My Leak Test result 320/340, can u help me?

[Guest]

[Yasser1981]

hi guys,

I got 320/340 on my score on leaktest.


Injection
SetWinEventHook   vunerable
SetWindowsHookEx   vunerable


How can I solve these problems?
Is iit a big problem for me?

Best,

[naren]

If I am not wrong & remember correctly, sometimes these 2 tests SetWinEventHook & SetWindowsHookEx   gets registered in trusted files as safe. I dont know how & why they gets into trusted files, maybe cloud scan bug or may be they are treated as safe in the cloud by mistake. I have observed this few times here in my case.

So can you please check & report here if they are in the trusted files.

Thanxx
Naren

[Yasser1981]

If I am not wrong & remember correctly, sometimes these 2 tests SetWinEventHook & SetWindowsHookEx   gets registered in trusted files as safe. I dont know how & why they gets into trusted files, maybe cloud scan bug or may be they are treated as safe in the cloud by mistake. I have observed this few times here in my case.

So can you please check & report here if they are in the trusted files.

Thanxx
Naren

thank you for the reply

I just configured using this sets of this topic http://forums.comodo.com/leak-testingattacksvulnerability-research/tutorial-comodo-firewall-5-t65294.0.html
and now my score is terrible, what is happening?
Im confused


COMODO LEAKTESTS V.1.1.0.3
Date   18:41:24 - 08/10/2011
OS   Windows Vista SP1 build 7601
1. RootkitInstallation: MissingDriverLoad   Protected
2. RootkitInstallation: LoadAndCallImage   Protected
3. RootkitInstallation: DriverSupersede   Protected
4. RootkitInstallation: ChangeDrvPath   Vulnerable
5. Invasion: Runner   Vulnerable
6. Invasion: RawDisk   Vulnerable
7. Invasion: PhysicalMemory   Protected
8. Invasion: FileDrop   Vulnerable
9. Invasion: DebugControl   Protected
10. Injection: SetWinEventHook   Vulnerable
11. Injection: SetWindowsHookEx   Vulnerable
12. Injection: SetThreadContext   Protected
13. Injection: Services   Vulnerable
14. Injection: ProcessInject   Protected
15. Injection: KnownDlls   Vulnerable
16. Injection: DupHandles   Protected
17. Injection: CreateRemoteThread   Protected
18. Injection: APC dll injection   Protected
19. Injection: AdvancedProcessTermination   Protected
20. InfoSend: ICMP Test   Protected
21. InfoSend: DNS Test   Vulnerable
22. Impersonation: OLE automation   Protected
23. Impersonation: ExplorerAsParent   Vulnerable
24. Impersonation: DDE   Vulnerable
25. Impersonation: Coat   Vulnerable
26. Impersonation: BITS   Protected
27. Hijacking: WinlogonNotify   Protected
28. Hijacking: Userinit   Vulnerable
29. Hijacking: UIHost   Protected
30. Hijacking: SupersedeServiceDll   Vulnerable
31. Hijacking: StartupPrograms   Vulnerable
32. Hijacking: ChangeDebuggerPath   Protected
33. Hijacking: AppinitDlls   Vulnerable
34. Hijacking: ActiveDesktop   Protected
Score   180/340

[EricJH]

Please check Getting Accurate Leak Test Results.

[naren]

thank you for the reply

I just configured using this sets of this topic http://forums.comodo.com/leak-testingattacksvulnerability-research/tutorial-comodo-firewall-5-t65294.0.html
and now my score is terrible, what is happening?
Im confused


COMODO LEAKTESTS V.1.1.0.3
Date   18:41:24 - 08/10/2011
OS   Windows Vista SP1 build 7601
1. RootkitInstallation: MissingDriverLoad   Protected
2. RootkitInstallation: LoadAndCallImage   Protected
3. RootkitInstallation: DriverSupersede   Protected
4. RootkitInstallation: ChangeDrvPath   Vulnerable
5. Invasion: Runner   Vulnerable
6. Invasion: RawDisk   Vulnerable
7. Invasion: PhysicalMemory   Protected
8. Invasion: FileDrop   Vulnerable
9. Invasion: DebugControl   Protected
10. Injection: SetWinEventHook   Vulnerable
11. Injection: SetWindowsHookEx   Vulnerable
12. Injection: SetThreadContext   Protected
13. Injection: Services   Vulnerable
14. Injection: ProcessInject   Protected
15. Injection: KnownDlls   Vulnerable
16. Injection: DupHandles   Protected
17. Injection: CreateRemoteThread   Protected
18. Injection: APC dll injection   Protected
19. Injection: AdvancedProcessTermination   Protected
20. InfoSend: ICMP Test   Protected
21. InfoSend: DNS Test   Vulnerable
22. Impersonation: OLE automation   Protected
23. Impersonation: ExplorerAsParent   Vulnerable
24. Impersonation: DDE   Vulnerable
25. Impersonation: Coat   Vulnerable
26. Impersonation: BITS   Protected
27. Hijacking: WinlogonNotify   Protected
28. Hijacking: Userinit   Vulnerable
29. Hijacking: UIHost   Protected
30. Hijacking: SupersedeServiceDll   Vulnerable
31. Hijacking: StartupPrograms   Vulnerable
32. Hijacking: ChangeDebuggerPath   Protected
33. Hijacking: AppinitDlls   Vulnerable
34. Hijacking: ActiveDesktop   Protected
Score   180/340

You quoted my post but didn't replied what I asked you to check. I asked you to check those in the trusted lists coz I have experienced that i.e one of those tests gets into trusted lists sometimes coz of which test fais as it is treated as safe.

Thanxx
Naren

[securityseeker]

i have windows 7 x64 all security settings to the maximum ; but i reach only 210 on 340 score.
why what is not working correctly ?

[captainsticks]

Hi securityseeker,
Did you follow the instructions in the link that EricJH posted above, in particular disable the sandbox.

[Tags:]