Panda Cloud Antivirus - Version 1.0 Final Released

Why not use something like detours to do environmental analyses? There are an array of techniques to obfuscate a PE and they can alter during creation and during deployment. Even something like UPX can be altered even the slightest bit and at most an engine will detect the runtime compression. This eliminates the need for signatures and even redundant reverse engineering. Just use pattern recognition and hide your processes, and you see the affect. Maybe dig in the PE to detect time delays A.K.A logic bombs; these can probably be done easier through some thread condition and light behavioral analysis.

Basically I never have liked the concept of basing security around OS compatible load formats like PE. NT DRM suffers the same reality as AV vendors do, you see what happens to all those.

 

Good grief guys, first the thread is derailed by Norton and then we're worrying about some malware writer popping in for a visit? Who bloody cares? Half the people here have more security than a nuke facility. Hell, if nothing else we can learn from the guy, it isn't like he's threatening anyone or anything. Okay, on topic, WILL there be an option to not have infections immediately vanquished without possibility of recovery? There are situations where it would need to be done.

Also, how well is Panda doing in the pro-active department?

 

Actually with Panda Cloud Antivirus you can do this already. Any Suspicious/PUP disinfection can be undone from the Recycle Bin. All other disinfections (specific malware names) can be undone from the History Report at the link "Can't find what you're looking for?".

Version 1.1 will include a behavioural analysis engine.

 

It is far from being hijack. Beside any computer security company as well as the Feds and Interpol should care. Don't you think? Of course most people would say I'm writing malware for testing; obviously, such a statement could be a cover for distribution; since any profile must have an exception consequently, nothing should be taken for granted.

Thanks.

 

By the way Pbust

One or more malware writer(s) has or have the idea of mimicking PCAV gui in order to spread their payloads on facebook. I've got the info from F-Secure.

Reference:

http://www.f-secure.com/weblog/archives/00001920.html


Thanks.

 

Hmmm... And I posted this yesterday in post 587 in this thread

https://www.wilderssecurity.com/showpost.php?p=1649154&postcount=587

 

Yeah I saw that yesterday. Our interface design team is very amused by this, even malware is copying their designs

 

Cog, we're talking about a poster on Wilders, a well known security forum, one admitting he writes malware. Why, if he was truly a malicious sort would he do that? Besides, the most important thing here is neither you, I, or anyone else can prove anything illegal simply by his admission...so again, who really cares? For all you know, one of the most respected posters here could be someone responsible for the newest 0 day exploits. It's neither your, mine or anyone else's business what anyone else does.

@PBust: Thanks for letting me know the answers to my questions

 

thanks and sorry for the double post.

 

NP Mate

 

I do not think so. I'm pretty sure that you do no have a clue of what you are talking about.

Thanks.

 

This, really is just sad. But it's cool, alert the Feds, contact Interpol before poor Wilders gets hacked and taken over and all of us get attacked and turned into a botnet army. I admit this was entertaining, but I'm moving on to more important threads.

 

sorry Pedro, cleaning my posts up.

 

Why are people so worried about a malware writer. It really is no different then writing a program on your own computer. If he is not distributing them then what is the harm of him testing them or messing with them on his own computer environment. Your trying to make a big deal out of something that you should not be.

Quite honestly anyone that writes software can do this. Hell people can script them in VB if they wanted to. I really don't see what the hubub is around this.

 

How do you know it is not distributed, is it because the malware writer himself or herself says so? If that is so, then you are too naive. What is needed is evidence. Do you have them Fajo? if you do, bring them forth and they will be forwarded to the proper channels and be dealt with the utmost efficiency.

Thanks.

 

Guys this thread is about Panda Cloud. Please stay on topic so this thread does not get locked.

 

You wrote on post #602: "Good grief guys, first the thread is derailed by Norton and then we're worrying about some malware writer popping in for a visit? Who bloody cares?"

Well, to me, it is not sad I was just answering your question by telling you who would care. What is sad is the fact someone can blatantly advertise himself in public as a malware writer and most who heard the confession are not appalled by it. What seems to put most people to sleep is when the malware write purportedly claimed that he does so for the sake of testing. Yeah right!

Thanks.

 

ive been saying that along.

Guys take the talk to PM it doesnt need to be here.

 

I think it's time to close it

 

FYI writing malware isn't against any international law unless it violates an EULA or copyright or is distributed without content. If you're going to come on a forum and slander someone at least know what you're talking about.

Also like I said this forum and community provides nothing to a malware author. It's end-user oriented. Unless there is some reverse engineering or programming section I don't know about.

The thread isn't really derailed, just a small chunk with people wanting to show off their pseudo-wisdom.

Also emulating a GUI isn't advanced. You can use a resource editor and UI library or even inject your own code into the binary, basically VB and .NET programmer level stuff. Let me know when they do something that doesn't exploit stupidity.

 

i know Panda Cloud is a little 'cheap & cheerful', but is its detection similar to its paid-for product?

whats the difference, always wondered, just never been too interested to find out why its 'free' when their paid-for product is expensive.

 

But there are some disadvantages: Sometimes no notification when deleting a file, no self protection ... I hope v 1.1 will be better

 

yes i know, ive tested every version since first beta, just wanted a comparision, thank you.

still get no notification on some files that automatically get sent to its quarantine, which is annoying.

 

That's really annoying, when will we get a hotfix for this issue?

 

yep, definatly needs a notifcation at least, even if it still does it automatically.

half of the stuff thats in the premium products just aint needed, thats why ive been interested in trying out Panda Cloud, like i said, ive tested and trialed each version since.

PCA already has the main features, Virus/Spyware/Rootkit

it is a shame it doesnt incorporate its Tru-Prevent, as it would then have 'everything' as the other features are not needed for me, and alot of others.

but ...

im guessing they will add it when 'Panda Cloud Antivirus Pro' comes out no doubt. (probably with that exact name) and with a price.