I scheduled a complete scan of all files on the system I installed Avast on. So now I have yet more questions.
In the Chest, I have kernel32.dll, winsock.dll, wsock32.dll. They don’t show a virus on their line. Why are they in there?
Avast also reported the Win95:Matyas virus on pav.sig file and moved it to the Chest. I read the Matyas infects .exe files. I have no idea what this pav.sig file is. It was in windows\system32 and windows\system32\activescan. Since it’s in the Chest, I can’t look at the file to try to figure out what it belonged to. Anyone know how I should proceed now?
The three system files (kernel32.dll and winsock libraries) are put to the Chest during the installation of avast. It is just a security measure - these files are often the target of viruses; if you happen to be infected in the future, you may restore the original files from Chest.
The pav.sig file is a file used (of left) by Panda antivirus (or their cleaning tool). They store the virus signatures in an unencrypted form inside - therefore other antivirus programs report is as infected. You may consider it a false alarm, i.e. there’s no reason to worry about it.
First, you don’t know where the signature is inside the file, in fact. Suppose that avast announces a virus there… but how would you find out where did avast spot the signature?
Second, no matter if the signature is encrypted or not, it’s not that hard to find out what given antivirus is looking for. Modifying the malware is just a creation of new variant… similar to packing by some strange packer etc. - i.e. nothing new, in fact.
I found same thing with Panda Platinum (install file). Also I uninstalled Panda coz since I installed service pack 4 it wouldnt remember my settings and firewall allowed programs. I tryed re-installing it but no help. Anyway Sygate and Avast work fine and are recommended in most serious forums and review sites.