I found some small problems with avast when i use it , like:
1/a place not completely translated to Chinese like “malware type : exploit”(see 0b.jpg) and "exploit "should be “漏洞利用” in simplified Chinese version.
2/When i use avast to scan a lot of virus samples it may sometimes warns me “Instruction at 0x7c936f1c referenced memory at 0x0000000 the memory could not be read” .
3/When avast scans a file packed by some strange packers avast may say "complete scan,but found some internal error "
4/avast could not detect a virus that packed by packer named “nakedpack” (like a file on my computer , when it didn’t packed by naked pack avast reports it as “Win32:Spyware-Gen [Spy]” and when it packed , avast reports “No malware”)
Hope Igor take a look on this. But, indeed, some messages are mixed from more than one place. So, the one who translated into Chinese could have left inhomogeneity behind.
Do these messages appear on the screen or you’re reading in the log?
Please, post the full name and path of these files.
Maybe just a packaging problem. Again, can you post full name and path of these files?
Hope Igor take a look on this. But, indeed, some messages are mixed from more than one place. So, the one who translated into Chinese could have left inhomogeneity behind.
ok,thanks
Do these messages appear on the screen or you’re reading in the log?
they only appear on the screen but not in the log
Please, post the full name and path of these files.
it seems like they only appear when a file is binded with many malwares(the last error occured at “C:\test\0901\1.exe”,and it probably binded with 40 adwares)
Maybe just a packaging problem. Again, can you post full name and path of these files?
(like attachment “0e.png”,before they packed avast can detect 80 virus and after some(sorry ,it can only packs one file at one time.so i only tested 8 files) of them are packed avast wont detect any)
As far as I know, these “virus types” (exploit, and there was one more I think) were added into avast! shortly before the release, so I didn’t send the translation packages to the translators, as most of them wouldn’t come back in time anyway. So yes, this word is not translated, in most of the languages.
I would need to take a look at the samples causing the error. The problem is that the actual error might be caused by one file, but the error actually appears later during the scan (if you’re saying that you are scanning a big number of samples). So, if you could somehow find out which file causes the problem (by scanning only some of the samples and making sure the error appears… possibly by dividing the samples into smaller group) - and if you could send me the problematic file (or even an archive full of files - if this archive reproduces the problem), it would be great.
I’d certainly like to fix the problem, but I can’t do it without the file(s) to reproduce the problem.
Again, please can you send us the files? I’d take a look at them as soon as possible. (Or, if the files are many or huge, you can upload them to ftp://ftp.avast.com/incoming) Thanks.
I am certainly looking for this kind of errors, but none appears on our (huge) collections, as far as I know. So, any samples causing these problems are welcome.
There are hundreds of packers that avast! (and also many other antiviruses) can’t unpack. So, why are you worried just about NakedPack?
Actually, the unpacker for NakedPack has been added in the last avast! update (4.7.1043) - but the unpacker is somehow incompatible with “-Gen” detections (Trojan-Gen, Spyware-Gen, etc.). So, if you repack the file detected as Trojan-Gen with NakedPack, in won’t be detected indeed (but, you have just created a new malware variant; if this variant gets in the wild, we’d add another detection for it).
To fix this “incompatibility” between the unpacked and -Gen detections, the detection algorithm would have to be changed - which is planned, but will require a big change to the VPS, so will most likely happen in avast! 5.
As far as I know, these “virus types” (exploit, and there was one more I think) were added into avast! shortly before the release, so I didn’t send the translation packages to the translators, as most of them wouldn’t come back in time anyway. So yes, this word is not translated, in most of the languages.
Ok,i see.
I would need to take a look at the samples causing the error. The problem is that the actual error might be caused by one file, but the error actually appears later during the scan …
I am certainly looking for this kind of errors, but none appears on our (huge) collections, as far as I know. So, any samples causing these problems are welcome.
I’ve scanned again and it crashes again but in different forms,when it scanns “abc.rar\2\13.exe” ,it warns me as “Win32:Crypt-VA” and then it ignores other viruses that it hasn’t scanned(before it crashed , i have quickly clicked “Continue” when the virus warning windows appeared),but when I use on-demand scanner to scan this virus again,it doesnt crashed any more…so i guess if it’ll crash as users let it scan a lot of samples then quickly click “continue”,and i have uploaded the file ‘13.exe’ to you.
There are hundreds of packers that avast! (and also many other antiviruses) can’t unpack. So, why are you worried just about NakedPack?
Actually, the unpacker for…
I think so , i am worried about it because some viruses here packed by naked pack that they can pass avast and some other avs easily and some avs just report it as “Heuri/Packed”.
Thanks for the file. Unfortunatelly, it doesn’t produce an error here…
A few questions:
Do you have the latest build of avast!? (4.7.1043)
How do you scan these files? I mean, do you use avast! Simple User Interface (if yes, what sensitivity did you set?), or Explorer Extension (“quick scanner”)?
Did you scan only this folder (“1”) when the crash occurred, or did you scan multiple folders in that scan?
ha, i often persecute my computer … and there’re often some strange errors on my pc,again , thanks for your patient , I’ve updated it to 4.7.1043 and then use quick scanner to scan multiple folders like this record(http://filecoast.com/?file=FuDJnEM5_rec1.rar), you can see in the record at 1:10 as i clicked continue and then its scanning process cannot be canceled (can only terminate its process from task explorer)
But … i’ve asked some people ,their avast do not have this problem , so I guess if i use it normally it wont be any errors In the end, wish avast 5(and other versions of avast ) can be the best ones of the world ;D and give my best wishes for you all.
(I think i have to continue study english now…my english is so terrible…)
Well, maybe this doesn’t have anything to do with the scanner engine itself… please try to disable skinning of the Explorer Extension (on the first page of avast! settings, uncheck the option “Enable skins for Explorer Extension”). Does it help?
No idea, it was mostly a guess (first because I’m quite confident in the stability of the Engine itself, second because Qianwenxiang emphasized that it happened when he quickly clicked the “Virus found!” windows away). So, I thought it’s more likely to be a GUI stuff than a scanner/unpacker problem… and yes, ActiveSkin seems to have some issues.
Unfortunatelly, it also means that we can’t do anything about it (even if we were able to simulate the problem)… since the skinning part is a 3rd party library we don’t have sources for :-\
In the end, wish avast 5(and other versions of avast ) can be the best ones of the world ;D and give my best wishes for you all.
Yes,it works well after disabled the skin , and … probably i need to learn more about avast , thank u.