Author Topic: Avast 4.7 Home blocking/falsly marking Panda Activescan  (Read 6750 times)

0 Members and 1 Guest are viewing this topic.

Offline hawk82

  • Newbie
  • *
  • Posts: 1
Avast 4.7 Home blocking/falsly marking Panda Activescan
« on: September 24, 2006, 11:08:50 PM »
I've got one computer running Avast 4.7 Home Edition.  I just noticed yesterday that if I go to www.pandasoftware.com and try to use the Activescan Pro feature, Avast Web Shield pops up a warning, blocking and falsly marking Panda Activescan activex component as a virus.
Screenshot:

   


The only way I can get it to work, it would seem, is to disable Avast.
I don't think this is a big deal, as I rarely run Activescan Pro on a computer that has working antivirus software, but still kind of strange and something that should be looked into.

Edit:
build aug2006 4.7.871
xtreme toolkit: 1.9.4.0
vps file 09/22/06 0638-1
« Last Edit: September 24, 2006, 11:10:41 PM by hawk82 »

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4875
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Avast 4.7 Home blocking/falsly marking Panda Activescan
« Reply #1 on: September 24, 2006, 11:23:24 PM »
Hi hawk82,

You'll need to disable avast! while scanning with Panda because Panda uses unencrypted virus definitions which avast! detects as the real virus.

The fault really is with Panda for using unencrypted definitions!

See A note on virus definitions on this page:

http://www.geocities.com/dontsurfinthenude/antivir2.htm



     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67288
Re: Avast 4.7 Home blocking/falsly marking Panda Activescan
« Reply #2 on: September 24, 2006, 11:25:10 PM »
These are false detections due to Panda active scan: http://forum.avast.com/index.php?topic=12432.msg104932#msg104932

IMSCAN.DLL
PAVDLL.DLL
PAV.SIG
APVXD.VX2
APVXD.VXD

C:\windows\system32\active scan\pskavs.dll
C:\system volume information \_restore{ ... }\*.dll

I think this is related to false detections due to Panda active scan: http://forum.avast.com/index.php?topic=12432.msg104932#msg104932
Unfortunatelly, a well-known problem of Panda not encrypting its signatures  :P
Quote
Every virus can be identified, because it contains some unique signatures. Antiviral programs have their own database of that signatures. We call this database the "virus definition file". When an antiviral program scans a file for viruses, it compares all the signatures (of all viruses) in the database with the signatures in that file. If the signatures match (they are the same), the file is marked as infected. For an antivirus program, it is important to hide this database of signatures somehow - e.g. by encrypting it. Panda Antivirus does not encrypt its virus database - the signatures inside are clearly "visible" to other antiviral programs, so they detect this file as infected (but there is actually no virus inside - only the signatures are the same).
The best things in life are free.