ThreatFire/Prevx

Discussion in 'other anti-malware software' started by JCorliss, Nov 18, 2007.

Thread Status:
Not open for further replies.
  1. JCorliss

    JCorliss Registered Member

    Joined:
    Dec 9, 2006
    Posts:
    84
    Many of you were kind enough to explain the differences between OA free and threatfire. After reading some other threads, I'm under the impression that threatfire and prevx are very similar. Both appear to be smart hips or behavioral blockers. Do both check against database for malware? What do you guys think the differences/similarities are? Also, which one runs lighter on YOUR system? Thanks.
     
  2. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I tried both recently and am of the opinion that ThreatFire runs lighter than Prevx. I don't think TF checks any central database like Prevx either, but since I'm not sure on all the details, I'll let someone else compare the two for you..
     
  3. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    I dont know that much about Prevx, but in the few tests I have seen Threatfire got high marks and Prevx was not tested as a competing product leading me to believe that Prevx is of a different character.
     
  4. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    Any time a suspect alert is triggered in ThreatFire, information related to this event is automatically back reported to PC Tools for analysis through a secure connection, as quoted from here. iirc, this is the same as PrevX...
     
  5. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I have used both and both are good. Prevx will cover more and I use it by itself. Threatfire is more as a compliment to your existing security.
     
  6. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    I have had several problems with customers getting false positives on Key Logger detection on Threatfire. Otherwise it is very good at what it does.

    I found PREVX to be More powerful in many respects. The database of known hostiles for example is extensive. Also if you suspect an application not part of the database to be behaving badly it offers either a full system scope or an application specific one allowing you to document the bad behavior and to implement appropriate countermeasures.

    PREVX also has a more powerful scanner. Just try and find fully infected system and pre scan them with the free PREVX CSI (Computer Security Investigator) and you might be pleasantly surprised as I have been more than once...
     
  7. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi,

    F.P.from TF ? could that be a pop up of detection seeking user's disposition.?.

    I Have encountered several times. If the process is from what I know, I usually grant "allow" and "remember this action". So that TF will not bother me anymore. TF is quieter than Prevx2, but I would recommend both to my friends, so long as their system could take them. With their presence, you probably do not care too much about AV or AS anymore. Take care.
     
  8. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    What is the difference between PREVX and PREVX CSI? Can anyone elaborate on this?
     
  9. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    PREVX is a full on protection with scanner and online database verification. Automatic scanning and active protection/Malware removal and so on...

    PREVX CSI (Computer Security Investigator) is a powerful Malware scanner that doesn't require to be installed (Just click and run). It is powerfull in detecting active malware but it wont allow removal of detected malware. It is more or less an effective marketing tool for PREVX. However I read somewhere that PREVX will be releasing a CSI + version in the near future that also includes cleanup capabilities.

    So keep your one remaining good eye open for the upcoming release! :D
     
  10. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    I certainly will! Thanks for your reply.
     
  11. JCorliss

    JCorliss Registered Member

    Joined:
    Dec 9, 2006
    Posts:
    84
    Thanks for your answers everyone. :thumb:
     
  12. Sportscubs1272

    Sportscubs1272 Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    340
    Will this CSI + version be free or with limited removals and a paid version?
     
  13. ghiser1

    ghiser1 Developer

    Joined:
    Jul 8, 2004
    Posts:
    132
    Location:
    Gloucester, UK
    CSI+ is the internal project name for the enhanced version of CSI with cleanup capabilities. Exact product functionality for the first release is still being finalised.

    Some key features of CSI+ that are identical to CSI today:

    1. It will be a single "click and run" executable.
    2. You will be able to run it as many times as you want, where you want and when you want and obtain detection results for free.
    3. You will be able to pass it on to your friends without restriction.
    4. It will detect any active executable marked Bad in the Prevx database.
    5. It will still aim to scan your PC in under 2 minutes.

    Some new features for CSI+:

    1. You may (optionally) ask it to "install" itself but it does not require an "installation".
    2. You may (optionally) schedule periodic scans to run in the background.
    3. You may (optionally) have it minimise to the task-bar.
    4. You may (optionally) tell it to only inform you when it finds something.
    5. It will support HTTP, SOCKS4 and SOCK5 proxies.
    6. It will be able to clean-up any file detected as Bad during the scan.
    7. A seperate download will not be required to enable cleanup - you only need enter a valid CSI+ license key.

    The exact licensing model is still being worked on, but like all other Prevx products, cleanup will require a license payment; no, Prevx 2.0 license keys will not work in CSI+.

