Question about detailed alert.

Date/Time :2006-06-27 01:02:21
Severity :High
Reporter :Application Behavior Analysis
Description: Suspicious Behaviour (CLPConfig.exe)
Application: C:\Program Files\Comodo\LaunchPad\CLPConfig.exe
Parent: C:\Program Files\Comodo\LaunchPad\CLPTray.exe
Protocol: UDP InRemote:
Details: C:\Program Files\Spyware Doctor\swdoctor.exe modified the memory of the Parent application C:\Program Files\Comodo\LaunchPad\CLPTray.exe in memory.

I get lots of these with Spyware Doctor and it ‘always’ modifies the memory of the ‘Parent application’ - whether it’s Explorer.exe, Services.exe etc. Is it just Spyware Doctor doing it’s job? And would it be safe to “Skip advanced security checks” for swdoctor.exe in Comodo firewall? It pops up and asks me all the time and I’d like to eliminate the popup if possible.

Comments are appreciated - thanks.

Hi Mike,

It seems Spyware doctor hooks all other applications to do its job. Skipping advanced checks will not help in this case because it means do not check for leaks on Spyware doctor(not skip the leaks that are caused by spyware doctor).

What you can do is to unheck "Security->Advanced->Monitor parent application leaks option to see if number of popups decreases.

In current version of CPF, there is no way to approve all activities of an application such as spyware doctor. But this necessary feature is in our list an will be includd shortly.

Hope this helps,


Thanks for your reply Egemen. I’m a long time user of Zone Alarm and I’m still in the learning stages of CPF.

Thanks Again,

Sure. Feel free to ask anything in this forum.

Good luck,