My system: Win xp - sp2 (all updates), 512mb ram, 40G hd, P4 1.4 Ghz
I run spybot S&D, Ad-aware, MS spyware, Spyware blaster
Recently installed Avast (4.6.731 - VPS 0546-6)
Ran AVG for 2 years (uninstalled) - Decided to try something new
NEVER had a virus in the 8 years I have been computing at home.
Believe I have a FP (panda.sig) - I do not have panda installed - only did
a free online scan a while back and there are a number of files with panda .
Avast found - pskavs.dll in "C:\windows\system32\active scan
I Put into virus chest as recommended. Felt comfortable with that but
last eve I was playing some itunes and all of a sudden virus alert came up with
A0175228.dll in C:\system volume information _restore{8513c62e-889d-4878-a5c3 etc, etc.
My question is - 1. can I safely delete that “active scan file” with all pandas and
2 - should I get rid of entry in system restore with “disable & reboot”
OR, if this is a FP, it should be benign and I shouldn’t worry about it.
True?? Thank you.
hi and welcome ,
Because panda dont encrypt their sinature files ,it creates FP`s for your resident.This will also get backed up by System restore.
Solution:I would suggest is to de-activate system restore ,reboot ,re-activate system restore then search out the panda signature files that were downloaded and dump them as well.
Good luck 
These are false detections due to Panda active scan: http://forum.avast.com/index.php?topic=12432.msg104932#msg104932
Nothing to worry.
You can use the Exclusions lists.
For the Standard Shield provider (on-access scanning):
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize.
Go to Advanced tab and click on Add button…
For the other providers (on-demmand scanning):
Right click the ‘a’ blue icon, click Program Settings.
Go to Exclusions tab and click on Add button…
for Tech:
I’ve got some question again, please don’t be bored ;D
- what do you mean by the false detections, how could it happen?
- if Avast detect something is infected in the system folder, what should I do, how do I know that that file is safe to be deleted?
I’m soooo curious, thanks before…
God Bless Us All ;D
False detection or false positives are legit files (or objects), clean, that are detected by the antivirus as being infected. The analysis of the antivirus is made by signatures (chains of strings to recognize the virus, like a DNA code). If something ‘similar’ but clean is detected, the program could give you a false positive.
To be sure, the better will be test the file agains on-line scanners. Submit the file to Jotti or Trendmicro or Virustotal.
The best actitute is ALWAYS send the file to Chest not delete 8)
Thanks for all the help and quick responses. Did as Closseau suggested. Everything seems to be running smoothly.