The first is a false positive, caused because panda’s on-line scanner doesn’t encrypt its virus signature files, suggest you use a different on-line scanner or if you have panda installed as well remove panda. Was that what it is an on-line scan done previously by Panda? - if so, if there an add remove entry for it use that otherwise you may need to remove the contents of the activescan folder.
Then the entry in the chest can be deleted.
RejZoR’s Website - Security Ops - On-line Virus Scanners and other useful Links Security-Ops.eu.tt
The second was obviously detected by the email scanner and dealt with accordingly.
yes i have used Panda´s active online scanner long time ago and never before Avast havent said a word of it and that´s why im very confused.
I found that Active Scan folder from C:\ WINNT system32 files so can i delete that folder straight away from there and then delete that false positive virus from Avast quarantine folder ? There is no add remove entry in that folder.
And yes Avast webshield protection prevented VBS loveletter´s coming through on Gmail.
It would depended on what type of scan/s you have done in the past and the sensitivity as to whether the dll file would have been scanned.
When I talk about and add remove entry I’m talking about windows, not something in that folder. I would say you can delete the folder as it is only used by panda and delete the file in the virus chest.
To help people who are new to Avast av, in my opinion, the PAV false positive should be ignored by Avast (I know that it is Panda’s fault for not encrypting their signatures). Can that be possible?
It would really help new users who are discovering the WIN32:Kuang2 virus that isn’t really there. Thanks for such a great product!
I think it won’t be easy or safe to do it…
You discover the better and the faster way: registered in the best forum to receive the answer 8)
Feel in home and feel free to ask anything about our beloved avast!
This would require more processing effort which will slow overall scanning.
avast! doesn’t know why the signature is there for fair means or foul, it would need to check the file it is in and the location it is in to be able to make a educated guess that it is infact Panda’s unencrypted virus signature.
There is no guarantee that the panda signature files would be in the same place in the future, so avast would be playing a catchup game of find the panda signature files. It isn’t only avast that detects panda’s sloppiness but other AVs as well so should they all go to extra trouble because of this tardiness, personally I think not.
At the moment if there is a detection on the Panda unencrypted virus signatures, the worst that can happen is the file is deleted or sent to the virus chest with no adverse effect to your system. I personally would prefer that to making an assumption it’s panda’s signature files and missing a real virus.
Thank you for the welcome but im old member named Poonet I just lost my password and for somehow i did get the answer my old member name does not exist either so i had to log in by new member name
I was a Norton user for 9 yrs, yet got fed up with the bugs in it that would change my settings when updating.
I am new to Avast which was recommended to me by my ISP tech, so excuse me if i am asking same or similar question as i seem to see here, yet do not understand what to do.
My first Avast Scan found 2 files infected:
Win32: Kuang2 in file imscan.dll in C:Windows\System32\Active Scan
Win32: Trojan-gen in Scenichp.exe in C:Windows\System32
It said: Error 42060 cannot be repaired, so i have the files in the Chest. Now what?
Also, how can i schedule a scan to work at say 3 a.m.? instead of when i first boot up?
The first is false positive detections cause by Panda’s on-line scanner not encrypting its virus signature files.
The second would seem to be a genuine detection. But you can check it out at www.virusscan.jotti.org if any other scanners here detect them it is less likely to be a false positive. You can’t do this with the file in the chest, you will need to move it out.
Trojans generally can’t be repaired (either by the VRDB or avast virus cleaner), because the entire content of the file is malware, so it is either move to chest or delete, move to the chest being the best option (first do no harm). When a file is in the chest it can’t do any harm and you can investigate the infected warning.
The VRDB only protects certain files, .exe, dll and other system files, it doesn’t protect data files or all files, it is not a back-up program, so there are going to be many occasions where repair won’t be an option.
Only true virus infection can be repaired, e.g. when a virus infects a file it adds a small part to it, provided that file is one that avast’s VRDB would monitor and you have run the VRDB, then it may be possible to repair the file to its uninfected state.
However, for the most part so called viruses, trojans (adware/spyware/malware, etc.) can’t be repaired because the complete content of the file is malicious.
Leave/s the file in the avast Chest, a protected area where it can do no harm. You should leave it there for a week or two to ensure no harmful effects of having moved it. If there are no harmful effects, then scan it again if that scan also confirms it as infected you can delete it from within the chest.
Having had Norton installed previously, sometimes there can be stuff left behind even after an uninstall, so should you start to suffer any conflict/errors, you might want to download this which is a program removal tool that can remove the remnants of a number of different Norton Programs: Removing your Norton program using SymNRT
Yes you can delete the ‘active scan’ folder and contents also the installer.
There may also be a reference (activeX control) in the registry, you can run Hijackthis and it should indicate the presence of this also, a fix (see HJT tutorial) will remove the registry entry.