PCMag's Review of ThreatFire

Discussion in 'other anti-malware software' started by acr45, Oct 2, 2007.

Thread Status:
Not open for further replies.
  1. acr45

    acr45 Registered Member

    Joined:
    Oct 26, 2006
    Posts:
    63
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    PCMag reviews have lukewarm responses here :D
    ThreatFire looks good, but I don't need behaviour blockers/analyzers.
     
  3. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Such a good review, hm, I am not so sure, I saw a paper that already exploited and bypassed threat fire. Also I think it slow downs the system and has several incompat issues I am not that enthusiastic about.
     
  4. Metting

    Metting Registered Member

    Joined:
    Aug 3, 2006
    Posts:
    100
    For the first time I have to agree on this PCMag's review.

    ThreatFire is a real fire on threats, I tested it against even modified and encrypted malwares and it amazed me in it's unique way in stopping them.

    Another very strong point is it's capability to remove every single trace of the malware it detect whatever it is file, folder, or registry entry.

    Also I didn't face noticeable system delay with ThreatFire.

    Adding to all above you can make it a real HIPS with custom rules, and guess what all of this for free.

    In my opinion ThreatFire deserves "Antimalware of the year" with so many Thumps up :thumb: :thumb: :thumb:
     
  5. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I will add a :thumb: on it right now. Avira AV, Sandboxie, and Threatfire, make a very good but inexpensive suite.;)
     
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    This line from the Cons section on that page kind of amused me a little:

    "Can't detect a threat until it attempts to take malicious action, thereby offering behavior for analysis."

    If something doesn't take any malicious action, then I would tend to think that it's not a threat anyway... course some would say it's a dormant threat, but it really isn't a threat until such time as it does do something nasty.
     
  7. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    yeah, kind of a stupid analogy. But I will say no system slow down, and I agree with the part that the paid version isnt worth it.
     
  8. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Yes, I had good luck with the beta, I have yet to try out the final but I suspect it's fine also...
     
  9. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    Would BOClean be needed with Avira and ThreatFire?
     
  10. interact

    interact Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    121
    Location:
    Paris
    I tested Threatfire a few weeks ago and found it's results to be good for typical attack methods. The minor weakness I have found with behavioral detection is that if a virus doesn't behave typically then this type of product will fail. An example I tested with a new variant of Deepscan.Generic.Malware.SP!VP..... which uses different techniques to drop a rootkit (driver) into the system. The trojan also modifies core VMware utils if running in a VM. This trojan manged to 'replace' both VM utilities and even though Threatfire warned me the damage had already been done.

    I assume PC Mag's Rubenking would not delve this deep as PC Tools spend far to much on advertising and you should never piss your customers off ;)

    ~interact
     
  11. dholiday

    dholiday Registered Member

    Joined:
    Nov 4, 2004
    Posts:
    48
    Anyone tired running this with SSM Pro and BoClean?
     
  12. drkoopz

    drkoopz Registered Member

    Joined:
    Mar 4, 2006
    Posts:
    74
    I tried Threatfire a few weeks ago - Liked it so much i'm going to make sure it becomes a standard in my security arsenal. I've experienced a small amount of false positives, but the detection rate of the Trojans and Worms I threw at it were excellent. With the custom rules (which dont seem to work for me for some reason) you can set additional parameters too. I think this is one of those essential layers of protection that supremely compliments an Antivirus.

    I know you can have Antispyware, Anti-Trojan, HIPS, Virtualization complimenting your Antivirus solution but personally, i'd rather save those system resources and just use TF to cover the unknowns of the internet.

    Maybe my system is a bit more insecure than it should be, but with Threatfire, I really dont feel that insecure at all.

    Conclusion: PCMag got it right. :)
     
  13. StevieE9

    StevieE9 Registered Member

    Joined:
    Jan 16, 2007
    Posts:
    139
    I tested all the previous versions of Cyberhawk and found them resource heavy and prone to cause system freezing on at least three machines. Many others pointed this out too in the Technology section of a newspaper in my city.
    Threatfire is less of a problem in that respect but it still has a tendency to cause hanging at times in a way that Prevx never seems to do.
    I'm still not anywhere near impressed enough with it to install it for general use.
    Prevx is still superior.
     
