Threatfire???

I dont care polish sites due polish language. i may translate it, but images are still polish. so please english or other international.

additional there are not further informations about test.

further, sality is a rather old botnet malware, since 2003 and became at least famous through LNK/PIF vulnerabilities in 2010.

if sality had hit the system it already bypassed other security mechanisms included windows updates.

i dont have doubt it alerts as it was programmed, nevertheless its outdated and its reputation is bad a some people claimed in linked threads.

 

How much of the technology made its way into Symantec's products? None, some, no-one will ever know how much?

 

See https://www.wilderssecurity.com/showpost.php?p=1862611&postcount=9

Uh as said EP_XOFF is the lionel messi of the hacker society, he has also worked for Microsoft as a white hat hacker, but have not followed it, so unsure of his last status, but one thing I can tell he has programming skills which outmaster many professionals

Regards Kees

 

As Clone Ranger said TF is fine except when it isn't. I experienced the infamous problem of TF quarantining Explorer.exe and making the system unusable. I also experienced it disabling the keyboard driver. IIRC these problems were neither acknowledged nor fixed - the software was already dead at that point.

I'd be interested to hear how it "saved your bacon" because I never once experienced it either blocking or removing malware. Sorry to be a buzzkill but I see TF as potentially being a greater threat to the system than anything it might protect against. Anyone who wants to play with it should be prepared to re-image the system.

 

If you never experienced it blocking or removing malware, are you saying you had a problem file get past it? One user can't make a definitive assessment of a program.

Every user will more often than not have a different experience with the product. What I can say was there was a long period where Cyberhawk/Threatfire was an excellent security program, for many people. Plenty of users were saying the same thing, even on this forum.

I'd have to use my brain here, but back in the early days where a couple of friends had files which weren't detected by several scanners, by installing Threatfire, it was able to alert a program was monitoring keystrokes (on one system), and remove the hidden malware (this friend - his bank later alerted he had many attempts to gain access to his internet banking - he should have done a clean re-install, but didn't experience any problems after a quick clean-up). And on another, provided many alerts to remove malware - of course it required user intervention.

Personally, I remember having a USB stick from university which already sunk my friend's laptop (later did a simple windows restore to fix it), and not thinking there was a problem with the USB stick (thought it was just his laptop at the time), Threatfire produced an alert on my system about a program trying to install in the background.

Plenty of these magazine reviews would be taken down already, but see some comments and note the awards it won:
http://www.threatfire.com/reviews/

Eg.
"It detects malicious behavior from both known and unknown threats. It aced my malware-blocking tests with a perfect 10 out of 10 points. You can't go wrong adding this free tool to your existing signature-based protection."
http://www.pcmag.com/article2/0,2817,2301045,00.asp

"Romping recklessly through the net, just as we did before, ThreatFire caught more threats than AntiBot did, preventing the same malware from altering our hosts file or killing IE’s Internet Options tabs. And did we mention ThreatFire’s free? Combined with the advanced options, it’s a clear winner."
http://www.maximumpc.com/article/internet_security_2_0?page=0,3

Edit: Keep in mind - with any program/product, people complain and take to the net when they have an issue. Compare that to the happy customers, most who will never post and will just go about their day. Considering the number of people who installed the program, I'd say keyboard lock-ups problems weren't widespread, it was a minor issue at the time affecting a smaller number of users. IMO.

 

I personally never experienced a useful alert from Threatfire, and on systems that were already infected it was useless for removing those threats (this was for the version that included antivirus). I see this as secondary though to the problem of it quarantining Explorer.exe and disabling the keyboard. I experienced both of those problems. These issues were not isolated - they were reported by others. You can still read these conversations with Google. Although not everyone will experience these problems you have to decide whether it's worth the risk. There are many other free security apps with better track records IMHO.

 

Threatfire was never designed for removing threats.Most small hips and bb,s are to be used for prevention and not dis-infection.Threatfire was to be run alongside a regular anti virus software.

 

As much as I wanted to like TF, I had the keyboard issue which made me extremely mad at the time. I think I liked its parent pgm before it, (Cyberhawk). That pgm in it's day seemed extremely useful. I think TF lost sight or malware became much more clever in the following years.

just my .02 cents
Ice