What does P2P Shield really do?

[F4]

Hi all,

I'm wondered how P2P Shield works, what makes me confuse is that I've tried to download so many malware form P2P network (for testing purposes) through KaZaa Lite.

But I haven't seen the P2P Shield works even if malware was saved on the disk P2P Shield didn't warn me at all untill I went to KaZaa's Shared Folder and then the Standard Shield sent me an warning windows.

What's wrong with this, Does P2P Shield really work?

My system :

Windows XP Pro
P2P Shield : high level
Standard Shield : normal level

This is some of log file form avast log viewer.

Sign of "Win32:Trojano-149 [Trj]" has been found in "D:\My Shared Folder\xxx.exe" file.  
Sign of "Win32:Trojano-149 [Trj]" has been found in "D:\My Shared Folder\xxx.exe" file.  
Sign of "Win32:Trojano-149 [Trj]" has been found in "D:\My Shared Folder\xxx.exe" file.  
Sign of "Win32:Trojano-149 [Trj]" has been found in "D:\My Shared Folder\xxx.exe" file.  
Sign of "Win32:Trojano-149 [Trj]" has been found in "D:\My Shared Folder\xxx.exe" file.  
Sign of "Win32:Trojano-149 [Trj]" has been found in "D:\My Shared Folder\xxx.exe" file.  
Sign of "Win32:Trojano-149 [Trj]" has been found in "D:\My Shared Folder\xxx.exe" file.  

[sedina]

Hi, what is the name of executable file of KaZaa Lite you are using? Are there any scanned files note on avast! On-Access Scanner dialog (under P2P Shield)? thanks.

[F4]

Hi,

> what is the name of executable file of KaZaa Lite you are using?

It is : C:\Program Files\Kazaa Lite K++\klrun.exe

KaZaa Lite K++ Version 2.4.1

> Are there any scanned files note on avast! On-Access Scanner dialog (under P2P Shield)

I didn't see anything special and I didn't see P2P Shield's log file.

Thanks

[F4]

This is what I've noticed about Standard Shield.

Sometimes, especially when my computer running so many hours. when avast found a virus (I launched it for testing purposes) the on-access scanner message appearded firstly (blue-yellow box) but the Standard Shield's warning window took so long to appeared or sometimes it crashed and I have to restart my computer, this is so strange.

Thanks.

[Vlk]

We've seen this on some configuration and where we analyzed the problem it was -- guess what -- the alert sound!! Somehow the multimedia subsystem was locked at the moment it should've played the siren and timed out or something...

Try disabling the sound associated to the virus event. It may help (however odd this may sound)...

Vlk

[sedina]

please, can you check the name of process of running Kazaa? You can find it in Task Manger: On Aplication Tab select Kazaa, then right mouse click a select Go to process. Is this process KAZAALITE.KPP???
>I didn't see anything special and I didn't see P2P Shield's log file
So, it means that Last scanned field for P2P shield is empty???

thanks!

[F4]

> please, can you check the name of process of running Kazaa? You can find it in Task Manger: On Aplication Tab select Kazaa, then right mouse click a select Go to process. Is this process KAZAALITE.KPP???

No, the process name is Kazaa.kpp

> So, it means that Last scanned field for P2P shield is empty???

Yes, I've tried it again and the result is the same it goes empty. P2P Shield doesn't scan files transfer via KaZaa Lite when it is saved to disk.

[sedina]

Hi, there are various names for process's names for different versions of Kazaa Lite, so this is the problem. This version of Kazaa Lite is not guarded by avast!. I have fixed it, so next program update will patch it and everything should be fine. Sorry for this bug ;-(