Add extended "Adware detection / cleaning" capabilities to CAV / CIS

1. What actually happened or you saw:
Many traditional AV programs :wink: out there are doing quite a “weak job” when it comes to widely spread “adware”. Some companies seem to still regard Adware as more or less “harmless”. So many of us still have to depend on free “special tools” (like AdwCleaner, JRT etc.) to get rid of many unwanted, supposedly (but no more, in their majority) “low-level” nasties.

2. What you wanted to happen or see:
Comodo should integrate a capable, thorough adware scanning / removal tool into CAV / CIS, where the user would at least be able to DECIDE for himself which “Adwares” he might eventually keep (if really so 88)) on his system and which “Adwares” he wants to be erased from it.

3. Why you think it is desirable:
Nowadays there’s a whole bunch of so-called “Adware” being spread that’s often capable of quite more than just “displaying ads” from within a program’s interface (where I’d oftenly rather call such a program “nagware”, i. e. if the “ads” are somewhat related to the company itself (other products, full paid versions etc.). Whilst installing “nagware” should obviously remain a “free option” to any user that I certainly don’t want to “touch” here, many “real adware nasties” nowadays are not really necessary for a program to fully function. Many of them are being installed inside their own folders, leaving their own registry keys, highjacking certain browsers, adding toolbars and the like, downloading further (!) 3rd (!) party nasties (which indeed makes some of them quite comparable to trojans!), don’t offer full uninstall routines etc.

So why do I regard this “desirable”?

Just an example (“fictitious” Comodo forums dialogue I just “made up” from (not so few) real life experiences):

[i]user1: Hi, I’m using CIS* and I’ve got some weird problems (including connection slowdowns, unresponsive system, strange site redirections, nagging popups etc.) obviously related to having “unintentiously” or “by mistake” (i. e. “good belief” ;)) installed an adware I’ve not yet been able to remove using AVthis, AVthat and AVwhatnot. Can you help me please?

user2: Hi, please read here: http://x, http://xx, http://xxx, and you could also try scanning with ToolA, ToolB, ToolC or ToolD, hope this helps.[/i]

Well, such dialogues DO happen. And that’s why I think the above wish is “desirable”. So now you know. :slight_smile:

  • Shouldn’t have happened with CIS users, of course. Yet it does happen, of course. :wink:

4. Any other information:
CAV / CIS should have an option to explicitely and thorougly scan for ANY adware (active or inactive) installed on our beloved machines.
There should, as well, be an option to “untick” any adware a user might eventually (even if rather unlikely) want to keep. (> Similar to the “interactive” list provided by BrightFort’s SpywareBlaster, just for an example).

But what I’d really like to see the most with CIS / CAV: Adware detection / removal capabilities that AT LEAST can finally compete with certain great little “dedicated” free tools like AdwCleaner.

Yes, “THEY can”… :wink: so I guess Comodo should be able to at least “compete” with “THEM” (in a friendly way), right? :a0
I sincerely DO hope the answer won’t be: “No, WE can’t.”

And, well, maybe linking the scan results to an online database (but I guess that’d be too much of a demand?) with further information given on any specific adware (“able to install nasties A, B, C, D etc.”) would also be of help and thus quite a desirable thing? (Just a thought, certainly not the most necessary “aspect” of my wish.)

Thanks for reading.
Kind regards, REBOL. :slight_smile:

Okay, so if I am understanding this correctly, you would like to see an optional setting added to CIS which would scan for these PUP which are certainly not dangerous, but may be annoying. Currently I think Comodo ignores all which are definitely not dangerous.

Am I correctly understanding this wish?


PM reminder sent.

As there has been no response I will move this Wish Request to Rejected.

MorphOS REBOL, if you are able to discuss this further please respond to this Wish Request. I can then move this back to the main Wish board for continued processing.

Thank you.

Hi Chiron, sorry for being late with responding.

Yes, you did (for the most) get a picture of what I exactly meant. :slight_smile:
Yet, I’ve encountered quite some weird installers in the recent past that had some “opt-in” / “opt-out” options (for installing rather dubious, seemingly (at least in parts) “in-the-wild” adware, nagware, even “pseudo-protectionware” (in lack of a better term here…). Needless to say those “opt-in” / “opt-out” options didn’t really work / didn’t tell about ALL things that were to be (additionally) installed during the installation procedure.

