We’ve been getting a lot of positive feedback from the community regarding Cloud Antivirus. Thanks to all for downloading, testing, and using it. Of course there are many questions that are being answered through this blog and via comments, but as not all users read through the comments, I thought I’d compile a list of the most important and most common questions as well as answers. The list is comments/questions is the following (scroll down for the answers):
- Why isn’t there a 64bit and Windows7 version?
- Will Panda Cloud Antivirus continue being FREE after the beta is over?
- Do I need to run a different antivirus at the same time as Cloud Antivirus?
- Am I still protected when I’m not connected to the Internet?
- After installing Cloud Antivirus I scanned my PC and it took a really long time. What’s up?
- Are my files being sent to the cloud for scanning?
- What exactly is sent to the cloud?
- Cloud Antivirus detected a Trojan and deleted it. How can I get it back?
- Why can’t I choose delete/block/ignore when it detects a Trojan?
- Can I run Cloud Antivirus alongside my Norton360/AVG/Etc.?
- Scan stuck at x%.
- I have 2 monitors and Cloud Antivirus always appears right in the middle of both.
- Since I installed Cloud Antivirus my system has *really* slowed down to a crawl.
- I’m having problems downloading the Cloud Antivirus installation program.
Why isn’t there a 64bit and Windows7 version?
Basically we wanted to get Cloud Antivirus out there and tested as soon as possible to validate the new philosophy and protection model. Supporting additional configurations was less of a priority than seeing if the model is truly valid or not. However we’re seeing that by popular demand this is the #1 request we’re getting so we’ll re-think our priorities and try to release these builds as soon as possible.
Will Panda Cloud Antivirus continue being FREE after the beta is over?
YES. Absolutely. 100%. Free.
Do I need to run a different antivirus at the same time as Cloud Antivirus?
No. Cloud Antivirus provides all the protection you need from viruses, malware, etc. Also it is not recommended to run 2 different AV engines at the same time as they can conflict with each other.
Am I still protected when I’m not connected to the Internet?
Yes, you do not need to be connected to the Internet all the time in order to be protected. Cloud Antivirus stores a “local cache copy” of Collective Intelligence for offline operation. As soon as you disconnect, Cloud Antivirus still works in the background, checking every file against its local cache of detections. This local cache includes, amongst other things, detection for all malware files which are currently in circulation and affecting users.
After installing Cloud Antivirus I scanned my PC and it took a really long time. What’s up?
If you run an on-demand scan of your entire system right after installing Cloud Antivirus you will experience this slowness because both the initial Background Scan and the on-demand scan are running simultaneously. Panda Cloud Antivirus runs a Background Scan after installation. During this Background Scan Cloud Antivirus does a review of the entire PC by scanning it and by filling up its goodware cache (checking known good files against the cloud) in order to optimize future scans. Simply allow Cloud Antivirus to finish its Background Scan before launching a full system scan. If you are experiencing problems after that, please export your Windows Event Log for Cloud Antivirus (My PC, Manage, Event Viewer, Nano, right-click & Save as) and send it to us at beta@pandasecurity.com.
Are my files being sent to the cloud for scanning?
No. Absolutely no files and no personal information is sent to the cloud. Also only PE files (.EXE, .COM, etc.) are checked against the cloud. Non-PE files such as pictures, documents, etc are not scanned from the cloud.
What exactly is sent to the cloud?
For any PE file that is checked against the cloud, we create multiple cryptographic hashes. Amongst them is what we call a “reverse signature” of the file. This reverse signature is able to identify multiple similar files. The response from the cloud can be “malware”, “goodware” or “unknown”. Also we send “behavioral traits” of files to be scanned heuristically remotely by the cloud. These are basically properties and characteristics of each file. In summary, no content and no personal information is ever sent to the cloud.
Cloud Antivirus detected a Trojan and deleted it. How can I get it back?
Cloud Antivirus is pre-configured to automatically delete malicious files. However suspicious files and certain types of grayware (hacking tools, potentially unwanted programs, etc.) are not deleted automatically and sent to the Recycle Bin (quarantine). To access the Recycle Bin, click on the folded bottom right corner of the Cloud Antivirus program. From there you can unblock detected files and get access to them again. Keep in mind that, once unblocked, these will not be detected again by Cloud Antivirus. However if the file that was detected is a true malicious file such as a Trojan, it will be deleted automatically and there’s no way to get it back (after all, you’re installing Cloud Antivirus to get rid of malware, right?).
