Author Topic: Avast5 Free Edition detect comodo and window defender process as virus/threat?  (Read 12747 times)

0 Members and 1 Guest are viewing this topic.

zahradnik

  • Guest
Comodo Firewall free on my PC with Win XP SP3 with Avast 5 working fine.

normaluser

  • Guest
Just installed the Avast5 free edition, did a scan and it detect virus/threat in my running process, the 2 process is cmdagent.exe(belong to Comodo CIS) and msmpeng.exe(belong to Window Defender). cmcagent.exe have 2 threat  and msmpeng.exe have 13 threat. Below are the virus name for the process

The 2 threat list for cmdagent.exe
Win32:Adloader-AC
Win32:Delf-DNW

tHE 13 threat list for msmpeng.exe
Win32:Adloader-AC
Win32:Fraudload-P
Win32:Agent-SG
Win32:PC Client-OD
Win32:Baidubar-B
Win32:Small-HZH
Win32:Banker-CDW
Win32:Agent-CWD
Win32:Small-HUF
Win32:Small-gen2
Win32:Zbot-AVH
BV:Autorun-E
JS:Agent-AU

Is my system really infected or is it just false positive? Help needed urgently, Thanks

Hi rafale2000,

I am in the same boat as you having those memory virus threats. Well, I think our systems are not really infected and most probably, they were false positives. I read up some articles on the web saying that all these threats had something to do with Windows Defender (msmpeng.exe). Actually, you can try turning off your Windows Defender first by going to Tools -> Options -> Uncheck Use Windows Defender option, then run your "memory" scan using avast 5. I believe you should not get any more threat alerts.

If you really wanted to test whether the threats were associated with Windows Defender, you can turn it back on just as I did, run the memory scan again and you should get those threats back again.

I hope this helps. By the way, I am using Windows Defender too.

Cheers

buttoni

  • Guest
I turned off the Windows Defender built into Win7 before installing Avast5 Free Ed with built in antispyware.  I've heard it isn't so good to have two AS running realtime, just like two AV's running at the same time can cause problems.  FWIW I also run Comodo CIS (no AV) with Defense+ enabled.  Having no problems whatsoever with new Avast5.  LOVE IT! (even though I hate the color orange LOL)

Thought about turning it back on to see if the two can coexist realtime, but not sure I want to push my luck.

Mikos

  • Guest
I forgot to mention in my previous post. I did disable Windows Defender. No sense in having it if I already have Avast. Besides, in Windows 7 Ultimate, CIS is also reported as an Anti Spyware in the Action Center although I did not install the Antivirus of CIS. I guess this is due to the D+.

MostlyHarmless

  • Guest
I've just updated to Avast! v5.0 from v4.8.
My problem is, having created a Custom Scan (Scan: All harddisks, All removable media, Memory, Auto-start programs (all users), Interactive section, Rootkits (full scan); I've set heuristics sensitivity to high; I've checked the 'ignore virus targeting' box), I'm getting the following warnings of viruses found:

File Name: cmdagent.exe
Severity: High.
Status: Threat: Win32:Agent-KXV [Drp]

File Name: cmdagent.exe
Severity: High.
Status: Threat: Win32:Delf-DNW [Trj]


I've had a problem with Comodo's cmdagent.exe been flagged in previous versions of Avast! (though a couple of virus def updates usually fixes things), so I'm _pretty_ confident these latest results are merely false-positives. They are; aren't they?

P.S. If I turn 'virus targeting' on, I don't get the cmdagent.exe alert.


XP Pro(sp3)/Avast! free v5.0.396/Comodo Firewall (D+) v3.14/SpySweeper v6.1.0.145
« Last Edit: February 09, 2010, 05:33:14 PM by MostlyHarmless »