In my experience most of those nasties tend to come with so-called “one-time-offers”, “special giveaway versions” etc.
Those nasties seem to be somewhat “custom tailored” to those “special installers”.
Just for an example I will name “” here.
I remember to have at least mentioned one of their quickly vanishing installer links at the blacklisting thread. Just take a look?;msg755294#msg755294

The installer left some hard to find registry traces / temp files / hidden autostarts etc.

Wouldn’t regard such a behaviour “harmless” any longer.

One of those many nasties included in the above installer was “protegere”.

There is no clear “dividing line” between adware and malware any longer, it seems… :frowning:

Kind regards, REBOL.

In other words,
You would like toolbars, cookies, hosts, … removal tools and protection integrated in CIS? So called “immunizers” that protect browsers and system settings (without any addons) ?

Hi qmarius,

well, I was not (yet) talking about “immunizing” functions, but maybe an interesting idea as well. :slight_smile:

ain’t that bad, for example.

I was thinking more of something like “AdwCleaner” and JRT (Junkware Removal Tool) as an integrated search / delete module, though, with even better detection rate, that is. :slight_smile:
People behind “AdwCleaner” are just a small freeware developing team (XPlode), yet their tool has made quite a name on it’s own by now.

CIS should, in my opinion, AT LEAST be able to find / delete what AdwCleaner is capable of, don’t you agree? :wink:

Kind regards, REBOL.

Well, HostsMan is a particular case of immunizer. Don’t know about the others.
It would be nice if Comodo could do something more complex (that will integrate that program, of course).
Another example of such immunizer is Spybot.

Immunization pro-actively prevents malware from attacking your system by blocking access to sites known to contain malicious or unwanted software using a blacklist.

Just give AdwCleaner a try, qmarius. :slight_smile:
You won’t be disappointed, I think.
There’s even the option to “de-select” the removal of any single finding.

Kind regards, REBOL.

And yes, of course, different kinds of “immunization modules” would be a great addition to CIS as well.

Maybe we could add your idea to this wish? :wink:

Kind regards, REBOL. :slight_smile:

It’s the way I see your idea. I just reformulated what you said, to be honest. So it’s your idea. :wink:

Let’s call it “our idea” from now on? :wink:

Cheers, REBOL. :slight_smile:

I would like to investigate this a little more.

First, please let me know if this is also a problem in software whitelisted by Comodo. If it is then we will need to take a different approach.

For those programs which are not whitelisted, but are still a problem, please do the following.
1: Find three software which you believe fit this criteria, but are not currently detected by Comodo.
2: Upload those three software to VirusTotal and post links to the results in your reply.
3: Submit those software for submission and post a link to the new submission topic in your reply.
4: Let’s wait and see if they are added. Once we see how it is handled I believe we will be in a better place to edit this Wish Request.


Not necessarily the point he is trying to prove. There is nothing wrong with the detections.
He is trying to say that CIS should immunize your system system before such threats occur mainly.

Scenario :

  1. User is protected by CIS;
  2. User runs immunization components;
  3. User turns off CIS completely / or uninstalls it;
  4. User runs malicious applications that will try to affect your system by ‘known modifications’ (let’s say , for example, modify hosts file);
  5. ‘known modifications’ are stopped (system is immune).
  6. User enables/re-installs CIS;
  7. User is able to clean (less/all) leftovers/application(s).

Another example for removal capabilities,

Now, for the fun factor, let’s say an application tries to install 100,000 toolbars such as Google toolbar (SHA1:444288ea34ac3805fee96b526c206a38365555e4).
CIS could have removal tools for these toolbars (or options to disallow such installations).

But with the immunization example, why should CIS need to immunize the system for when it is not installed. When installed it will not allow applications which are not trusted to access important areas. Installers in particular would not be allowed to do very much, if anything, while CIS is active unless they are trusted. Thus, a very important part of understanding this is knowing whether these installers are trusted, or not.


In that example, Google Toolbar is a trusted application.

Perhaps I have misunderstood this wish. I thought that this was concentrating on detecting and removing the adware which was somewhat near to the line where malware starts.

Using Google Toolbar as an example, why would a user want to disable Google Toolbar from ever being installed. Sure, many users don’t want it, but there are also many who do. Thus, if it were always blocked, or detected, you would have a very large number of users who would be unhappy and decide that CIS is a very bad program.

Perhaps I am misunderstanding, but just what sort of adware are we talking about for this wish?


Trusted ones that are served as 3rd party from installers. But you do have a point- this might cause legit applications to not function correctly.

MorphOS REBOL, after all of this conversation I think it’s important to reclarify exactly what your thoughts are at this time about this wish. What is your suggestion?