Hello. I do a Panda ActiveScan every Thursday and I encountered a problem with Panda ActiveScan Pro. It found an infected file and Panda disinfected it immediately but when I want to see what the file is, it wouldn't let me. The screen would take so long since its checking my Internet Connection.

I also went to SpywareBlaster and noticed that I have 6 items that have been disabled through Internet Explorer. I didn't think much of it so I enabled all protection.

I noticed that when I did another Panda ActiveScan this afternoon, it found an infected file and supposedly disinfected it and it appears that if I enabled All Protection on SpywareBlaster, that infected file will appear on Panda.

I've never encountered that problem before and I do have the latest SpywareBlaster updates from September 19th. I did a scan on the 22nd and it didn't appear but when I did a scan yesterday, it appeared.

I contacted Panda about this issue so hopefully I'll get a response soon. Maybe the next SpywareBlaster update will resolve this issue. I don't know. I've done scans using Spybot, Ad-Aware, Norton and it found nothing. I'm pretty sure if I did a couple of online scans, it wouldn't find anything.

I'm not sure if the problem has to do with SpywareBlaster or Panda.

I would like someone to try this-run a free online scan through Panda and if you have SpywareBlaster installed on your computer, after Panda finishes, check to see if SpywareBlaster reads 6 disabled items through Internet Explorer. I'm just curious.

Thank you!

Hi Husker

I can confirm this behavior with Panda and Spywareblaster from
a swedish forum.

This user also used several other tools as Adaware, HijackThis, TrendMicro Housecall AS and Ewidos online scan and nothing was found.

For her it started with tracking cookies and these entrys was disabled within Spywareblaster:

BFast, Commission Junction, Commission Junction(4), FastClick, FastClick(2), Link Synergy

Please let us know if Panda answers anything to you or if anyone within this forum has any clue ?

regards
plun

Thanks for the reply.

I'm pretty sure I'll get a response during the weekday. Maybe when SpywareBlaster has another update, it'll fix the problem.

Hi again

It must be a registry mismatch between Spywareblasters registry rules for IE and Pandas removal instructions for malware.

Hard to say where the fault is ? Who was first ? ;D

regards
plun

Haha. I never had a lot of problems with Panda before. It worked fine with no problems last week but just last Thursday when I typically do a Panda scan, that problem occured.

Well, Panda seems to be really tough now against malware ( or using stupid
detection/removal rules :P )

Look at this thread from Castlecops:
http://www.castlecops.com/t132372-Problem_with_Panda_Active_Scan_Pro.html

So I believe this can be that Panda using totally wrong detection rules and also removes Spywareblasters registry settings to protect IE.

regards
plun

Interesting. I remember having a similar problem like that other poster went through. I recieved an e-mail from Panda a day or two later. I'm not even going to attempt to mess with my registry just to find a mistake that Panda may be causing.

I'm almost tempted to call Panda if I don't receive an e-mail soon.

:D Perhaps you should switch from Panda to Avast Antivirus
( www.avast.com ) which has a good & FREE "Home Edition";
it never disables SpywareBlaster's protection settings .

I'm going to keep Panda until it expires next year. I already have Norton AntiVirus.

panda just wants to sell things and themselves to you so they unblocked the crap they advertise through i always get false positives with panda i think trend micro and bitdefender both free online scans are better avg free is my main av i've used it for years without any problems :lurking:

Hi

No meaning to start a antivirus program war about this 8)

It might be so that Panda is "out of control" but also that Spywareblaster
must change something ? We will for sure see more about this in future
when this "protection war" starts for real with "One Care" in business......... ???

Maybe Panda soon is out of business but that´s in future.

Can we maybe have a comment from some moderator or Javacool
member/official of this site ?

regards
plun

{QUOTE-> Can we maybe have a comment from some moderator or Javacool
member/official of this site ? <-QUOTE}As a moderator about all I can say is that we have had numerous threads concerning Panda in regards to False positives. What helps most when questioning the validity of possible Panda False positive in regards to Spywareblaster is for a poster to provide the Panda report showing the Incident Status Location. More times than not that report will provide the required info to determine possible Panda False Positives. The various links provided in this thread helps to confirm that Panda False positives do indeed exist in regards to valid Spywareblaster database entries.

