KAV DETECTS SUSPICIOUS VIRUS IN NOD 2.5 BETA

Discussion in 'ESET NOD32 v3 Beta Forum' started by the mul, Apr 16, 2005.

Thread Status:
Not open for further replies.
  1. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    I have installed the new nod 2.5 beta and it is running great with no problems so far, I have just ran my first scan with the new beta version of nod and when I checked my scan to see if it had finished there was a warning from kav 4.5 C:\DOCUME~1\Main\LOCALS~1\Temp\NOD9AED.tmp
    Suspicion - Type_Boot.

    Here is also a picture as well, just wondering if this is a false positive or not from kav, no viruses detected with a full scan from kav and no viruses detected with a full scan from the new nod beta version either, just the suspected virus warning from kav.
    I was running nod 32 v2 for a long time with no problems or warnings from kav 4.5 at all, this has only happened since I installed the beta version and run a scan with this new version and then kav popped up with this warning.
    Thanks for any advise on this.

    Your friend

    Stephen ;)
     

    Attached Files:

  2. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Must be a false positive, Stephen. Submit it to: newvirus(at)kaspersky.com, for confirmation. :)
     
  3. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    Thanks Don, but I have never done this before mate, can u explain how to send this sample to them, step by step, sorry about this, just never done it before.

    Thanks again

    Stephen ;)
     
  4. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Well you put the suspicious file into a password-protected ZIP archive, and you provide the password to Kaspersky at the email address Don mentioned.

    Also mention the exact suspicion name - In your case - 'Type_Boot'

    Regards,
    Firecat :D
     
  5. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    Thanks firecat, how do u do that mate, sorry experience nil in this area my good friend and how do u find the file. :(

    Stephen
     
  6. FanJ

    FanJ Guest

    Hi Stephen,

    May I ask a question:

    Did you let NOD do its scan while KAV was also resident?
    That is what I understand from your posting.
    Maybe I didn't understand you right; sorry in that case !

    Did I understand you right that a scan from KAV (NOD32 disabled) gave no warning?
    And that a scan with NOD32 (KAV disabled) gave no warning?

    Warm regards, Jan.
     
  7. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    Hello Jan, I am running kav4.5 as my main av and nod32 2.5 beta as my back up av, I have AMON disabled in nod and DMON,EMON,IMON, are all enabled in nod beta.
    I was running version 2 of nod before the beta version and kav did not detect any suspicious viruses in version 2, but when I installed the beta version of nod and ran a manual scan to see how the beta version went, up popped a warning from kav about this suspicious virus, but as don said it will no doubt be a false posative.
    Do u know how to send this to kav as a sample to get it checked out.

    Stephen
     
  8. FanJ

    FanJ Guest

    Maybe I should have posted a bit more, Stephen.

    What I don't understand is:
    How can KAV give a warning when you scanned with NOD32 ?
    Unless I mis-understood you, that points me to thinking that KAV was resident while you let NOD32 do its scan.
    If I'm right here what was happening (and I'm not sure ;)), then may I please ask you to disable KAV and let NOD do a scan again.

    Once again: really sorry in case I mis-understood the whole situation !

    Cheers, Jan.
     
  9. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    Yes Jan I did do a manual scan with nod 32 beta while kav was running resident and I have always done this, when doing a scan with my back up av, I have never disabled kav in the past, as I have never had a problem, until I installed the beta version of nod.
    Do u think I should always disable my residen av while scanning with my back up av.

    Stephen ;)
     
  10. FanJ

    FanJ Guest

    Hi Stephen,

    Yep, I think that you should always temporarily disable your resident AV when you let another AV do a full system scan.
    If you don't do that, then unpredictable things can happen ;)

    Let's take my own system for example:
    W98SE, NOD32 (not yet installed the new beta) resident, KAV Pers Pro 4.5 on-demand.
    When I do a full system scan with KAV, then I disable all the resident parts of NOD32 temporarily.

    I have to admit that I don't know why you did not have a conflict earlier with the not-beta NOD32 :oops:

    I hope this helps a little bit.
    Take care Stephen !
    Cheers, Jan.
     
  11. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Funny but I've just let KAV and NOD32 in real-time protection in the same time(just to test) and they seem to behave very good. No errors, nothing. :)

    Don't do this at home!! :p
     
Thread Status:
Not open for further replies.