I’m using Comodo as my firewall, and Avast keeps reading cmdagent.exe as an infected file (win32FakeVimes-B). The executable is signed by Comodo. I’ve also encountered this with games I downloaded via steam, and one (Fable) I installed via CD rom.
have you tested the “cmdagent.exe” file at www.virustotal.com
when you have the result, copy the url in the address bar and post it here for us to see
VirusTotal comes up negative, even under Avast. So why does it show up as infected when I scan it on my computer?
good question…do you have latest VPS 110617-0
Yes.
Most probably a false positive and VT definitions seems not to be up-to-date as in your computer.
Also look here: http://forums.comodo.com/defense-sandbox-help-cis/avast-6-shows-cmdagentexe-as-a-virus-t72680.0.html
polonus
My guess is that you are doing a Custom scan in which you have elected to scan Memory and that all these detections are in memory. Since they aren’t physical files they can’t be moved to the chest, deleted, etc. so there is no action that can be taken, hence the Apply button being greyed out.
The detections in memory are frequently other security applications loading unencrypted virus signatures into memory. Having set off a scan of memory by an antivirus application looking for virus signatures, don’t be too surprised if it finds some in memory.
So if you can give some examples of the items in the list and the type of scan you did it will help us to help you ?
If these are Detections in Memory, it isn’t the comodo signed executable that is reported as infected but the unencrypted signatures loaded into memory by that ‘Process:.’