Thank you Bubba :)

The major problem is that Pandas support seems to be a "dead end" ???

Maybe it´s easier for Javacool to start a friendly conversation with Panda about these Spywareblaster database entry removals ?

This is indeed no good for Pandas reputation and also causing headache to a lot of Spywareblaster users. ;) Why are these entrys deactivated ?

I am going to ask the user if she can get the Panda report and maybe more
users can send in these "Incident status location" reports ?

regards
plun

{QUOTE-> This is indeed no good for Pandas reputation and also bringing headache to a lot of Spywareblaster users. <-QUOTE}As a non Panda user I can not speak negatively of that software. As a general comment all software of this type has False positives from time to time. That IMHO should not cause users of their respective software too much heart burn. If however said software folks do not react promptly when properly notified by end users that would be something I as a user whould then look at when considering the use of said software.

{QUOTE-> Why are these entrys deactivated ? <-QUOTE}If we take for example the below partial Panda report....we see that Panda is Falsely reporting valid entries placed in the registry concerning entries in Internet Explorers Restricted Zone. The Why answer would have to come from Panda but once they are informed I'm sure their answer would possibly consist of Duh....those are valid entries 8)

{QUOTE-> Dialer:dialer.bjp No disinfected HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\ARCHIVIOSEX.NET
Dialer:dialer.akd No disinfected HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\SGRUNT.BIZ <-QUOTE}

Hi again Bubba

This is for sure "words of wisdom", I am a Trend Micro fan myself but what I can see we have frustrated users about Panda and Spywareblaster.

For me this is not a big deal but in this mess with malware it causing headache for some users.

And of course we will have false/positives, probably more of them within this wild jungle 8) and of course with harder competition between all
security programs trying go get high ranks/reputation in every test.

regards
plun

Hey guys.

Has anyone tried to call Panda regarding this issue or other false positives in the past? I'm really tempted to call them up later this week if they don't fix the problem.

I have send them an email with link to that (now closed) other thread about the problem.

PS:
There is a poster (ePCdoctor) at DSLR-Security who said he's working for Panda; maybe someone could notify him at DSLR?

http://www.dslreports.com/forum/remark,14286924

I recieved an e-mail and this is what I get:

{QUOTE-> Hello,
I apologize for the inconvenience this issue has caused you.


Please go to the link below and enter the name of the virus in the search copy &
paste

Please remember that the creator of this fooliness like to change the name of
their silliness just a little to make it more difficult to get rid of them

There you will find information and removal instructions


http://www.pandasoftware.com/virus_info/ <-QUOTE}

I don't think the person that read my problem understands..

;D

Panda Softwares "dead end".................. ???

Customer relations :lurking:

regards
plun

I got another e-mail from:

{QUOTE-> Dear Customer,

We do apologize for the inconveniences this may be causing.
Our website has been under going routine maintenance. It should be up any time
now.
In the mean time please run active scan from the link below;
http://www.pandasoftware.com/products/ActiveScan.htm
Please let us know if the problem persists.

Thanks for choosing Panda, we do value your business! <-QUOTE}

That's what I like to hear!

Is Panda working for you guys without any problems? I haven't scanned yet but I'd like to know if its working.

{QUOTE-> Is Panda working for you guys without any problems? I haven't scanned yet but I'd like to know if its working. <-QUOTE}

Hi,

I just scanned with Panda Titanium 2005 on that computer of a friend:
as far as I saw the problem still exists. See my earlier posting:
http://www.wilderssecurity.com/showthread.php?t=100248

I don't like it that Panda did not reply to my email from that friend's machine.
False Positives can happen to all scanners; but I do want a reply in case I inform a company about it.
Those friends have two machines that came pre-installed with Panda; another friend the same (I'm going there tomorrow).
I'm going to advice my friends to buy another AV when their licence will expire.

Here's another e-mail from them:

{QUOTE-> Dear Customer,



You will need to disable SpywareBlaster; it is interfering/blocking the Panda ActiveX.



If the problem persists, please contact us again.



Thank you for your business!



Regards,



Juan Lopez <-QUOTE}

So that means I have to disable all protection on SpywareBlaster? I've never done that in the past.

