After Scan with Comodo Firewall 3 Pro - odd result...

The result of the scan: Trojan.Win32.Patched.m(ID = 0x4d69a) C:\WINDOWS\system32\winlogon.exe

I cant delete this - without it i cant log in and my windows is uselsess.
Is winlogon truely a Trojan or may this be a false alert ? I scanned my system with avg and anti vir - no results. They found nothing. I will try other scanners. Maybe somebody can help me here ?

Thanks for your help and sorry for my bad english. Its not my native language.

If it’s in the System 32 folder, it should be legal (at least I think so).

If you don’t think so, take a look here


You can check if it is a legit file using sigverif. If it is a MS file sigverif will no list it. al MS files should be signed.

Using SIGVERIF to Identify Unsigned System and Driver Files

If it is a legit file incorrectly detected as trojan please submiti it to comodo as a False Positive.

Reporting False Positives/Suspicious Files & Submitting them to the lab