ThreatFire Level 5

Status
Not open for further replies.

Aventador

New Member
Sep 5, 2012
101
I wouldn't feel safe using a product which has not had a new version release in almost 2 years. Do you drink expired milk?
 

KelvinW4

Level 1
May 8, 2012
187
I think you are still pretty safe behind threatfire and sandboxie. Sandboxie has only rarely been exploited and is going through constant improvement and fixes and threatfire and detect some executions and network connections. It is almost like a HIPS at level 5.
 

Gnosis

Level 5
Thread author
Apr 26, 2011
2,779
I think I am pretty safe too. I know my config is controversial, but I feel safer with TF and Sandboxie than I have with any traditional realtime AV, or other realtime security.

Aventador has some constructive criticisms regarding my security set up. I wish someone would do a thorough test of Threatfire (SET TO LEVEL 5) against some popular nasties so we can clear this up.
 

Aventador

New Member
Sep 5, 2012
101
ZOU your missing the point. Threatfire is NOT a standalone antivirus solution. Never has and never was. It is a behavior blocker used to compliment your real time antivirus. The data base gets updated for on demand scanning only. No real time protection. Look over at Wilders, one of the top security forums and see if you find a member using it. You wont cause they know its not currently being developed. For a more FREE secure solution install CIS.
 

Gnosis

Level 5
Thread author
Apr 26, 2011
2,779
Threatfire is NOT a standalone antivirus solution. Never has and never was. It is a behavior blocker used to compliment your real time antivirus

I agree 100%. That is why I use Sandboxie in tandem.


If I had any desire to change I would install Avira, with Comodo's firewall, but I like what I have right now.
 

Aventador

New Member
Sep 5, 2012
101
Ok but what means of knowing if s file is clean or not do you have? None. What if you remove a fie from the sandbox which is infected? Your SOL. Sandboxie is not bullet proof unless it's properly configured. There are guides which can help you. Let me find some. Mainly on Wilders.
 

KelvinW4

Level 1
May 8, 2012
187
He can always upload the file to virustotal or scan it with hitman pro, malwarebytes, and other on domand scanners. If it breaks out the threatfire has a good chance it will catch it running on lv 5
 

Gnosis

Level 5
Thread author
Apr 26, 2011
2,779
He can always upload the file to virustotal or scan it with hitman pro, malwarebytes, and other on domand scanners. If it breaks out the threatfire has a good chance it will catch it running on lv 5

Exactly. HitMan Pro is what I run most of the time (nearly every day). You are truly "on top in minutes".
 

KelvinW4

Level 1
May 8, 2012
187
Yes that is what some people use in wilders forums. Just plain sandboxie and OD scanners. Threatfire is just really a plus/
 

Gnosis

Level 5
Thread author
Apr 26, 2011
2,779
I watched a couple of TF reviews on YouTube that were done less than a year ago. Both tests had it at level 3. It still did pretty good on one review. It did much better on the second review I watched.

I would really like to see a review of TF set to level 5. I only saw one review of it at level 4 and the guy running the test complained and knocked it back down to level 3 because he did not white list killswitch and a couple of other apps.

If someone does test it, set it to level 5 and white list anything other program that will be running along side TF for intelligence gathering purposes; such as, Process Hacker, or Killswitch. I think you will be surprised at what it prevents. At least 20 malicious links should give us a good idea.

I know that if winsevenholic would have set TF to Level 5 instead of leaving it at default level 3, it would have caught everything, or at least all but one:

 
Last edited by a moderator:

Gnosis

Level 5
Thread author
Apr 26, 2011
2,779
I honestly don't know why anyone bothered testing TF if they cannot have sense enough to set it to level 5. I understand that level III is sufficient for people that run a traditional AV along side it, but.................When set at level 5, it is not more tedious than training a solid software firewall. Then you have all your legit programs white listed, and as a result, you have a wicked behavior blocker that is no longer tedious.

Another dunderhead: http://www.youtube.com/watch?v=8FzX_8O1mT4
 

Gnosis

Level 5
Thread author
Apr 26, 2011
2,779
Just to give you an example of how sensitive level 5 is, I have whitelisted well over 100 items for TF.
 

KelvinW4

Level 1
May 8, 2012
187
Sorry for terrible quality. I was in a rush that time. And the lagg at the end. Slow laptop :dodgy:
http://www.youtube.com/watch?v=fo1ZuMF1XtE&feature=plcp
 

Gnosis

Level 5
Thread author
Apr 26, 2011
2,779
Excellent. Thank you. I am going to watch it later, soon as I get some yard work done.
 

Gnosis

Level 5
Thread author
Apr 26, 2011
2,779
Any recommendations on how I can improve on my testing?

You did the best silent review I have ever seen. It was a little slow, but happened to be the perfect pace to really soak in the review. The only thing that I would have done differently is to perform an on-demand scan with TF at the end, to see if the other two malwares that realtime missed could be detected and removed. Other than that, you did an excellent job. You might add some snappy European techno trance sound to the reviews.

Overall, I thought it did a heck of a job for being allegedly dead, or at least unofficially dead. That is the beauty of a good behavior blocker over signature based detection and is exactly why TF is recommended to complement your realtime AV or sandbox.

Thanks so much for taking the time to do a review for us.
 

KelvinW4

Level 1
May 8, 2012
187
Yes threatfire did better than I expected. I was going to do a threatfire scan and malwarebytes scan but it was late and tomorrow was school so I just did a quick hitman pro scan. Thanks for watching.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top