Discussion in 'other anti-virus software' started by ShyGuy, Apr 29, 2009.
Any comment, Panda?
Not sure what to make out of it
I didn't see anything in the video in regards to scanning/executing malware and it being detected/undetected. Just some Run or startup entries, a Virustotal scan and a website redirect which you can't really see if its malware or a simple hosts file redirect.
I'd feel much more comfortable with a more thorough test by AV-Test, ICSA, PCSL or some such independent organization that have well established and documented methodologies.
What about AV-Comparatives?
that falls into "independent organization that have well established and documented methodologies."
there are many out there, so you can not expect someone to list all of them (e.g. CheckVir, VirusBulletin, WCL, etc.).
Yes of course AV-Comparatives as well
What is interesting in that video review of panda is how antivir missed the file as well. Everything misses stuff but with antivir I am still surprised
Hehe Just to note, Norton 2010 wouldn't "miss" it, if it's completely new and not analyzed by now. You would be notified that it's completely new and prompted to make a decision. Stopping it is the recommended action, but say that, like in this case, you know it's malware, you can just remove it straight away if you want to. Then with files you're unsure of, you can just wait for it to be analyzed, then check back again to see its status. If it's already analyzed? Well, it obviously removes it automatically.
Another bug report.. if it's a bug.
When extracting large archives (rar, zip, 7z over 2-3 gigabytes in size) having Panda Cloud on makes extracting crawl. I mean less than 8 megabytes per second.
The moment i stop Panda Cloud, the extraction speed jumps back to over 60 megabytes per second. I don't recall seeing this bad slowdowns with any other AV i've tried.
CogitoTesting is a new start-up Testing venture that will abide by the AMTSO standards with regard to dynamic and cloud testing. More importantly logs will be provided with respect to the state of the testing computer before and after.
In the US Panda is not too well known therefore, I will be testing the lesser known software first and the big guys such as Symantec, MacAfee, TrendMicro after. Currently I'm building a test schedule and Panda products are high on my list.
Soon I will be testing Panda Internet Security 2010 as well as Panda Cloud Antivirus. Keep up the good work and we will communicate soon.
By the way I would like to mention that CogitoTesting is NOT a member of the AMTSO; however I do agree 100% with their best practices standards.
For examples the cloud and dynamic testing best practices.
Peace. (Saludos) Sorry for my Spanish.
Thanks for the report. I'll PM you instructions for downloading Beta2 version 0.08.82 which probably fixes this bug.
well i have usually liked matt's reviews but this one is iffy/scrappy he seems hurried/disinterested quite unlike matt..........
Done and done, solved the problem. Thanks.
Panda Cloud Antivirus looks great. The exceptional simplicity will be very highly valued by regular users but ... really missed a lot of samples of malware and it the end achieved 50-60% in comparison with the antivirus which I used for comparison.
OK, it is beta, hope that things will be better in the future?
This is really weird as the detection results should be similar to that of our regular products (Panda 2009/2010) which according to the latest independent results we're seeing (here and here for example) is above 99.5%.
What and how are you testing exactly? Are you connected to the Internet during testing? Can you send me the list of undetected you are seeing (URL, md5, VT reports or even better the binary files) to verify these results?
First, I want to know that I wish only the best to Cloud Antivirus especially because you have decided to offer Cloud as a freeware. Second, want to say that it is very cool that you are here helping us to clear away some dilemmas.
I can tell you what I am testing (I am testing Cloud Antivirus ) but I can not tell you exactly what I am doing not because even I do not know, but because it can be considered as a violation of forum rules and this topic can be closed as a result. I think that there is no special purpose to send you malware that was not detected by Cloud. You can find them a lot through P2P, torrents etc ... Instead, I suggest to put submit form on cloudantivirus.com for uploading suspicious files.
Finally, I am hoping that you (as a senior research advisor in Panda Security) and other stuff members in Panda Security are aware of or willing to tackle the fact that at this time maybe there is a possibility that Cloud Antivirus has a problem with the detection rate. Panda is a long time out of the most important antivirus software testing and this may be caused certain lagging in comparison to those for the time being mercilessly tested.
Thanks for the report and for helping us improve the product. We really appreciate it
Of course we receive new malware every day and add detection for it every day... over 55.000 new files per day.
However it still is very weird to us when someone reports a 50% detection rate when according to our internal tests + external tests the detection rate should be above 99.5%. The least we should be able to know is "how" you did this test. Can you tell me at least if you had Internet connectivity during your test?
(Question to the more experienced wilders posters/moderators) Regarding possible missed samples as in this example, what are the correct forum procedures to get more information from the user to troubleshoot his alllegations?
Nothing special. I am a home PC user and have the knowledge and resources enable me to do only a simple tests with a small number of samples (with more samples the percentage of detected malware was probably higher).
I installed Cloud Antivirus and tested it with Eicar test file to see if everything was OK. After that I run 20-30 malware samples which I choose in the past few weeks from p2p, torrents, spam messages, small malware collections made for testing purposes etc. For all of them I know that they are able to make some damage, they were not corrupted files, garbage etc. I had internet connection during the testing.
I can not tell you which antivirus software can recognize them as malware because it will be violation of forum rules but I think that it is allowed to tell you that one classical signature based antivirus missed only two samples, another classical antivirus and one behavioral blocking software detected and eliminated all of them.
There are many members that have the knowledge and resources that enable them to do more complex testing, so hope that they will join us in this topic and confirm or deny my allegations.
I don't know about the correct procedure, but you could always PM each other. That way you can discuss the situation in depth without bringing such info into the open forum.
Maybe they could design the Panda icon holding a Redbull in one paw and Viagra in the other. That way the Panda won't appear to be too lazy to do anything.
Why is PandaCloud 18mb yet Prevx is less than 1mb? Arn't they more or less the same?
In the case of Cloud Antivirus it's this big because:
- It includes some technology locally (heuristics, some sigs and local cache copy of CI) for offline operation.
- The technology used for the interface is not as optimized as it will once we release some of the final versions (which equals about half the current size).
Can you answer my post about detection times?
I have been testing this new Panda Cloud AV to see how effective it is against 0day threats. I come acorss a trojan on MDL called wingb.dll which is detected by Prevx and some other AV companies but not by Panda. I have allowed 24 hours for the server to process the file but still nothing comes up when scanning the file.
What could be wrong here?
i can not uninstall this Panda Cloud Av is there a manual tool that uninstalls it?
Gery, try: http://www.revouninstaller.com/
Use advanced mode.
Separate names with a comma.