Question
I have 2 PC. Old one with Avast Home edt 4.1.342, and new PC with Avast Home edt 4.5.549.
I got bin file from p2p network on old PC Avast scan shown virus Win95:Matyas. Did not want to waste time spent and transfered that bin to new PC. Guess what?
V. 4.5.549 did not found the virus in the same bin file!!!
Well, so I burned on CDR that bin, and later scanned that CD with 2 versions 4.1 and 4.5 - got the same result - 2 files infected with Win95:Matyas, and 2 files infected with Win32:Kuang - scan done on “opened” image, not bin file.
So, here is the question:
Why new v. 4.5.549 could not detect virus where old
v. 4.1.342 did it with ease!!!
Is this is a glitch in program, bug or simply it get worse before getting better.
At this point I don’t see the need for upgrading - U upgrade and U miss the virus - HA HA HA …
Is it a joke? ;D ;D ;D >:( >:(
Sorry, just got upset with my findings.
Please explain what really happend here.
???Waiting for help

P.S. will be back @ PC in 2 hours from now… will respond later.

And what vps version do both use?
And what exact settings?

4.1 - VPS v 0450-0
4.5 - VPS v 0450-1

settings are the same - Avast is the secondary scanner on both PC (norton is primary, no incompability noted for long time as long as norton is the only primary AV).
Which settings do u need to know, did not understand, sorry.

To say exactly, it would probably be necessary to know the filenames and the settings of the scan (what avast! program was used - Simple/Quick, scan type - Quick/Standard/Thorough, etc)

According to the virus names, however, it’s a false alarm on some Panda files anyway, no real viruses.

o.k
I am back home now
Settings are the same on each version:
Scan archives
Sensitivity - Thorough

“According to the virus names, however, it’s a false alarm on some Panda files anyway, no real viruses.”

YOu guessed right, that bin file is Panda Internet Security 2005 - how did you know?
The thing is - I don’t think it is possible to verify each virus alert with forum gurus. So, how would I know which one is false positive, and which one really the virus.
Also, the original question still stands:

Why the newer version did not recognase virus in bin file, and even old version got only one virus in bin package not both (here I am not sure how it happened myself).

Anyway, even if it false alarm - the new version did not get it - next time it could be for real and then what?

That is why I got already Avast, AVG, BitDefender and norton installed in one PC (new one). Also, planning to add Panda, Kaspersky, F-Prot, PC-cillin, and maybe TrojanHunter - I am paranoic - too many d/l from p2p - better be safe than sorry.
Awaiting patiently for any response.

P.S. The bin file in question is approximately 85 Mb, so I can not sent it by email for testing - I open for suggestions!!!

Edit
Is there a list of possible false alarm names, or something like that?

Edit 2

File names are: Viruses
Platinum8/Pav.sig Win95:Matyas
Platinum8/PavDll.dll Win32:Kuang2
Platinum8/Safedisk.img Win32:Kuang2
Safedisk/Pav.sig Win95:Matyas

I think that is all info Igor, U asked.

I don't think it is possible to verify each virus alert with forum gurus.

You will never know untill a expert had a look at it, but submitting a suspicious file to JOTTI and see what the different av utils say about it is a pretty good indication if it is a false positive or not.

That is why I got already Avast, AVG, BitDefender and norton installed in one PC (new one). Also, planning to add Panda, Kaspersky, F-Prot, PC-cillin, and maybe TrojanHunter - I am paranoic - too many d/l from p2p - better be safe than sorry.

Stop being paranoid or visit a good spychiatrist ;D Only one av on a system is enough. Why? Easy. 1] There a numerous of malware that disable av utils. So having 2 or even more on one system won't help you better. 2] If malware prevents you from booting the system, what good is it to have "10" av's on it?

I suggest 1 av on the system and for backup/extra checking use 2 online scanners.

Besides having a (ofcourse up-to-date) av, also use Spybot s&d, Ad-Aware and HijackThis.

I think that if you click on the link in my signature and visit the “malware removal” as well as the “HijackThis” section, you will find some interesting things.

Eddy
Thanks for advice, but I can give advices (psych) on my own (I am in health service dealing with many patients…).
I got your point anyway, thanks for Hijackthis - I missed that one (I have Ad-Aware and SpyBot already).

Still interested in original question:
Quote
Why new v. 4.5.549 could not detect virus where old
v. 4.1.342 did it with ease!!!

So, how would I know which one is false alrm, and which one is not?!

Which one to submit for further investigation, and which one is not - I am getting Virus alarms at least every other day, if not every day - d/l things from p2p is my hobby…

Igor asked about specific things
If any answers follow…
I am here
Playing SOF2 on internet on diff PC… can not see virus alerts anymore…

So why do you worry about viruses then… ?
Just get your Win-Setup-Cd ready, cause one of those P2P-DLs surely will get past your 10 AVs some day…

:

kisianik Hi,
First of all Igor isn’t a “forum guru” he is a member of Alwil Software, which creates avast! antivirus.
And second, about Kuang2 and Matyas being false positives, take a look at this page (FAQ Nr.2):
http://www.avast.com/eng/virus_detection_and.html#idt_1554
I hope this helps…

http://www.avast.com/eng/faq_panda.html

Having multiple av’s on one system will get you in trouble. Sooner or later they will conflict and may even stop working at all.