    Whether CSI+ is release as a seperate product to CSI has yet to be decided. Release date is still being worked on, but it's in the "real soon now" category; it's pretty much there :D
     
  14. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Damn. I was looking forward to have an alternative to DrWeb's CureIt!... looks like Prevx's CSI won't be it now, I suppose. :(
     
  15. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    703
    Darren, Will this CSI+ sit somewhere between the present CSI and Prevx 2.0 in that the detection/cleanup will not be as deep and comprehensive as we have in Prevx 2.0? ie:What exactly will it's capabilities be compared to Prevx 2.0.
     
  16. ghiser1

    ghiser1 Developer

    Joined:
    Jul 8, 2004
    Posts:
    132
    Location:
    Gloucester, UK
    Yes, CSI+ lies between the current CSI and Prevx 2.0 products. From our experience and feedback from the Prevx 2.0 user base, we believe that the vast majority of Prevx 2.0 users were actually looking for what CSI+ offers, not the full feature set of Prevx 2.0; that is why we are offering CSI+ as an alternative product to Prevx 2.0.

    CSI+ is squarely aimed at the "detect and clean" market; that is, it'll pick up and remove those threats that Prevx are aware of that any existing security software you have may have missed. It's not designed to replace any existing security product. It allows you to take advantage of our incremental detection and cleanup without risking conflict with your existing AV/AS/HIPS etc. It brings the power of Prevx automated malware research to you without you needing to install a full-blown "product" or change your existing setup.

    Prevx 2.0 on the other hand is a full end-point security solution. For this reason, Prevx 2.0 has a number of features that don't logically fit in CSI+, like the following:

    Behavioural monitoring
    CIPS/HIPS-style behaviour blocking
    Execution control
    Blocking of new infections
    Network protection
    Self protection from termination
    Full disk scanning
    Archive Scanning
    Sandboxing

    CSI+ is all about:

    Detecting active malware and removing it. That's it.

    It's very focused on that job and that job only. CSI+ has no active real-time protection features. You could say that it is less deep than Prevx 2.0 because it wont look in archives or scan disks, but its cleanup capability is comparable to that in Prevx 2.0 - it isn't the same though. It is a completely new and alternative approach to that of Prevx 2.0, but just as powerful. With the CSI+ build in QA now, we haven't found anything that Prevx 2.0 can remove that CSI+ can't.

    So, in summary:

    If you want active malware detection only, use CSI+ for free..
    If you want active malware detection and cleanup only, use CSI+ licensed.
    If you want behaviour blocking/HIPS/CIPS, use Prevx 2.0.
    If you want to scan archives or hard disks, use Prevx 2.0.
    If you want to block new infections before they take hold, use Prevx 2.0.

    Hope that helps,

    Darren
     
  17. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    703
    Thanks for your in depth reply Darren, answered everything I wanted to know. As I use Prevx 2.0 as my main anti-malware protection I shall of course be staying with that.
    Many thanks
    Ian
     
  18. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    A) Another difference is that basic TF is free whereas Prevx2 costs ~$70! :eek:

    I wonder -- is that a one-off price, or annual?

    B) I ASSUME that the preceding comments relate to differences between Prevx & the FREE version of TF. That is, I didn't notice where anyone mentioned TF-Pro.

    C) AFAIK, the main difference between TF Free & TF Pro is that the Pro version includes PC-Tool's blacklist/signature-based antivirus & costs ~$20. Am I correct? If so, wouldn't that fact make TF Pro a broader-spectrum security package than is the case with Prevx2?
     
  19. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    D)With custom rules, TF behaves as a FW, making an even broader-spectrum than when the default rules are used...
     
  20. Malcontent

    Malcontent Registered Member

    Joined:
    Dec 30, 2005
    Posts:
    451
    Location:
    Cleveland, Ohio USA
    A 1 year home license cost $24.95 not $70. A business license cost around $70.

    http://www.prevx.com/buywizard.asp
     
  21. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Ooops! I was looking at the "Family" version instead of single user. How much is renewal for a single user license?
     
  22. ghiser1

    ghiser1 Developer

    Joined:
    Jul 8, 2004
    Posts:
    132
    Location:
    Gloucester, UK
    There's very little about TF in this thread. The comparisons above (if your referring to my posts) are all related to different Prevx products; Prevx CSI, Prevx CSI+ (awaying launch) and Prevx 2.0.
     
  23. ghiser1

    ghiser1 Developer

    Joined:
    Jul 8, 2004
    Posts:
    132
    Location:
    Gloucester, UK
    At the moment renew of a single license gets a 10% discount over the prevailing new user rate.
     
  24. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    PC Tools also has the free-edition A/V. (and a beta-suite)
     
  25. ghiser1

    ghiser1 Developer

    Joined:
    Jul 8, 2004
    Posts:
    132
    Location:
    Gloucester, UK
    Version 1.2.101.104 of Prevx CSI has been released.
    This version includes the Prevx CSI+ cleanup engine :cool:

    Have fun...

    Darren
     
Thread Status:
Not open for further replies.