Did Comodo Install a Rootkit on my Computer?

Hi All,

Yesterday I upgraded from version 2 to version 3.0. Version 2 worked fine for me in the past and never gave any problems.

I am also running Counterspy Version 2

I ran a Counterspy full scan after installing Comodo Firewall 3.0, and Counterspy identified the following two files installed by Comodo as highly dangerous rootkits.

C:\Documents and Settings\All Users\Application Data\Comodo\common\DB\DDB\DLL\138_d.sld
C:\Documents and Settings\All Users\Application Data\Comodo\common\DB\DDB\DLL\509_d.sld

Counterspy labeled these as the “Hacktool.Rootkit”

These files were installed by Comodo 3.0.

Are they dangerous rootkits? Should I remove them?

Thanks for the help.


Hello hboffshore

These are files for the Comodo database. Don’t remove them. It is a false positive and should be reported to Counterspy.


Hi to you

I got the same problem, here’s my workaround
I deleted those 2 files and lowered the +Defense from Clean PC to Training Mode

I hope it can help someone

(B) (V)

More than one program is hitting false positives on those, because they’re encrypted. If you delete them CFP will still work but your Comodo safelist will decrease.

The 11. commandment :
Thou shall not post virus-“warnings” and thereby create unneeded internet-paranoia
before you have sought a second opinion @ :

prevx csi also detect a file from v3(install folder) as suspicious.but before v3 i had threat fire and it also mentioned it as suspicious (after an upgrade).However i rely on prevx (even more than my av),so if u could report to them.