Comodo 5.4 189822 1355 installed but Avira detects 3 viruses in comodo tmp file

I run Avira 10.0 .0.648 and also CIS 5.4 189822 1355 as firewall.

On boot up Avira detects
Virus or unwanted program ‘TR/Crypt.CFI.Gen [trojan]’
detected in file 'D:\Program Files\Comodo\COMODO\COMODO Internet Security\Quarantine\Temp\CAV617.tmp.
Action performed: Allow access

Also
TR/Patched Gen2 found in CAV76o.tmp in above folder.
Avira has to remove these at every boot/ scan. Pl advise. RSN

Hi rsathyanarain , welcome to the forum

Please provide more info about your System Environment:
OS ; SP; platform; additional security with real-time being active … etc.

… but in any case - contact Avira developers & send them info about what was flagged - there is no other way

I’m running the latest Avira on win7 x64 as on-demand scanner / EAM as main AV & Behaviour Blocker -

There are no Alerts whatsoever by Avira

Sure, it can be due to:

  • you are running
    … CIS 5.4 189822 1355 as firewall…
  • and I am running just pure Comodo Firewall - the latest v3 & no other Comodo Software

So please contact Avira - submit flagged item(s) as per their rules

My regards

p.s. In addition to the above

Please disable any auto-quarantine/ auto-delete when using any security - that’s dangerous
Go through the settings (Avira in your case) and leave “notify only”!

I got exactly the same problem, just with even more than 3 virus and trojan warnings. Some examples for reported files:
C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp\CAV2B3A.tmp
C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp\CAV22DE.tmp
C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp\CAV1C56.tmp
C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp\CAV7BCC.tmp
C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp\CAV71CB.tmp
and many more.
And this seems to be not just an Avira problem. Comodo tells me in its Quarantine window that there ARE NO QUARANTINED ITEMS (the window is totally empty). So how can all these files above exist in the first place? Why are there that many files in a quarantine folder, if there are no quarantined items?? ???

This is really worrying me. If Comodo is not aware of these items, I can’t be sure they are properly quarantined. And they seem to be dangerous according to Avira AntiVir. Just telling AntiVir to ignore them is not a good solution here, in my opinion.

Some information about the software:

  • COMODO Internet Security Premium 5.4.189822.1355
  • Avira AntiVir Personal 10.0.0.648
  • Additional Security: Windows-Firewall, Windows Defender
  • System: Windows Vista Home Premium (SP1)

(Sorry if I wrote something stupid, I’m not that good with software… :()

Even when you don’t have the AV installed the cloud look up will notify you when a virus was found. May be that’s how these files got there.

Why are there that many files in a quarantine folder, if there are no quarantined items?? ???
With default setting you can not access the quarantine folder using Windows Explorer. Did you change the user rights for that folder? If you didn't then you are simply stuck at access being denied and you would not see what is in the folder.
This is really worrying me. If Comodo is not aware of these items, I can't be sure they are properly quarantined. And they seem to be dangerous according to Avira AntiVir. Just telling AntiVir to ignore them is not a good solution here, in my opinion.
The files are in a folder that the user cannot enter normally and therefor cannot execute those viruses. These files are just sitting on your hard drive and appear not to be running in memory and are therefor not a problem. Some of our users have thousands of malwares just sitting on their hard drive not doing anything.
Some information about the software: - COMODO Internet Security Premium 5.4.189822.1355 - Avira AntiVir Personal 10.0.0.648 - Additional Security: Windows-Firewall, Windows Defender - System: Windows Vista Home Premium (SP1)

(Sorry if I wrote something stupid, I’m not that good with software… :()

Two firewalls is not recommended as they may adversely influence one another. Comodo Firewall with D+ is superior to Windows Firewall together with Defender. Please disable Windows Firewall and consider disabling Defender too.

Also update to Service Pack 2 of Vista. Support ends July 11 2011. After that date you will get no more security updates for Vista SP1.

Thanks for the fast reply. However:

I know I can’t access the quarantine folder by windows explorer. But even Comodo itself tells me there are no quarantined items. The quarantined items list of Comodo is empty.
(The function I used in the German version of Comodo was “Objekte in Quarantäne”, I guess in English it’s something like “Items in quarantine”).
Therefore I wonder how it’s possible that there are so many items in the folder.

Thank you for the other recommendations. I’m aware of the SP2, but I’ve got problems updating it and all suggested solutions fail. But that’s a problem that probably doesn’t belong here, whatever is preventing the installation was still preventing it even after I disabled Comodo. (Afterwards I enabled it again, of course.)

If you do a take ownerhsip procedure for that folder you can take a look inside. But still CIS would not allow you to delete those files as it will protect its installation folders. Other program cannot touch unless they use a driver.

This is the second report I see about files in the Quarantine folder where it is empty. I am not sure how to explain but since it is a heavily protected folder I am not worried about it.

Try Unlocker to erase them. It may need a reboot to delete those files

Thank you for the other recommendations. I'm aware of the SP2, but I've got problems updating it and all suggested solutions fail. But that's a problem that probably doesn't belong here, whatever is preventing the installation was still preventing it even after I disabled Comodo. (Afterwards I enabled it again, of course.)
Please the [url=http://support.microsoft.com/kb/947821]System Update Readiness Tool[/url]. This may help to tackle problems with your intsallation of Windows that could stall the SP2 update.

Let it run and check the log. It may take a while before it is done. On my Quad core AMD Phenom II system it tool over 20 minutes.

I had this problem here too! :cry:

Try to uninstall both programs, restart your computer, get the new version of the programs, first install Comodo and later Avira.

Here it worked and stoped to show these warnings. ;D