Panda Cloud Free 3.0

Discussion in 'other anti-virus software' started by Windows_Security, May 8, 2014.

  1. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Actually this is one of the best products out there, especially the free version. I use Pro but dont install the toolbar or any HTTP protection. Just use as a base AV and it works perfectly with no system impact.
     
  2. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
  3. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,579
    Location:
    Romania
    Just switched today to Panda Pro after a long long time and all i can say is that i am very pleased with its speed and lightness.This is my first with the new 3 version.In a very strange and unexplained way,if i was installing Panda and after that Privatefirewall all i was getting after reboot was a black screen...so i tried installing Privatefirewall first and then Panda...after the usual reboot it worked and still works flawlessly....o_O:)
     
    Last edited: Jul 2, 2014
  4. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,772
    I like this version of Panda, but have been scared off by all the Win8.1 issues. Have they patched that yet?
     
  5. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,579
    Location:
    Romania
    Isn't supposed to be marked with a red X the Panda icon when the protection is disabled o_O??
    2014-07-03_121853.png 2014-07-03_122030.png
     
  6. frank7

    frank7 Registered Member

    Joined:
    May 14, 2011
    Posts:
    130
    I am setting up a new system and have a fresh installation of Win 7 Ultimate 64 SP1 including all drivers, Comodo Firewall set up with the rules described here and naturally a few images of the system done with Macrium along the way.

    Now I am looking for anitvirus and like to use Panda. Though BEFORE I connect to the internet from that system I like Panda installed already.

    Is that possible at all and if so is there an offline installer?

    Ran the normal stubinstaller (think this got downloaded when using the online installer) inside Sandboxie and currently exploring contents there looking for the file that got downloaded from Panda, so to speak the real installer. Does anyone have a clue what this file is called or how to obtain it if there is no offline installer? Unfortunately the stubinstaller is only in the sandbox for a short time so could not really isolate it.

    If all this fails, what would be the best way to just get Panda from the new system with a minimum of risk? (thinking of using a HOSTS file additionally for this since connecting to the net usually triggers all sorts of behaviour in the background that might not be desirable, at least for a very first connection to the net)

    Thank you for any help, if I am being too careful let me know as well, then I will just go the normal route. ;)
     
  7. frank7

    frank7 Registered Member

    Joined:
    May 14, 2011
    Posts:
    130
    I think I found it.

    When running PandaCloudAntivirus.exe downloaded from the net it goes on to run Stubinstaller.exe.

    This then downloads data to (ran the installer inside Sandboxie)

    C:\Sandbox\YOU_CHOOSEN_WINDOWS_USERNAME\DefaultBox\user\current\AppData\Local\Temp\RarSFX0.

    Inside that RarSFX0 folder is a file called stubinstaller.ini that reads:

    [General]
    AllowToolbarInstallation=1
    ShowDescriptionHomePage=1
    AdjustWelcomeImage=1
    ShowOptionBackground=1
    URLImages=http://acs.pandasoftware.com/cloudantivirus/v3/img/FREE/Page_
    URLDownload=http://acs.pandsoftware.com/cloudantivirus/v3/173653/CloudAntivirus.exe
    URLForum=http://www.pandasecurity.com/redirector/?prod=3755&app=ExtForum&lang=
    URL_Policy=http://www.pandasecurity.com/redirector/?prod=3755&app=PrivacyPolicy&lang=
    URL_Product_Code=http://www.pandasecurity.com/redirector/?prod=3755&app=WhereIsMyCode&lang=
    URL_Buy_Product_Code=http://www.pandasecurity.com/redirector/?prod=3755&app=Shop&lang=
    MinProductId=3750
    MaxProductId=3799
    SolutionId=3755
    ShowFreeProPage=1
    DetectAnotherAvs=0
    ShowFinishPage=1
    ProductVersionType=8

    [Log]
    ActiveAzureLog=1
    AzureServer=fcs.pandasecurity.com
    FileCollectorVersion=v1
    SubService=sas
    SignedVersion=1.0

    [Languages]
    count=20
    default=1033
    key0=1033
    key1=1043
    key2=1036
    key3=1031
    key4=1032
    key5=1040
    key6=1045
    key7=2070
    key8=1034
    key9=1053
    key10=1051
    key11=1035
    key12=1038
    key13=1044
    key14=1049
    key15=1046
    key16=1055
    key17=1026
    key18=1030
    key19=1060


    The bold marked line gives the location of the download, I assume of the installer that the online installer downloads.

