Threatfire - Yes or No?

it stopped Keyloggers so well not even the Keyboard could survive.

 

I have ThreatFire PRO. Not because I wanted the additional features (Which I can't find), but because I was so impressed with it I wanted to support them.

 

Threatfire just saved my day when ESET missed spyware today... i've sent the sample to ESET

 

id say no,

i havnt liked the software since it was pctools,

even though they still have the same developers, it just does not feel the same as cyberhawk.

bring back cyberhawk i say.

 

It was bought by Symantec...really

 

Indeed, a few threads about it are scattered here in the forums.

 

When I use ThreatFire, sometimes it won't let me install things without saying anything.

For example, I tired to install a few firefox extensions, they all failed, but NO WARNING of it being blocked by threatfire. I disabled threatfire, and guess what, it worked!

I thought that was weird, and I left the settings at default. Maybe there is something I should have changed?

 

ABSOLUTELY!

If anyone has any of the early versions of CyberHawk, say starting around 1.1.1.3 on up thru each release like i made sure i kept (just in case), you'll find some of them still very excellent and equally important, STABLE!

Besides, i always considered TF more of a generic AV since PCTools added the so-called blacklist, but it was initially introduced and released as a fairly admirable and dependable Behavioral Blocker P.E.R.I.O.D.

CyberHawk is also IMHO been one of the best darn TERMINATORS for a BB as it not only aborts them cold, but immediately and completely terminates the source intrusion executable.

I use it now to compliment both Real-Time Defender or EQS, which HIPS on whichever system i happen to be running on, and it's 100% compatible.

Try any dll injection app, even old APM and then LOAD a test dll, after allowing these HIPS to let it execute, and CYBERHAWK goes instantly into action. Press DENY, and it's a done and over attempt, not to repeat again.

Darn right, bring back CyberHawk!!

 

I don't get it. ThreatFire does all that as well, and many more besides. Why clamor for a downgrade back to an obsolete product from yesteryear?

 

What is the difference between free and PRO?

 

I believe Easter and I are in agreement that ThreatFire is becoming a bit of bloatware. = unnecessary features\bells and whistles. Keep in mind this is coming from a bit of a purest at heart. Also keeping in mind that, IMO, "the latest and greatest" is not always that.

Apologies to Easter if I am mis-speaking.

 

Comparison chart

 

In no way to the "unnecessary" bells and whistles get in the way if you don't want to use them. It's not like they pop up obtrusively in your face, and the only way you'll ever see them is if you go out of your way to click on them.

On the other hand, new features like scanning, advanced rules and quarantine offer invaluable protection. Cyberhawk is simply broken when compared to ThreatFire - all too often threats would constantly reactivate, because even though Cyberhawk could terminate the threats it doesn't have the ability to remove them. Scanning means you can use ThreatFire as a standalone product without another antivirus if you want to. Advanced rules turn ThreatFire into much more than a behavior blocker.

As far as resource usage is concerned, TF is using 7MB of RAM and virtually zero CPU on my system. No system impact whatsoever even when I run resource-intense games and graphics applications. Even if Cyberhawk has an advantage in this area, it cannot possibly be great enough to offset the extra protection TF provides

On an off note, the PC Tools acquisition of Cyberhawk ultimately turned out to be a blessing in disguise, even though detractors initially argued that Cyberhawk would become the bloat that Spyware Doctor was. To those lamenting PC Tool's purchase by Symantec... I say give them a chance.

 

Hi,

There was a difference between CyberHawk Free and Pro, being the ability to add custom rules. For me this was the reason to buy CyberHawk Pro

With the launc of ThreatFire the custom rules were incorporated in the free version of ThreatFire. The Pro version had an extra an Antivirus database of Virusbuster. The big plus of this was that TF checked at every intrusion whether this was a KNOWN malware, to decrease user dependance at intrusion alerts.

With latest 3 the AV was also incorporated in the FREE version, so the difference between PRO and Free was only in support. But also free version users can sign in at the PC Tools support forum. Support is reasonable to good, so I really could not give you any reason to buy the PRO version.

The muched bashed eye candy improvements of 3.5 (where difference between PRO and FREE is zero) also provided a Google search ("Learn more about this threat" link in the pop-up). So looking at it from a rational point: the freeware version is a real easy to use top security product.

