Comodo Detects Some ClamWin Updates And Temporary Scan Files As Malware

goodjohn1984 · September 4, 2010, 5:42pm

The last few times that I have tried to test ClamWin’s on demand scanner, Comodo (Version 4s and Version 5 beta), sometimes detect some of the ClamWin update files and/or temporary scan files (which are made temporarily during scans during the unpacking of some files probably, or something like that); when I last used Avast, it would do that sometimes as well.

My computer is scanned weekly by Comodo, Malwarebytes, and Hitman Pro; and according to them my system is clean.

Each time I have downloaded ClamWin from the official website:

http://www.clamwin.com/

I use ClearCloud DNS and Comodo Internet Security Premium is my only resident security program (antivirus, firewall (Windows Firewall is off), Sandbox, HIPS).

This has happened in Windows Vista and Windows 7, I am using the default Comodo Configuration (Internet Security).

I did a complete scan with ClamWin and Comodo quarantined 10 of its temporary files during the scan, all in this folder:

C:\Users\John\AppData\Local\Temp

Even though I have an administrator account, I can not access the Comodo quarantine folder to upload the files here, so I will try to restore them and compress them to .ZIP; if Comodo will let me, and I will upload the scan log.

Anyway, I am just wondering why Comodo & maybe Avast seem to conflict with the ClamWin on demand scanner, and what can be done to fix this conflict?

[attachment deleted by admin]

meidan · September 4, 2010, 6:15pm

goodjohn1984 post:1:

The last few times that I have tried to test ClamWin’s on demand scanner, Comodo (Version 4s and Version 5 beta), sometimes detect some of the ClamWin update files and/or temporary scan files (which are made temporarily during scans during the unpacking of some files probably, or something like that); when I last used Avast, it would do that sometimes as well.
My computer is scanned weekly by Comodo, Malwarebytes, and Hitman Pro; and according to them my system is clean.
Each time I have downloaded ClamWin from the official website:
http://www.clamwin.com/
I use ClearCloud DNS and Comodo Internet Security Premium is my only resident security program (antivirus, firewall (Windows Firewall is off), Sandbox, HIPS).
This has happened in Windows Vista and Windows 7, I am using the default Comodo Configuration (Internet Security).
I did a complete scan with ClamWin and Comodo quarantined 10 of its temporary files during the scan, all in this folder:
C:\Users\John\AppData\Local\Temp
Even though I have an administrator account, I can not access the Comodo quarantine folder to upload the files here, so I will try to restore them and compress them to .ZIP; if Comodo will let me, and I will upload the scan log.
Anyway, I am just wondering why Comodo & maybe Avast seem to conflict with the ClamWin on demand scanner, and what can be done to fix this conflict?

Hi goodjohn1984,

I am sorry we have no in depth knowledge of clamav engine, but looks like during scan process clamav temporary generates partial pe executable files what detected by CAV engine as packed by unknown, probably malware packer - we will investigate this problem to avoid similar issues in future.
For this particular case please submit all possible false detected files using Webinterface.
Thanks.

Kind Regards.
Erik M.

goodjohn1984 · September 4, 2010, 6:18pm

Thank you, I will try to do that.