CIS (v5.10.228257.2253) Anti-Virus BUG

I believe I found a bug in COMODO Internet Security Premium (v5.10.228257.2253). I made a video showing how COMODO fails to remove a malware sample. I figured a video would be the easiest way to show you guys. It is able to remove the malware with the on-access scanner, but the on-demand scanner will fail to remove the sample.

In the Video I used VirtualBox which I know you guys don’t like, so I tried VMware Player with a freshly installed copy of Windows 7 Professional 32-bit and COMODO. The results were the same.

Did I do something wrong or is this in fact a bug? Regardless, I thought I would just mention it to you guys.

Test System Information

NOTICE: Both the Windows XP and Windows 7 virtual machines were up-to-date and had no other processes running besides Microsoft windows processes and CIS.

VirtualBox (v4.1.18 r78361)
Microsoft Windows XP Home Edition (v5.1.2600 Service Pack 3 Build 2600)
(I also used VMware Player with Windows 7 and the results were the same)
COMODO Internet Security Premium (v5.10.228257.2253)


A. The bug/issue

  1. What you did: Did a right click scan on a malware sample
  2. What actually happened or you actually saw: Malware sample failed to be removed
  3. What you expected to happen or see: Malware sample to be removed
  4. How you tried to fix it & what happened: Requested Reboot and still failed
  5. If its a software compatibility problem have you tried the compatibility fixes (link in format)?: N/A
  6. Details & exact version of any software (execpt CIS) involved (with download link unless malware): N/A
  7. Whether you can make the problem happen again, and if so exact steps to make it happen: See Video
  8. Any other information (eg your guess regarding the cause, with reasons): On-access scanner is able to remove malware sample, while on-demand scanner still fails.

B. Files appended. (Please zip unless screenshots).

  1. Screenshots of the Defense plus Active Processes List (Required for all issues): N/A
  2. Screenshots illustrating the bug: See Video
  3. Screenshots of related CIS event logs: N/A
  4. A CIS config report or file: Cloud Scanning enabled, everything else is default
  5. Crash or freeze dump file: N/A
  6. Screenshot of More~About page. Can be used instead of typed product and AV database version. See Video

C. Your set-up

  1. CIS version, AV database version & configuration used: v5.10.228257.2253 (Cloud scanning enable other AV settings are default)
  2. a) Have you updated (without uninstall) from from a previous version of CIS: No
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: N/A
  3. a) Have you imported a config from a previous version of CIS: No
    b) if so, have U tried a standard config (without losing settings - if not please do)?: N/A
  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): No
  5. Defense+, Sandbox, Firewall & AV security levels: D+= Safe Mode, Sandbox=Enabled (Untrusted), Firewall = Enabled, AV = Enabled
  6. OS version, service pack, number of bits, UAC setting, & account type:
    Microsoft Windows XP Home Edition 32-bit (v5.1.2600 Service Pack 3 Build 2600)
  7. Other security and utility software currently installed: None
  8. Other security software previously installed at any time since Windows was last installed: None
  9. Virtual machine used (Please do NOT use Virtual box): VirtualBox (v4.1.18 r78361) and VMware Player

this is a known problem.

I have that problem to. Good news it is only a false positive. But it crashes just like in the video. pls get it fixed so it doesn’t happen if it is an actual virus.

Thanks that’s a very useful bug report. If you wouldn’t mind would you be kind enough to append a screen shot of your active processes list, or say whether your virtual machine was bare-metal (Ie no non-microsoft processes running apart from CIS and the malware).

Then I can transfer to format verified, which would be useful. This bug though known does not yet have a format verified bug report that I can find. Also this means I can add it to the known issues topic, and remind the devs.

Best wishes


PM reminder sent

Sorry for the delay Mouse

The virtual machine was bare metal as you put it. Both Windows XP and Windows 7 were up-to-date and had no other processes running besides Microsoft windows processes and CIS.

I have now stated that in my original post.

Thanks very much for the info.

Forwarding now

Best wishes