Why can’t I choose delete/block/ignore when it detects a Trojan?
As an antivirus program, the main thing that users ask for from us is that we detect and get rid of malicious files without bothering them. This is exactly what Cloud Antivirus does, keeping everything as simple and straightforward as possible. This is what we’re trying to do with the new protection model of Cloud Antivirus, to manage all these decisions for end users automatically. However we are getting some feedback from advanced users to have this functionality included. We’re thinking about how to approach this but one way would be to activate an “advanced mode” and while in that mode maintain an encrypted copy of every detected file in the Recycle Bin (at least for x amount of max time) that can be recovered if needed. Comments about this approach are welcomed.
Can I run Cloud Antivirus alongside my Norton360/AVG/Etc.?
No you can’t, just as you can’t (or shouldn’t) run two or more different antivirus programs at the same time. The Cloud Antivirus installer identifies a large number of AV programs and will stop the installation if it detects one running. However there are reports of some users that have been able to install Cloud Antivirus running at the same time as lesser known AV programs such as Spyware Doctor Antivirus. In these cases you might experience slowness or slugginesh of the Operating System. To resolve this issue simply uninstall one of the two AV programs.
Scan stuck at x%.
Issue 1: This is a bug of the interface transparency effect. It’s not really a bug with the scan itself; rather it’s a bug on the interface painting actions. It occurs when, during the scan, the screensaver kicks in or the user session is closed. After coming back to the scan window, the impression is that the scan is stuck. However if you click on the scan window and drag it you can see that the scan is finished or still progressing.
Issue 2: We have had some reports of stuck scans which are not due to the interface transparency effect. If you are experiencing this problem, please export your Windows Event Log for Cloud Antivirus (My PC, Manage, Event Viewer, Nano, right-click & Save as) and send it to us at beta@pandasecurity.com.
I have 2 monitors and Cloud Antivirus always appears right in the middle of both.
Yes this is a reported and known bug. We’ll fix it as soon as possible.
Since I installed Cloud Antivirus my system has *really* slowed down to a crawl.
See the FAQ above about running Cloud Antivirus in parallel with another AV program. If this is not the case and you still experience slowness of the Operating System in general, please contact beta@pandasecurity.com and send us the details of your configuration.
I’m having problems downloading the Cloud Antivirus installation program.
Delete all temporary file from your browser and try downloading again from www.cloudantivirus.com.
Tags: beta, known issues
May 4, 2009 at 5:33 pm |
The obvious question is with the scanning done “online/in the cloud” what happens if I have not got internet connection at some point and I put a usb key in my pc (eg at a friends house etc) which happens to have some virus etc on it what happens? I dont see this answered in the FAQ’s. I would hope it would get caught but how if everything is done “online”?
May 4, 2009 at 5:37 pm |
Thanks for the information!
Sounds good with a “Advanced mode” setting =)
May 4, 2009 at 5:48 pm |
BTW
Hope you can get so that you do not need to restart your computer every time CloudAV finds a Virus.
It´s very annoying.
May 4, 2009 at 9:40 pm |
Cloud AntiVirus marked one of my system specific files as suspicious (OQO model 02’s PrepUI.exe). I unblocked it it and Cloud AntiVirus promptly neutralized it again. Two questions:
1) How do I keep Cloud AntiVirus from neutralizing the file?
2) If I unblock a suspicious file, is that action sent to you to factor into your analysis of the file?
May 4, 2009 at 10:24 pm |
Good question (re: what happens if you’re offline) considering not just the case where you’re legitimately offline and some infected files on a disk/thumbdrive/etc gets inserted, but what if viruses take advantage of this being a weak point and prohibit internet access until they, themselves, need it to spread or whatever (if they do at all).
May 5, 2009 at 1:13 am |
¿Este antivirus puede funcionar en redes Proxy? ¿El autodetecta la configuracion o hay que configurarle la direccion proxy manualmente?
