After updating CIS it began identifying programs it has never had trouble with in the past as containing the TrojWare.Win32.Black.a[at]0 virus. So far it has identified WinRAR.exe, Spywareblaster.exe, SpybotSD.exe, update.exe (in Spybot Search & Destroy directory), and PDFZilla.exe as such.
Hi 7Leagues,
If you can find the FP file,you can submit through this link:Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year we can go to have a look at it.
Thanks and Regards,
hailong.■■■■
There would not be any point. On restart this morning CIS has identified every single Windows component as being this virus. Additionally, every program I launched last night got the same treatment from CIS. You have definitely introduced a bug into the program.
For the moment, I am able to run my computer by adding every single file that CIS identifies as a virus to the exclusions list. While that may allow me to continue working, it is not the ideal solution because should any of those files get infected by a real virus one day…
Hi 7Leagues,
Sorry for the inconvenience.Pls just stop the Real Time Monitoring of CIS,and restore the FP files,zipped and upload it to the forum or through this link:Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year that we can check it out and will get back to you after investigation.
Thanks and Regards,
hailong.■■■■
How can I restore them when they were never quarantined? If I had done that the computer would have failed to run. I added all the files to my exclusions.
Hi 7Leagues,
Can u apply the download link of the software,which was detected by CIS.So that we can take a look at it.
Thanks and Regards,
hailong.■■■■
It identifies every single .dll, .ocx, and .exe file on my machine as being this Trojan.
I cannot provide download links to all of them but if you can tell me where the anti-virus exclusion list is stored on my machine, I can then copy its contents and paste them here together with a few download links. I’m using Vista Ultimate SP1 by the way.
Something that really worries me is that I seem to be the only person reporting this issue which would mean it can’t be a bug or everyone would have been affected by it.
Hi 7Leagues,
Can I know which version of CIS u are using?and u can zipped one sample and uploaded it to the forum,we will take a look at it.
Thanks and Regards
hailong.■■■■
CIS v3.11.108364.552
Virus sig DB: 2179
I have submitted several files identified by CIS as being infected by TrojWare.Win32.Black.a@0 using Comodo’s “Submit Suspicious Files” option within the Miscellaneous section. Will that do or do you still need me to submit them in a zip archive to Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year ?
Hello 7Leagues,
If you can, it would be better if you would submit the files to Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year or attach them to your forum post.
Thank you.
Regards,
Sonia Botezatu
Earlier today I did submit them using the URL you supplied but in case you did not receive them, I will attach one to this post now.
[attachment deleted by admin]
Hello,
Thank you for your submission. We will check it and get back to you after analysis.
Regards,
Sonia Botezatu
Hello,
We have analyzed the submitted files. They are not malware.
The files are not getting detected in virus signature DB 2185, so they are not false positives either.
Thank you.
Sonia Botezatu.
So how do I get around this problem of CIS identifying every single .exe, .ocx, and .dll file as being that trojan?
Should I uninstall it and then reinstall?
Hello,
I think it is a good idea to try to reinstall CIS. Please let us know if it all goes well.
Regards,
Sonia Botezatu.
Hi Sonia,
I reinstalled CIS using the latest setup file downloaded from the Comodo site and the problem seems to be solved now. I note that v3.11 is over 30 MB smaller than v3.10. This tends to suggest that auto-updating to v3.11 results in an overly large installation leading to potential complications.