On vista 32 bits (with LUA and protected mode IE7), I advise my friends to use it as their main protection (only set "create restore point" before TF quarantaines a threat and add one outbount network rule), besides Vista inbound firewall and the (still free) version of Haute Secure as a free software sandbox and website rating/protection for IE). When Haute Secure becomes pay ware, or when the next DefenseWall release will also offer outbound protection, I will replace HS with DW in this setting.

For adhoc scans I provide them BitDefender and SAS(more spyware based), A2 Free (more trojan based). With the next release the good Ikarus AV will be added to A2, so they can drop bit defender also.

Never heard of any having any problems (that is important for me, because I don't like to be a personal PC assistant in my spare time).

 

ThreatFire is still, IMO, a basically fine tool. I have quit using it on my tower for multiple reasons. However do still have it on the Wifes` machine. Agreed, resource usage is minimal and as set and forget applications go, it is pretty darn good.

 

You can try this link, http://www.topdownloads.net/service...CyberHawk&section=software&category=&mode=AND

 

No apologies needed.

We are in agreement i think that PCTools took a Behavioral Blocker and turned it into a generic Anti-Virus which swelled it's contents and bogged down user's machines & interest along with it.

I think saberfox as many others were drawn to that type of concept & appeal, and if it worked for you then thats great, but realistically TF was CHANGED by PCTools from a SMART BEHAVIORAL BLOCKER only, to more or less a genetically engineered combo of an AV & resident AS and thereby BLOATED it out of contention with many prospective as well as devoted users.

However well & good a so-called community protection blacklist might be in any security app including a HIPS even if they decided to take that route, one can't help but to view that feature as mimicking an AV, and with that comes the BLOAT, and besides theres already plenty of AV's who been in that business a very, very, long time and still are.

It looks like MAMUTU is sitting alone now as a BB, since TF might be gone the way of the dinasaur soon, but CYBERHAWK still lives! no matter how distant from it's beginnings, which is not been as long as Kerio 2.15 that many users still use as their firewall.

CyberHawk like other so-called outdated apps might not be supported anymore by it's developers, but their still extremely beneficial for Windows NT systems security and lite plus stable, and in many ways well ahead of some new one's that are quickly fizzling out.

 

This is the reason why I changed from ThreatFire to EQSecure. I want a set of dedicated, quality specific tools and not programs that try to do everything like a swizz army knife. Those programs usually end up being only decent in .. everything.

 

That one kind of ran me around in circles. This one did the trick. Have not installed it so if anyone does, do so at your own risk.

 

But how can you use it if you can't purchase it?(or you still can?)
Does it have a free version or what?

 

My assumption would be it is the free vers.

 

IIRC- Cyberhawk always started out with the Pro features and went to the free, limited version after like 15 days or so. If anyone installs this on Vista without issue please post.
thanks

 

Claims of bloat are completely unfounded when the "unnecessary" features are complete unobtrusive if you don't need them, and the resource requirements much lower than other competitors' "unbloated" products.

You also need to learn the difference between ThreatFire and a real generic antivirus. TF may call itself an antivirus, but that's only because its aims are the same. How it achieves that aim is completely different from an antivirus product.

Bog down users' machines and interest? I wonder what you base that claim on, but it certainly isn't reality...

 

Perhaps so.

Mine is but a single perception based on not only other users disappointment but mine own experiences. I found CyberHawk a much more formidable opponant against behavioral aggressive executables, while i gathered little or no response with TF on the few versions i tried. And i so much was in need of a decent if not reliable enough Behavior Blocker to compliment my HIPS, i hoped TF would evolve to serve that purpose, which for me it didn't.

Thats when i reached back in time if you will out of pure curiosity to see if i could find in my archived collection of various discontinued apps Cyberhawk, retry it again, and see if it just might fit the measure enough to fill in as that alternative.

The rest as they say is history, and in all my units again as indicated below in my sig.

So i suggest to anyone who found ThreatFire then and now suitable to their PC needs, to hang on to it or them depending on which version worked best for your machine system, because it may or may not turn relic, but if it works well enough to compliment your security setup, and does go relic like Cyberhawk did, you still will have useful security material in that program for much longer then it's production run.

EASTER

 

I like TF but I find that it noticably slows down program execution. ACDSee 2.43 normally loads in an instant but it takes ~1.5 seconds longer when using TF.