Author Topic: why avast detects the process of comodo firewall as virus?  (Read 9834 times)

0 Members and 1 Guest are viewing this topic.

Offline hrthrtht

  • Newbie
  • *
  • Posts: 2
why avast detects the process of comodo firewall as virus?
« on: August 10, 2011, 10:25:36 AM »
i found that avast has detected (cmdagent.exe)the process of comodo firewall as virus(win32:fakevimes-b[trj]) for a few months?what's wroung with avast?why this false positive still hasn't been fixed?anybody has a reply for that?

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11809
    • AVAST Software
Re: why avast detects the process of comodo firewall as virus?
« Reply #1 on: August 10, 2011, 10:36:10 AM »
Because avast! is detecting uncrypted virus signatures in Comodo's memory. So it's not really a false positive, but more a conflict of two antiviruses.

Offline hrthrtht

  • Newbie
  • *
  • Posts: 2
Re: why avast detects the process of comodo firewall as virus?
« Reply #2 on: August 10, 2011, 10:51:25 AM »
but how should we solve this problem????

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11809
    • AVAST Software
Re: why avast detects the process of comodo firewall as virus?
« Reply #3 on: August 10, 2011, 10:56:16 AM »
I'd say either ignore the results from the mentioned process, or don't use the memory scan... that's about it, I'm afraid.

Offline Hellion

  • Full Member
  • ***
  • Posts: 138
  • Success is commemorated; Failure merely remembered
Re: why avast detects the process of comodo firewall as virus?
« Reply #4 on: August 10, 2011, 11:01:20 AM »

Hi,

I use avast free in conjunction with Comodo firewall (without Antivirus)and it picks up cmdagent.exe

Why would it install signatures if they will never be updated because the corresponding component is not installed?

Just I thought (sorry for busting in the conversation)

I too have been baffled by this for quite some time.

Regards,
Hellion

Offline CraigB

  • Avast √úberevangelist
  • Serious Graphoman
  • *****
  • Posts: 11143
  • No support PM's thanks
Re: why avast detects the process of comodo firewall as virus?
« Reply #5 on: August 10, 2011, 11:23:24 AM »
You will have to ask comodo that question, as igor said you can untick the scan memory box from your custom scans or simply use the default full and quick scans.

Offline Hellion

  • Full Member
  • ***
  • Posts: 138
  • Success is commemorated; Failure merely remembered
Re: why avast detects the process of comodo firewall as virus?
« Reply #6 on: August 10, 2011, 11:34:29 AM »
Hi CraigB,

I have opened a thread in "Bug reports" over at Comodo,

Here is the link:

https://forums.comodo.com/bug-reports-cis/avast-comodo-and-cmdagentexe-t75271.0.html


Thanks for the help,
Hellion

Offline CraigB

  • Avast √úberevangelist
  • Serious Graphoman
  • *****
  • Posts: 11143
  • No support PM's thanks
Re: why avast detects the process of comodo firewall as virus?
« Reply #7 on: August 10, 2011, 11:40:34 AM »
Your welcome, i didnt say anything different really from what igor said just in different words  :)

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11809
    • AVAST Software
Re: why avast detects the process of comodo firewall as virus?
« Reply #8 on: August 10, 2011, 11:43:44 AM »
Well, I have to admit that I didn't check the particular signature or process (not having Comodo installed), so I'm not 100% sure about it - but I find it quite likely; if the memory scan detects something in another AV's memory, it's usually the case.

Offline Hellion

  • Full Member
  • ***
  • Posts: 138
  • Success is commemorated; Failure merely remembered
Re: why avast detects the process of comodo firewall as virus?
« Reply #9 on: August 10, 2011, 11:50:50 AM »
Hi Igor,

I understand.

I will wait and see Comodo's response

Regards,
Hellion

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11809
    • AVAST Software
Re: why avast detects the process of comodo firewall as virus?
« Reply #10 on: August 10, 2011, 11:53:58 AM »
Btw, I don't think the memory scan is very useful; the existing signatures are mostly aimed at files, not memory - so I believe you won't really lose anything by replacing the memory scan by something else (such as auto-start programs).

Offline Hellion

  • Full Member
  • ***
  • Posts: 138
  • Success is commemorated; Failure merely remembered
Re: why avast detects the process of comodo firewall as virus?
« Reply #11 on: August 10, 2011, 12:04:22 PM »
Hi Igor,

I have 4 Terra-bytes of data so doing a full scan takes about a day for me so what I do is I create a custom scan with Memory + Auto Start + Rootkit (full) and let that run on a schedule.

It doesn't really bother me that bad, but I know it shouldn't be happening.

Regards,
Hellion

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11809
    • AVAST Software
Re: why avast detects the process of comodo firewall as virus?
« Reply #12 on: August 10, 2011, 12:15:37 PM »
I'm not saying you should make a full scan - just that for a quick scan, Auto-Start should be quite enough.
The memory scan, even if the necessary signatures were in the virus database, is unreliable by default - virus signatures may be found in memory of a browser if it downloaded some, possibly even blocked, malware in the past, file managers may have some signatures in their memory if you moved some strange files in the past, etc.

Offline Rares

  • Jr. Member
  • **
  • Posts: 42
Re: why avast detects the process of comodo firewall as virus?
« Reply #13 on: August 10, 2011, 11:01:03 PM »
I've had them installed, but did not detect virus in Comodo ...

Offline Corsair

  • Jr. Member
  • **
  • Posts: 33
Re: why avast detects the process of comodo firewall as virus?
« Reply #14 on: August 11, 2011, 04:00:33 AM »
Have you made sure to exclude Comodo in Avast in both the program Settings and in the File System Shield settings?
avast! Free Antivirus
OS: Windows 10 Pro 64-bit - MOTHERBOARD: ASUS Maximus VI Formula (BIOS 0804) - CPU: i5-4670K - RAM: 16GB - HDD: 250GB SSD - Video Card: Gigabyte GV-N770OC-4GD