CPIL.EXE Test - Shall I Be Concerned? [RESOLVED]

Hello everybody,

I just installed Comodo Firewall Pro trial version 2.4 and after installing it, I conducted the Comodo Parent Injection Leak Test online test by downloading a file named cpil.exe. After I ran the file Comodo popped up asking me wheter I want to allow or block access of this program(cpil.exe) to the internet. Apparently the test was successful. However, as this was just a test, when the box popped out, I said might as well let it access the internet and thus I allowed it. However on second thoughts what maybe I did wrong was that before hitting the ALLOW access button I ticked the ALWAYS perform this setting for this application. Shall I be concerned at this stage considering that this program has a permanent access but which maybe is helping other similar applications to have permanent access to the internet too which might be malicious because of the ALWAYS setting checkbox I ticked for cpil.exe? Do you think it’s a concern or it’s only a test and thus the file cpil.exe has been used for simulation purposes only and is not affecting any other applications by the setting I applied?

I would appreciate if someone can help me and guide me what I can do at this stage as I’ve just been using Comodo for a few hours and I’m still exploring how the software works. But my first impression is very good. As I told you the problem above is my only concern.

Just to let you know my system runs on Windows XP, using both Firefox and IE as browers, with AVG as AV.

I thank you in advance guys for all your help.

Best Regards,

Corolla

edit: Added [RESOLVED]

Hi Corolla, welcome to the forums.

It doesn’t really matter if you block or allow (remembered of otherwise) CPIL, although to perform a valid test you should block CPIL unremembered (so you can run it again) and reboot after each test. This is because CPIL injects DLL hooks into explorer.exe that do not go away unless explorer.exe (ie. the shell) is restarted. By not rebooting after a CPIL test you invalidate any subsequent CPIL tests that you might run & you are risking the stability of your system (CPIL can cause the explorer shell to crash)… although no permanent damage is caused. If you’ve remembered CPIL by mistake & you want to remove it, then either move the CPIL tests somewhere else (CFP will notice the movement & re-prompt) or search CFPs Application/Component Monitors for the CPIL entries & delete them.

Thanks a lot Kail…that’s been very helpful.

Regards,

Corolla

No problem Corolla, glad I could help. I’ll close this topic & mark it as [RESOLVED]. If you need it opened again, just send a Personal Message to either myself or any other Moderator. Thanks.