Viruse on Comodo internet security 3.8.64263.468?

Yesterday download and install version 3.8.64263.468. I have installed ver 3.5, but firefox bug make me uninstall. I install ZoneAlarm ver 8 but make slow my pc, and when see new version of Comodo i return to this. My PC work much better than with ZoneAlarm, but found a much bigger problem.

I have avg free installed and today run my weekly virus scanner and found 4 virus on Comodo installled folder:

“C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (1152)”;“Virus found Win32/PEPatch”
“C:\Program Files\COMODO\COMODO Internet Security\Repair\heur.cav”;“Virus found Win32/PEPatch”
“C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\heur.cav”;“Virus encontrado Win32/PEPatch”
“C:\Program Files\COMODO\COMODO Internet Security\scanners\heur.cav”;“Virus encontrado Win32/PEPatch”

I like to know if some one have the same problem or is my machine only?

Hello Zorg, Welcome to the forums :slight_smile:

These are false positives (AVG has wrongly detected CIS as malware), please email AVG about this issue.

Thanks Kyle, I do that.

This is the reply from AVG:

This email is an auto-response message. Please do not reply.

AVG Anti-virus Research Lab has analyzed the file(s) you have sent from your AVG Virus Vault. Below you can find the results for each file. The final verdict on the file is either a correct detection or a false positive detection.

Further information about the verdicts are available at our website:

all files are detected correctly

Best regards,

AVG Technical Support
website: http://www.avg.com

That’s AVG. (:LGH)
Nothing more I can say, It’s a false positive by AVG and their customer support is questionable…

Hello

it’s a false positive. I scan with Avira premium and the file is clean.
AVG :-TD

No problems when scanned with Avast either.

There is a reason I didn’t renew my AVG subscription when it ran out at the start of this month. AVG used to be pretty good, but I steadily watched it go downhill. Sad really… :frowning:

i also have found these with avg but avg has quarantined them will Comodo still work?

The new AVG Data base say not any more virus found, I think work send the mail. I have Comodo Firewall without the files and work, but I suggest you install again because Comodo say that found a new update and when try to install dont work. Sorry if my english is not to god but is not my first language.

no worrys i get the idea of what your saying thank you very much ill do what you suggest

Just thought I would add to the above…

I also got an AVG warning when Comodo Firewall tried to update itself, and AVG said that a threat (Win32/PEPatch)was detected on:
[http//] eu4.download.comodo.com/cis/download/updates/release/x32/scanners/heur.cav
( For some reason AVG left off the http// )
There was also a confusing message saying that the process name was:
C:\Program Files\Comodo\cfpupdat.exe

Anyway, after reading the above post (thanks guys), I e-mailed AVG and sent them a copy of their warning message and asked them to check out the file. I also asked them what I should do to install it. Their reply (in under 12 hours) was:

Dear Sir/Madam,
thank you for your email.
We apologize for any inconvenience.
The suspicion file has been analyzed by our virus laboratory. We can inform you that the detected file is a false alarm. This means that the file is clean and virus-free, but AVG detects it as a virus.
We will release new virus update that will remove the false positive on this application. Then please update your AVG and check your files again. Unfortunately false alarms do appear from time to time in every Anti-Virus software.
Thank you for your kind cooperation and understanding.
Best regards,
AVG Technical Support

They failed to say what I should do to install the file.

Anyway, thanks to you guys above for pointing the way.

Disable AVG and install as usual.

Most installers recommend disabling AV during install as they can cause problems with the install.

Make sure you also disable AVG web-scanning and any other active scanning it does first.

Thanks. I should have thought of that!

Same stupid problem here >:(

I think I updated comodo today or yesterday (auto-updater) and during scheduled scan today AVG reported 4 virus alerts.

“C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (936)”;“Virus found Win32/PEPatch”;“Reboot is required to finish the action”

“C:\Program Files\COMODO\COMODO Internet Security\Repair\heur.cav”;“Virus found Win32/PEPatch”;“Moved to Virus Vault”

“C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\heur.cav”;“Virus found Win32/PEPatch”;“Reboot is required to finish the action”

“C:\Program Files\COMODO\COMODO Internet Security\scanners\heur.cav”;“Virus found Win32/PEPatch”;“Reboot is required to finish the action”

I guess its obvious these are false positives, but I am saddened that AVG didn’t update their virus definitions (as indicated in this thread, the problem exists since a good few days)

So what now?

When I reboot, (and I need to shut down the PC for the night), the 3 remaining files will be deleted, right? And one of them seems to be cmdagent.com, an integral part of the firewall.(?)

I dont see an option to undo these deletions !

so how do I proceed? what are the steps I should do now?

can someone reply?

after reboot 3 of the 4 files quoted above are showing as “moved to virus vault” and this one is still showing:

“C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (936)”;“Virus found Win32/PEPatch”;“Reboot is required to finish the action”

I assume cmdagent.com is an essential part of the Comodo firewall and it’s protected against termination, and that’s why AVG wasn’t succesfull in disabling it?

anyway, is my firewall still 100% working correctly?

how do I proceed? should I reinstall both Comodo and AVG?
But it looks like the false positive problem persists since a good few days, so I’m afraid after reinstallation of both programs, during next scheduled scan, the problem will start from scratch again.

please help me ! :BNC

I think you should open your AVG Anti-Virus screen, then go to the History menu and select virus vault.
Select the relevant file and (if your are really certain) click the restore button below.

Funnily enough, after I turned off AVG so that I could install the latest Comodo update, AVG has not “found” these Comodo files as infected, so they are not in my virus vault.
Weird!

Robqqq
:SMLR

hi, thanks for your advice

im a new AVG user, and wasnt sure how to access Virus Vaults and restore the files

Make sure you update your virus definitions. A few weeks ago, I had the same problem and emailed AVG… they responded confirming it was an error and it was fixed the next day.