    Though there seems to be an error in the URL, I guess on purpose. The a at the end of pand in that URL is missing, if I include the a it downloads CloudAntivirus.exe and I guess this is the real installer.

    Could this be right?

    Could I use this CloudAntivirus.exe copy it to the new system and run it, BEFORE I connect to the net?
     
  8. frank7

    frank7 Registered Member

    Joined:
    May 14, 2011
    Posts:
    130
    Just ran the newly downloaded CloudAntivirus.exe (53MB) inside Sandboxie, even gave me to option to choose various languages and runs the installer but then quits half way through, the task bar icon does not show up but various services PSUA... etc ask to connect to the net, guess this is due to running this inside Sanboxie.

    This page also links to the URL (offline installer) I found above, so guess running it outside Sandboxie will actually work.

    Giving this a try.
     
  9. blasev2nd

    blasev2nd Registered Member

    Joined:
    Mar 27, 2014
    Posts:
    47
    latest offline installer : http://www.filehippo.com/download_cloud_antivirus/
    v3.01 at the moment
     
  10. frank7

    frank7 Registered Member

    Joined:
    May 14, 2011
    Posts:
    130
    Yes, this does work. All people looking for an offline installer can download it from here: http://acs.pandasoftware.com/cloudantivirus/v3/173653/CloudAntivirus.exe

    To me it looks like this URL is also always hosting the latest version of Panda.
    EDIT: sorry, can't be because of the /v3/173653/ in the URL. Guess will have to rely on the FileHippo link or extract it like I did with Sandboxie and find the latest URL in the .ini file mentioned above.

    What is an On-demand scan?

    Is that a scan that I initiate as opposed to a scan that is done in the background?

    What settings to give maximum protection while not loosing too much system power are advised for Panda?

    Thank you for your advice. Loving Panda so far!
     
  11. frank7

    frank7 Registered Member

    Joined:
    May 14, 2011
    Posts:
    130
    Thank you!

    Darn after a restart the icon does not show in the taskbar. This is a completely fresh system with only Comodo Firewall and Panda Cloud AntiVirus on it. Any ideas?
    EDIT: Instead of setting Panda files PSUAMain.exe adn PSANhost.exe to Windows System Application in Comodo Firewall I had to set it to Allowed Application, this made the icon appear in the taskbar again. Sorted!

    Now just looking for advice for the settings and some info about what an On-demand scan is. Thank you!! :)
    EDIT: On-demand scan info

    Last question: What settings do you use for your Panda Free version?
     
    Last edited: Jul 3, 2014
  12. Drew99GT

    Drew99GT Registered Member

    Joined:
    Jun 27, 2006
    Posts:
    340
    Location:
    Colorado Springs
    I've searched everywhere but still haven't found an answer to a question I have about Panda Cloud; I realize it has the separate URL scanner which comes with the toolbar which I've concluded just checks against a black list of known malicious URLs and blocks them, but does the actual antivirus engine scan HTTP traffic in and of itself for malicious code similar to how most paid AVs work, or how Avast works? Thanks to anyone who actually knows!
     
  13. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    Nothing I've found has said anything other than separate URL filter installed through the toolbar handles web traffic. So I'm pretty sure that's the answer. It is a bit strange to do it that way, but perhaps it makes the main program "lighter"? No idea really, but yeah, it's the extra URL filter doing the work.
     
  14. frank7

    frank7 Registered Member

    Joined:
    May 14, 2011
    Posts:
    130
    Panda has found and quarantined several threats upon scanning my external hard drive.

    These are all located as attachments either in the Inbox or Junk mail folder of my Thunderbird installation.




    When I hover over the Action column -> Trojan deleted: Trj/OCJ.F I can see "Show details".

    This then links to

    http://www.cloudantivirus.com/en/threat-information/antivirus/1003629/

    or

    http://www.cloudantivirus.com/en/threat-information/antivirus/1002811/




    When opening those pages I am greeted with the "Buy Pro" version ad of Panda.

    Also clicking on the link bottom right "More information about virus antivirus in the Encyclopedia" presents me an empty page.

    Basically I am not given information about the threats that Panda has found.




    How can I extract those quarantined files and submit them to virustotal.com for example?




    I am thinking of opening Thunderbird in Sandboxie, searching for the attachments in question and then what?

    If I recover them in Sandboxie they will be on the system.

