Panda Cloud AV

[raven211]

Quote:

Originally Posted by pbust

Do you have a screenshot of that?

Now I actually do, even if I don't know how much it helps as I don't have anything uncommon running really. See the attached image!

You should also see the unblocking and re-blocking going on too - all by itself on an FP. It can't seem to decide...

[pegr]

Quote:

Originally Posted by ShyGuy

I was wrong then, I thought that quarantine zone was only for heuristic technologies and not for signature detections.

No problem. I've re-read your original comment and I think I can now see where you were coming from.

Quote:

Originally Posted by ShyGuy

If is detected as suspicius the file is on the "trash zone", try flipping the screen with a click the left down corner.
If is detected as malware, you might contact Panda to avoid that FP.

If I've understood you correctly, by "suspicious" you meant heuristic detection, and by "detected as malware" you meant signature detection. Although I don't think this is quite how it works, you've highlighted something very important by drawing attention to the fact that some detections get quarantined, while others simply get deleted.

If I've understood the description given by Panda correctly as to how the program works, it's not the method of detection (i.e. heuristics or signatures) that determines whether a file gets quarantined or deleted but rather the way it's classified. If it's classified as malware it gets deleted and if it's classified as a potentially unwanted application it gets quarantined.

The real issue may be to do with the way Panda have implemented the quarantine. It appears that quarantined files are simply tagged and left in their original location instead of being moved to a secure area. I assume the program monitors attempts to access tagged files so this might be OK for potentially unwanted applications. It could be risky for malware though. If for any reason Panda wasn't running or didn't have access to the Internet, it might be possible for the malware to get executed. This could be why Panda have chosen to delete files detected as malware.

This is pure conjecture on my part. If I've misunderstood the way Panda works, I'm sure pbust will enlighten us. The fact remains though that unless Panda change the program's behaviour to securely quarantine ALL detected files, there will always be a risk of a false positive that results in unrecoverable damage to the system. We don't need antivirus software for that; we can safely leave that to malware.

[tipstir]

Isn't this still a beta product.. So someone needs to let Panda programmers know that there is an issue with rouge, fake, and crap pest out there.

[raven211]

I really liked the program at first... It was a new, automatic approach, very easy to use, light, and seemingly effective. Then the FPs, constant spikes in resource usage at times come a long and ruin everything. I'm hesitating on using it after I reformat...

[pbust]

The main idea behind this, deduced above by pegr very correctly, is based on how the file is categorized rather than the technology. The objective of this is to make it as simple as possible for end users and to basically manage these decisions for them.

This is one of the "big changes" which we wanted to get feedback on during the beta period, to see if it was perceived as positive. From what we are receiving from basic users it is received as very positive. However in light of everything that's being mentioned by advanced users about the quarantine/delete method we are using we are seriously considering changing this behaviour.

One of the ideas we're juggling around is to use the Recycle Bin as a temporary backup of *all* deletions so they can be undone and the files recovered at will. This would maintain the simplicity philosophy for basic users while allowing advanced users to overwrite these decisions.

Your feedback is mostly welcomed about this as it's helping us shape the final product.


Regarding the repeated detections after unblocking a file, seems like a bug. We'll look at that.

[Warklen]

Quote:

Originally Posted by pbust

One of the ideas we're juggling around is to use the Recycle Bin as a temporary backup of *all* deletions so they can be undone and the files recovered at will. This would maintain the simplicity philosophy for basic users while allowing advanced users to overwrite these decisions.

That sounds good to me

[pegr]

Me too.

Quote:

Originally Posted by raven211

Okay, now the software is seriously close of going off my PC.

.. but it's still in your signature, so I assume it must be good anyway?

[pbust]

Quote:

Originally Posted by raven211

First I didn't get serious FPs - it didn't hinder my operation - but now I've been getting some that really does lately. Last time it was "cursors.exe", which is a part of the customization pack Theme XPack by LWgame.net (does it go purely on the name, or what? )

Fixed. Re-scan to see.

[raven211]

Quote:

Originally Posted by pbust

Fixed. Re-scan to see.

Rescan on that particular file can be a little tricky - it was a temporary file and since it was blocked by P-CAV it will now give error-messages when I change mouse-settings from the Control Panel...

Anyway, I will test it again to see if the behavior is gone on the WoW-launcher.

