[Rouen]

Looks like I'm going to be a more active member again :-D

Let's start with behavioral analysis and heuristic anti-virus/spyware programs such as ThreatFire and SanaSecurity's SafeConnect. Personally I'd like to challenge the statistics of the bar graph on ThreatFire's front page. (ThreatFire AntiVirus - Behavioral Virus and Spyware Protection)

While I have yet to use ThreatFire, I have tried out SafeConnect before and it just seems to be a 'nice to have' program to me. The only problem is that it MUST be installed on a completely updated PC before any infections ever occur. This is because the program establishes what is already in the computer as a baseline of security. Another words, everything currently on the computer at the time of SafeConnect's installation is automatically considered safe.

I want to dig in the minds of my fellow peeps and see how ThreatFire is different from SafeConnect. I'm considering it's use, but only if it doesn't suffer the same installation bug mentioned above, for use on a friends computer that I've been asked to inspect for a keylogger. I'm flying out of state tomorrow to visit a friend and I've been asked to assist a friend of hers regarding a myspace hack. Personally, I don't use myspace but I do understand the methods of password guessing. Someone was caught breaking into her myspace, but they don't know how it was done because the password was actually pretty complicated, 10+ alphanumeric characters without leading or trailing numbers that are typically cut off during dictionary and brute force attacks, as the numbers were mixed into the password randomly. The password was never given out and she knew not to respond to phishing emails that ask for email and password for "verification of account." I'd like to get some thoughts and feelings on ThreatFire's reliability, such as high or low instances of false positives for example.