For your info:

There is also a thread at DSLR Security Forum:

http://www.dslreports.com/forum/remark,14507747

At least I'm not the only one having problems.

I wonder if Panda will ever fix this problem. For now, I'm just going to disable SpywareBlaster when I use Panda and then reenable SpywareBlaster when I'm done.

{QUOTE-> For now, I'm just going to disable SpywareBlaster when I use Panda and then reenable SpywareBlaster when I'm done. <-QUOTE}While it would cost you a few extra steps....perhaps you could consider keeping Spywareblaster enabled and if \when Panda burps on False positives....which they most suredly will....You\We can again report new False positive findings to Panda :-\

Hi Bubba

It´s the same deactivated entrys:
BFast, Commission Junction, Commission Junction(4), FastClick, FastClick(2), Link Synergy.

A problem is the log report you mentioned before, does it exist ?

And Pandas support for Scandinavia do not answer, "dead end".

It must be better if Javacool software and Panda Software talks friendly with each other about this challenge. 8)

Every Panda user seems to get nothing or only stupid support help for any
requests about this.

regards
plun

{QUOTE-> It must be better if Javacool software and Panda Software talks friendly with each other about this challenge. 8)

Every Panda user seems to get nothing or only stupid support help for any
requests about this. <-QUOTE}I can only reiterate what Javacool has pointed out on many occasions that it's without question better if the end-user makes the contact. If the valid info shared by a user is not handled properly within a reasonable amount of time or falls on deaf ears....then users need to speak in terms that Panda might understand and that's make their userbase dwindle dramatically. Requiring programmers like Javacool to waste their time reporting to Panda on very simple False positives like flagging a Domain entry is definetly not the route I wish for. It is not a matter of the 2 parties coming together....it's a simple matter of folks like Panda recognizing their mistake and not fluff their user base off by making irresponsible suggestions like "You will need to disable SpywareBlaster" :-\

{QUOTE-> ....it's a simple matter of folks like Panda recognizing their mistake and not fluff their user base off by making irresponsible suggestions like "You will need to disable SpywareBlaster" :-\ <-QUOTE}

Well, it might be so but it can also be something "smart" from Panda about how their Adblock is working. Not only false/positive removals.
If so it´s maybe better that Javacool and Panda smoking a "piece pipe"
and discuss this between them.

Everyone within this "business" tries to not block each other.

Nevertheless a small problem now but maybe a large one soon ???

regards
plun

It is interesting to collect a few quotes from Panda as quoted sofar in this thread:

In reply # 18 :

{QUOTE->
Hello,
I apologize for the inconvenience this issue has caused you.

Please go to the link below and enter the name of the virus in the search copy & paste

Please remember that the creator of this fooliness like to change the name of
their silliness just a little to make it more difficult to get rid of them

There you will find information and removal instructions
http://www.pandasoftware.com/virus_info/
<-QUOTE}

In reply # 20 :

{QUOTE->
Dear Customer,

We do apologize for the inconveniences this may be causing.
Our website has been under going routine maintenance. It should be up any time
now.
In the mean time please run active scan from the link below;
http://www.pandasoftware.com/products/ActiveScan.htm
Please let us know if the problem persists.

Thanks for choosing Panda, we do value your business!
<-QUOTE}

In reply # 23

{QUOTE->
Dear Customer,

You will need to disable SpywareBlaster; it is interfering/blocking the Panda ActiveX.

If the problem persists, please contact us again.

Thank you for your business!

Regards,

Juan Lopez
<-QUOTE}


Those replies from Panda does not give me the idea that Panda knows what it is talking about.....

And that last reply raises even more questions......
Eh, SpywareBlaster interfering/blocking the Panda ActiveX ???

The problem I have seen, was on a system running Panda Titanium 2005.
Panda disables protection of 6 items in SpywareBlaster.
What kind of items? Items that protect against ad/tracking cookies !

Good news.

It seems to be working for me right now and I didn't have to disable SpywareBlaster. I stopped the scan to double check and rescanned but I'm unable to since it's trying to check my Internet connection. Not sure if it has to do with Panda's service or my Internet.

Yep, I can confirm that it is OK now.