Me thinks kisianik likes to live dangerously … and / or … kisianik is “pulling our leg!”

And, as whocares & Eddy said, with so many av’s running and P2P as a hobby, someone is just begging for trouble.

Newer versions only ‘add’ new detection signatures or correct the old ones.
They don’t remove detection or protection as far I know… The detection goes forward and not backward

Panda does not encrypt its signature files… it’s a shame

It’s not a matter of avast, newer or older, it’s a Panda problem… Why are you trying to install more than one antivirus in your system… You will mess everything…

It’s better be sorry than even possible to boot with antivirus conflicting ;D

Sorry, I’m still not exactly sure what you really scan (this “opened” image, bin files… etc)

Anyway, the new version of avast! still detects the Matyas false alarm on pav.sig file (at least the one I have here); there hasn’t been any change in this kind of detection for very long.

If I can just “amplify” a little on Technical’s comments …

False-positives, especially if you get quite a few of them, usually relate more to the defs than to the program itself. There’s been a few (rare) times in the past when an update to avast defs generated an unusual number of FP’s, which of course resulted in a flood of users’ reports here (and probably direct to the Alwil team too). And each case, a new set of defs was issed quite quickly which eliminated most if not all of those new FP’s.

Having 2 antivirus systems on your computer is a waste of resources,…you better stick with one! Afterall they both do the same and they mix up with each other,…may cause system crashes,…ect,…

Strange indeed the 4.1 says it is virus, 4.5 says it is not. It might be a bug in the 4.1 as well you know,…that might be fixed in the 4.5,… I do not know,…never had the “virus” before even with the 4.1,…

I am sure there is a reasonable explanation for this issue,…
But if the hardcore-forum-users claim it is not a virus then I thrust them,…and you should too,…
Besides,…why would they lie? They use the software,…and some of them work close with the programmers,…

Stil working with 4.1? Doesn’t the software alert you when new programupdate is availabe??

Thanks all for the replies!!!
I think that incident with Panda bin file was accidental (I have avast for the past 1.5 year without any problems).
And I thank U all providing links to FAQ about Panda…

Regarding

Me thinks kisianik likes to live dangerously ... and / or ... kisianik is "pulling our leg!"

I don’t have an ability to purchase all the programs I want to have, so I have to look elsewhere…

My own profession has nothing to do with computers - therefore, I am looking for the most simple and painless solution to d/l viruses and other things.

All paranoia started this summer when my old PC got attacked by something and I lost embeded media player and some other things (eventually I will reinstall WinME on old machine). Couple months ago my AntiVir guard crashed badly - I could not boot my windows, and even getting troubles to operate in the safe mode. All this left behind and my old system is so-so clean (someting come through time to time, and gets nailed).

So when I got new system I decided to put as much protection as possible to avoid losing touch with my PC. As many of U noticed here, I plunged into the search of all possible solutions, on the way I get into the “thing” with Panda unaware of Panda “conflict” with other scanners.
Everything is sorted out by now, and I am cooling down…

The last Question, if it is not difficult to answer, can some of U say which one, except AVAST, are other AV progs that really effective as secondary AVs, and which one are not soo good, if same questions been answered before, would U give the links, I deeply appreciated.

The same question is about spyware, adware, dialers etc. removal progs.
Technical’s signature shown me many good ones, but in YOUR opinion which 2 or 3 or 4 of them will cover all the bases - it is not possible to get all of them.

Thanks again for all of your replies.
Patiently awaiting for ANY response.
I think that would finish that thread for good.

My advices:

• Install all windows essential updates (SP2 recommended) and enable Automatic updates
• Disable unnecessary Windows services
• Install at least one spyware tracking/preventing tool (Spywareblaster and Spybot SD-Resident Tea Timer, Ad-aware. Three won’t conflict each other)
• Install Avast Antivirus (if Home version, use a script blocker)
• Enable SP2 Firewall and install a third party software firewall (Agnitum Outpost, ZoneAlarm or Sygate. Only one!). If you can, have a hardware firewall (router)
• Install a spamkiller (Spamihilator ;))

As you can see, it’s not only a matter of antivirus ;D

To answer your last question,

I haven’t tried all AV systems but,…

• NOD32 is pretty OK, fast scanner and effective (we use this at our server)
• Panda: is used at work by my bosses and they have no complaints,…for myself at work I use Norton AV for MacOS X ,… but the fact that MacOS X is immune for all virusses your get in emails,…makes it kinda useless,…
• AVG is another free AV,…but I read somewhere they will stop the free version,…
• Bitdefender,…has free version too,…but NO background scanning,…

I suggest you do some “review” googling and then make up your mind about it,…cause like it has been said in many threads before,…an AV is aways under development,…things are NEVER perfect,…

Installing SP2 is a good thing,…however I heard rumours that some software does not work that properly afterwards,… : The best thing to do is installing WinXP compeletely fresh and then install SP2,…unless you have an official CD of winxp with sp2 included (like me)

with Avast you will be pretty safe,…if I was lieing to you,…I wouldn’t be writing this post ;D

good luck, and let us know,…