I'm not sure what's going on. Out of the blue, a boot-time scan tells me I've caught an
INF:AutoRun-W [Wrm] infection from a Gizmo/WindowsSecrets.com newsletter email. This I find very odd, because a) I trust this source, and b) wouldn't avast! and/or Spy Sweeper have flagged it when I originally opened the mail?
Straight after that, my custom scan tells me that a
Process [cmdagent.exe], memory block, is infected with
Win32:FakeVimes-B [Trj]. Ditto my next 4 custom scans (see attached image).
I've had this Comodo firewall 'cmdagent.exe process' problem before, so I know (through this forum) that I shouldn't worry too much about this:
"In general, any security application can load some signatures (fragments of malicious code used to detect the real threats) into memory - they are located in data segments (instead of executable code)." "...scan results are not the files, but the virus is detected in memory allocated to cmdagent.exe process..." After a few days avast! updates the engine and/or relevant virus definitions and the problem disappears.
...It's been four days now. I can't be the *only* user who has noticed this?
P.S. My custom scan has EVERYTHING turned on and scan sensitivity set to 11.
EDIT:Coincidence? I've just discovered from
http://www.avast.com/virus-update-history that:
Win32:FakeVimes-B [Trj] was part of the 8.10.2010 - 101008-0 virus definition updates and
INF:AutoRun-W [Wrm] was introduced in the 8.10.2010 - 101008-1 virus definition updates.
My avast! started flaging these on the first scans I did *after* this date.