I did a full system scan with Panda Titanium 2005 on this system: nothing found and all items in SpywareBlaster are OK.

Thanks Panda for fixing it; much appreciated !!!

Regards, Jan (FanJ, not at home at the moment).

Everyone it's not just Panda that has this problem Mcafee Anti-Spyware does as well, it finds five entries that when deleted, removes five entries from the Restricted Sites protection of Spyware Blaster:
The following ends up disabled:

XXXtoolbar - xxxtoolbar.com
OffshoreClicks - offshoreclicks.com
CoolWebSearch (982) - teensguru.com
CoolWebSearch (484) - i-lookup.com
Blazefind (2) flingstone.com

This problem needs to be addressed and if Mcafee and Panda are having this problem, then probably others are as well, hopefully Mcafee will be made aware of this problem.

Addition to this post:
Contacted Mcafee and they refused to help, heres there reply:

Kris Stanley: Gary, thank you for contacting McAfee Online Support Center. How can I assist you with your McAfee software today?
Gary: Hi i have a problem with Mcafee Antispyware, it finds false positives in JavaCool's Spyware Blaster 3.4.
Kris Stanley: Gary, if I understand correctly, you have an issue with McAfee AntiSpyware detecting the valid files as a infected files. Is this correct?
Gary: Yes
Kris Stanley: Gary, I would be happy to help you in resolving your issue.
Kris Stanley: Have you previously contacted McAfee support regarding this issue?
Gary: No
Kris Stanley: Gary, please right click on the red "M" icon on the bottom right corner by the clock of your desktop and click on AntiSpyware>>About. Please tell me the DAT version and build of your AntiSpyware .
Gary: Version 2.0.0.167 Engine 5000.316 Dat 17/10/2005 (4606).
Kris Stanley: Gary, have you got any pop up message to trust this file?
Gary: No, i can give you the list of items that end up disabled in Spyware Blaster 3.4 though.
Kris Stanley: Gary, two antisyware program on a single computer always creates a conflict.
Gary: Not always, i have used XoftSpy, Adaware, Spybot, BT Yahoo Antispy, Spyware Blaster, together with no prblems what so ever!
Your agent is experiencing technical difficulties. Please stand by while we re-establish contact or find a new agent...
All agents are currently busy. Please stand by.
Please wait while we find an agent from the n-eEnglish department to assist you.
You have been connected to Derik Yancy.
Derik Yancy: We are currently experiencing technical challenges with our system. I apologize if it affects our session.
Gary: Ok can you read the previous?
Derik Yancy: I apologize about getting disconnected from the previous technician. Please give me a moment to review the details discussed with Kris Stanley
Derik Yancy: Thank you for holding.
Derik Yancy: Gary, if I understand correctly, you have an issue that McAfee Antispyware is finding Dalse/Positive for a file that is known to you. Is this correct?
Gary: Do you want the list of items that end up disabled in Spyware Blaster 3.4, (also did you know that untill recently Panda also had this problem with there software).
Gary: Yes
Derik Yancy: Let me know the name of the file for which Antispyware showing false/positive.
Gary: XXXtoolbar - xxxtoolbar.com, OffshoreClicks - offshoreclicks.com, CoolWebSearch (982) - teensguru.com, CoolWebSearch (484) - i-lookup.com, Blazefind (2) flingstone.com.
Gary: This is the list from Spyware Blasters Restricted Sites list.
Gary: I have heard that Panda recently also had this problem but they have now fixed it, from the forums.
Derik Yancy: Gary Briggs, Kris Stanley is available now. I am transferring this chat to him.
Kris Stanley has entered the session.
Kris Stanley: I apologize about getting disconnected .
Gary: ok
Derik Yancy has left the session.
Kris Stanley: Gary, I suggest you to please keep only one AntiSpyware program on your computer.
Gary: I thought that would be your reply. It seems that other people's software either does not do this or they fix the problem though.
Gary: I contacted you more to let you know that there was a problem then to get a solution myself though.
Kris Stanley: Gary, there is no issue with McAfee AntiSpyware. I suggest you to please also run it in a safe mode. Please disable other Antispyware program while running McAfee AntiSpyware.

So it looks like Mcafee unlike Panda won't be addressing this issue.