Does PCTools Threatfire Boost Security?
"I've seen magazine ads for a security tool called PCTools ThreatFire, but I don't quite understand what it's supposed to do. Will it replace my anti-virus software, or do I need both?"
Adding PCTools Threatfire to Your Security Arsenal
You don't need to know a burglar's name to know that he's a threat to your home security. Likewise, you shouldn't need to know a computer virus' name in order to stop it before it does damage to your computer or sends your bank account password to some felon on the other side of the planet. But that's exactly how some anti-virus programs work.
PCTools Threatfire anti-virus software works differently, and can significantly boost the virus detection rate of your existing security software.
Some anti-virus programs rely on digital "signatures" of known malware programs for identification and blocking purposes. A signature is often a "checksum," a single, relatively short number that represents a theoretically unique characteristic of a program such as the sum of zeroes and ones in a program's bits. When a program is downloaded to your computer, the anti-virus program calculates its signature, compares it to its database of known viruses, and if the checksum is found in the database an alarm is sounded and the program is quarantined. There is an obvious shortcoming in this approach.
Signature-based virus detection won't detect viruses whose signature isn't in the database. All the Evil Hacker has to do is change one bit and his malware has a new, undetectable signature. This is why your anti-virus program downloads an updated database of signatures frequently; there is a never-ending war of changes between malware writers and anti-virus software developers.
ThreatFire - A Behavioral Approach to Virus Detection
You don't really care about the fingerprint, signature, or shoe size of a piece of malware. What you care about is what a downloaded program is doing. PCTools' Threatfire monitors the behavior of all programs running on your machine, and sounds alerts when a program does something that might be harmful.
When a program acts suspiciously - say, attempting to open a password file that it did not create - Threatfire blocks the potentially dangerous activity and attempts to verify the program's identity against a database of signatures. It tells you, in effect, "This program is up to something, and we have/haven't identified it as a known piece of malware." Then it's up to you to decide whether to block the suspected software or let it continue what it's attempting to do.
It should be noted that this breed of behavior-based security software has its own shortcoming. It sometimes blocks the running of perfectly legitimate software based upon "suspicious" behavior. Such "false positive" alerts are like being stopped by the police and questioned because you are carrying a violin case. Violin cases are known to carry machine guns sometimes, so the cops stop you even if you're just carrying a violin. It's annoying but harmless.
PCTools' ThreatFire consumes very little computing resources and does not conflict with traditional signature-based anti-virus programs' operations. Therefore it is a good complement to signature-based protection. In other words, if you're using AVG, Avira, McAfee, Norton or some other well-known anti-virus protection, adding ThreatFire will provide even more protection.
In its basic, free-for-home-use form, PCTools' Threatfire does no more than actively monitor running programs and block suspicious activity. An enhanced Pro version ($29.95/year) will also scan your hard drive for known threats based upon their signatures. You also get telephone support with the paid edition; the free version comes with email-only support.
Do you have something to say about ThreatFire or other behavior-based computer security tools? Post your comment or question below…
|
|
Need more tech support?
|
Posted by Bob Rankin on November 23, 2009 07:51 PM
| Need More Help? Try the AskBobRankin Updates Newsletter. It's Free! |
 |
Prev Article: Free Alternatives to GoToMyPC |
|
Next Article: Should I Buy an HD Monitor? |
 |
|
Link to this article from your site or blog. Just copy and paste from this box: Related Keywords: Security anti-virus virus signature heuristic malware |
There's more reader feedback... See all 16 comments for this article.
Post your Comments, Questions or Suggestions
|
Ask Bob Rankin Home Page
Subscribe to AskBobRankin Updates: Free Newsletter |
|
| Copyright © 2005 - Bob Rankin - All Rights Reserved | ||
Article information: AskBobRankin -- Does PCTools Threatfire Boost Security? (Posted: November 23, 2009 07:51 PM)
Source: http://askbobrankin.com/does_pctools_threatfire_boost_security.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Does PCTools Threatfire Boost Security?"
