Not using Threatfire. Why?

Discussion in 'other anti-malware software' started by jdd58, May 26, 2008.

Thread Status:
Not open for further replies.
  1. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    527
    Location:
    USA
    Who has used ThreatFire and then decided to stop using it. If so, why?
     
  2. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    When it was still known as CyberHawk it gave me alot of fp's. Constantly accusing proper programs as keyloggers. PC Tools takeover didn't inspire me to try it for any long period again knowing that pc doctor is fp's richer then any program i ever used.

    Maybe it's the best thing for others right now but ill pass.
     
  3. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    I stopped using it yesterday.
    Great app. Light on resources. Can't comment on success rate, since I hadn't any encounter with malware since I installed it.
    Very easy to build custom rules.

    I uninstalled it because apparently it can conflict with SanboxIE, and between those two, I choose SBIE.
     
  4. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,912
    I use both and they are happy as a clam on an XP DTop and a Vista NBook.
     
  5. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    527
    Location:
    USA
    I like it for the same reasons.

    I just saw a post from Kees1958 on that. Between the two I choose Sandboxie also. On my Vista laptop (which also has Sandboxie) battery life seems to be shorter also. Maybe because of the constant disk writes.

    Yes, until malware is encountered.
     
  6. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    @ratchet

    Read this:

     
  7. Sportscubs1272

    Sportscubs1272 Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    340
    Antivir Premium usually nabs the bad suspects in my SB folder first. TF is pretty quiet for the most part on my end of cyberspace. I did received an alert that my Online Armor Firewall driver was loading on my main computer and TF gave me an alert. I guess that would be a false positive?
     
  8. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,634
    Location:
    U.S.A. (South)
    I absolutely fell head over heels when it was released by Novatix as CyberHawk

    If you ask me the first versions were the BEST and i used it alongside SSM at the time and it was a magnificient secondary interceptor IMO.

    Later in Novatix's development they were obviously running into programming issues that they seemed were not so really bad, but just needed additional attention and maybe some new eyes and handlers. This is when i think they decided PCTools would be their best bet to help improve on it.

    Many say it was a great improvement and perhaps so for them, but i noticed changes in any or all the (4) drivers it implimented that were beginning to show signs of concern (for me) and those complainants began to trickle in with their issues.

    In short, i personally preferred it singularly without the community support blacklist, something i also disdain with Prevx, but everyone has their own views on what they feel works best for them, it's just that it wasn't my cup of tea.

    Somewhere buried deep in my storage archives are the first few free versions of CyberHawk i still prefer over the current ThreatFire, but everyone to their own preferences/results.
     
  9. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    TF doesn't act unless told to do so by the user. Furthermore, TF only takes those actions SPECIFIED by the user. Furthermore, TF enables the user to EASILY restore/un-do any actions taken by TF. Please read the forum thread YONDER

    Also -- if Kees drops by -- please define what is meant by "intrusion of programs."

    Bottom Line- TF & SBIE make an excellent team for me. U 2, I think so. Shazam!
     
  10. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Bellgamin,

    True, you have to yes "quarantaine", next you also can undo SBIE in the quarantained list.

    Hurst, it was some time ago. Note you can set TF to make a restore point before quarantaining.

    TF's FP is also close to zero (In all those years of operation, it only fired once on some Nokia softeware trying to auto update the OS of the smartphone). Even this is a doubtfull FP (it was conspicious move of Nokia trying to push an update of the smartphone OS to get rid of support of older OS versions).

    Regards Kees
     
    Last edited: May 27, 2008
  11. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I stopped running ThreatFire, because I have Anti-Executable on board.
    Many malwares are bad executables and AE kills any unauthorized executable immediately without even asking "Allow" or "Deny". So TF didn't do much on my computer, because AE did all the work.

    I'm not saying that TF is completely useless, when AE is on board.
    After all TF is a behavior blocker and AE isn't one.
    I have to think about this first and then I might install TF again.

    If I ever use TF again (level 3), I will always "DENY", never "ALLOW", because I don't need "ALLOW" in a frozen system partition. A frozen system requires another philosophy, than a normal system.

    After reading about rootkits, I lost my enthousiasm. What is the point of protecting your computer, when your motherboard, vga card, CPU and RAM is full of hardware viruses ?
     