May 5, 2009 at 1:40 am |
Hola @jesusguevarautomotriz
Panda CloudAV si funciona en redes proxy y si ya tenes configurada esta y las estas usando desde IE, CloudAV la toma automáticamente desde este, de lo contrario pulsando el botón de configuración podes acceder al panel donde cargar los datos del proxy.
Salu2
Marcelo
May 5, 2009 at 1:59 pm |
¡Hola! Una preguntita que siempre me he hecho con todos vuestros productos: ¿vais a mejorar la forma en que se guarda el registro de eventos? Por ejemplo, se podría guardar en un archivo HTML único con un formato aceptable (queda bastante “cutre” en archivo TXT…) ^^
Por cierto, creo que el “checkmark” del círculo verde pequeño tendría que ser de color blanco (igual que el grande), en negro no destaca.
¡Saludos!
May 5, 2009 at 2:03 pm |
¡Ay! Se me olvidó otro detalle: no es capaz de detectar las cookies de Google Chrome (creo que están todas en un mismo archivo), ¿tenéis pensado algo?
¡Gracias!
May 5, 2009 at 3:46 pm |
@Ben Burrows and @Gryffyn, thanks for the tip, I’ve updated the post to include this FAQ.
@Jonas, this is a known issue (http://blog.cloudantivirus.com/2009/04/30/known-issues/). Please wait for the next release and it’ll be fixed.
@Alex Molina, you can export the event log into TXT or CSV formats to import into any format you want.
@Dave P, either send the file to virus@pandasecurity.com or myself at pedro.bustamante@pandasecurity.com to fix this.
May 5, 2009 at 4:20 pm |
So If I understand it good…
While we are disconnected from the internet…
– CloudAV detects and protects us from the most common threats of the last moment we were online connected…
– CloudAV will store the fingerprints of the files of these offline scans for a throughly scan in the cloud when we reconnect with the internet?
May 5, 2009 at 4:28 pm |
@Terence correct about protecting against the most common threats while offline. During offline the files will be checked against the local cache copy, not queued for later analysis against the cloud. Of course once connected the processes will be checked against the cloud.
May 5, 2009 at 6:50 pm |
@Pedro: I have encountered the problem that PCAV deleted tools that I need cause they were classified as malware. What if PCAV would just encrypt that file and decrypt it back after I told PCAV to recover it?
Another idea I had was to modify the ACL of that specific file so that I can no longer work with it – this one would not cause so much CPU-load as encrypting the file. Unfortunately it might led to wrong statements in case somebody uninstalls PCAV and afterwards installs another scanner that finds a virus inside that file.. people might wrongly say “oh look, PCAV did not find that virus.”
May 5, 2009 at 8:44 pm |
I´ve notified that CloudAV doesent scan IM, only when they reach the computer, you have to configure yourself so CloudAV scan IM ,like MSN.
It would be good if CloudAV scan incoming files automaticly, for people who dont know how to configure.
May 6, 2009 at 12:16 am |
I love this software,seems to be quite efficient,I plan to install it on some friends’ machines,is it really better than Avast or Antivir?
And if yes why?
May 6, 2009 at 5:12 am |
One more vote for WIN7 compatibility…I would love to beta test it…
May 6, 2009 at 8:27 am |
Strange situation. I executed some .exe file. File starts. Then CloudAV says that it is a trojan and deletes this .exe.
Why executing of trojan in fact is allowed in this situation?
May 6, 2009 at 10:28 am |
@Peter Piksa, yes this is exactly what we’re thinking about doing, saving the file for x amount of time in the Recycle Bin, so that you are able to recover in case of false positive or other scenarios. We’ll have to think about the scenario you mention, but I think during uninstall it already asks if you want to delete the files in the Recycle Bin or keep them, so it would be up to the user if they wanted to keep the malicious file in their system.
@Jonas this is correct. It’s the idea behind the new protection model (http://blog.cloudantivirus.com/2009/04/29/new-protection-model-explained/) introduced by Cloud Antivirus. The idea is that the file will be scanned already twice when copied to the file system and when trying to execute it. Is scanning a “feel safe” issue or do you think there’s a scenario where it really is needed to be scanned also during transfer?
