Bonjour. I run Avast 4.6 (4.6.763) with the VPS 0609-0, 27/02/2006, on a Windows98 PC. A casual check detected a worm (Win32:Volage-D [Wrm]), and also on another file (Win32:Agent-IT [Wrm]) on avwinsfx.exe. Funny, this last file happens to be the installer of another free anti-virus software
As I am cautious, I double-checked with Norton Antivirus (recent version and updated virus definition) from my professional PC, and also with the free Panda web scanner, none of them finding anything.
Moreover, both PING.EXE and avwinsfx.exe have remained unchanged from their installation on my PC months ago. And Avast is unable to “repair” them.
It will be fixed in today’s update.
For the second one (avwinsfx.exe), however, avast! detects some uncrypted data for malware removal, possibly even virus signatures. So, this problem may soon appear again, and we won’t really (be able to) do much about it.
Everybody is better advised to only run ONE resident Antivirus solution on a computer. Combination with some online scanners or non-resident ones, like Bitdefender, DrWebCureIt or ClamWin are well possible. But two resident scanners on one machine is causing problems, false poositives, while the "dogs"start biting each other in stead of guarding the house. Bonne chance!
Sure, I run only one AV on my PC. But as I get a (in my view) dubious alarm, I cross-checked with a Web-based tool (Panda), which run Active-X routines, and from my business PC I checked the so-labelled infected files with Norton.
Thanks for the advice, nonetheless.
By the way, the VBS 0609-1, 01/03/2006 fixed the problems I reported, but I have discovered another one: Avast claims that C:\WINDOWS\SYSTEM\ActiveScan\pskavs.dll is infected with the Win32:CTX worm, which neither Panda nor Norton confirm.
Having used Panda’s on-line scanner, you will get virus alert/s on its unencrypted virus signature files. This is just one of them the best advice would be to remove the panda on-line scanner setup (folder, etc.).
I don’t know why Panda puts its ActiveScan folder in the windows system folder rather than a regular Program Files folder, which would make it easier to identify what it belongs to. This can also cause more hassle when you try to remove it with an OS with system restore (not win98) enabled as it would get saved by windows system restore.
It’s surprising the number of AVs that don’t encrypt their virus signature files, leading to false detections by the resident AV later and possibly scaring the user to death into the bargain ;D