(See all 16 comments for this article.)Posted by:
Rich
24 Nov 2009
I downloaded Threatfire on my laptop ....Oh my ...It took me about 2 hours to finally get everything corrected. This program didn't play well with my set-up ......Let's just say it certainly " Threatened my Fire !!! " ( pun intended )
EDITOR'S NOTE: It would be nice to have some details...
Posted by:
D.W. Whitlock
24 Nov 2009
Bob, I have had Avira on my machine for several months. I also use MalwareBytes. Of the two, I only have Avira's realtime scanner running in the backround. I am satisfied with them so far. I added Threatfire 3 weeks ago. My only complaint is a distinct slowdown in web browsing & app launch speeds. If Threatfire truly protects as promoted, then its a small price to pay given the hair I have pulled out over past malware infections. Keep up the good work.
Posted by:
Ralf Kuehnel
24 Nov 2009
Can Threatfire and ZoneAlarm both be installed? ZoneAlarm stops new programs from accessing the trusted zone. Would installing both programs cause a conflict?
Posted by:
Bev
24 Nov 2009
I have read the information that you gave on the Threatfire, and I noticed that my Anti-Virus was not listed on the chart. I use E-Set and have been very happy with it, is there a reason it was not listed, I am curious to know.
Posted by:
Geoff
24 Nov 2009
I recommend extreme caution with this program. I tried it out about a year ago, but decided to remove it. After doing so, I lost all keyboard functionality. After some searching on the internet, I discovered that when ThreatFire is removed, it actually leaves behind the keyboard hook that it installs.
There was a workaround that I was able to use to get my keyboard back. But I found that this problem was somewhat common, and went totally unaddressed by PCTools for a couple years. I don't know whether they have fixed the issue yet.
In my mind, this experience was the end of all PCTools software for me. A program that is supposed to protect you but leaves behind harmful remnants upon removal is, to me, unconscionable.
Caveat emptor.
Posted by:
Fred Havn
24 Nov 2009
I'm also interested in feedback regarding ESET NOD32 Antivirus since I have it on this machine. I also have TreathFire. Looking forward to any feedback.
Posted by:
Darryl
25 Nov 2009
Spybot S&D does use signatures for scanning, but Teatimer and WinPatrol are both versions of HIPS, which is what Threatfire is if I'm not mistaken. Any further info regarding this would be helpful.
Posted by:
John
29 Nov 2009
I have Avast antivirus and Malwarebytes installed on my machine. Avast updates automatically at least daily, and malwarebytes is simple to update and use and I've never had a problem. My motto: if it ain't broke, don't fix it - with apologies to my mother who was a stickler for grammar.
Posted by:
GottaBigOne
30 Nov 2009
Afternoon Bob and my fellow Rankinites!
John I am with you. I love my setup of Avast and Malwarebytes for the reasons you stated above.
Plus I got the Online Armor Firewall to complete my security mix.
(No one can guarantee 100% security for one's computer but I think my setup comes Darn Close!)
[I tried Avira briefly - - a Fantastic product - - until the company had the situation with the STOPPED Updates with the free version]
. . . But to give credit where it's due it was a Monumental technological glitch and the company did it's Darndest to get the Updates back on track!]
The Paid version of Avira was NOT affected by this glitch.
ThreatFire: I get Goosebumps thinking about this Thang! Some years ago I found out that it was the Hardest thing to remove from my computer. It wouldn't budge, initially! To this day I wonder if said application was some kind of malware!
I eventually had to literally perform surgery with the help of Windows SEARCH to Finally get rid of this monstrosity!!!
Thank You for Listening,
GBO
Posted by:
Rich A
03 Dec 2009
" For me " , Threatfire crashed my computer ...I was using Computer Associates Anti Virus .....After downloading Threatfire , My computer simply shut down.....When I finally got it running again .... The CA had vanished .....and all of a sudden I had a old version of AVG running ??? What on earth happened ?? After getting into Safe Mode ...... I deleted everything BUT it got worse ...Finally back in safe Mode ...." System Restore " saved the day for me ! amen to that !
Threatfire ??? Certainly was a " Threat " to my computer.