KAV DETECTS SUSPICIOUS VIRUS IN NOD 2.5 BETA

Discussion in 'ESET NOD32 v3 Beta Forum' started by the mul, Apr 16, 2005.

Thread Status:
Not open for further replies.
  1. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,704
    Location:
    scotland
    I have installed the new nod 2.5 beta and it is running great with no problems so far, I have just ran my first scan with the new beta version of nod and when I checked my scan to see if it had finished there was a warning from kav 4.5 C:\DOCUME~1\Main\LOCALS~1\Temp\NOD9AED.tmp
    Suspicion - Type_Boot.

    Here is also a picture as well, just wondering if this is a false positive or not from kav, no viruses detected with a full scan from kav and no viruses detected with a full scan from the new nod beta version either, just the suspected virus warning from kav.
    I was running nod 32 v2 for a long time with no problems or warnings from kav 4.5 at all, this has only happened since I installed the beta version and run a scan with this new version and then kav popped up with this warning.
    Thanks for any advise on this.

    Your friend

    Stephen ;)
     

    Attached Files:

  2. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Must be a false positive, Stephen. Submit it to: newvirus(at)kaspersky.com, for confirmation. :)
     
  3. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,704
    Location:
    scotland
    Thanks Don, but I have never done this before mate, can u explain how to send this sample to them, step by step, sorry about this, just never done it before.

    Thanks again

    Stephen ;)
     
  4. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,104
    Location:
    The land of no identity :D
    Well you put the suspicious file into a password-protected ZIP archive, and you provide the password to Kaspersky at the email address Don mentioned.

    Also mention the exact suspicion name - In your case - 'Type_Boot'

    Regards,
    Firecat :D
     
  5. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,704
    Location:
    scotland
    Thanks firecat, how do u do that mate, sorry experience nil in this area my good friend and how do u find the file. :(

    Stephen
     
  6. FanJ

    FanJ Guest

    Hi Stephen,

    May I ask a question:

    Did you let NOD do its scan while KAV was also resident?
    That is what I understand from your posting.
    Maybe I didn't understand you right; sorry in that case !

    Did I understand you right that a scan from KAV (NOD32 disabled) gave no warning?
    And that a scan with NOD32 (KAV disabled) gave no warning?

    Warm regards, Jan.
     
  7. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,704
    Location:
    scotland
    Hello Jan, I am running kav4.5 as my main av and nod32 2.5 beta as my back up av, I have AMON disabled in nod and DMON,EMON,IMON, are all enabled in nod beta.
    I was running version 2 of nod before the beta version and kav did not detect any suspicious viruses in version 2, but when I installed the beta version of nod and ran a manual scan to see how the beta version went, up popped a warning from kav about this suspicious virus, but as don said it will no doubt be a false posative.
    Do u know how to send this to kav as a sample to get it checked out.

    Stephen
     
  8. FanJ

    FanJ Guest

    Maybe I should have posted a bit more, Stephen.

    What I don't understand is:
    How can KAV give a warning when you scanned with NOD32 ?
    Unless I mis-understood you, that points me to thinking that KAV was resident while you let NOD32 do its scan.
    If I'm right here what was happening (and I'm not sure ;)), then may I please ask you to disable KAV and let NOD do a scan again.

    Once again: really sorry in case I mis-understood the whole situation !

    Cheers, Jan.
     
  9. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,704
    Location:
    scotland
    Yes Jan I did do a manual scan with nod 32 beta while kav was running resident and I have always done this, when doing a scan with my back up av, I have never disabled kav in the past, as I have never had a problem, until I installed the beta version of nod.
    Do u think I should always disable my residen av while scanning with my back up av.

    Stephen ;)
     
  10. FanJ

    FanJ Guest

    Hi Stephen,

    Yep, I think that you should always temporarily disable your resident AV when you let another AV do a full system scan.
    If you don't do that, then unpredictable things can happen ;)

    Let's take my own system for example:
    W98SE, NOD32 (not yet installed the new beta) resident, KAV Pers Pro 4.5 on-demand.
    When I do a full system scan with KAV, then I disable all the resident parts of NOD32 temporarily.

    I have to admit that I don't know why you did not have a conflict earlier with the not-beta NOD32 :oops:

    I hope this helps a little bit.
    Take care Stephen !
    Cheers, Jan.
     
  11. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Funny but I've just let KAV and NOD32 in real-time protection in the same time(just to test) and they seem to behave very good. No errors, nothing. :)

    Don't do this at home!! :p
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.