What's up with the cheap tactic by Comodo?

I just downloaded the Comodo System Utilities program, and after playing around with it for a few moments, I am now completely turned off by Comodo and will never use any Comodo products ever again.

When I run the Autorun Manager module of the program, under Services, it says that the malware status of Malwarebytes and SUPERAntiSpyware is unknown!

It’s so obvious what Comodo is attempting to do. Come on! Out of the dozens of services that I have running, the only two that the program is calling into question are the services of two of Comodo’s competitors?! That’s one of the cheapest tactics that I’ve ever seen. Comodo knows full well that there’s nothing wrong with either of those two programs, so Comodo System Utilities should be showing them in green (clean), not as unknowns. It’s nothing but an attempt by Comodo to make people doubt the products of their competitors, and it’s pathetic.

Well my version 4.0226743.26 shows Comodo Internet Security as “Unknown” so not sure I share your sentiments

Would be much better if we could get some action on the product as the whole forum site for this particular product has gone very quiet … Program Manager too

I’d like to know all the requirements a comodo has to pass before becoming a stable release. I know a lot of testing is involved but I’d still like to know because it seems like comodo is missing something in the testing and requirements for products to become stable some times. if we knew then we could suggest more requirements and procedures for products to pass to become stable. yeah it would slow development but the products may become better if some suggestions are implemented

This has nothing to do with the fact that they are competitors. All it means is that Malwarebytes and SuperAntiSpyware have updated since the last time they were whitelisted by hash. I’m sure they are trusted through the trusted files list in Comodo Internet Security. Thus, if you ran Comodo Internet Security they would be trusted anyway.

If you would like them to be trusted by hash, which is what CSU does, you should submit them in this topic.

Thank you.


Thanks for dropping in and addressing this issue. It’s always nice to see a concern addressed by a moderator. That being said, I do have some issues with your response, though.

This has nothing to do with the fact that they are competitors. All it means is that Malwarebytes and SUPERAntiSpyware have updated since the last time they were whitelisted by hash.”

I have no idea how Comodo goes about creating their whitelists, and I have no idea what you meant by saying, “by hash,” but regardless, Malwarebytes and SUPERAntiSpyware are two extremely popular programs, especially Malwarebytes. Malwarebytes has millions of users, and it’s unfathomable to me that the developers in charge of Comodo System Utilities would not be able to keep the whitelist current for such an extremely popular program.

I have scores of services running on my computer, many of them very obscure, yet Comodo System Utilities is able to list them all as being clean, but strangely, it plays completely dumb when it comes to a very well respected program that’s used by millions (i.e., Malwarebytes). If the developers have the data to list all of my obscure services as clean, then they certainly should have the data for one of the most popular programs around. So, no disrespect to you personally, but your explanation offered in defense of Comodo simply doesn’t make sense to me. It’s a very weak excuse.

And furthermore, it gets worse: In my earlier post I reported that when I run the Autorun Manager module of the program, under Services, it says that the malware status of Malwarebytes and SUPERAntiSpyware is unknown, but I just played around with the program some more, and this time, I discovered that when I run the Autorun Manager, under Startup, it’s actually showing SUPERAntiSpyware as being infected! This is totally unacceptable.

I don’t know if there’s any truth to the suspicions that I have about Comodo doing this on purpose to make people have doubts about some of their competitor’s products, but if that isn’t true, then the only other explanation is that the developers are asleep at the wheel. Either way, the situation isn’t good, and it makes Comodo look very bad.

If you would like them to be trusted by hash, which is what CSU does, you should submit them in this topic.”


Hmm, I’m not really sure why that would be my job to do so. The Comodo developers get paid to make sure the programs work right, do they not? They should already be on this, not me.

Edit: removed unnecessary bold in your post. It is considered shouting and therefor considered as rude. Eric

Okay, it’s a little more complicated than I made it sound in my reply.

Part of the issue is that the whitelisting of applications is really meant mainly to increase the usability of Comodo Internet Security (CIS). It’s just that Comodo System Utilities (CSU) uses the same whitelist.

Thus, the way CIS works is that there are two ways an application can be flagged as trusted by Comodo. One is if it has been whitelisted by hash. This means that the individual file itself is verified to be safe. The other way is through the trusted vendors list (TVL). What this does is if any file is digitally signed by a vendor which has been verified to be trusted by Comodo, those files will be signed. Also, to make matters even more confusing, any file which is trusted, either by hash or via the TVL, will not be scanned by Comodo AV. The reason files aren’t added to both is that Comodo is constantly getting tens of thousands of new files submitted to them via the program. Thus, they have to prioritize. I believe their general approach is that if a file is trusted via the TVL they will not look at the individual files because they are a much lower priority than all the other files still waiting to be analyzed.

The problem is that CSU does not use the TVL. It only uses the hash whitelist. Thus, since Malwarebytes and SuperAntiSpyware were trusted via the TVL, at least for CIS, they will likely not be automatically analyzed to be added to the whitelist via hash. That is the reason that CSU does not show them as trusted. Thus, the way to get them added to the whitelist via hash is to report them in that topic I mentioned above. This way the devs can add the hash to the whitelist. I hope that explains well enough why those two well-known files would be flagged as unknown by CSU. It has nothing to do with the fact that they are competing vendors. If you run them on a computer with CIS you should see that they are allowed access to the computer.

As for CSU flagging it as dangerous. That is a false positive. Please report it via this form. False positive detections happen to all security companies. Likely the reason it has not been fixed yet is that because that file is trusted via the TVL it would not be flagged as dangerous by CIS. Thus, that probably explains why it has not been corrected yet, as it is not detected as dangerous by those running CIS.

I have tried to explain the situation to the best of my ability. If something is still unclear please ask and I will try to explain more clearly. That said, I can guarantee you that there is not conspiracy.

Thank you.

why doesn’t Cai use both list instead of just hash like cis

Norton does the same with my other security products. So what? It happens. It could be another thing as well apart from the “hash” that you don’t run legitimate licensed program but a hacked one instead. Just saying…

Please add that to the wishlist for CSU.

Even though they are two Very popular products. Comodo may not find out about new versions for a day or two.

Greetings all!

Just to add some points to this thread
I will live aside discussion(s) about specifics re: Comodo products (CSU/CIS), since there are quite a few and such users as Chiron, wasgij6 & others constantly contributing to that … just read “wish list” section alone

It seems to me that the original poster does not have enough experience (yet…) using different security packages.

What I mean is:
How many times you have seen different security false positively flagging some components of another one? Sure you will come up with dozens if not much more cases in the past
Are all of those FPs can be considered as “cheap tactics”? Sure not!
All are solved solved within 24-48 hours after reporting

As a matter of fact have a look at some recent ones

Malwarebytes Pro Flagging PC Tools Firewall Plus as a TROJAN ! - Malwarebytes Forum
Wow! ???
Hahhehe! :smiley: So, Johnny Sokko, what is your reaction concerning Malwerbytes?
(As I said, there are hundreds of similar cases happening for many years)

Oh! :o here is another one
Keeping or deleting Malwarebytes, Zemana anti-longer & SUPERAntiSpyware? - Kaspersky Lab Forum

Are you surprized again? Would you send angry posts all in bold (which is just irritating and not acceptable style) to the above forums?

Then, how many times in the past we/you have seen security Software flagging its own components as being malicious? Haven’t seen that yet as well … just wait :slight_smile: Yeah!
What would be their goal in such cases, please tell us

Cheers all!

nice lol

I don’t use it csu yet. if I ever do I may but I was just asking why. not saying I wanted it. so does anyone know why? if not It’s cool just curious.