ThreatFire AntiVirus By PC Tool Allows Free Zero-Day Attack Protection For Windows

ThreatFire is dramatically different to traditional antivirus software for Windows. Normal antivirus products usually need to have first identified and seen a threat before they can provide adequate protection against it. The protection is then provided via a signature or fingerprint update, which must first be written by an antivirus researcher. This creates a large window of time where threats are undetected and can therefore infect your PC even when you have antivirus software installed. Traditional antivirus solutions cannot protect you until after they have discovered a new threat and produced a signature to counter it. ThreatFire does not rely on signatures, but instead provides behavior-based protection. It is designed to be used alongside your existing antivirus software and it fills the gap in protection between your antivirus signature updates. ThreatFire protects you against major security threats including viruses, worms, Trojans, rootkits and even some spyware. Its advanced ActiveDefense technology intelligently analyzes the behavior of processes and programs on a system and immediately halts any malicious action. It continuously monitors all activities on your PC at a very low system level and uses a proprietary combination of analytics, risk algorithms, program histories and tolerance thresholds to identify and shut down threats so you are always protected, no matter how new the threat. ThreatFire is easy to use, instantly effective, and very light on system resources.

Things To Note

What are Zero-Day attacks?

A "Zero-Day" attack occurs when your computer is infected by a Zero-Day threat - a virus, trojan or spyware which is so new that traditional antivirus programs have no "signature" to identify the threat.

If a threat cannot be identified, it cannot be prevented or contained. Consequently, Zero-Day threats spread very quickly, and pose the greatest risk to the safety of your computer, your online security and the security of your personal data.

Malicious code will exploit security holes in operating systems, programs and applications. These are security exploits which are unknown to the vendor of your existing anti-malware software. Certainly, these security exploits will be soon recognized and antivirus security software will be updated, but what do you have to defend against freshly-born threats meanwhile? By employing ActiveDefense technology using behavior analysis, ThreatFire will catch potential threats before your anti-malware software has updated the signature database.

What is a traditional antivirus "signature"?

A signature is a "digital fingerprint" that traditional antivirus and anti-spyware products use to determine that a virus or spyware has infected a PC or network.

Every threat has a unique fingerprint. A signature will intercept a threat only if the threat has exactly the correct fingerprint.

Why can't my antivirus catch Zero-Day attacks?

Because Zero-Day attacks happen faster than traditional antivirus can react. Here is what your traditional signature-based antivirus product must do to protect you against any new threat:

1. Catch the threat.
2. Analyze the threat to understand what it does.
3. Write a signature that recognizes the threat.
4. Test the signature to ensure it does not damage your computer.
5. Issue you an update with the new signature. And then...
6. You still have to update your software with the new signature!

It can be days before traditional antivirus companies provide the "signature update" necessary to protect your computer. And traditional signatures cannot protect you if a threat "morphs" to evade the signature.

Using ThreatFire

ThreatFire is a simple installation and is offered free to home users. Again, there is no conflict with existing antivirus software, so you won’t need to bother with disabling applications or creating exceptions in most cases. The installation link is: Download

Never forget to create a system restore point prior to the installation of any new software. Set the restore point before downloading ThreatFire. Now you're ready to continue. Install ThreatFire AntiVirus as usual (PLEASE, DO NOT FORGET TO UNINSTALL YOUR PREVIOUSLY USED ANTIVIRUS). After installation, The program opens automatically, presenting the following screen:

Click Start Scan and ThreatFire will run a quick scan. The program detected that the Windows Firewall has not been active on the system. In addition, twelve minor threats (tracking cookies) were detected on the system.

From here, run a full scan by clicking Start Scan. The scan will, of course, take some time. The color-coded alerts indicated various degrees of threats. A yellow alert is used for potentially malicious software threats, while a red alert indicates that a malware application has been disabled and quarantined. ThreatFire opens your default web browser and opens the ThreatExpert page which details the information about the threat that was disabled. This is an interesting feature. It is always good to be educated about malware threats. This is like a first-alert system. It is easy to operate, though some using x64 systems have had problems with it. The problems have not been major, just that the program has not worked well for everyone. For many other users, this has come in handy. The user demonstrating this article has certainly found it to be a handy addition to a PC security line-up.

ThreatFire AntiVirus work's on Windows 7 32-bit and 64-bit, Windows Vista 64-bit, Vista 32-bit, Windows XP SP1, SP2 or SP3 (Home, Pro & Media Center Editions), Windows 2003, or Windows 2008.

Download ThreatFire AntiVirus

 

[Via: gHacks & CNET]