20:21:17 CPILSUITE.EXE Blocked Application is attempting to inject its component into another process. Process: CPILSuite.exe, Injected: F:\DOWNLOADS\CPILSUITE\CPIL2.DLL
20:21:15 CPIL.EXE Blocked Application is attempting to modify other application memory. Process: CPIL.EXE, Target process: C:\WINDOWS\EXPLORER.EXE
20:05:37 CPIL.EXE Blocked Application is attempting to modify other application memory. Process: CPIL.EXE, Target process: C:\WINDOWS\EXPLORER.EXE
20:05:13 CPIL.EXE Blocked Application is attempting to modify other application memory. Process: CPIL.EXE, Target process: C:\WINDOWS\EXPLORER.EXE
20:04:22 CPILSUITE.EXE Blocked Application is attempting to inject its component into another process. Process: CPILSuite.exe, Injected: F:\DOWNLOADS\CPILSUITE\CPIL2.DLL
20:04:14 CPIL.EXE Blocked Application is attempting to modify other application memory. Process: CPIL.EXE, Target process: C:\WINDOWS\EXPLORER.EXE
I have tried this test and at first nothing got through. Then I allowed it to get through once. I rebooted and it still gets through no matter what I do. I even uninstalled and reinstalled the firewall but Test 1 always gets through now. How to I get it back to not allowing Test 1 to get through?
WOW, so it works huh
ehhm,here we go
go to CFP3/defense+/advanced/computer security policy
you’ll see list of remembered rules there. Remove or edit the rule for the leaktest app.
oh, you might wanna check %windir%\explorer.exe ==> use a custom policy/access right/
on run an executable, click modify and find the leak test app there
I deleted the rules for that before and it still gets by test 1. The second part of your instructions I didn’t quite understand. That only takes me to the window explorer program. I’m using Windows XP.
i use Xp SP2 too. i think we really need the expert help right now ;D
ok, this is my step 2, sorry for being unclear, me & english.
CFP3/Defense+/advanced/computer security policy
*find %windir%\explorer.exe ,double click on it,
*tick use a custom policy, and click access right
*on the “access rights” window==>run an axecutable==> click modify,
you’ll see another list of allowed/blocked apps there
huh ??? hook? what hook?
based on my stupid experience of mistakenly allowing/blocking apps ;D , after i do these steps :
*find %windir%\explorer.exe ,double click on it,
*tick use a custom policy, and click access right
*on the “access rights” window==>run an axecutable==> click modify
there are lots of apps listed there, and i just remove the mistakenly allowed/blocked app.
hmm ??? so you don’t have specific rule for CPIL leaktest and still don’t pass test 1.
oh ya, i remember that, it’s defense+ warning that blocked the attempt.
:-\ let see if someone can help you out. have you tried another leaktest apps? didn’t pass the leaktest app by mistakenly click “allow” doesn’t mean your firewall’s leaking ;D
edit :
hey, i’ve just tried the CPIL leaktest, i allow & remember test 1 (access physical memory directly attempt), remove the rule, but i still didn’t pass test 1 after that.
let’s ask for help together ;D
i’ll try to reboot my comp and see if i still fail after rebooting
sorry to hear that (:SAD)
but i gues you shouldn’t worry too much, it’s just leak test app that you’ve mistakenly allowed, not a real leakage ;D . perhaps you wanna try another leaktest app like GRCleaktest and see if your CFP3 can pass them.
let see if some mods here can help you. :THNK
in this case, i think it’s the user, not the firewall ,i think you’ve proven that CFP3 CAN block the malicious attempt, but you’ve mistakenly allowed it. in reality, if a malware tried to send something out, CFP3 will blocked it, but once we “allow” it, we’re doomed. we can’t expect a second chance from a malware.
Yes, but the firewall should be more forgiving than that if we as a user mess up and allow something we shouldn’t. If your scenario is correct, if we ever allow anything by accident, the firewall becomes useless after that for that allowance. Not a good idea for a top of the line firewall, huh?
yeah,i mean you have an uncommon problem there. what if you mistakenly block a legit app, maybe your AV updater :o , maybe you can submit a support ticket to comodo?
well, yeah. the firewall has stopped the thief, but we open the door for him. ;D
Yes, but when you open the door to the thief once, doens’t mean you want them stealiong from you again and again. There should be a way to relock the door, right?
yeah, how about the other app? do this issue only happen to CPIL or another app as well? i think you really need to submit a support ticket to comodo. that’s a serious issue, :o