Date/Time :2006-06-27 01:02:21
Severity :High
Reporter :Application Behavior Analysis
Description: Suspicious Behaviour (CLPConfig.exe)
Application: C:\Program Files\Comodo\LaunchPad\CLPConfig.exe
Parent: C:\Program Files\Comodo\LaunchPad\CLPTray.exe
Protocol: UDP InRemote: 0.0.0.0:1516
Details: C:\Program Files\Spyware Doctor\swdoctor.exe modified the memory of the Parent application C:\Program Files\Comodo\LaunchPad\CLPTray.exe in memory.
I get lots of these with Spyware Doctor and it ‘always’ modifies the memory of the ‘Parent application’ - whether it’s Explorer.exe, Services.exe etc. Is it just Spyware Doctor doing it’s job? And would it be safe to “Skip advanced security checks” for swdoctor.exe in Comodo firewall? It pops up and asks me all the time and I’d like to eliminate the popup if possible.
It seems Spyware doctor hooks all other applications to do its job. Skipping advanced checks will not help in this case because it means do not check for leaks on Spyware doctor(not skip the leaks that are caused by spyware doctor).
What you can do is to unheck "Security->Advanced->Monitor parent application leaks option to see if number of popups decreases.
In current version of CPF, there is no way to approve all activities of an application such as spyware doctor. But this necessary feature is in our list an will be includd shortly.