  14. acr45

    acr45 Registered Member

    Joined:
    Oct 26, 2006
    Posts:
    63
    After reading this review I decided to install ThreatFire and I am very pleased with it. What surprised me about it most was that it's pretty light on resources and doesn't hang. But most what really really surprised me is that it is actually getting along with my other security apps. I currently have McAfee Virus Scan Plus, Spyware Doctor, and Comodo Firewall Pro installed and they are all active. I have yet to experience any form of slow down. I guess it should be noted that I have 2 gigs of ram so that obviously helps.
     
  15. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Or maybe they know how to test the relevent parts of the program that will matter to end users. Maybe they also know that they're writing a professional product review, which does not involve a lopsided assessment where they place a magnifying glass on shortcomings that are inevitably present in every program and use it to smear the product.
     
  16. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    I just uninstall threatfire and enable a squared antimalware. I think pc and internet runs faster with a squared than Threatfire.
     
  17. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    611
    Location:
    Melbourne, Australia
    trjam

    do you know what rule to add to TF to stop it going bonkers when Avira is doing an on-demand scan? The scans are taking forever.

    Alternative is to suspend TF whilst scanning.

    thanks,
    Ian
     
  18. oldshep

    oldshep Registered Member

    Joined:
    Dec 19, 2006
    Posts:
    139
    I ran Threatfire for a day. Seemed to run ok--- small delay at shutdown (a few seconds) but a noticeable delay at startup. Once, it locked my PC at startup. I had to unplug to reboot. So, I uninstalled.
     
  19. Gren

    Gren Registered Member

    Joined:
    May 31, 2007
    Posts:
    93
    Been running it for 3 weeks or so now (alongside NOD32, CounterSpy, SpywareBlaster and ZA Free as well as a couple of on demand scanners) - seems to be getting along fine.

    Works better for me than Prevx2 which I had installed for a month or so about 4 months ago.

    Not noticed any slowdown and it's silent almost all of the time. Used to get taskbar messages about scans having found stuff 'last time' advising me to scan again. There was never anything found and there nver had been. Has stopped in last 2 weeks - probably since I did last update.

    In short a nice quiet extra layer and the review gave me extra confidence that it would actually do something should the need arise (I've just not had that yet!)
     
  20. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    Theres obviously still some quirks in it yet to be ironed out. There is a fraction of a delay that concerns me as well as some odd behavior, but nothing so serious yet to make me dismiss it. I also run EQSecure 3.4 and have noticed some duplication of alerting to things, so probably is not a good idea to run them both.

    I'm still not completely sold on ThreatFire yet, but it does have one nice feature, CUSTOM RULES, that i use to my system's advantage (i hope)
     
  21. SoCalReviews

    SoCalReviews Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    282
    Location:
    Los Angeles, CA
    I installed ThreatFire v3.0.8 yesterday and it seems to be one cool security app.. I tweaked the program rules by excluding all of my security programs under Advanced Rules > Custom Rule Settings > Process Lists (tab) > ...and added the executables for my security apps ... AV, AS, FW, etc... to the Trusted Processes List. Then I added an exclusion in my other security programs exclusion lists for the ThreatFire executable(s). Anything you can try to keep these different security programs from fighting each other... the better your system should run. So far it seems to be running smooth and light on my main desktop system which is by no means state of the art by current standards... WinXP Pro SP2, AMD AthlonXP 2600+ CPU, 1GB RAM, using a variety of additional security apps..
     
    Last edited: Oct 4, 2007
  22. LUSHER

    LUSHER Registered Member

    Joined:
    Feb 28, 2007
    Posts:
    440
    Kerodo I think the point here is that with Threatfire (and similar software) is that by the time it notices the malicious behavior, it might sometimes (not always) be too late as compared to antiviruses that can detect malware before it even runs by scanning the code.
     
  23. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Ok, I didn't think of it that way... :)
     
Thread Status:
Not open for further replies.