Modifiy Interface and Protected COM??

Hi, I’ve just installed an application called CommentHut - I have two questions about when I try and run it:

  1. Comodo Firewall, states that CommentHut is trying to access the Protected COM for Shell.Explorer.2 - what is this about?

  2. CommentHut then tries for ‘modify the user interface’ of every program I have running at the time - including Comodo’s own cpf.exe as well as background programs such as explorer.exe, taskeng.exe and rundll32.exe - is this somewhat unusual?

If I block all of the modification attempts in point 2 - then the CommentHut program will not run.

I’m a bit worried about running this program - so any help is most welcome.

Thanks :slight_smile:


Please…if anyone can help!!

Can you post a download link so I can investigate. (or upload commentHut to your Post.

Thanks OmeletGuy - here is a direct link to the download…

Hi, was you able to find anything out on this?

VirusTotal Says it a clean file and CIMA say its a clean file.

I will try to do a deeper look today. Meanwhile you can submit it to COMODO using this page. :slight_smile:

If its found Malware it will be added to the AV list.

Anubis says its BAD stuff. DONT install it from what i can tell.

When Virus Total and CIMA think it is a clean file then I assume it can be trusted.

Even though the alerts you get may not be totally day to day activities for a program. But that doesn’t necessarily mean it is a malicious application.

Thanks OmeletGuy, I’m not quite sure what this is saying the installation is doing. I installed the program already - so how bad exactly is it? Or is it just a case that it is doing a few naughty things?

Cheers Eric, this is the first program that as caught me off-guard like this. Usually I find it pretty clear cut if a program is malicious or not - this time I just can’t decide. I guess that means it’s best not to use the program. Though it really would be nice to know…

Its Not good, and may destroy a cuple files acroding to Anubis, i would say remove it.

Performs File Modification and Destruction: The executable modifies and destructs files which are not temporary. Performs Registry Activities: The executable reads and modifies register values. It also creates and monitors register keys.

Ok thanks - will do.

Is there any chance I could have had passwords stolen or anything of the like?

No i dont think so. But if you want you could change your passwords.