ThreatFire new version 3.0.14 available

Discussion in 'other anti-malware software' started by aigle, Feb 11, 2008.

Thread Status:
Not open for further replies.
  1. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    778
    Do you use the default settings or do you use advanced rules?

    Ian
     
  2. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    A behavior blocker and a HIPS overkill?
    Why would it be o_O

    On level 4 here and only a couple of alerts, all legit. So far anyway. :D


    Well day two with OAv2 and the rest in my sig and TF still behaving quite nicely. :cool:
     
    Last edited: Feb 14, 2008
  3. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    Thanks for the report Lonewolf. I can't wait until the new version of OA Free is released to give it a try with TF.
     
  4. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    556
    Location:
    Sonoran Desert
    I had been using TF on my vista laptop previously along with Avast Home. The PC seemed to drag, booting was slow, and browsing was slow. I even disabled Avast’s real time guard leaving the http scanner and the email scanner. Still everything dragged.

    One thing I noticed was high I/O disk writes by TFService.exe. After a while the TF tray icon would become unresponsive until after a reboot. Also TF would have to be disabled or Diskeeper’s boot time defrag would not run.

    Next I tried Avira PE Classic in place of Avast. The PC seemed a little faster but eventually the TF icon would become unresponsive again.

    For about a month I gave up on TF and substituted BOClean along with Sandboxie paid. This combo along with Avira and Sphinx Firewall Control and LUA worked smooth.

    With this new release I decided to uninstall BOClean and give the new TF a try.

    Bootup is quicker, the PC is faster, browsing is quick. Great, task manager shows no unusual I/O activity. Diskeeper boot time defrag works now without disabling TF first.

    After leaving the PC for about an hour the I/O writes are through the roof again and the TF icon is unresponsive again.

    I hate to replace TF with just another blacklist scanner. Any ideas? I’d really like to keep this laptop as stable as possible and save the experimenting for my XP box.
     
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Post in their forums, so that they will know the issues!
     
  6. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    I've looking for a setup I feel comfortable with for quite some time now. This forum has introduced me to a lot of products I didn't know of before, but it has also made it hard for me to come to a final pick.

    I'm running WinXP SP2 (fully patched) on a AMD Sempron 3000+, 2GB of RAM, SPI+NAT modem/router, FF 2.0.0.12 with NoScript/AdblockPlus, NOD2.7, WinXP firewall, SAS Free on-demand, Ad-Aware 1.06 Plus in RT, Prevx CSI and SandboxIE Free.

    I'm thinking of adding TF Free (latest release) and DefenseWall. Will this be too much and do I really need it?
     
  7. boonie

    boonie Registered Member

    Joined:
    Aug 5, 2007
    Posts:
    238
    I don't think it would be too much for your system specs, but if you're using Sandboxie, I'm not sure that you need Defensewall. With Threatfire, you'll have an AV, AS, sandbox, and behavior blocker. Should be sufficient. By the way, just out of curiosity, what's the resource usage on Ad-Aware Plus like?
     
  8. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    Hi Boonie, thanks for your reply.

    Please note that I'm NOT using Ad-Aware 2007, but the previous version. The resource usage, when idle - just monitoring, is between 13-19Megs, but when scanning I've seen it increase to as much as 50-60Megs.

    I'm thinking of replacing it with another RT AS, perhaps SAS Paid (new 4.0 version, when available).

    Fortunately I haven't run into 'malware/virus' trouble of late (knock on wood :D), so AAW never finds anything (but then again, neither do SAS/Prevx CSI). I've read and heard that the detection rate of AAW has dropped significantly, but I can't confirm this myself.

    Hope this helps.
     
  9. boonie

    boonie Registered Member

    Joined:
    Aug 5, 2007
    Posts:
    238
    Yeah, I've heard the same. For all the buzz that AA2007 got, it seems (at least by the forums I've visited) that it didn't deliver on detection rates. I think SAS Pro would be a great choice. I've also been looking at MalwareBytes Anti-Malware. The initial feedback on their forums has been pretty positive.
     
  10. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    556
    Location:
    Sonoran Desert
    No problems for about 10 hours. Allowed it to go into sleep mode. Thought it might be the power management software. Everything was fine.

    Then I shut down the laptop, brought it home, restarted it, and within about 30 minutes the high disk I/O started again. The TF icon in the tray is unresponsive also.

    I'll post on the PC Tools forum if I keep it on the PC that long.

    Thanks
     
  11. Dieselman

    Dieselman Registered Member

    Joined:
    Jan 6, 2008
    Posts:
    795
    One problem here. Doesn't uninstall properly. Still showed up in Security Center. Had to stop the WMI service and delete the repository folder.
     
  12. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    when install letest threatfire v3.0.14 with ess v3.0.621 my ie7 crash when i open 4 or 5 web sites same time please tell any have this issue
     
  13. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    And day 3 with TF, now it's history.
    Seams there may have been a conflict with Avira.
    Error message when tring to update or open Avira.
    Sorry did not save the error message.(I should have)
    But all were playing well together then after a couple of days something goes wrong.
    Thats why TF has had a short life on my PC the last two or three times I tried it.
    Oh well was only checking it out because of the new build anyway.
    Rolled back to a snaphot before TF and all is well again.
     
  14. pitzelberger

    pitzelberger Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    56
    Did they add in this version the option to "block" programs or outbound connections, instead of only "allow" or "quarantine" o_O

    I remember there was a discussion on that and many users were asking for this function. :doubt:
     
    Last edited: Feb 16, 2008
  15. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    556
    Location:
    Sonoran Desert
    Same here. Didn't uninstall clean.

    It appears PC Tools is aware of the disk I/O issue and the CPU usage issue and are working on it. Hopefully it will be fixed soon.
     
  16. Firebytes

    Firebytes Registered Member

    Joined:
    May 29, 2007
    Posts:
    917
    Threatfire has updated again and is supposed to have fixed the Security Center issues. I have not tested it myself yet.
    threatfireupdate.jpg
     
  17. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    does the new version have block or allow.:cautious:
     
  18. Matern

    Matern Registered Member

    Joined:
    Nov 20, 2007
    Posts:
    102
    Block or allow for "custom" rules will be comming
    at Version 3.1.0.0.
    Not earlier.
     
  19. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    It must be for default rules as well. Custom rules are not important atleast to me.
     
  20. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Not really. I think we've been beating this around for some time. If you know it's an FP, you allow. If it's malware, you quarantine. The newest versions make it even easier to selectively restore quarantined elements, and the Deny button, for all intents and purposes, might as well be labeled the "Shoot Self in Foot" button.

    So, no, not "must", actually.
     
  21. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Not for u but must for me.

    I never get a popup on my system for a real malware( except ehile testing malware myself). All are for legit ones, if ever I get.
     
  22. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Then click "Allow" o_O
     
  23. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    LOL. Nice one solcroft. I will just add that I feel ThreatFire is improving with each new version and it seems to be running with other security programs better than ever before. I've tried it with several different ones and had no problems. I'll also add, that while I've never personally seen TF in action, I still have a lot of confidence in it just the same.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.