OS Windows Vista SP0 build 7600
- RootkitInstallation: MissingDriverLoad Protected
- RootkitInstallation: LoadAndCallImage Protected
- RootkitInstallation: DriverSupersede Protected
- RootkitInstallation: ChangeDrvPath Protected
- Invasion: Runner Protected
- Invasion: RawDisk Protected
- Invasion: PhysicalMemory Protected
- Invasion: FileDrop Protected
- Invasion: DebugControl Protected
- Injection: SetWinEventHook Protected
- Injection: SetWindowsHookEx Protected
- Injection: SetThreadContext Protected
- Injection: Services Protected
- Injection: ProcessInject Protected
- Injection: KnownDlls Protected
- Injection: DupHandles Protected
- Injection: CreateRemoteThread Protected
- Injection: APC dll injection Protected
- Injection: AdvancedProcessTermination Protected
- InfoSend: ICMP Test Protected
- InfoSend: DNS Test Protected
- Impersonation: OLE automation Protected
- Impersonation: ExplorerAsParent Protected
- Impersonation: DDE Protected
- Impersonation: Coat Vulnerable
- Impersonation: BITS Protected
- Hijacking: WinlogonNotify Protected
- Hijacking: Userinit Protected
- Hijacking: UIHost Protected
- Hijacking: SupersedeServiceDll Protected
- Hijacking: StartupPrograms Protected
- Hijacking: ChangeDebuggerPath Protected
- Hijacking: AppinitDlls Protected
- Hijacking: ActiveDesktop Protected
Score 330/340
(C) COMODO 2008
tested after deleting all current rules and firewall on custom policy(Now old rules all fresh)
test ran in sand box denied all requests while testing except the first one to begin the test
alert settings very high
can any one help me whats happened?
am i really vulnerable?
how can i get 340/340 score?