Hi All, Recently a new leaktest has been released: Thermite. It demonstrates the use of the CreateRemoteThread Windows function to bypass firewalls. You can find some information about Thermite here: http://www.securityfocus.com/archive/1/312783/2003-02-20/2003-02-26/1 And there is a discussion here: http://www.dslreports.com/forum/remark,6071614~root=security,1~mode=flat Thermite can be downloaded from here: http://www3.sympatico.ca/oliver.lavery/za-hole.zip So, the Lnsfw1 driver has been updated to detect this kind of troyans. You can retrieve it from here: http://looknstop.soft4ever.com/Beta/Thermite/LNSFW1.SYS This is an experimental version, so please do the following: - rename c:\windows\system32\drivers\lnsfw1.sys to lnsfw1.old - copy the new driver to c:\windows\system32\drivers - reboot In case of bluescreen, you will have to come back to the lnsfw1.old driver and send me (at firstname.lastname@example.org) the minidump file that will be created (in c:\windows\minidump folder). In case of the new driver not working against Thermite, please send me the driver logs (open the Console Window and press the driver logs button). And that's not all, it seems that with this new driver Look 'n' Stop is also able to pass most (all ?) the AWFT (http://www.atelierweb.com/awft/index.htm) tests. Please post your feedback here. Thanks, Frederic.