Threatfire

Discussion in 'other anti-malware software' started by Hefaistos22, Apr 13, 2008.

Thread Status:
Not open for further replies.
  1. Hefaistos22

    Hefaistos22 Registered Member

    Joined:
    Mar 14, 2008
    Posts:
    73
    Location:
    Slovakia
    i run Leaktest and threatfire caught it,and that is great.But it keeps quarantining it and cpu usage go from 50%to 80% and i must restart my computer,cause it wont stop!!is this some bug or i do something wrong?

    PS: It stops now,but it tooks almost 10 minutes,or longer!!
    Im using Nod32 v3.0.650 and Comodo Firewall,but without D+.Spyware Blaster and imunization in spybot.

    I already posted that on pctools forum,but no answer till now.so i write it here.Have someone same problem?or is it normalo_O:(
     
  2. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    I had the same prob last week, but just re-booted. I don't re-boot often so I thought it was just time to. Checking the logs, I had a "quarantine" around the same time. (Running just TF and AntiVir)
     
  3. Hefaistos22

    Hefaistos22 Registered Member

    Joined:
    Mar 14, 2008
    Posts:
    73
    Location:
    Slovakia
    yeah,but try some leaktest again! i tried and again the same problem:( hope some moderator from pctools forum will answer me:-/
     
  4. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    I'm a member of pctools-forum...can't say as I remember EVER getting a response there. Anyway, do you use TF with the default-rules or advanced-rules. The reason I ask is because I never had the spike-probs while using advanced-rules and doing leaktesting...
     
  5. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    PC Tools if they would just recompile and redo their drivers again, i think they could eliminate and clear up finally a lot of issues just like this. Thats just my opinion but it's one from experience going all the way back to Cyberhawk by Novatix.

    Drivers are unique in that they process a lot of programmed code in them and interact with the core Windows system and security developers of all fields consistently revise them.

    In fact i just got an update from Comodo D+ last night that included enhancements or corrections for their main drivers.

    I don't bother with ThreatFire anymore because of HIPS which is Lite but STRONG in coverages, but if i did, i would press this issue with their support for some concrete explaination why these issues continue to crop up each version.
     
  6. Hefaistos22

    Hefaistos22 Registered Member

    Joined:
    Mar 14, 2008
    Posts:
    73
    Location:
    Slovakia
    i onlyy open that rules and just add there some trusted processes like for nod,comodoo and some economic program from my mother.thats all what i did in this program:-/ and i run leaktest and it give me pop up that it is leaktest aplication.i press proceed and that it starts:( i can do some work on pc but high cpu usage is freezing itsometimes and it is annoying!!!:-/
     
  7. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    Using version 3.0.14.16 and just running a few leak-tests, no "spiking" of note. Problem may have already been corrected FWIW...
     
  8. Hefaistos22

    Hefaistos22 Registered Member

    Joined:
    Mar 14, 2008
    Posts:
    73
    Location:
    Slovakia
  9. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
  10. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    It might be a Threatfire bug, a conflict with another security software (probably Comodo, even if you don't use D+ the drivers and hooks are there) or a conflict with some other software.
    Leaktest was designed to test firewall and HIPS abilities. It's pointless to use it as a test tool with a behav. blocker. Behav. blockers must be tested with real malware.
     
  11. kencat

    kencat Registered Member

    Joined:
    Jan 25, 2008
    Posts:
    47
    Location:
    Ontario, Canada
    I tried both tests to see what would happen on my machine - W2k, Kerio 2.15, and with only one active antimalware program Norton SystemWorks2002 running. Taskmanager was on to watch cpu use.

    Leaktest1 - no visible sign of cpu use (I must have blinked).
    Leaktest2 - about 15 seconds of (as you say) up to 80% cpu, but it settled down ok after that.

    I quess all it proves is that TF has no conflict with another program on MY computer, but at least you know it is not a "bug" everywhere. Hope you get some help on your particular machine.
     
Thread Status:
Not open for further replies.