[bigc73542]

I have tried Panda products in the past and they have always been very resource hungry. I just removed Panda cloud AV after trying it for a while. It is definatly a Panda product as it intermittantly bogged my comp. down to a crawl and this is not a weak computer. I have given up all desire to try Panda products now after many years of giving them the benefit if the doubt. But the romance is over.

bigc

[pbust]

Quote:

Originally Posted by bigc73542

I have tried Panda products in the past and they have always been very resource hungry. I just removed Panda cloud AV after trying it for a while. It is definatly a Panda product as it intermittantly bogged my comp. down to a crawl and this is not a weak computer. I have given up all desire to try Panda products now after many years of giving them the benefit if the doubt. But the romance is over.

bigc

This might be a side effect of the initial BackgroundScan that is performed after install, which checks the entire contents of the PC (as an on-demand would, but without user interaction), in order to optimize future scans and fill its goodware cache so as to define which files to not scan in the future.

Until after that initial BackgroundScan is over you can't really see the true impact or not of having Cloud Antivirus installed.

One option if you do not want to wait for this BackgroundScan to finish is to disable BackgroundScan altogether with the following registry entry (restart of service required):

[HKEY_LOCAL_MACHINE\SOFTWARE\Panda Security\Panda Service Host]
"BackgroundDisabled"="-"

[Victek123]

I've read on the blog that a Windows 7 RC1 x86 compatible build is in the works. Any idea when it will become available?

[raven211]

If I understand this right, and I think it's pretty logical, what's in the Recycle Bin is automatically sent to your labs for analyzis and final determination. Is this correct?

[raven211]

New FPs:

ripent.exe of the Sven Co-op v4 beta - a mod for Half-Life 1. Homepage: http://www.svencoop.com/

Optimizer.exe of Background Optimizer. Homepage: http://www.b-optimizer.com/

[pbust]

Quote:

Originally Posted by raven211

If I understand this right, and I think it's pretty logical, what's in the Recycle Bin is automatically sent to your labs for analyzis and final determination. Is this correct?

Only certain types of detections (heuristic - suspicious files) and if the checkbox for automatic management of files is enabled.

[pbust]

Quote:

Originally Posted by raven211

New FPs:

ripent.exe of the Sven Co-op v4 beta - a mod for Half-Life 1. Homepage: http://www.svencoop.com/

Optimizer.exe of Background Optimizer. Homepage: http://www.b-optimizer.com/

Thanks we'll look at them immediately.

[raven211]

Quote:

Originally Posted by pbust

Only certain types of detections (heuristic - suspicious files) and if the checkbox for automatic management of files is enabled.

Aren't those types of detections the only that actually goes into that "quarantine"; the Recycle Bin? Please correct me if I'm wrong.

[Cloud_Shadow]

Review by Matt Rizos,
-http://www.youtube.com/watch?v=tAi57MTW5qM&feature=channel_page-

Tested against 10 malware, 1 day old, panda caught just 4.

Comments?

I love his voice ahhhh

[hawki]

Quote:

Originally Posted by Cloud_Shadow

Review by Matt Rizos,
-http://www.youtube.com/watch?v=tAi57MTW5qM&feature=channel_page-

Tested against 10 malware, 1 day old, panda caught just 4.

Comments?

Another Panda Cloud Review:

"Detected almost all malware samples. Effective against scareware."

http://www.pcmag.com/article2/0,2817,2346649,00.asp

Quote:

On the malware-blocking test, Panda earned 7.8 points, far below the other 2009 suites I've tested so far. BitDefender Total security 2009, the next lowest, got 8.7 points. All the rest were 9.6 or higher, and both Norton and ZoneAlarm scored a perfect 10, as did the standalone behavior-based tool ThreatFire 3.5.

That doesn't sound good! So Panda Cloud AV is no replacement for AVG/Avast/Avira, not yet ..

[Cloud_Shadow]

No not yet

[pbust]

Quote:

Originally Posted by raven211

Aren't those types of detections the only that actually goes into that "quarantine"; the Recycle Bin? Please correct me if I'm wrong.

There's two types of detections that can go to Recycle Bin:
- suspicious (by heuristics)
- potentially unwanted programs, hacking tools, etc. (by signature)

If you have automatic management enabled only the suspicious files are sent up for analysis. Of course if during the check Cloud Antivirus determines that we already have that particular file, it is not sent.

[Mongol]

Quote:

Originally Posted by bigc73542

I have tried Panda products in the past and they have always been very resource hungry. I just removed Panda cloud AV after trying it for a while. It is definatly a Panda product as it intermittantly bogged my comp. down to a crawl and this is not a weak computer. I have given up all desire to try Panda products now after many years of giving them the benefit if the doubt. But the romance is over.

bigc

I can second this. I have found Panda to be a resource heavy beast on the desktop and two laptops I have owned...: