VCM4: Same file, different virus names
Same file, different virus names
by VirusBuster
Some times you make a request and after receiving it you discover that not all the stuff you requested is there.
Why?
After discarding a mistake of the other trader we must be sure that both traders used the same antivirus definition databases.
What can be wrong if both traders used same databases?
This article pretends to answer this question.
Some antivirus, as F-Prot or Nod32, identify with different virus names the same file depending of its extension. The antivirus even can miss (not detect at all) a virus depending of the extension of the file.
It happens that also depending of the file name the file is detected by a name or other. An example of this for Kaspersky Antivirus is:
not-a-virus:RiskWare.FTP.Serv-U.23.b
Also it is possible that the file is not detected at all depending of the file name.
The same file can be detected with different virus names depending of the version of the antivirus. Example of this are the scans done with:
AVPDOS32 3.0 build 133
AVPDOS32 3.0 build 135
KAVDOS32 4.0.0.0
Something similar happens depending of the command line used to scan:
AVP32 /S /W /Q
AVP32 /S /W /Q /redundant
KAVDOS32 /S /Y /* /M /B /P /H /V
KAVDOS32 /S /Y /* /M /B /P /H /V /U
KAVDOS32 /S /Y /* /M /B /P /H
So you must check all these things when something goes wrong with your request.
