So here’s the question.
If 52 percent of the nearly 40,000 samples of new viruses, worms, Trojans and other types of Internet threats identified every day, only last 24 hours, how do security applications that rely on a definition database to identify malware files (most anti-malware applications), keep up with this onslaught?
The simple answer is; they don’t.
The relentless evolution of these increasingly more powerful, and destructive attacks, against computer systems, has disclosed a gaping hole; a vulnerability to zero-day threats in many users’ Internet security defenses.
Zero-day threats are those that are defined as malware that has been written and distributed to take advantage of system vulnerabilities, before security developers can create, and release, counter measures.
So where does this leave you and me?
Without tools that will identify and eliminate these malware threats, we (you and I), run the risk of infection by these constantly evolving zero day security risks to our computers, and operating systems.
One such free, powerful tool, reviewed here previously, is ThreatFire from PC Tools – the developers of the highly regarded PC Tools Internet Security 2010, which blocks malware (including zero-day threats) by analyzing program behavior (heuristics), instead of relying only on a signature based database.
ThreatFire works together with your signature based security applications, to increase the effectiveness of your total security arsenal.
When ThreatFire detects a behavior based threat, it goes into analysis overdrive by comparing the threat against its signature database; those threats that are recognized by the database are quarantined immediately.
Unrecognized threats, or unrecognized behaviors, are assigned a calculated risk level (set by the user), at which point the user has the option of confirming, or blocking, the action.
A good example of the effectiveness of this application was made clear to me, recently, while I was checking all of the ports on my home Windows machine. ThreatFire immediately advised me that the Port Checker was attempting to send email from port 25.
Of course it actually wasn’t, it was simply opening it for testing purposes. But if this port was being opened, and was being used by malware, ThreatFire would have identified this danger by its behavior, and given me the necessary warning.
The following chart gives a good indication of how ThreatFire can supplement your existing security applications. (Chart courtesy of ThreatFire)
Fast facts:
Immediately Effective with No Complicated Set Up
Proactive Defense against Both Known and Unknown Threats
PC Tools AntiVirus Included for On-demand Scanning
Quarantine and Permanently Remove Threats from Your System
Rootkit Scanner Seeks Out Deeply Hidden Files, Objects and Registry Keys
View Detailed Process Information on All Running Processes
Complementary to Your Existing Antivirus Software
Advanced Custom Configuration Options and Rules Settings
Virtually No Impact on System Performance
More Technical Details Provided on Alerts
Continually Improving Protection Technology
Free email and web-based technical support
If you read “An Anti-malware Test – Common Sense Wins”, on this site, you’ll note that during this one year test, ThreatFire was a primary security component on the test machine. In fact, each of my home machines is protected against infection by ThreatFire.
I highly recommend ThreatFire as a critical component in your overall Internet security toolbox.
System Requirements: Windows 7 32-bit and 64-bit, Windows Vista 64-bit, Vista 32-bit, Windows XP SP1, SP2 or SP3 (Home, Pro & Media Center Editions), Windows 2003, Windows 2008.
Download at: ThreatFire
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
Bill Mullins' Weblog - Tech Thoughts 
Pingback: » Free ThreatFire – Advanced Security Against Malware « Bill Mullins … RWPS
Thanks Bill.
I’ll use anything that can help in the fight against the bad guys.
Liam
Hey Liam,
This app can really help.
Thanks for dropping by.
Bill
Hey Bill,
I wouldn’t surf the internet without it. If I download a new tool that doesn’t play nice with Threatfire, the new tool gets uninstalled, not Threatfire.
Cheers
Hey Mal,
I feel the same way. ThreatFire is a superb application.
Best,
Bill
Ok Bill… You have me convinced on this Threatfire… Going onto my PC now! I was always skeptical of installing with running it alongside my other “realtime” scanning apps.
Rick
Hey Rick,
I think you’ll be surprised, and happy, with that little extra bit of protection.
Bill
This is a great program Bill. Been using it since my XP days and now use it on Win7.
Hey G,
When we find an app that does the job, we gotta stick with it for sure. Saved my a** a few times.
Bill
Indeed, this is a superb program. I used it since Cyberhawk and its really really good. With its custom rules that I used. My system is harden.
Thanks sir Bill.
Hey Vhick,
You go back a long way if you remember Cyberhawk. lol
Bill
Hi Bill
I used to use Threatfire, but it completely disabled my Acer laptop by replacing the keyboard driver with its own. I couldn’t get the keyboard to work again and had to rebuild the laptop from scratch. Threatfire is installed on my Dad’s Dell PC without any problems, but I’m reluctant to install it on main PC in case it clashes with KeyScrambler or disables the keyboard driver.
Regards,
Dave K
Hey Dave,
I saw this issue being discussed over at Wilders – very strange behavior. Thanks for bringing this forward.
Bill
Hi Bill,
This is a great program, I just installed it on my 3rd netbook. For the price (free) it works hard at protecting the user. And it doesn’t hog up memory. That is why I like on netbooks, with only 2gigs of ram you need all you can get.
Hey Cappydawg,
Now that’s the way to use freeware.
Some readers have reported having issues with ThreatFire, but most (like you), have reported good results.
Thanks for your input – much appreciated.
Bill
Pingback: Geek Squeaks’ of the Week (#53) « What's On My PC
I use Norton Internet Security 2010/ Threatfire/ Superantispyware Pro/ Win patrol plus as real time protection on my Win XP SP3
Malwarebytes free and Spybot (without teatimer) for on demand scanning.
A small army against threats 🙂
I also use Keyscrambler, Noscript, WOT and PC tools browser defender for my Flock/Palemoon/Orca browsers.
I noticed Dave was worried about Keyscrambler clashing with Threatfire, no issues on my Compaq Desktop, works superbly. Scans run at blazing speed, zero day protection of Threatfire is good
Hey Ashwin,
I like your “small army”. Very cool.
Best,
Bill
Thanks Bill
I even have a name for the army
“The Paranoia squadron”
LOL 🙂
Hey Ashwin,
“The Paranoia squadron” – I like that. Very cool!
Bill
I’ve been recommending Threatfire as part of a layered defense. It might be a little redundant in some respects to also have WinPatrol running but it’s such a great program I can’t resist and I’ve never had conflicts between the two. New version of Avast 5.0 is very light on system resources so if you haven’t tried that you should.
Thanks, its really a great tool to protect computer from malware.
Love this tool Bill. It is awesome, and thank you for your knowledge. I also use Sandboxie, with IE8. Thank you for your Website, come here lots. Dave.
Hi Dave,
I agree, ThreatFire is a terrific application. With ThreatFire running, I always feel just a little more confident while I surf the Net.
This year particularly, we are beginning to see more and more sandbox/isolater applications, as well as virtual environment applications that are very easy to use. Sandboxie, definitely continues to hold its own special place.
MSSE has been a big hit, and in fact, it is the AV of choice on my principal at home system. It has yet to let me down.
Thank you for being a regular reader – very much appreciated.
Bill
Also MSSE. Forgot to mention that. Dave