An applications that can force log off and Dfence plus can,t stop

Application name is logoff.

[attachment deleted by admin]

i tried a lot of settings but i always finish by the same alert and vista log off.
there was the same problem with the leaktest system shutdown simulator in step 1 and step 2, except there was no alert but it was not tested with the last version.
i tested it with the last version and it’s the same result, there’s no alert when i click on intercept system shutdown call and when i click shutdown computer it closes the machine, except i had others programs running so it asked me if i wanted to log off as apps were running…
let’s wait for next comodo :slight_smile: i see first rank in my crystal ball :slight_smile:

It also fails to prevent log off by using shutdown.exe in system32 (shutdown -l). No alerts shown at all, except for executing shutdown.exe. I’m running the latest version with Defense+ in Paranoid Mode.


What is that simuylator. If u mean the shutdwon simulator utility on the same site, CFP blocks it on my system.

nope i was talking about some leaktest we used to test firewalls.
it’s named system shutdown simulator. sss.exe
i attached it in my post, maybe it’s the same thing, u tell me.

i went to the site, if u talk about the file shutdown.exe, so it’s not the same file.
D+ blocked it too on my system.
in the exploit SSS, there’s not even an alert about the 2 first steps.
do u confirm?

[attachment deleted by admin]

No, CFP blocks it. Just add *.com files in protected files list to get alert on first one. 2nd and 3rd will give alert by default.

How did you add .com to the list?

Go to My Protected Files, then when adding a new one, you define it as *.com.


in my case i got no alert in vista or xp with step1 and 2 but i didnt add *.com as u said, thanks for this info.
D+ should block that without the need to add *.com in protected files list.
how many user know they need to add *.com in protected files to block this exploit?

update : i added *.com in protected files and still no alert from D+ with step1 and 2…the system doesnt shutdown but the exploit stops lot of process.
can u post some screenshot ?

I use it on XP. Later I will post some screen shots.

I agree, If a program is trying to logg\shutdown it should be alerted to the user