ???
     
  3. Tom172

    Tom172 Regular Member

    Reputation:
    0
    Joined:
    Feb 11, 2011
    Messages:
    968
    Likes Received:
    15
    Level 5 would drive me up the wall. Security for me is a balancing act of staying protected yet not being intruded by alerts and warnings 24/7.
     
  4. Gnosis

    Gnosis Well-Known Member

    Reputation:
    0
    Joined:
    Apr 26, 2011
    Messages:
    2,476
    Likes Received:
    210
    I could not agree with you more, Tom, but I must say that as you learn what is safe and "whitelist" it, you will never know TF AV is there unless a real threat is present and causing malicious symptoms that alert TF's behavior blocker, or a legit program that you just added to your PC needs to be white listed. It is not a whole lot different than setting up a software firewall, and you get the behavior blocker as well.

    Most tests of TF AV are done at default level 3. If it was tested against malware behavior at level 5, it would be a whole other ballgame altogether.

    As I understand it TF AV is a behavior blocker, not a host intrusion prevention system (HIPS)--not technically anyway, but I guess for slang you could accurately call it a host intrusion detection system (HIDS).
     
  5. madyrocksin

    madyrocksin Regular Member

    Reputation:
    0
    Joined:
    Jul 30, 2012
    Messages:
    534
    Likes Received:
    1
    ohk thanks :)
     
  6. D Bone

    D Bone Regular Member

    Reputation:
    0
    Joined:
    May 28, 2011
    Messages:
    99
    Likes Received:
    1
    Is Threatfire still being developed? I didn't think it was.
     
  7. MrXidus

    MrXidus Super Moderator MalwareTips Staff

    Reputation:
    1,000
    Joined:
    Apr 17, 2011
    Messages:
    2,213
    Likes Received:
    494
    I've heard many things such as Symantec taking the power behind ThreatFire and incorporating it into Norton and most of PCTools staff are now working for Symantec.

    With Symantecs intervention, ThreatFire seems dead. Also, That same webpage design has been there since 2008. http://www.threatfire.com/
     
  8. D Bone

    D Bone Regular Member

    Reputation:
    0
    Joined:
    May 28, 2011
    Messages:
    99
    Likes Received:
    1
    As much as Windows has changed since the last TF update, I would say it has to be lacking something, somewhere.
     
  9. Gnosis

    Gnosis Well-Known Member

    Reputation:
    0
    Joined:
    Apr 26, 2011
    Messages:
    2,476
    Likes Received:
    210
    I am glad you all touched on this. I can say that I get new updates most days, so someone is supporting it. Everyone thinks it is dead because "Threatfire" looks to be abandoned. But you must search "Threatfire AV". If you search most software sites with that you will see that it is indeed up to date.

    It is important for me to remind everyone that PC Tools does not endorse the way I use Threatfire AV as a stand alone. They actually promote it to be used along side your AV, whether it be Avira, Avast, AVG, Kaspersky, or Norton.



    Notice the version number for 2008 on the left side of the page at this link: http://www.threatfire.com/

    Then look at the version number here: http://www.pcworld.com/downloads/file/fid,64144-page,1-c,antivirus/description.html

    And then here: http://download.cnet.com/1770-20_4-0.html?query=threatfire&platforms=Windows&tag=srch&searchtype=downloads&filterName=platform%3DWindows&filter=platform%3DWindows

    It may not be a high profile program that PC Tools or Symatec makes a big fuss about when they improve or update it, but someone is giving me fresh updates, and new versions have been released over the last few or four years.

    I like Threatfire most of all because when the super rootkits and viruses that Iran, the US, and others are developing get out into the wild, I will not be relying solely on signature based products that will fail miserably during that scenario. There is something about a behavior blocker that is more and more appealing every day in this brave new world of ours.
     
  10. Umbra Polaris

    Umbra Polaris Security Configuration Expert MalwareTips Staff

    Reputation:
    1,000
    Joined:
    May 16, 2011
    Messages:
    10,709
    Likes Received:
    4,181
    what about the resources usage, CPU & RAM working set?

    TF was reputed to be a resource-hog.
     
  11. Gnosis

    Gnosis Well-Known Member

    Reputation:
    0
    Joined:
    Apr 26, 2011
    Messages:
    2,476
    Likes Received:
    210

    Not at all, in my experience. One of the reasons I have liked it is because it never makes anything hang or slows anything down. It is the quietest and most efficient real time security I have ever witnessed.
     
  12. Umbra Polaris

    Umbra Polaris Security Configuration Expert MalwareTips Staff

    Reputation:
    1,000
    Joined:
    May 16, 2011
    Messages:
    10,709
    Likes Received:
    4,181
    Could we have a screenshot?
     
  13. Gnosis

    Gnosis Well-Known Member

    Reputation:
    0
    Joined:
    Apr 26, 2011
    Messages:
    2,476
    Likes Received:
    210
  14. Gnosis

    Gnosis Well-Known Member

    Reputation:
    0
    Joined:
    Apr 26, 2011
    Messages:
    2,476
    Likes Received:
    210
  15. Gnosis

    Gnosis Well-Known Member

    Reputation:
    0
    Joined:
    Apr 26, 2011
    Messages:
    2,476
    Likes Received:
    210
  16. Gnosis

    Gnosis Well-Known Member

    Reputation:
    0
    Joined:
    Apr 26, 2011
    Messages:
    2,476
    Likes Received:
    210
    The program size is 19.16 MB.
     
  17. Plexx

    Plexx Guest

    Reputation:
    0
    Out of curiosity, how much did you tweak the services and OS?
     
  18. Gnosis

    Gnosis Well-Known Member

    Reputation:
    0
    Joined:
    Apr 26, 2011
    Messages:
    2,476
    Likes Received:
    210
    Threatfire is the only thing that I allow to be in the startup folder via msconfig.

    The following are the only services I have running according to msconfig: Windows audio, background intelligence transfer service, CryptSvc, DCOM server process launcher, DHCP Client, DNS Client, event log, COM + Event system, HID input service, IMAPI cd burning, server, Mozilla maintenance, Windows installer, Plug and Play, remote procedure call (both), Security accounts, Sandboxie, Task scheduler, system event notification, SHELL hardware detection, System Restore, terminal services, windows time, themes, Windows management instrumentation, automatic updates, USB 300, Wireless zero.

    Other than that I have done a couple mods in the registry; one to force all programs shut when I click "shutdown" or "restart", and another to adjust page fault settings for quicker shutdown and startup. I have also terminated "error reporting" except in the event of a catastrophic OS failure, or crash.

    My system takes about 35 seconds from powered off to internet access. That is not bad for this old thing.
     
  19. Gnosis

    Gnosis Well-Known Member

    Reputation:
    0
    Joined:
    Apr 26, 2011
    Messages:
    2,476
    Likes Received:
    210
    I just installed a database update for TF. I usually get updates every day, but this is the first in a few days.
     
  20. D Bone

    D Bone Regular Member

    Reputation:
    0
    Joined:
    May 28, 2011
    Messages:
    99
    Likes Received:
    1
    I've never used TF, so when you say that you installed a database, is it like a typical AV where you hit update, or do you have to go to the website and download and install the updates?

    Also, I went to the TF website and the download is described as:

    ThreatFire Version Information

    Current Version: 4.7.0
    File Size: 8.59 MB
    Release Date: November 25, 2009
    Operating System: Windows® 7, Vista™, XP, and 2003

    November 2009 was a long time ago!
     

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Loading...
MalwareTips.com is an independent website.All trademarks mentioned on this page are the property of their respective owners.