I smell something fishy with Threatfire

Discussion in 'other anti-malware software' started by nomarjr3, Apr 7, 2008.

Thread Status:
Not open for further replies.
  1. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    Well, probably most of you know by now what this behavioral blocker is.
    IMO it's a 'rogue' software. The fact that it hooks on your keyboard, and detects almost NOTHING is quite intriguing.
    Plus, it scans rootkits for about less than 5 minutes. It's not easy to scan for rootkits; a REAL anti-rootkit (those based on GMER) scans the CPU for more than 30 minutes!

    So what do you think, amirite?
     
  2. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Reeeeeeal strong stuff you're smoking there, mate.
     
  3. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Rogue software?
    I don't think so, nomarjr3.
    Try setting the security level to 5 and see what it prompts on.
    The fact it "detects nothing" as you put it, could possibly mean you have nothing to detect. Which is as it should be.
    Support is good, the program works, comes recommended by a few users here (I know, because I looked here before installing it) and it has a low footprint. Updates are frequent, hooks in the keyboard (or anywhere else) I couldn't care less about for a trusted program, last but not quite least, it is recognised by the MS security centre.
    I think you may be wearing rogue tinted glasses.
     
  4. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    Can you please enlighten me? Because I ain't smoking anything. If you're trying to be rude, then go to another forum. These forums are not for you.:rolleyes:

    Anyway, this is based on my observations of the software. SnoopFree was able to detect a keyboard hook it was about to install. This is NOT normal for behavioral blockers.
     
  5. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    Tarq57,

    Nah, I don't want any app to hook on my keyboard, may it be trusted or not.
    "Trust no app" as they say :cool:
     
  6. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Trust me, this gives us quite a good idea of how much you know about behavior blockers.

    I think I'd better stop wasting posts on a crackpot. :shifty:
     
  7. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
    Let's be civil in these forums and try to discuss questions and posts in a polite manner.
     
  8. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    The topic's author's concern is not without some merit. I installed TF and ran an old version of RKU and never seen a single driver in any of the tables, in fact it didn't even alert me to anything suspiscious, so i wouldn't be so quick discount this users complaints.

    I since deleted it and i have no interest it in at this time, my HIPS does a far more better task at alerting to potential file activities then TF by a log shot.
     
  9. Ngwana

    Ngwana Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    156
    Location:
    Glasgow, United Kingdom

    Is this proof that TF is rogue? WOW :oops:
     
  10. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Who died and put you in charge?

    TF is used by many here, and has a long & successful history with its users, going waaay back to the days it began as Cyberhawk. The developers are well known and respected, as is their superb support forum.

    Unsupported dispensing of FUD -- to me, THAT's what is rude.
     
  11. QBgreen

    QBgreen Registered Member

    Joined:
    Jan 1, 2005
    Posts:
    627
    Location:
    Queens County, NY
    Prior research regarding the history of this program would have prevented you from posting as you have. ThreatFire is an excellent behavior blocker, top tier.
     
  12. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hi, it,s the best behavioral blocker and is free. What else u want?

    RootKit scanner is OK and scan times on my system are just similar too other such rootkit scanners like AVG AntiRootkit, F-Secure blackLight etc. It,s detection is not bad as well.
    Hooking the keyboard is suspicious for you? Then how about installing drivers- that must be more suspicious and it,s impossilel to find a kernel based security sofyware without a driver. Then u should find all such Antvirus, Antimalware software as suspicious too.

    Detects almost nothing? --- :rolleyes: :rolleyes: :rolleyes: - how many malware u have tried against it and how many of them were able to bypass it? Let us know as well.
     
    Last edited: Apr 8, 2008
  13. Hairy Coo

    Hairy Coo Registered Member

    Joined:
    Oct 19, 2007
    Posts:
    1,486
    Location:
    Northern Beaches
    Dont you just love the instant experts,who not only bless you with their profound knowledge,but also start off with a statement of unarguable fact.

    Agree with your remarks!!
     
  14. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Although I have the perfect removal tool for malware so far, it doesn't stop the execution of malware immediately.

    I have already Anti-Executable to stop unauthorized executable files immediately and DefenseWall, that restricts malware immediately, so it can't do any harm anymore.

