general questions

greetings comodo board, I recently downloaded the free CIS suite and installed it on a family members computer. It had the default settings on for defense +, sandbox and the firewall. Anyways it prompted me for a full scan which I did and after I completed it said all systems up and running the (big green check) Things were going fine until about a week ago when I was getting ready to shutdown when windows defender popped up with a message box saying it detected a trojan backdoor. Since I had a big fight with a rogue prior to dumping my paid antivirus program and doing a reformat then exploring comodo as an option, I instead decided to ignore the message and use a cleaner folder to delete the temp files instead, then reboot, then run windows defender myself run from the start menu.
After I rebooted, i ran a comodo av scan and also ran windows defender from the start menu, nothing was found. I then dl’ed malwarebytes and sas as a backup and scans found nothing as well. I guess from a peace of mind perspective I’m trying to determine what windows defender came up with and if everything is ok. I looked in Comodo and cant find any file qu’rtd. The system is running ok with no blatant malware evidence, but I just want to understand what windows defender found since nothing was downloaded(user directed). I have now switched to a lim user account in vista but want to make sure comodo is on, since it is very quiet. I have downloaded adobe flash and malware bytes but i guess im used to the av

examining files in general and saying clean/not clean. I guess I just want to make sure the av is indeed on.

Also sorry for this question but on the firewall what are the 300+ outbound messages to 65.5 etc for cmd agent and clps.exe. is that normal? Should windows firewall be turned off or left on? My old last av product NIS, disabled the windows firewall.
Im curious why windows defender found a trojan and after deleting the temp files then it didnt find anything.
a sincere thank you for any help you can provide.

Windows Defender has a History, so you can check in it what was detected. After you do that, turn off Windows Defender in the settings (remove checkmark from option “Use this program”) and in the Services because you shouldn’t have more than one real-time scanner. Same thing is with firewalls; turn off Windows Firewall, as there will be some conflict between them sooner or later.

Since you removed nothing with the scanner products (and the detection failured to appear after you removed the temp files) I assume it was located there. Thus it was probably just sitting harmless in the temp folder. Since it wasn’t in an important folder I wouldn’t worry.

It appears this may be one of the few times where Windows Defender actually managed to detect a file that was not detected by Comodo Antivirus. Don’t forget that no AV will detect all malware. Also, CIS has both detection and true prevention. Thus even if a malware file is undetected your computer will still be protected.

After scanning with all of those scanners and finding nothing it’s probably safe to say that your computer is clean. Not certain, but very likely. :wink:

I wouldn’t worry.

You can turn off Windows Firewall. In fact with the newest release (V 5.3) it’s turned off automatically during installation.

thank you to all for your quick replies. Ill turn down the defcon5 alert for the pc 88) and hope that staying with the non admin account for the user and CIS5 will keep things secure. thanks again!