False Positive?

Just checked my BOC logs and found this

09/17/2007 00:08:32:
Trojan horse was found in memory.
Active trojan horse WAS shut down. System now safe.
Logged in user: Owner

I bet it’s a false positive. But i just wanna be 100% for sure

also i’m running CPF 2.4

does CBOC say the name of the trojan?

where did u download CPF? coz I kno torrent sites also host CPF, who kno wat someone bundled inside CPF?

C:\PROGRAM FILES\COMODO\FIREWALL\CPFUPDAT.EXE i think that is the Trojan? and also i downloaded CPF from Comodo’s site i dont trust Torrents at all.

The file is the updater for the firewall, most likely a false positive though I never got any reaction from BOC myself.

Maybe you should check ‘C:\PROGRAM FILES\COMODO\FIREWALL\CPFUPDAT.EXE’ and ensure it is the correct Comodo file. If you right click the file it should be digitally signed Comodo CA Ltd.

I am sure I had two BOC updates very close together yesterday so maybe the false positive was spotted and fixed quickly so many would not have been affected.


Hi Goose17,

I need two details:

  1. If you could please post contents of dialog box which alerts for trojan.
  2. If you could please tell me exact CPF version you are running, like CPF, or


#1 I’m not exactly sure what you mean by "Contents of dialog box which alerts for trojan) I’m new to BOClean.

#2 CPF IS the version i am running

And Also [at] N.T.T.W I checked the file and it is in fact the CPF updater so it is a legit file. Also i wasnt able to right click on the file

Hi Goose17,
With content i mean when BOClean informs you that it detected a trojan, what it says?
What is the message on the dialog box you get as alert?


Oh, I was away from my comp. when it happend. I never actually say the alert. I just clicked “examine report” to see if it had caught anything on BOC yesterday and found it

Hi Goose17,
Is it possible for you to run updater again and see that BOC catches it?
As we also tried to produce, but can’t see that happening!

Thanks for helping out.

Alright. Tried to update CPF. And BOC did not detect anything

Please let us know details of that message box if it ever occurs again.


Alrighty will do. Thanks for everyone’s time with this issue. And for the fast replies

it seems strange that you never saw a BOC-alert when the file allegedly was flagged… usually, when a file is flagged, BOC will pop up an alert, asking you if you want the file to be deleted…

apparently, the file was not deleted…

'just a comment… i don’t know what to make of it all… however, if BOC is flagging a file that you believe is a false-positive, you can submit the file to comodo so that the false-positive can be addressed… there are instructions for doing that in the this forum’s “FAQ’s”…

The reason i never saw the alert is because my comp was on Stand By and I was sleeping.
Also it happend near 12:08 AM im sure the popup would go away between the 11 hours i was away from the Computer