Panda Cloud Antivirus - Version 1.0 Final Released

We have tried replicating this issue without success. In all our tests Cloud Antivirus detects EICAR both with an admin as well as under a LUA.

Which EICAR are you testing (COM, TXT, ZIP) in each case (admin vs LUA)? If it's a PE extension (COM, EXE) Cloud Antivirus should detect it on-access as soon as the file is created in the file system. If non-PE extension (TXT) it should be detected by the on-demand scanner.

Also let us know which browser and version you are using. Some logs would be useful as well. You can activate advanced logs easily:
http://www.cloudantivirus.com/forum/thread.jspa?threadID=51102&tstart=0

 

ok I put Panda cloud on my test computer to see what it is all about.
I have a few questions and comments.
First
it just did a scan and i got as it is scanning
"unexpected Error- error code 1
I noticed on the taskbar it had a red x in it. windows came up with its popup stating i was not protected. Then the red x went away but it did not finish the scan and it asks to send us a suggestion and when clicking on the link this is what i got below- huh? why won't it finish a scan and why did it go here?
robin

FreeMarker template error!



Expression req.cookies is undefined on line 17, column 20 in classic.ftl.
The problematic instruction:
----------
==> assignment: x=req.cookies?size [on line 17, column 9 in classic.ftl]
----------

Java backtrace for programmers:
----------
freemarker.core.InvalidReferenceException: Expression req.cookies is undefined on line 17, column 20 in classic.ftl.
at freemarker.core.TemplateObject.assertNonNull(TemplateObject.java:124)
at freemarker.core.TemplateObject.invalidTypeException(TemplateObject.java:134)
at freemarker.core.BuiltIn$sizeBI._getAsTemplateModel(BuiltIn.java:626)
at freemarker.core.Expression.getAsTemplateModel(Expression.java:89)
at freemarker.core.Assignment.accept(Assignment.java:90)
at freemarker.core.Environment.visit(Environment.java:196)
at freemarker.core.MixedContent.accept(MixedContent.java:92)
at freemarker.core.Environment.visit(Environment.java:196)
at freemarker.core.Environment.process(Environment.java:176)
at freemarker.template.Template.process(Template.java:231)
at com.jivesoftware.base.theme.ThemeFilter.applyDecorator(ThemeFilter.java:94)
at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:59)
at com.jivesoftware.base.theme.ThemeFilter.doFilter(ThemeFilter.java:51)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at com.jivesoftware.base.util.webwork.JiveActionContextCleanUp.doFilter(JiveActionContextCleanUp.java:3
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at com.jivesoftware.base.PresenceFilter.doFilter(PresenceFilter.java:105)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at com.jivesoftware.util.SetRequestCharacterEncodingFilter.doFilter(SetRequestCharacterEncodingFilter.java:72)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at com.jivesoftware.base.util.MaintenanceFilter.doFilter(MaintenanceFilter.java:83)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at com.jivesoftware.forum.upgrade.UpgradeFilter.doFilter(UpgradeFilter.java:49)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at com.jivesoftware.base.plugin.PluginFilter.doFilter(PluginFilter.java:56)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at com.jivesoftware.base.util.ApplicationInitializedFilter.doFilter(ApplicationInitializedFilter.java:81)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3502)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2186)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2092)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

 

ok I rebooted the machine (this is a xp pro sp3 -pentium 4 computer with 1 gig ram and a 40gig hd) ran a new quick scan and now it is fine
but i have some suggestions.

I beta test lots of software and i fix computers/sell and teach them mostly to beginners so i am always looking for alternatives if the antivirus programs my clients use just either do not work correctly on their computers and that is why i tried panda cloud.

I would like to see on the main userface that it does show it picks up updates from your servers so at least one knows it is actually getting new collective intelligences as you call it for new viruses/trojans that come out, so at least you know it is working


Also I understand it is working in the backround protecting your files but why can't there be a scheduling of a scan like so many other antivirus programs have. None of my clients are going to remember to do a weekly scan, forget a daily scan.

Your main userface is very hard to understand for a beginner user.
When you scroll over with the mouse on each tab it should at least tell you what it means. You should not have to go into a help file to find this out.

Also when you first set it up there is no way that it first tells you have to register to use the program. It doesn't explain this on your website which it should
On your website there are no links to show the program or explain how to first set it up.

I find when it is scanning it is going from 15% all the way up to 84%

It puts no icon on your desktop- which it should

Does it scan emails? and if no whynot?

robin

 

also to click on share ideas and solutions on both ie and firefox it is takeing me to the same page as you see in my first post

FreeMarker template error!

robin

 

@robinb
I see you don't exactly understand the cloud philosophy. There are no updates like with traditional antiviruses. I also don't see any real need to perform scheduled scans. I think this feature is obsolete anyway. It was designed back in the days when antiviruses were still on demand only. Today, real-time protectors do that job. Especially with cloud engines like with Panda Cloud AV.

 

I understand the cloud philosphy. Why would there be a "scan" button if not to perform a scan. I still like the idea to be able to set up a scan.

robin

 

also it seems to have a problem with firefox 3.5
i keep getting that error web page stuff every time i try to go to their forum site
it doesn't do this in ie 8
robin

 

I think best solution is to integrate Idle Time Scan feature, scan when computer is inactive.

 

@robinb9, thanks for reporting the problem with the web support forums. We'll look into it.

Regarding the interface, the connection to the Internet shows in 2 places, the configuration screen and the on-demand scans (if you're not connected to the Internet it will complain).

With regards to the GUI being simple to use, I strongly disagree with your opinion that it is not beginner-friendly. It's as idiot-proof as it gets. Granted you are right it could be even more simplistic with things such as help balloons when hovering over the icons, but the truth is that it's one of the most if not the most simple interfaces I've seen in a long time (my prize goes to "The Red Button", anybody remember that?).

