Author Topic: Windows defender false positive  (Read 6284 times)

0 Members and 1 Guest are viewing this topic.

raylec

  • Guest
Windows defender false positive
« on: March 24, 2010, 06:56:46 PM »
Hi

Have just installed Windows defender on my own PC and each of my two daughter's.

One is an old PC with some virus infections in the past; the others are almost brand new Windows XP installs.

All 3 (machines  are flagged up by Avast (5.0462) with just one file (msmpeng.exe), a Windows Defender process,  as having 5 infections  (with 5 different viruses) in memory. The Windows Defender folder is identified as not affected.   

A scan with malwarebytes indicates no infection in memory.   

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11828
    • AVAST Software
Re: Windows defender false positive
« Reply #1 on: March 24, 2010, 08:10:27 PM »
Decrypted virus database in Defender's memory...

Offline Asyn

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 76041
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Windows defender false positive
« Reply #2 on: March 24, 2010, 11:25:45 PM »
Have just installed Windows defender on my own PC and each of my two daughter's.

i would drop windows defender!!!
u don't need it, if u run avast. there should be only one! resident scanner...
greetz 2 ur daughters... :D
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

raylec

  • Guest
Re: Windows defender false positive
« Reply #3 on: March 25, 2010, 01:04:09 AM »
Thanks for replies.

Decrypted virus database in Defender's memory...

I suspected this might be the case. Just thought it would be useful for Avast to automatically whitelist this Defender process to avoid 'scaring' users.

As to use of Defender ...
Windows Defender is anti spyware (not anti-virus) .... my research suggests that a lot of people recommend using a realtime anti-spyware product along with anti-virus to act  a second line of defence. Am I wrong?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37242
  • Not a avast user
Re: Windows defender false positive
« Reply #4 on: March 25, 2010, 01:07:21 AM »
Quote
Windows Defender is anti spyware (not anti-virus) .... my research suggests that a lot of people recommend using a realtime anti-spyware product along with anti-virus to act  a second line of defence. Am I wrong?
No, i am using Malwarebytes PRO. a one time fee for a liftime license www.malwarebytes.org

Offline Asyn

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 76041
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Windows defender false positive
« Reply #5 on: March 25, 2010, 02:26:36 AM »
As to use of Defender ...
Windows Defender is anti spyware (not anti-virus) .... my research suggests that a lot of people recommend using a realtime anti-spyware product along with anti-virus to act  a second line of defence. Am I wrong?

most av have already spyware-definitions on board. (or r u talking bout malware?)
definitly u can use, whatever u want... just want 2 add that defender has one of the lowest!! dedection rates in different av/mw test. furthermore it tends 2 load its signatures into memory, wich often conflicts with other sec-progs, like eg. avast or slows ur system. but it's up to you... :)
i, for myself, would never use 2 resident scanners, as the danger of interfering each other is much too high, even malwarebytes antimalware had troubles with avast at start of 5.0. i only use antimalware on demand. but again, it's up to you.
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Draco86

  • Guest
Re: Windows defender false positive
« Reply #6 on: March 25, 2010, 04:05:32 AM »
I run microsoft security essentials, which makes windows defender do more than just sit there. Basicly like a free version of onecare with no lag. when running Avast screen saver with memory check it always red flags windows defender/microsoft security essentials (microsoft security essentials disables Windows defender) I get used to it.
reason I keep both is because its fun to see which one sends an alarm first of problems, although its hell to remove a virus when both are fighting to remove it, but I feel safe