Avast 5 unable to scan a zip file while 4.8 can???

Avast Free Antivirus / Premium Security
1

A virus in a zip file passed through Avast 5 mail scan engine. So I do a file scan of the file and Avast 5 returned with file can not scan: password protected. However, when I took the file to another machine with Avast 4.8 and it successfully scanned and detected a virus. Avast 5 can not scan a password protected zip file, but Avast 4.8 can? ???

2

You are going to have to give more information as there are legitimate occasions when a zip file (which is inert and no immediate risk) isn’t scanned.

So how did you get the zip file on your system and what scan is being run, etc. ?

If via the internet was this on port 80 and not using https ?

Or if via a usb or other external media and saved to your HDD, etc. ?

3

Jackspm, no. avast 4.8 can’t scan passworded files either.

4

I received an email with the zip. Since I received on my mail box, the Mail Scanner didn’t pick it up. I then saved the file to my local hard drive and do a file scan by right clicked on the file. The result is “Scan complete: some file could not be scanned”. I then clicked on the Show Result button and it shows the status: “Error:Archive is password protected. (42056)”.

I then save the file to my other computer with Avast 4.8 and do a file scan and Avast was able to scanned the file and detected a virus on the file.

I don’t know if the zip file is truely password protected or not, but the email attached an image with the password on it. I did try to extract the zip file and it did ask for a password. Just wondering why 4.8 is able to detect the virus but not 5.0 ???

5

Strange… it it was passworded, really, avast shouldn’t detect it.

6

Strange? Yes.

My point is that if version 4.8 is able to detect the virus, version 5 should be too. Unless some unpackers are missing on version 5. I did configure Avast to use all packers.

7

Jackspm,

What exactly did the 4.8 version describe the virus as?

8

Sorry but that simply isn’t possible, if the zip file was password protected then avast can’t unpack it to scan it ergo it can’t detect what is inside the zip file. Nothing in 4.8 or 5.0 can do anything about that, as a) they don’t know the password and b) even if they did there is no means of entering it.

So if there was a detection it is something unrelated to a password protected zip file.

9

I’m no expert, just reporting the issue. Here is 2 screen shots, 1 from 4.8 and one from 5.0.

10

Well the two are different, in that your first image shows an alert on the actual .zip file in the Y:\ drive, whereas the second is looking inside the archive and may or may not be password protected, but that it’s in a different location \Server\Hence\v\ and it may be that this is where the permission issues lie ???

11

Both scans are on the same file at the same location. One is using Avast 4.8 and the other is 5.0. Both scans are using the same method (right clicked on the file and select Avast scan). The first image shows how 4.8 detected the virus on the file. The second image shows the results from v5 which did not detect the virus. There is no premission issue. I have full access to the file.

Again, the point that I want to make is the v5 was not able to detect something that v4.8 can.

12

Is that a ‘zoo’ sample you’ve got in your file collection for ‘testing’ or is it live sample you actually got by mail?

13

It is an actual email that I received yesterday.

14

I’m receiving more of these emails and Avast 5 is not detecting it. Maybe I’ll downgrade it back to 4.8 for now.

15 
Back to 4.8....that is what I and everyone else I know has done.......back to being happy again and not spending every waking hour installing and uninstalling trying to make AV program work right. ;D
16

I think the OP should register at the Avast Support Desk and submit a bug report ticket about this issue. It’s probably better to let the tech guys know about this issue so that it can be corrected in a later build of 5.0 than to go back to 4.8.

I mean, going back to 4.8 may solve your problem with these types of files/e-mail. But it’s an issue that Avast should be made aware that you have stated Avast 4.8 can scan this type of file and 5.0 cannot. If it’s not reported to the tech team, they should know about it because support for Avast 4.8 ends on December 31, 2010.

Jack

17

In addition to submitting a bug report ticket, I would send the file as a zip attachment to the labs for testing. E-mail it to virus@avast.com for testing. I am sure they will be interested in studying this issue. Include your explanation with the photos you provided in this thread of this issue.

Jack