After finishing my weekly Comodo AV Beta scan it warned me that MSIB.tmp was a Backdoor Win32 Agent.
The file was located in C:\windows\installer\MSIB.tmp. Comodo AV failed to repair it so I put it in quarantine where it remains at present.
In the meantime I googled it but information on it is sparse and what there is seems to point out that the file is safe. I did a search here but found nothing. Perhaps one of you clever chaps could tell me if this is a false positive and if I should restore it.

Have you got Voyetra\AudioSurgeon 5\asurscsi.exe on your PC. The file may be something to do with this.

Not sure if it is a false positive - from the quarantine section on CAVS you can submit the file to Comodo for testing. You could also try restoring it and uploading to Virus Total to see what they say:


Thanks for the reply N.T.T.W, I have left the file in quarantine and submitted it to Comodo. Hopefully I should hear something soon.

You should periodically try repairing the file in the quarantine section - if it found to be a false positive then this will be included in one of the daily CAVS updates and the file would be returned to its original location by the repair.


Problem solved N.T.T.W.
I also posted this problemsimultaneously in Beeping Computer.com and received a link to http://virusscan.jotti.org/ which I allowed to scan the file and it found nothing. To do this of course I had to release the file from quarantine but am reassured by the results from the Jotti scan that it is indeed a false positive.

Thanks again for your help.

you should rstore this file by removing from qurantine.
this file is used in remote installation like installing chat messangers and program from internet whose codes are not saved on your disk only after completing installation in some cases a partial database for installing is kept in installer cache in windows i.e( %installers%)