Hello all,
I wanted to try to run the totalscan from panda.
But during loading avast detects and claims there
is a Win32:CTX worm/virus. Why exactly ? Can’t
we use it just for a test ?
TIA.
Hello all,
I wanted to try to run the totalscan from panda.
But during loading avast detects and claims there
is a Win32:CTX worm/virus. Why exactly ? Can’t
we use it just for a test ?
TIA.
Sure, just disable avast! while scanning, and watch out later for further avast! detections in the Panda folder. Why? Unencrypted virus definitions. See a note on virus definitions here:
OK, thanks very much for the reply !
So, should I let the panda loading to terminate,
ignoring the alerts, then pull off the internet connexion,
stop resident avast (via right click on the the “a”),
install and run the pando scan test, restart avast, and
reconnnect the internet plug ?
Run the scan online with avast! disabled.
Even after that, some files could remain and will be detected by avast as being infected.
False detections due to Panda active scan: http://forum.avast.com/index.php?topic=12432.msg104932#msg104932
Read: http://www.avast.com/eng/virus_detection_and.html#idt_1554
IMSCAN.DLL
PAVDLL.DLL
PAV.SIG
APVXD.VX2
APVXD.VXD
C:\windows\system32\active scan\pskavs.dll
C:\system volume information _restore{ … }*.dll
Unfortunatelly, a well-known problem of Panda not encrypting its signatures
Every virus can be identified, because it contains some unique signatures. Antiviral programs have their own database of that signatures. We call this database the "virus definition file". When an antiviral program scans a file for viruses, it compares all the signatures (of all viruses) in the database with the signatures in that file. If the signatures match (they are the same), the file is marked as infected. For an antivirus program, it is important to hide this database of signatures somehow - e.g. by encrypting it. Panda Antivirus does not encrypt its virus database - the signatures inside are clearly "visible" to other antiviral programs, so they detect this file as infected (but there is actually no virus inside - only the signatures are the same).
For the following reasons I won’t use or recommend the panda on-line scanner. Panda doesn’t not encrypt its signatures, which many AVs later will detect, but more so because it puts all this c**p in the system folders making it even more difficult to remove later as windows system restore save a copy in the system volume information folder for your AV to trip up over once again.
There are plenty of other on-line scanners that don’t have this issue. On-line Virus Scanners and other useful Links Security-Ops.eu.tt
Fully agree with David.
Besides that page, you can check these for full computer on-line scanning:
Kaspersky (very good detection rates)
Trendmicro housecall
AVGas (does not necessary if you have AVG antispyware installed)
F-Secure
BitDefender (free removal of the malware)
HitmanPro (new online scanner with multiply scanners)
To be fair to Panda, only a few AV’s mistake pskavs.dll for malware:
Complete scanning result of “pskavs.dll”, received in VirusTotal at 05.29.2007, 23:20:39 (CET).
Antivirus Version Update Result
AhnLab-V3 2007.5.30.0 05.29.2007 no virus found
AntiVir 7.4.0.27 05.29.2007 Frisk #2
Authentium 4.93.8 05.23.2007 no virus found
Avast 4.7.997.0 05.29.2007 Win32:CTX
AVG 7.5.0.467 05.29.2007 no virus found
BitDefender 7.2 05.29.2007 no virus found
CAT-QuickHeal 9.00 05.29.2007 no virus found
ClamAV devel-20070416 05.29.2007 CyberTech.578
DrWeb 4.33 05.29.2007 no virus found
eSafe 7.0.15.0 05.29.2007 no virus found
eTrust-Vet 30.7.3672 05.29.2007 no virus found
Ewido 4.0 05.29.2007 no virus found
FileAdvisor 1 05.29.2007 no virus found
Fortinet 2.85.0.0 05.29.2007 no virus found
F-Prot 4.3.2.48 05.25.2007 no virus found
F-Secure 6.70.13030.0 05.29.2007 no virus found
Ikarus T3.1.1.8 05.29.2007 no virus found
Kaspersky 4.0.2.24 05.29.2007 no virus found
McAfee 5041 05.29.2007 no virus found
Microsoft 1.2503 05.29.2007 no virus found
NOD32v2 2296 05.29.2007 no virus found
Norman 5.80.02 05.29.2007 no virus found
Panda 9.0.0.4 05.28.2007 no virus found
Prevx1 V2 05.29.2007 no virus found
Sophos 4.18.0 05.28.2007 W95/Whog-878b
Sunbelt 2.2.907.0 05.26.2007 no virus found
Symantec 10 05.29.2007 no virus found
TheHacker 6.1.6.124 05.28.2007 no virus found
VBA32 3.12.0 05.28.2007 no virus found
VirusBuster 4.3.23:9 05.29.2007 no virus found
Webwasher-Gateway 6.0.1 05.29.2007 Win32.Bumble
And the Panda scanner is an excellent malware detector and remover, recommended by many malware forums.
Sure.
The antirootkit is very very good and it’s installed in my machine.
It’s good to be fair from time to time and not only biased 8)