    Last edited: May 27, 2008
  12. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,699
    Hello,
    You can relax and forget about those rootkits...
    Furthermore, you used to be a programmer. You know that everything begins with code > exectuable. So it's the same old thingie all over.
    Mrk
     
  13. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I like Threatfire very much. Currently i don't use it because i am paranoid about speed and the net module gives me the impression that influences my browsing although very slightly.
     
  14. Sportscubs1272

    Sportscubs1272 Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    340
    So anyone having trouble updating Firefox extensions while TF is on? I have to disable the real time protection for TF to update correctly.
     
  15. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    My experience with TF is too small, but I always turn OFF DefenseWall and AE, when I upgrade software.
    If Firefox has changed its executable or something else, controlled by AE, the upgrade isn't successfull.
    I always keep my internet connection as short as possible, when I upgrade my clean images.
    It's a pity that developpers do every upgrade online nowadays, even M$. Don't they know that internet isn't safe ? How can they be so stupid. Pffft.
     
  16. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    611
    Location:
    Melbourne, Australia
    On my son's PC same problem - DELL 8300. The error message is something to do with Java. TF know about it but no fixes so far.

    On my Acer laptop no problem.

    I like to have the same security s/w on all family PCs so no go for TF. Trialling Drivesentry on mine. Will try it on his in a week or so.

    Ian
     
  17. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    I suppose in the event you upgrade security software online,at that very moment your vulnerable (temporarily disabled ?).

    If your really scary then download new version,and install offline.
     
  18. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I do this as much as possible, but internet-related software are a bit more difficult.
    Installing Firefox + extensions, while Firefox-screen is blank is a bit uncomfortable. :)
     
  19. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    Deleted TF because of the following reasons:

    1) It wasn't as good as it used to be when it was still Cyberhawk
    2) Permanently corrupted JavaScript on my CPU. Re-installing JavaScript and Windows Script did not help. Thus, I was forced to reformat my C drive.

    Back then, I had little knowledge about virtualization and drive imaging softwares. It was a big disappointment, considering I was a 'novice' regarding security software back then.

    Maybe someday I'll try it out. Maybe.
     
  20. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    I feel I dont need it or other HIPS. Nonintrusive AV and FW, LUA and SRP is sufficient for my habits.
     
  21. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    i liked cyberhawk,

    but since it went to threatfire with pctools....

    crash and burn for me.. :blink:
     
  22. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Exact opposite for me. CyberHawk caused instability and hanging on my computers, the rootkit scanner would not complete and the program was alerting on lots of legitimate programs as being keyloggers. I eventually quit battling it and just removed it.

    ThreatFire is a whole different story. Runs smooth as can be in every aspect. Very infrequent false positives, except for when I had the Protection Level cranked up to the max. Bringing it down closer to the recommended default position has solved that.
     
  23. interact

    interact Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    121
    Location:
    Paris
    I had two friends have blue screens with Threatfire within 5 mins of being installed. I've had no problems the UI is slick and protection good. I found Viruses can fly under it's radar when TF doesn't recognize the behavior as a threat. I tested TF in AntiVirus Shodown 1 (see my sig) where it detected 7/10 threats.

    ~interact
     
  24. danielrego

    danielrego Registered Member

    Joined:
    Apr 17, 2008
    Posts:
    15
    Though I am using ThreatFire at the moment, one thing that got me to uninstall it many times was the sudden spikes and overall raised CPU usage, particularly of services.exe, when ThreatFire was running. When opening somewhat large (50 MB + ) files, my CPU usage (services.exe especially) would rise upto 60% for about 8 seconds before it subsided. Even during normal computer usage (surfing internet/listening to music), CPU usage for services.exe and in general would randomly rise upto 45% for around 7-8 seconds quite frequently. All this with the Automatic Updates and Community Protection disabled.
     
  25. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I have an NAT/SPI router, so all I need is a firewall for outgoing. With TF set at Protection Level 5, it does a fine job of checking outgoing connections, plus it protects against buffer overflows & much MUCH more. The pop-ups have not been excessive in 3 days of use at Level 5.

    In over 7 hours of computer use today, TF has used a bit over 50 seconds of cpu time (see the screenie below). Running smooth & stable. VERY satisfied!
     

    Attached Files:

    Last edited: May 28, 2008
Loading...
Thread Status:
Not open for further replies.