Anyone using ThreatFire Pro as their antivirus?

Discussion in 'other anti-malware software' started by duke1959, Apr 10, 2008.

Thread Status:
Not open for further replies.
  1. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    Since ThreatFire Pro is listed in Windows Security Center as an antivirus and has antivirus capabilities, anyone not using an AV with it?
     
  2. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I love TF, but I wouldn't use TF's Pro edition as a replacement for my AV.

    The PCTools antivirus that is use by TF Pro is largely based on the VirusBuster engine. According to reputable tests, Virusbuster AV's detection levels fall within the lower half of 2nd tier antivirus programs.

    PCT's antivirus recently flunked the VirusBulletin tests, and (evidently) does not choose to participate in testing by such testing organizations as AV-Test.org and AV-Comparatives.org.
     
  3. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Me.

    The mindset of the general populace seems to lean overwhelmingly towards: I need an antivirus, and every other security program is only to supplement my antivirus.

    There's really no way to provide a good explanation why as long as that (grossly incorrect) mindset holds sway. Suffice to say that I don't use ThreatFire as an antivirus, I use it as a behavior blocker. And most of the time it forms my first and primary line of defense on one of my computers.
     
  4. InVitroVeritas

    InVitroVeritas Registered Member

    Joined:
    Mar 5, 2008
    Posts:
    64
    I use ThreatFire free, not pro (for now, that is), and I don't have a real time AV, just on demand checks. So far, so good.
     
  5. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Still using an AV with it, but ThreatFire seems to find, block and remove the more serious viruses or leaks in a system long before many other programs will even detect it.

    If you go to settings and switch protection level to 5, you can really see it working away.

    Who says the best things in life aint free? :p
     
  6. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    I post this to another TF thread but it's closed now so here it's again:

    I started to test TF today (again) and found that I can create very powerful custom rules. Now I like to know that what is inside of system process list. I can't find any contents.
     
  7. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    You are correct level five is pretty strong and indeed shows it at hard at work.:thumb:
     
  8. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Yep, hard at work producing FPs.

    I really don't understand you people. Why would anyone want to go out of their way to be bothered by useless alerts?
     
  9. ThreatFire QA_Tech

    ThreatFire QA_Tech Registered Member

    Joined:
    Apr 10, 2008
    Posts:
    3
    Location:
    Boulder, CO

    Hi Mike,
    The process list refers to the any executable that relates to a program. The syste process list refers to things like svchost.exe, winlogon.exe and so forth, critical system processes that are protected. You can see which ones these are in the task manager. In our next release, however, we will be adding a pretty comprehensive process list that you can use as a reference when building custom rules, so keep your eyes open for our next build!
     
  10. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    Thanks a lot! Yes I know what system process are but I just want to know exactly what is in that list. I don't use/need (lots of tweaks) some of them at all. I'm waiting next releases.
     
  11. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I use TF (Free now, probably Pro in the future) without AV, along with Anti-Executable, DefenseWall and probably Sandboxie in the future to stop the execution of malware between two reboots.

    Anti-Executable kills any unauthorized executable file
    DefenseWall restricts any untrusted application to the very bone.
    Sandboxie isolates any malware of a sandboxed application.
    ThreatFire stops malicious behavior.
     
    Last edited: Apr 11, 2008
  12. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    The standard level doesn't produce any alerts unless it's of a serious/intrusion nature.

    I don't think someone would switch level 5 protection on just to watch alerts, but it provides more control over every process. Such as an inbound/outbound firewall would.

    Say for example, you're using a file transfer program which you've just disconnected from. Say you don't have an adequate firewall, you won't know if the program establishes a connection again and downloads whatever it may be in the background.

    Setting ThreatFire to its highest protection allows you to 'allow' the program once, and when you've closed it, if it tries to establish a connection, ThreatFire will alert/ask for your permission and you'll be able to accept or decline the request for connection.

    I was testing TF on a (test) system at work, and to provide an example of its response and security, it alerts/or gives you option to remove, any process which most security programs will not even alert you to. You can shutdown (and remove) hidden processes, such as audits, program consistency checkers, any attempted VPN connection that would normally have the highest priority and require administrators access to remove. All on startup. All on the recommended setting (level 3). But note, these are serious intrusions if it were to happen for a 'regular home user'.

    Hope this product continues to develop. I don't have a problem with paying for it. In all honesty, I actually feel like a cheap bastard for using the free version. If a few extra features are bundled into the pay version, apart from just the AV, (even just better stats/reporting) my credit card is a waiting. :)
     
    Last edited: Apr 11, 2008
  13. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    That is nothing but a personal decision, if you use TF on 3 or higher.
    I use AE on HIGH, others on LOW, I never say to a LOW user to put it on HIGH.
    That his decision.
     
  14. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I did not say I use level 5, I was just agreeed with the other poster.I use level 3 as recommended and have not had any false positive yet.So your surley assumed wrong of my settings.
     
  15. ggf31416

    ggf31416 Registered Member

    Joined:
    Aug 20, 2006
    Posts:
    314
    Location:
    Uruguay
    AFAIK TF Pro only scans programs when they cause an alert (or on-demand), so the detection rate is not better than TF Free.
    TF Free + a real-time AV gives better protection as the detection is the one of TF + what TF misses but the AV don't.
     
    Last edited: Apr 11, 2008
  16. Hairy Coo

    Hairy Coo Registered Member

    Joined:
    Oct 19, 2007
    Posts:
    1,486
    Location:
    Northern Beaches
    Getting back to Dukes question-this is correct - the anti virus can only be used for scanning and no real-time element of the AV-engine is present for overall protection.
    The Pro version has;

    Free telephone and online support Online Only
    Advanced program options
    AntiVirus engine with signature updates
    On-demand scanning of your entire PC for known threats
     
    Last edited: Apr 12, 2008
  17. Hairy Coo

    Hairy Coo Registered Member

    Joined:
    Oct 19, 2007
    Posts:
    1,486
    Location:
    Northern Beaches
    Simple-the more alerts,the more effective they believe is the security and the happier they are,believing they can achieve better control.
    This is surely the reason for the popularity of HIPS which spew out alerts
     
Loading...
Thread Status:
Not open for further replies.