    ThreatFire however is supposed to stop malware based on malicious behavior and that's different from what AE and DW do. So I can use TF, because it also acts immediately.
    I didn't smell anything during the installation. The full rootkit scan didn't detect anything, but that is normal.
    TF and AE don't like eachother, which resulted in a BSOD during a full rootkit scan. (AE on HIGH is a very touchy software)
    That is a problem, that needs to be fixed. :)
     
    Last edited: Apr 8, 2008
  15. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    Ok guys..
    So maybe I don't know much about behavioral blockers.
    But is there really a need for bashing a novice? Sheesh! Some of you should stop acting like a a bunch of smart***es.

    Besides, the Cyberhawk 'then' is different from the Threatfire 'now'. Significant changes may happen. Just take a look at ie. ZoneAlarm or BOClean.
    Both of these products were lightweight and efficient. But ever since they were purchased by some corporation, they literally became bloatware. You need a performance PC to use the new versions.
     
  16. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Excellent advice. I suggest you start by heeding your own words, and not continue on your utterly laughable mission of spreading FUD when it clearly has no audience among people who know better than you.
     
  17. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    nomarjr3,

    I think you'll find that many security programs creates hooks. Also, the rootkit scanners I have used all finish fairly quickly.

    A behavior blocker is basically a smart/intelligent HIPS program. There are many topics here at Wilder's about Threatfire. Simply do a search and you'll have plenty to read.

    If you want to learn more abouts HIPS (Host (based) Intrusion Prevention System) type programs, you can have a look here for more info.
     
  18. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    Thanks, innerpeace.
    I'll go have a look.
    But for the meantime, I'll just completely delete Threatfire just to make sure I'm on the safe side.:)

    To anyone encountering malicious behavior while using Threatfire, please kindly share your experience.
     
  19. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    What exactly is telling you that Threatfire is hooking the keyboard?

    When I run Winamp, my HIPS tells me it's hooking the keyboard. I'm no expert, but it's probably because Winamp has keyboard shortcuts. If a security app. like Threatfire uses keyboard hooks, it's probably because it's monitoring for keyboard hooks that could be used by a keylogger.
     
  20. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    SnoopFree did.

    You are wrong. Threatfire is NOT an anti-keylogger therefore it does not monitor for keyboard hooks; it was programmed as a behavior blocker. Nothing more, nothing less.
     
  21. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    501
    What do you want it to detect ?Have you got malware on your pc?I use TF free&Avira premium on my pc(i also excluded them for monithoring eachother processes).Very good protection IMO .I'm sure that if u challanged such a discussion you know and can test TF.Go to any p2p site,go to malicious sites,and tell us your experience.I test it with real 0 day threats found on p2p sites and i decided TF is a keeper fo me it does what it's says.Tell us malware that threat fire should detect and it doesn't and you will make a point.IMO you should not judge an anti-malware product on a clean pc.And i wouldn't had made this comment if i was not using the free version.
     
  22. InVitroVeritas

    InVitroVeritas Registered Member

    Joined:
    Mar 5, 2008
    Posts:
    64
    Normarjr3, again, this is not only peremptory claims, but clearly wrong too. Since it's slightly tiring, I'll be swaggeringly short too :

    (From PCtools homesite)
     
  23. Gizzy

    Gizzy Registered Member

    Joined:
    Oct 5, 2007
    Posts:
    149
    Location:
    NJ, USA
    @InVitroVeritas you beat me to that,

    actually all the behavior blockers I've seen protect against keylogging threatfire, mamutu, etc,

    I've used threatfire in the past and never noticed anything malicious with it,

    I'd be using it now but I'm using comodo's defense+ and I don't feel the need to have both.
     
  24. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Not only does the OP have no clue, but he's trying to swagger as though he does.

    C'mon, guys. It's obvious he's fishing for attention. And he's already got it, so I say we leave the crackpot alone.
     
  25. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    OP is not right in his assertions so it yanks the chains of the more knowledgeable people here, their reactions are most welcome to learn a bit more. :D ;)
     
Loading...
Thread Status:
Not open for further replies.