Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

some doubts about Threatfire.


  • Please log in to reply
16 replies to this topic

#1 Black Scorpion

Black Scorpion

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 08 October 2013 - 09:25 AM

Mr.quietman7, i have gained a lot of information after reading "Why you should not use Registry Cleaners and Optimization Tools". I want to know your opinion on Threatfire. Is it still any good using this HIPS software as it is not updated for a very long period.thankyou.

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:53 PM

Posted 08 October 2013 - 10:38 AM

ThreatFire uses behavior-based protection technology to detect signs of malicious behavior commonly used by malware threats in contrast to anti-virus products that use signatures and require frequent updating. However, many anti-virus programs utilize optional heuristic scanning engine features to detect brand new viruses and other types of malware, based on behaviors and coding patterns that infections commonly use.

If behavior-based is something you are interested in then I would recommend Emsisoft Anti-Malware which comes with a 30 day trial version and uses three security layers of protection - surf protection, a dual-engine file guard, and advanced behavioral analysis. How these layers of protection work is explained here.

...Emsisoft's behavior analysis constantly monitors the behavior of all active programs. If an active program shows any anomalies that may be indicative of malicious activity, there will be an immediate alert, and the program will be stopped until you make a decision. No database or fingerprints are necessary as malware is detected by its behavior, and the technology continually improves with every new behavior pattern detected.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Black Scorpion

Black Scorpion
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 10 October 2013 - 11:10 AM

Mr.quietman7, i need to thankyou for the information about Emsisoft Anti-Malware. i was thinking of a free version like Threatfire and can i conclude by saying that Threatfire is no more a viable HIPS application.



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:53 PM

Posted 10 October 2013 - 11:18 AM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Black Scorpion

Black Scorpion
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 22 October 2013 - 11:22 AM

Hello Mr.quietman7, MBAM  is regularly detecting PUPS in it scans. i am unable to understand how to stop them. i scan before downloading anything on to my system, but still this problem continues.i am using MBAM free version and Avira AV free version on my system along with Spygot.  thankyou.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:53 PM

Posted 22 October 2013 - 12:01 PM

In the past, Malwarebytes Anti-Malware detected only PUPs that were considered mostly harmful and deceiving but they revised their policy, taking a more aggressive approach to include PUPs that most users found annoying or misleading.

The default action for Malwarebytes' PUP detections is "Show in results list and do not check for removal."
- If you want Malwarebytes to remove them, make sure the settings are set to "Show in results list and check for removal."
- If you don't want Malwarebytes to remove them, set the settings back to default.

PUP-boxes.png

To check or change PUP settings launch Malwarebytes, click the 'Settings' tab and then click the 'Scanner Settings' tab. You will find the Action options at the bottom with a drop down box to the right which allows you to select the action you want Malwarebytes to take.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Black Scorpion

Black Scorpion
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 23 October 2013 - 08:54 AM

Mr.quietman7, thankyou for the detailed information. I also want to know if it is possible to stop these PUPS  completely. thankyou once again.


Edited by Black Scorpion, 23 October 2013 - 08:55 AM.


#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:53 PM

Posted 23 October 2013 - 10:01 AM

A Potentially Unwanted Program (PUP) is a very broad threat category which can encompass any number of different programs to include those which are benign as well as malicious. Thus, this type of detection does not always necessarily mean the file is malicious or a bad program. PUPs in and of themselves are not always bad...many are generally known, non-malicious but unwanted software usually bundled with other free software to include toolbars, add-ons/plug-ins and browser extensions. PUPs are considered unwanted because they can cause undesirable system performance or other problems and are sometimes installed without the user's consent since they are often included when downloading legitimate programs.

The bundling of software is a common practice by legitimate vendors (and some folks actually like the bundled offers). Even many Anti-virus and security vendors bundle toolbars and other software with their products as a cost recoup measure. When a vendor includes an add-on such as a toolbar, they do so as a way to "pay per install" and recoup associated business costs. This practice is now the most common revenue generator for free downloads... so no, you cannot stop them completely.

Please read About those Toolbars and Add-ons which change your browser settings.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Black Scorpion

Black Scorpion
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 25 October 2013 - 11:27 AM

Mr.quietman7, thankyou for this information on PUPS. I have some doubts regarding the 3 Tools you have mentioned, is it safe to use these tools without any major risk to the system.



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:53 PM

Posted 25 October 2013 - 02:49 PM


RKill was created by Grinler (aka Lawrence Abrams), the site owner of BleepingComputer.
AdwCleaner was created by Xplode, a Security Colleague here at BleepingComputer.
JRT (Junkware Removal Tool) was created by thisisu, a member of our Malware Response Team here at Bleeping computer.

So yes they are safe.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 Black Scorpion

Black Scorpion
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 26 October 2013 - 03:02 AM

Mr.quietman7, It clears the air. thankyou.



#12 Black Scorpion

Black Scorpion
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 26 October 2013 - 10:27 AM

Hello Mr.quietman7, i need some information on Malwarebytes Anti-Exploit.Can i use Java and be safe by running MBAE on the system. Can MBAE protect the system from zero day and other threats.Is MBAE a good solution to this type of problem. thankyou.



#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:53 PM

Posted 26 October 2013 - 08:12 PM


Malwarebytes Anti-Exploit, formerly ExploitShield by ZeroVulnerabilityLabs, protects you from zero-day exploits targeting browser and application vulnerabilities. Its proprietary technology shields your browser and applications in that critical period between the release of a new exploit and its subsequent security patch.

Malwarebytes Anti-Exploit

Malwarebytes Anti-Exploit protects the following applications:
Mozilla Firefox, Google Chrome, Internet Explorer, Opera, Java, Adobe Acrobat, Adobe Reader, Foxit Reader, Microsoft Office Word, Microsoft Office Excel, Microsoft Office PowerPoint, Windows Media Player, VLC Media Player, Winamp Player, QuickTime Player, Windows Script Host and Windows Help.

Using Java is an unnecessary security risk...especially using older versions which have vulnerabilities that malicious sites can use to exploit and infect your system.Although, Java is commonly used in business environments and many VPN providers still use it, the average user does not need to install Java software.
- Why You don't need Java
- W3Techs usage statistics and market share data of Java on the web

I recommend just uninstalling Java if you don't use it.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Black Scorpion

Black Scorpion
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 26 October 2013 - 09:32 PM

Mr.quietman, i have uninstalled Java from the Control panel but some traces of the software may be still present. Does it poses any threat to my system. thankyou.



#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:53 PM

Posted 26 October 2013 - 09:58 PM

Java Uninstall Tool for Windows
How to Completely Remove Java Using JavaRa
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users