Downloaded CPIL.exe and tested it whilst I had Norton Peronsal Firewall installed, web browser opened and told me what I typed (Using Firefox), so I though, as my norton subcription is running out, I’ll download and try Comodos’ firewall.
All install, and running, and did the test again.
Yet again, it told me what I’d typed, didn’t give me no indication that it was trying to access the internet?
What am I doing wrong? Is it because I’m using Firefox and not Internet Explorer?
Hi,
Does it say anywhere in the test instructions you should use Internet Explorer?
Are you using the same message as what you typed before? If so can you try a different message as sometimes tests show old messages even though the test has been passed.
Did Comodo display any alerts? Did you deny these alerts for the test?
Mike
Does it say anywhere in the test instructions you should use Internet Explorer?
It mentions Explorer.exe, not internet explorer.
Are you using the same message as what you typed before? If so can you try a different message as sometimes tests show old messages even though the test has been passed.
I varied my messages, and all each message omits is the first letter/number (I think that is because of the character buffer from the command window)
Did Comodo display any alerts?
No Alerts popped up.
Did you deny these alerts for the test?
Didn’t have too.
Any more suggestions?
Ok, I just checked and it uses your default browser so it is not FireFox what is causing CPF to fail.
Have you changed any of the firewall settings? I believe it is beahviour analysis that is used to detect this leaktest - have you turned any of these off?
Mike
Nope, I’ve not turned nothing off, I even went back into the program to see what programs I’d agreed too, incase I’d inadvertantly allowed it, and I removed “Firefox” again, so it would ask me, incase it was doing the “Parent/Child” option, and I’d not noticed it, but Nope, just doesn’t seem to flag up.
It is starting to worry me now, as I’ve got a firewall that sells it self on a small app, and then doesn’t even dectect it, I’m kinda hoping I’ve set it up wrong, and it is missing it, as If I’ve set it up right, and it doesn’t detect it’s own test program, well, I dunno what to say…
What version of CPF are you using, the latest is 2.1.1.1. Although, previous versions should still detect this ???
Sorry, I’m kinda coming to a loss.
Mike
Hi,
Lets make sure you have the correct configuration options :
“Security->Advanced->Monitor parent application leaks” must be enabled(enabled by default),
“Security->Advanced->Monitor process injections” must be enabled(enabled by default),
What does CPF say about your protection strength?(Summary section). Do you see anything disabled there?
What about other leak tests such as thermite or copycat?
I believe there is a configuration error.
Egemen
Monitor parent application leaks is ticked active
Monitor process injections is also ticked active
My protection strength is four green squares stating excellent.
I tried to download “Copycat” and Comodo quarantined it…
I tried thermite, and I got the firewall question about block or Deny. (So that appears to work)
I’m wondering if it might have anything to do with “Symantec” leaving stuff behind? even though I’ve done various resets since, and it all should be gone?
peejaygee, see second page of the thread “Leak Testing”, I had a problem with a leaktest and we got it fixed, maybe the same problem as yours.
There is a key called“HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Personal Firewall\AppCtrl\IPC”. Can you completely delete that key, restart your PC and retest?
I’ve checked for that key and it doesn’t exist.
My main one is “[HKEY_LOCAL_MACHINE\SOFTWARE\ComodoGroup]”
[HKEY_LOCAL_MACHINE\SOFTWARE\ComodoGroup\Comodo Personal Firewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\ComodoGroup\Comodo Personal Firewall\2.1.1.1]
Neither containing anything?
and for the Firewall I have.
Any other pointers?
Are you sure you dont have a SYSTEM key?
HKEY_LOCAL_MACHINE[b]SYSTEM[/b]\Software\Comodo\Personal Firewall\AppCtrl\IPC
This one is the wrong one to look in
[HKEY_LOCAL_MACHINE\SOFTWARE\ComodoGroup\Comodo Personal Firewall]
If you do then backup (export) the Comodo key incase need to undo any deletions (File > Export)
Then click on IPC and delete it
Sorry, my fault, I’m checking these message when I’m coming in from work from Nights…
Yeah, I did have that one, and now I’ve deleted it, and will reset the machine, and try again… =-)
I’ll let ya know how it goes…
[Edit]
Well, that worked, I got the Firefox pop up, with the security warning below, saying CPIL had modified Firefox…
Thanks for all the help Steve
So what exactly did I do, deleting that stuff, to fix it?
It stores programs that have been allowed to modify others, at some stage you may have allowed CPIL or it possibly got corrupted. Apparently there will be a list in a future release where you can Allow/Block these programs like the Component Monitor, so you don’t need to go in to the registry.