Author Topic: Windows defender false positive (Read 6523 times)

raylec · « **on:** March 24, 2010, 06:56:46 PM »

Hi

Have just installed Windows defender on my own PC and each of my two daughter's.

One is an old PC with some virus infections in the past; the others are almost brand new Windows XP installs.

All 3 (machines are flagged up by Avast (5.0462) with just one file (msmpeng.exe), a Windows Defender process, as having 5 infections (with 5 different viruses) in memory. The Windows Defender folder is identified as not affected.

A scan with malwarebytes indicates no infection in memory.

igor · « **Reply #1 on:** March 24, 2010, 08:10:27 PM »

Decrypted virus database in Defender's memory...

Asyn · « **Reply #2 on:** March 24, 2010, 11:25:45 PM »

Quote from: raylec on March 24, 2010, 06:56:46 PM

Have just installed Windows defender on my own PC and each of my two daughter's.

i would drop windows defender!!!
u don't need it, if u run avast. there should be only one! resident scanner...
greetz 2 ur daughters...

asyn

raylec · « **Reply #3 on:** March 25, 2010, 01:04:09 AM »

Thanks for replies.

Quote from: igor on March 24, 2010, 08:10:27 PM

Decrypted virus database in Defender's memory...

I suspected this might be the case. Just thought it would be useful for Avast to automatically whitelist this Defender process to avoid 'scaring' users.

As to use of Defender ...
Windows Defender is anti spyware (not anti-virus) .... my research suggests that a lot of people recommend using a realtime anti-spyware product along with anti-virus to act a second line of defence. Am I wrong?

Pondus · « **Reply #4 on:** March 25, 2010, 01:07:21 AM »

Quote

Windows Defender is anti spyware (not anti-virus) .... my research suggests that a lot of people recommend using a realtime anti-spyware product along with anti-virus to act a second line of defence. Am I wrong?

No, i am using Malwarebytes PRO. a one time fee for a liftime license www.malwarebytes.org

Asyn · « **Reply #5 on:** March 25, 2010, 02:26:36 AM »

Quote from: raylec on March 25, 2010, 01:04:09 AM

As to use of Defender ...
Windows Defender is anti spyware (not anti-virus) .... my research suggests that a lot of people recommend using a realtime anti-spyware product along with anti-virus to act a second line of defence. Am I wrong?

most av have already spyware-definitions on board. (or r u talking bout malware?)
definitly u can use, whatever u want... just want 2 add that defender has one of the lowest!! dedection rates in different av/mw test. furthermore it tends 2 load its signatures into memory, wich often conflicts with other sec-progs, like eg. avast or slows ur system. but it's up to you...

i, for myself, would never use 2 resident scanners, as the danger of interfering each other is much too high, even malwarebytes antimalware had troubles with avast at start of 5.0. i only use antimalware on demand. but again, it's up to you.
asyn

Draco86 · « **Reply #6 on:** March 25, 2010, 04:05:32 AM »

I run microsoft security essentials, which makes windows defender do more than just sit there. Basicly like a free version of onecare with no lag. when running Avast screen saver with memory check it always red flags windows defender/microsoft security essentials (microsoft security essentials disables Windows defender) I get used to it.
reason I keep both is because its fun to see which one sends an alarm first of problems, although its hell to remove a virus when both are fighting to remove it, but I feel safe

Author Topic: Windows defender false positive (Read 6523 times)

raylec

Windows defender false positive

igor

Re: Windows defender false positive

Asyn

Re: Windows defender false positive

raylec

Re: Windows defender false positive

Pondus

Re: Windows defender false positive

Asyn

Re: Windows defender false positive

Draco86

Re: Windows defender false positive