Comodo Leak Tests-Vulnerable Test

hi,I need help for to comodo it is totally safe

Security Firewall is my config for Comodo
The level of the firewall is Safe Mode
And the Defense+ is the level is safe Mode

Date 23:38:15 - 15/05/2009
OS Windows XP SP2 build 2600

  1. RootkitInstallation: MissingDriverLoad Protected
  2. RootkitInstallation: LoadAndCallImage Protected
    3. RootkitInstallation: DriverSupersede Vulnerable
  3. RootkitInstallation: ChangeDrvPath Protected
  4. Invasion: Runner Protected
  5. Invasion: RawDisk Protected
  6. Invasion: PhysicalMemory Protected
    8. Invasion: FileDrop Vulnerable
  7. Invasion: DebugControl Protected
  8. Injection: SetWinEventHook Protected
  9. Injection: SetWindowsHookEx Protected
  10. Injection: SetThreadContext Protected
  11. Injection: Services Protected
  12. Injection: ProcessInject Protected
  13. Injection: KnownDlls Vulnerable
  14. Injection: DupHandles Protected
  15. Injection: CreateRemoteThread Protected
  16. Injection: APC dll injection Protected
  17. Injection: AdvancedProcessTermination Protected
  18. InfoSend: ICMP Test Protected
  19. InfoSend: DNS Test Protected
  20. Impersonation: OLE automation Protected
  21. Impersonation: ExplorerAsParent Protected
  22. Impersonation: DDE Protected
  23. Impersonation: Coat Protected
  24. Impersonation: BITS Protected
  25. Hijacking: WinlogonNotify Protected
  26. Hijacking: Userinit Protected
  27. Hijacking: UIHost Protected
  28. Hijacking: SupersedeServiceDll Protected
  29. Hijacking: StartupPrograms Protected
  30. Hijacking: ChangeDebuggerPath Protected
  31. Hijacking: AppinitDlls Protected
  32. Hijacking: ActiveDesktop Protected

Score 310/340

Thank you for your understanding

i want to know which cis version u used while doing this test like for example 3.5, 3.8, 3.9 and if 3.9 then was it or something?

best way to fix that is right click on the comodo icon in task bar, go to configuration and select proactive. Now to the test again, I bet you will get 340. ;D

With the configuracion of Proactive Security

Date 11:48:51 - 16/05/2009
OS Windows XP SP2 build 2600

  1. RootkitInstallation: MissingDriverLoad Protected
  2. RootkitInstallation: LoadAndCallImage Vulnerable
  3. RootkitInstallation: DriverSupersede Vulnerable
  4. RootkitInstallation: ChangeDrvPath Vulnerable
  5. Invasion: Runner Protected
  6. Invasion: RawDisk Vulnerable
  7. Invasion: PhysicalMemory Vulnerable
  8. Invasion: FileDrop Vulnerable
  9. Invasion: DebugControl Vulnerable
  10. Injection: SetWinEventHook Vulnerable
  11. Injection: SetWindowsHookEx Vulnerable
  12. Injection: SetThreadContext Vulnerable
  13. Injection: Services Vulnerable
  14. Injection: ProcessInject Vulnerable
  15. Injection: KnownDlls Vulnerable
  16. Injection: DupHandles Protected
  17. Injection: CreateRemoteThread Vulnerable
  18. Injection: APC dll injection Vulnerable
  19. Injection: AdvancedProcessTermination Vulnerable
  20. InfoSend: ICMP Test Protected
  21. InfoSend: DNS Test Protected
  22. Impersonation: OLE automation Protected
  23. Impersonation: ExplorerAsParent Protected
  24. Impersonation: DDE Protected
  25. Impersonation: Coat Protected
  26. Impersonation: BITS Protected
  27. Hijacking: WinlogonNotify Protected
  28. Hijacking: Userinit Protected
  29. Hijacking: UIHost Protected
  30. Hijacking: SupersedeServiceDll Vulnerable
  31. Hijacking: StartupPrograms Protected
  32. Hijacking: ChangeDebuggerPath Protected
  33. Hijacking: AppinitDlls Protected
  34. Hijacking: ActiveDesktop Protected
    Score 170/340

My Product Version is the last version: 3.9.95478.509

Are you sure that you didn’t have the Leak Test already on your PC and you set “Clean PC Mode”? ???

Clean mode Pc in the firewall or in defense+?

I have tested new with the configuration Comodo Internet Security

OS Windows XP SP2 build 2600

  1. RootkitInstallation: MissingDriverLoad Protected
  2. RootkitInstallation: LoadAndCallImage Protected
  3. RootkitInstallation: DriverSupersede Protected
  4. RootkitInstallation: ChangeDrvPath Protected
  5. Invasion: Runner Protected
  6. Invasion: RawDisk Protected
  7. Invasion: PhysicalMemory Protected
  8. Invasion: FileDrop Protected
  9. Invasion: DebugControl Protected
  10. Injection: SetWinEventHook Protected
  11. Injection: SetWindowsHookEx Protected
  12. Injection: SetThreadContext Protected
  13. Injection: Services Protected
  14. Injection: ProcessInject Protected
    15. Injection: KnownDlls Vulnerable
  15. Injection: DupHandles Protected
  16. Injection: CreateRemoteThread Protected
  17. Injection: APC dll injection Protected
  18. Injection: AdvancedProcessTermination Protected
  19. InfoSend: ICMP Test Protected
  20. InfoSend: DNS Test Protected
  21. Impersonation: OLE automation Protected
  22. Impersonation: ExplorerAsParent Protected
  23. Impersonation: DDE Protected
  24. Impersonation: Coat Protected
  25. Impersonation: BITS Protected
  26. Hijacking: WinlogonNotify Protected
  27. Hijacking: Userinit Protected
  28. Hijacking: UIHost Protected
  29. Hijacking: SupersedeServiceDll Protected
  30. Hijacking: StartupPrograms Protected
  31. Hijacking: ChangeDebuggerPath Protected
  32. Hijacking: AppinitDlls Protected
  33. Hijacking: ActiveDesktop Protected
    Score 330/340

You must have click allow and not block. I have CIS running on 4 machines and they all pass with a 340/340. Keep in mind you need to delete all entries of the test before trying again. Your best bet is delete the test. Do a complete uninstall of CIS and reboot. Install the latest version and you will pass. As long as you click “BLOCK” on all the alerts except for the first one. You need to allow the test to run.

I understand about the block, I tried this on my computer last month and it gave me 340 pass. then I reformatted and it gives me 320, I have deletted my firewall setttings several times and tried and get the same results , when it comes to the 2 that fails it never asks me to allow or block, sending a screen shot, so what is wrong

Since you ran the tests already, try removing any rules created in Defense+ and the Firewall for CLT.exe.
Then, with CIS in Proactive mode, and the firewall and Defense+ both set on Safe, rerun the test.