The scheduled scans is something we don't want to get into with Cloud Antivirus. We implemented the BackgroundScan in order to replace the scheduled scans precisely for the reasons you mention that people will not remember to scan weekly, etc. but not even with scheduled scans either. The BackgroundScan (@tsilo correctly calls it "Idle Time Scan" as well) is something we've taken out of version 1.0 but we will continue to investigate to see if we introduce it again. It's hard to implement correctly while at the same time maintain the zero-impact philosophy.

While you are doing an on-demand scan and it quickly goes from x% to y% very quickly after being some time in x%, this is due to the internal file counters, which take into consideration the total number of files to scan. It is common that a large compressed archive with many files inside it can get the counter to seem "stuck" at a specific % of progress as the files inside the archive are not being taken into consideration when calculating the progress bar. This is a known issue but not a critical one right now. We will fix it as soon as time permits.

It does not scan SMTP/HTTP/FTP/POP3 streams. That's one of the things we're considering, even though we don't see these as important in the short term as there are other more important features (auto-upgrades, behavioral analysis, advanced config, even more offline protection, etc.).

 

how come you took out the 'background scan' ? was it because of past beta issues?

i agree it is hard to get right but dont think it is need now that you mention it. there is Real time scan. so really its no needed. But HTTP scans would be nice to get drive by downloads.

 

Basically the combination of backgroundscan plus synchronous in-the-cloud gave us some problems we were not able to sort out for version 1.0. Like you said it's something we don't see as necessary right now having the real-time on-access cloud-scan plus everything else that's coming.

 

@ Pbust,

Will USB drive scans be add? Ex. plug it in gets scaned for Malware right away.

 

If anything tries to execute from the USB stick it will be scanned with the on-access. In addition we're also thinking about integrating the USB vaccine for added offline and USB protection:
http://research.pandasecurity.com/panda-usb-and-autorun-vaccine/

 

Re scanning not working in LUA, sorry , haven't had any time to rerun the logs, tried last night but must had it named wrong nothing in the C:\Logs_CloudAV and I had used the loggingOn zip. Before doing that I tried uninstall , ran CCleaner, then RegSupreme then a fresh download of Panda and reinstall, still the same problem. I was using Firefox 3.5.3 and the COM download at the test site also tried the zip, the Admin acc. nails everything, the LUA won't even find it in a right click scan with panda scan. Don't really have time tonight as both computers are in high demand. Beginning to think I've managed to corrupt a file somewhere, hopefully will get a chance to redo things tomorrow, Thanks for your time and trouble Pbust.

 

Regarding the interface, the connection to the Internet shows in 2 places, the configuration screen and the on-demand scans (if you're not connected to the Internet it will complain).

I will look at that tomorrow- I just shut down that machine

With regards to the GUI being simple to use, I strongly disagree with your opinion that it is not beginner-friendly. It's as idiot-proof as it gets. Granted you are right it could be even more simplistic with things such as help balloons when hovering over the icons, but the truth is that it's one of the most if not the most simple interfaces I've seen in a long time (my prize goes to "The Red Button", anybody remember that?).

I had to "play" with each button to see what it did. It would still be nice if you moved the mouse on it- it showed you what each button is instead of trial and error.

As said about firefox 3.5 I had AVG Free on that machine before and i did not have this problem with the browser which is my default browser going to websites especially yours, and i can go on any other computer (I have 7 of them) and they all go to your forum site with no problems- they are not running panda cloud. So it seems cloud is blocking something in the web browser. Again doing it via ie8 there is no problem


It does not scan SMTP/HTTP/FTP/POP3 streams. That's one of the things we're considering, even though we don't see these as important in the short term as there are other more important features (auto-upgrades, behavioral analysis, advanced config, even more offline protection, etc.)

Yep Auto upgrades would be great because unless you are on wilder security or occasionally check your website no one will have a clue there is an upgrade.

just my opinion
Other than that i happen to like it better than AVAST because it is less complicated. I would still like to see something on the main user face that shows it is doing its job- i guess that is the anal part in me

robin

 

kool would that be free?

 

FWIW I am running PCA on several pc's running Win XP SP3 + FF 3.5.5 and do not have a problem accessing the Panda support forums via the PCA GUI (clicking the ?) or typing in the URL manually. If you are in fact using FF 3.5 you may want to consider upgrading to the latest build.

 

pbust, I just logged in remotely to one of my XP SP3 workstations running PCA 1.0 + Prevx 3.0 and there was an "Unexpected error. Error code 11." window on the screen. I closed the window and opened PCA from the tray icon which reported "Status OK". I saw a thread on the PCA forums discussing this error code, but I did not see a response as to what triggered it. Any ideas?

 

I was just abt to suggest that.

 

I want to say about USB vaccine, it's only vaccinates USB stick and can't remove malware from it. So if you will integrate this product to PCA, maybe will be better to add malware remove feature to it like this small tool have: http://sourceforge.net/projects/noautorun/
When a USB disk is inserted, this tool not only locks the autorun.inf file, but also locks all the autorun-related virus.

 

tsilo, that looks like an interesting program.

Without going off-topic, does it work without problems?

 

Yes, it works without problem for me.. and it doasn't need signatures.

 

Very interesting program. The objective is similar to our USB Vaccine just using a different approach.

I couldn't try it, BSOD'ed a XP VM. Will try in other configs to see.

 

Yes, try it...maybe panda labs will think to develop similar features. I think only vaccinate isn't enough.

 

@ Pbust,


you mentioned that they might release a update this week? what happened?

thanks
Brock