Why removing virus detection from VPS?

Hi to all :slight_smile:

I have one question. Why from Alwil are removing virus detections from the VPS file?

For example one week or two ago, avast! detected virus in one file called SAcc.exe(I don’t remember the virus name, but it was something with Win32:trojano 2XXX(the “X” are some numbers)) and now avast! say that the file is clean!!!
Here’s a Jotti scan results


File: SAcc.exe Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) MD5 dd2bfdb316c9bf8d02d2419aba787f66 Packers detected: UPX Scanner results AntiVir Found nothing ArcaVir Found Adware.Surfaccuracy.B Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found not a virus Adware.SurfAcc F-Prot Antivirus Found nothing Fortinet Found Adware/SurfAccuracy Kaspersky Anti-Virus Found not-a-virus:AdWare.SurfAccuracy.b NOD32 Found Win32/Adware.SurfAccuracy application Norman Virus Control Found nothing UNA Found nothing VBA32 Found AdWare.SurfAccuracy.b

That seems very strange. I know that there are problems with false positives, but this is a real malware, that at first avast! was detecting and now nothing :stuck_out_tongue:

P.S. > I know that this file is only adware, but…

They never do that. Maybe just they change the viruses names into the VPS.

I don’t think so, because if they had only changed the names, the file will still be detected as a malware.
But the file isn’t detected and was detected before :-\

It could be a ‘bad’ new signature for it but they don’t remove protection (signatures) deliberatelly, I’m sure.
The new ones are poor, were changed to avoid false positives or whatever…

Well this could be the reason. Lets hope that they won’t do that regularly :-\

Thanks for the answer Tech.

In fact, it was just a GUESS.
It’s better if Alwil give the answer. I can’t be sure what’s happening… :stuck_out_tongue: