AWFT 3.2, Comodo failed test no.4 (PAUSE) NOT ;)


this is my first post here, i have to say thank you for Comodo :slight_smile:
I have one question. Is there possibility that Comodo fails at 4th AWFT test:

(Attempts to load a copy of the default browser from within Windows Explorer and patch it in memory before execution. Defeats PFs which require authorization for an application to load another one (succeeding on Technique 1) - Windows Explorer is normally authorized. This test usually succeeds, unless the default browser is blocked from accessing the Internet.)

when i have Opera (or other default browser) set as trusted?
I made add trusted application or checked Remember my answer for this application then pressed Allow. After this, I ran tests and test no.4 failed- I got info from WWW.
Comodo will pass this test if I remove default browser from Security → Application Monitor.
Is it normal? if yes then… well… i will cry

Thanks and sorry for poor english (I know that you don’t care ;PP)

No this is not normal. It should properly report the leak attempt. Can you tell us more about your CPF configuration?

What about thermite and copycat tests? They are the same tests as #4.


I’ll make tests using thermite and copycat.
Unfortunately my AWFT has expired :>
I’ll describe my CPF conf ASAP (I’m using stable version
Stay tuned

Ok I did some testing and I have to appologise for this imho false positive.

As I’ve already said in previous post, my AWFT has expired, so I used apps that you suggested.

I drop thermite since its for IE only and focused on copycat instead.
My default browser is Opera 9.02 (latest public build) and I have cache turned on.

Did tests with Opera as trusted app and without all tests passed. bravo!

During tests i’ve realised one, simple thing, Opera renders some static pages without connecting to net, so f.e. I typed , Comodo showed prompt, that Opera wants to connect to inet, but Opera rendered part of static page and was waiting to download GOOGLE letter images (if i press ALLOW in comodo).

Conclusion: Page, that AWFT uses as default, is IMHO static. Opera renders first static content then dynamic (content that needs to be downloaded from webserver). AWFT makes false positive in this case. It creates(loads) Opera process and tries to connect to web, Opera returns static content first (I was testing Kerio first, so I had AWFT - Atelier Web Firewall Tester in Opera’s cache) then (if needed) connects to webserver.
Thats WHY I didn’t get comodo’s warning- because there were no reasons for opera to connect to webserver, ( AWFT - Atelier Web Firewall Tester in its cache). Opera sent cached content to AWFT and AWFT’s interpretation was bad.(or maybe my interpretation is bad)

Sorry for troubles, AWFT should make some dynamic content :slight_smile:

No problems

Good luck,