    Though I need to have them somewhere to be able to submit them to virustotal.com for example since I don't think I can submit them directly from Thunderbird or can I?




    Find it strange that Panda does not give me info about the threats founds and just links to the "Buy Pro" page and also does not show into the antivirus Encyclopedia page.

    Any help with this is MUCH appreciated since the actual system disk was nuked from orbit before putting the original Windows on it, see post above.

    So the threats are all on the external drive and that is ideally where I would like them to stay or have them erased after finding out what they are all about.



    Thanks heaps!
     
  15. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,406
    Location:
    Slovenia
    Recovering malware from sandboxed Thunderbird won't infect your system. Just don't run or open files that you will recover. You can even use Snadboxie's forced folder option for folder where you will be recovering files. Then you can use Virustotal Uploader to send those files on Virustotal server.
     
  16. frank7

    frank7 Registered Member

    Joined:
    May 14, 2011
    Posts:
    130

    1. I thought recovering from the sandbox put them on the system directly, no?


    2. When you say "Just don't run or open files that you will recover." this then means that they would potentially be on the system, otherwise you would not tell me to refrain from running or opening them, right?


    3. Do files in the "forced folder" stay inside that folder? I assume so, right?


    4. How do I make a forced folder? Sorry this is not Panda related any more (but the issue originated from Panda finding threats but not giving me info about them) so I am happy to go ask in the Sandboxie forum to avoid off-topic postings.


    Either way, THANKS HEAPS for your quick reply and help just now. :)
     
  17. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,406
    Location:
    Slovenia
    Yes, recovering files will remove them from inside sandbox to your real system. But recovering alone won't infect your system it will just put a file out of sandbox. After recovering you shouldn't open or run a file unsandboxed to prevent possible infection. I would suggest to upload those files to Virustotal and then delete them if they are malicious. That's it. Just don't run or open a file as you don't have to, to get them scanned.
    Here is tutorial about forced folders: http://www.sandboxie.com/index.php?ProgramStartSettings
     
  18. frank7

    frank7 Registered Member

    Joined:
    May 14, 2011
    Posts:
    130
    Ages ago I got a lifetime license for Sandboxie, used it for a month and dropped it, guess at the time I was not mature enough to use it properly. This comes in so handy now! Thank you indeed for your help. Off to get those buggers scanned and erased. :)
     
  19. frank7

    frank7 Registered Member

    Joined:
    May 14, 2011
    Posts:
    130
    Done.

    Got sent these buggers in email as attachment:

    These two are curious though.
    Panda marks them as Eicar.mod though they are the official files from mkvtoolnix-amd64-6.7.0\mkvtoolnix\data\magic.mgc

    and the 7zip itself; mkvtoolnix-amd64-6.7.0.7z.

    And this mkvtoolnix-unicode-6.6.0-setup.exe install file as well.

    Guess those are false positives?

    ~ Removed VirusTotal Results as per Policy - Submit Them to Panda For Their Review ~
     
    Last edited by a moderator: Jul 5, 2014
  20. frank7

    frank7 Registered Member

    Joined:
    May 14, 2011
    Posts:
    130
    So sorry, did not know about this policy, should have been more cautious, won't happen again!
     
  21. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,406
    Location:
    Slovenia
    Yes, indeed, Sandboxie can be really useful tool. I hope you'll resolve possible FPs with Panda.
     
  22. frank7

    frank7 Registered Member

    Joined:
    May 14, 2011
    Posts:
    130
  23. frank7

    frank7 Registered Member

    Joined:
    May 14, 2011
    Posts:
    130
    Does Panda's Process Monitor send the list of web addresses visited for those processes who access the web back to Panda? This sort of just dawned on me...

    Where does it say on the Panda site that is does NOT send the list? Can someone point me to this please?
     
  24. ance

    ance formerly: fmon

    Joined:
    May 5, 2013
    Posts:
    1,359
    There has been a test where 90 % of the AV reported visited web adresses back to the software company. Welcome to 2014. :thumb:
     
  25. th3m

    th3m Registered Member

    Joined:
    Jan 28, 2013
    Posts:
    11
    i want to love Panda, i was trying it since the cloud AV versions (2.0+), but... after 2 minutes using it, i always uninstall it. many reasons each time.

    early 2.x versions were coming with crapware...
    3.0 feels heavy and ad cluttered...

    even if they become top, i will still prefer to use just a better program with even less good engine. (light and "bug me" free)
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.