Installation - scan status


I am in the process of re-installing Comodo on Win-XP sp2. While previously I had Comodo Firewall installed running with my Symantic Antivirus, I ran into a system error where Windows was not recognising that I had a firewall running, so I uninstalled Comodo Firewall and am installing Comodo CIS with the intention of disabling the anti-virus once installed.

Comodo has just scanned my system as part of the install process and came up with 3 status results. Could you please advise me whether they are actually bad, or something else entirely? (Note: I had run several spiware checks in the past few days without any results, including Spybot - Search & Destroy, Lavasoft Ad-Aware SE Personal, SUPERAntispiware, and MalwareByte’s Anti-Malware). The three listings are:

  • Trojan.Win32.Patched.m(ID = 0x517d0) —> C:\WINDOWS$hf_mig$\KB840987\SP1QFE\winlogon.exe
  • Trojan.Win32.Patched.m(ID = 0x517d0) —> C:\WINDOWS$hf_mig$\KB841533\SP1QFE\winlogon.exe
  • Backdoor.Win32.Agent.~EWC(ID = 0x67551) —> C:\WINDOWS\twain_32\SiPix\SCBLINK2\srvany.exe

Your advice would be most appreciated as I am not well versed in this technical coding, though I recognise windows service pack 1 and SiPix webcam.


Did you post this before? I recall having reacted to a very similar question.

Please consider updating your Windows to SP 3.


You are correct. I did realise after posting this last that in August, I ran into a similar problem with “Backdoor.Win32.Hupigon.~DL(ID = 0x67551) —> C:\WINDOWS\twain_32\SiPix\SCBLINK2\srvany.exe”, and Vettetech suggested at the time that it might be a false positive if none of my other scanners had picked it up. I had forgotten that I had asked this before as have been having many problems with the computer (hence why re-installed many items, including Comodo and Windows - comp crashed predictably every 24 hours, since installing SP3).

Thanks for your patience.


I would think it would be a false positive. When you Windows runs stable and you don’t think you will uninstall updates you can safely delete those folders to gain space. You can also delete the $NtServicePackUninstall$ folder when you are not gonna uninstall the latest service pack: Microsoft Support .

Hallo yeboyerp,

please consider to compress those files and send them to the AV labs as false positives.
This will resolve the issue and will help a lot of users.


Reporting False Positives/Suspicious Files & Submitting them to the lab