Threatfire

i run Leaktest and threatfire caught it,and that is great.But it keeps quarantining it and cpu usage go from 50%to 80% and i must restart my computer,cause it wont stop!!is this some bug or i do something wrong?

PS: It stops now,but it tooks almost 10 minutes,or longer!!
Im using Nod32 v3.0.650 and Comodo Firewall,but without D+.Spyware Blaster and imunization in spybot.

I already posted that on pctools forum,but no answer till now.so i write it here.Have someone same problem?or is it normal

 

I had the same prob last week, but just re-booted. I don't re-boot often so I thought it was just time to. Checking the logs, I had a "quarantine" around the same time. (Running just TF and AntiVir)

 

yeah,but try some leaktest again! i tried and again the same problem hope some moderator from pctools forum will answer me:-/

 

I'm a member of pctools-forum...can't say as I remember EVER getting a response there. Anyway, do you use TF with the default-rules or advanced-rules. The reason I ask is because I never had the spike-probs while using advanced-rules and doing leaktesting...

 

PC Tools if they would just recompile and redo their drivers again, i think they could eliminate and clear up finally a lot of issues just like this. Thats just my opinion but it's one from experience going all the way back to Cyberhawk by Novatix.

Drivers are unique in that they process a lot of programmed code in them and interact with the core Windows system and security developers of all fields consistently revise them.

In fact i just got an update from Comodo D+ last night that included enhancements or corrections for their main drivers.

I don't bother with ThreatFire anymore because of HIPS which is Lite but STRONG in coverages, but if i did, i would press this issue with their support for some concrete explaination why these issues continue to crop up each version.

 

i onlyy open that rules and just add there some trusted processes like for nod,comodoo and some economic program from my mother.thats all what i did in this program:-/ and i run leaktest and it give me pop up that it is leaktest aplication.i press proceed and that it starts i can do some work on pc but high cpu usage is freezing itsometimes and it is annoying!!!:-/

 

Using version 3.0.14.16 and just running a few leak-tests, no "spiking" of note. Problem may have already been corrected FWIW...

 

http://www.firewallleaktester.com/leaktest2.htm
http://www.firewallleaktester.com/leaktest1.htm
those two make me problems!! i unninstaled threatfire for now,will give it a try tommorow

 

This one was a problem, but back to normal within a minute. No spikes with any other tests I ran...

 

It might be a Threatfire bug, a conflict with another security software (probably Comodo, even if you don't use D+ the drivers and hooks are there) or a conflict with some other software.

Leaktest was designed to test firewall and HIPS abilities. It's pointless to use it as a test tool with a behav. blocker. Behav. blockers must be tested with real malware.

 

I tried both tests to see what would happen on my machine - W2k, Kerio 2.15, and with only one active antimalware program Norton SystemWorks2002 running. Taskmanager was on to watch cpu use.

Leaktest1 - no visible sign of cpu use (I must have blinked).
Leaktest2 - about 15 seconds of (as you say) up to 80% cpu, but it settled down ok after that.

I quess all it proves is that TF has no conflict with another program on MY computer, but at least you know it is not a "bug" everywhere. Hope you get some help on your particular machine.