hi guys,
I got 320/340 on my score on leaktest.
Injection
SetWinEventHook vunerable
SetWindowsHookEx vunerable
How can I solve these problems?
Is iit a big problem for me?
Best,
[attachment deleted by admin]
If I am not wrong & remember correctly, sometimes these 2 tests SetWinEventHook & SetWindowsHookEx gets registered in trusted files as safe. I dont know how & why they gets into trusted files, maybe cloud scan bug or may be they are treated as safe in the cloud by mistake. I have observed this few times here in my case.
So can you please check & report here if they are in the trusted files.
Thanxx
Naren
If I am not wrong & remember correctly, sometimes these 2 tests SetWinEventHook & SetWindowsHookEx gets registered in trusted files as safe. I dont know how & why they gets into trusted files, maybe cloud scan bug or may be they are treated as safe in the cloud by mistake. I have observed this few times here in my case.
So can you please check & report here if they are in the trusted files.
Thanxx
Naren
thank you for the reply
I just configured using this sets of this topic https://forums.comodo.com/leak-testingattacksvulnerability-research/tutorial-comodo-firewall-5-t65294.0.html
and now my score is terrible, what is happening?
Im confused
COMODO LEAKTESTS V.1.1.0.3
Date 18:41:24 - 08/10/2011
OS Windows Vista SP1 build 7601
RootkitInstallation: MissingDriverLoad Protected
RootkitInstallation: LoadAndCallImage Protected
RootkitInstallation: DriverSupersede Protected
RootkitInstallation: ChangeDrvPath Vulnerable
Invasion: Runner Vulnerable
Invasion: RawDisk Vulnerable
Invasion: PhysicalMemory Protected
Invasion: FileDrop Vulnerable
Invasion: DebugControl Protected
Injection: SetWinEventHook Vulnerable
Injection: SetWindowsHookEx Vulnerable
Injection: SetThreadContext Protected
Injection: Services Vulnerable
Injection: ProcessInject Protected
Injection: KnownDlls Vulnerable
Injection: DupHandles Protected
Injection: CreateRemoteThread Protected
Injection: APC dll injection Protected
Injection: AdvancedProcessTermination Protected
InfoSend: ICMP Test Protected
InfoSend: DNS Test Vulnerable
Impersonation: OLE automation Protected
Impersonation: ExplorerAsParent Vulnerable
Impersonation: DDE Vulnerable
Impersonation: Coat Vulnerable
Impersonation: BITS Protected
Hijacking: WinlogonNotify Protected
Hijacking: Userinit Vulnerable
Hijacking: UIHost Protected
Hijacking: SupersedeServiceDll Vulnerable
Hijacking: StartupPrograms Vulnerable
Hijacking: ChangeDebuggerPath Protected
Hijacking: AppinitDlls Vulnerable
Hijacking: ActiveDesktop Protected
Score 180/340
thank you for the reply
I just configured using this sets of this topic https://forums.comodo.com/leak-testingattacksvulnerability-research/tutorial-comodo-firewall-5-t65294.0.html
and now my score is terrible, what is happening?
Im confused
COMODO LEAKTESTS V.1.1.0.3
Date 18:41:24 - 08/10/2011
OS Windows Vista SP1 build 7601
RootkitInstallation: MissingDriverLoad Protected
RootkitInstallation: LoadAndCallImage Protected
RootkitInstallation: DriverSupersede Protected
RootkitInstallation: ChangeDrvPath Vulnerable
Invasion: Runner Vulnerable
Invasion: RawDisk Vulnerable
Invasion: PhysicalMemory Protected
Invasion: FileDrop Vulnerable
Invasion: DebugControl Protected
Injection: SetWinEventHook Vulnerable
Injection: SetWindowsHookEx Vulnerable
Injection: SetThreadContext Protected
Injection: Services Vulnerable
Injection: ProcessInject Protected
Injection: KnownDlls Vulnerable
Injection: DupHandles Protected
Injection: CreateRemoteThread Protected
Injection: APC dll injection Protected
Injection: AdvancedProcessTermination Protected
InfoSend: ICMP Test Protected
InfoSend: DNS Test Vulnerable
Impersonation: OLE automation Protected
Impersonation: ExplorerAsParent Vulnerable
Impersonation: DDE Vulnerable
Impersonation: Coat Vulnerable
Impersonation: BITS Protected
Hijacking: WinlogonNotify Protected
Hijacking: Userinit Vulnerable
Hijacking: UIHost Protected
Hijacking: SupersedeServiceDll Vulnerable
Hijacking: StartupPrograms Vulnerable
Hijacking: ChangeDebuggerPath Protected
Hijacking: AppinitDlls Vulnerable
Hijacking: ActiveDesktop Protected
Score 180/340
You quoted my post but didn’t replied what I asked you to check. I asked you to check those in the trusted lists coz I have experienced that i.e one of those tests gets into trusted lists sometimes coz of which test fais as it is treated as safe.
Thanxx
Naren
i have windows 7 x64 all security settings to the maximum ; but i reach only 210 on 340 score.
why what is not working correctly ?
Hi securityseeker,
Did you follow the instructions in the link that EricJH posted above, in particular disable the sandbox.