Then only thing that will come close to Threatfire is CIS HIPS and an anti executable.
How about throwing Winpatrol Pro in for registry changes monitoring.
Maybe ZOU will purchase PC TOOLS Is.
I still remember when Threatfire was CyberHawk 5-6 years back when I tried all i got was BSODS.
It shall be interesting. Eventhough it appears official that TF is no longer supported, as of the last few weeks, I continue to get updates of all sizes; database, product, etc. All I know is that I trust this behavior blocker as much as any AV/Firewall combo that I have had or seen. Regardless, I have a sandboxed RAM and a wicked on-demand scanner if all else fails.
I realize that no one wants to use so-called "abandonware" eventhough behavior blockers, HIPS, and HIDS do not require signature updates to be fully effective. That said, there are still scenarios where a behavior blocker, set to max security levels, can be of use (Biozfear and McLovin proved that). I am thinking that if a PC is heavily infected and you would like to keep it in normal mode while disinfecting, TF, or other behavior blockers could be handy on a USB, so you can knock out some of the unwanted malicious background processes, thus creating a less hostile environment for your signature based AM and AV applications to operate and cleanse. Add "forced breach mode" in HitMan Pro to that strategy and it might all come in pretty handy.
That is the link if you are interested in trying that. Save it to the desktop and then drag the TF package into your USB window. Simple as that.
ZOU, only reason I wouldn't use TF on LV5 is not because is abandonware. I have said in the past that even if a tool is no longer developed, if the current versions still work fine, there is no need to "panic".
Ill be truly honest here, TF at level 5 is slightly more talkative than ESET HIPS on Interactive Mode. Yet they both have the same function in a nutshell if you look at it at both angles.
Since I know how you like your computer, I believe I told you before (but my memory sometime fails me), use ESET HIPS on Policy-based Mode (after a bunch of interactive mode runs through your daily applications etc (since even launching IE or empty recycle bin will require a rule).
If while on Policy based you require to delete something or run something new or install/uninstall something, switch to Interactive mode, do what you need to do and then back to Policy-based.
"Since I know how you like your computer, I believe I told you before (but my memory sometime fails me), use ESET HIPS on Policy-based Mode (after a bunch of interactive mode runs through your daily applications etc (since even launching IE or empty recycle bin will require a rule)."
That is the route I will go eventually because NVT ExeRadar Pro requires you to purchase it to be able to quarantine anything. The only way I would use OA is if it was strictly a free HIPS program less the typical OA firewall. I don't want to mess with training a firewall.
FYI: I was talking about using TF as malware removal assistance via USB stick tool kit. It is an extremely fast download that does not require a reboot and might prove beneficial as a malicious process blocker than may keep MW removal software operating without crashes or hangs, and it might even make it more effective otherwise, as it might block rootkit processes that are trying to cloak malware that updated signature based on-demand anti-malware programs are searching for. Nobody wants to use it the way I have been using it anyway, and I don't blame them.