Avast Detected Panda Active-Scan File???

Discussion in 'other anti-virus software' started by Legendkiller, Aug 10, 2006.

Thread Status:
Not open for further replies.
  1. Legendkiller

    Legendkiller Registered Member

    Joined:
    Jun 29, 2006
    Posts:
    1,052
    I just installed and ran a full-system scan of avast 4.7.8(Home edition) and to my surprise it found panda-activescan's file...
    I am posting the screenshot below..
     

    Attached Files:

    • d.JPG
      d.JPG
      File size:
      48.8 KB
      Views:
      223
  2. TAP

    TAP Registered Member

    Joined:
    Aug 17, 2004
    Posts:
    344
  3. Legendkiller

    Legendkiller Registered Member

    Joined:
    Jun 29, 2006
    Posts:
    1,052
    thanks for d help..
     
  4. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    If a AV software detects a harmless file as virus then the fault is with the
    AV not the harmless file. Its called False Positive. The link TAP provided
    deals with a different issue.
     
    Last edited: Aug 10, 2006
  5. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    Very strange, especially due to the fact that Win32/CTX is a polymorphic, entrypoint obscuring (by replacing eg. jump after the EP) combination of Worm/Virus. Avast should have made here at least a PE Characteristic Check to determine if it's a DLL or a EXE. There's no need to go hunting in DLL's for this virus, since it will never infect one based on the fact that the virus cannot deal with variable image base addresses (that's hardcoded and they do not make any get delta ala CALL $5 check). Besides scanning for this virus and trying to determine the EPO call in DLL files is rather silly and brings down the scan speed performance.
     
  6. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    IC, can you sneek peak the file? Alwil guys are saying that it's getting detected because Panda Software guys aren't encrypting that file properly.
    Donno, this thing is around for very long and i still don't know for sure whatss going on lol :p
     
  7. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    Nothing against Avast but they only explained why Avast is detecting viruses
    in pav.sig which is the signature file. But they didn't explain why Avast is
    detecting viruses in other files also. Apart from pav.sig, all others are FPs.
    The link TAP provided has misleading details.
     
  8. Legendkiller

    Legendkiller Registered Member

    Joined:
    Jun 29, 2006
    Posts:
    1,052
    yes,they have clearly written in the page provided by tap,that they can't do anything about it and plainly asked not to switch to any other AV...
    quite a strange reply..
     
Loading...
Thread Status:
Not open for further replies.