May 6, 2009 at 10:38 am |
@DeHuC, please open the event log, find the detection and click on the name. Can you send me the URL in the encyclopedia that it is pointing to pedro.bustamante@pandasecurity.com?
May 6, 2009 at 9:51 pm |
Does Panda Cloud AV scan webmail and Outlook emails? I test sent the EICAR test virus file via Outlook and Panda did not pick it up! However, it did for a straight download from the EICAR website. Still, very worrying that email scanning does not appear to be a function of this product?
May 7, 2009 at 10:24 am |
Is CloudAV free for commercial use?
May 7, 2009 at 2:41 pm |
I have a malware which is not detected by CloudAV.
This one http://www.virustotal.com/analisis/cc423bbe42da985fa7820c9e956dd641
What should I do?
May 7, 2009 at 6:52 pm |
Quote: “activate an “advanced mode” and while in that mode maintain an encrypted copy of every detected file in the Recycle Bin (at least for x amount of max time) that can be recovered if needed.”
I think that this is essential so that FP’s can be recovered.
I have downloaded more rogue programs that contain malware and in some cases it is detected immediately and in others it is detected upon execution, which is a win-win situation.
At the moment it appears to be highly responsive to both downloaded threats and executed apps which contain threats. The one thing I miss is the warning when visiting a known dangerous site which many traditional AV’s would highlight with a warning about the threats, PCAV does not offer this warning but does remove malware if downloaded from such sites.
After the initial installation and scan it picks up very quickly on any attempt to download or execute programs containing a variety of malware with very low resources. The little popup is useful to inform users that malware was found and removed from the system too.
May 7, 2009 at 8:58 pm |
Why the user can’t clear the “event report”? And I miss the option of doing an analysis of the system’s memory (only all computer or selected files/folders)…
May 8, 2009 at 12:41 am |
@MH & @cotojo. No it doesn’t scan web/email traffic while in transit. It basically waits to the file to be downloaded and then it is scanned. This is one of the things that is different from traditional AV products. We believe it’s not necessary to check it twice, once during transit and another when it’s on your drive.
@DeHuC It will definately will be free for home/personal use. Don’t know about commercial use yet. I’ll find out.
@Alex Molina thanks again for your suggestions Alex. They are good ones!
May 8, 2009 at 1:09 am |
Thank you for the clarification, that was what I expected and makes more sense to be done that way.
May 8, 2009 at 12:57 pm |
I appreciate that you are recommending not to use other AV products alongside Panda Cloud AV but what about Microsoft’s Defender? I am currently running both, and during a test open of a Eicar text file, Defender alerted first with nothing reported in the Panda logs about it?
May 8, 2009 at 1:34 pm |
@MH
It’s a very bad idea to use 2 AV in real time simultaneously. The result can be even worse than running only one of them.
May 8, 2009 at 2:15 pm |
I have more constructive suggestions 🙂
-You can’t minimize the program windows when double-clicking on the windows taskbar tab (like the other programs do).
-If you use Google Chrome, on the “About Google Chrome” window the program checks for updates. Would it be useful for Panda CA something like that?
-And the menu that appears when clicking on the “?” button shows thwo options too similar at least in spanish (“Ayuda de Panda Cloud Antivirus” and “Acerca de Panda Cloud Antivirus”): I think it would be more comfortable for the users rename them by “Ayuda” and “Acerca de…”. The first time I read them I couldn’t distinguish among them easily hahahha
(Sorry for my bad English: I’m helped by Google Translator XD)
May 8, 2009 at 2:22 pm |
I mean when you click (not double-click, I mistaked) on the button that appears on the Windows taskbar like when you open a program or a window.
May 8, 2009 at 2:48 pm |
@Alex Molina
As for second suggestion. I thik it will be useless option.
I’ve monitored AV network traffic for some time. CloudAV periodically automatically checks new version (don’t know how often). And it was said previously, that some notifying message will be shown when new version is available.
May 8, 2009 at 3:29 pm |
@DeHuC
“Defence in depth” is best practise and I don’t believe that reliance on one product is credible. Note that MS Defender is not a true/typical AV product but more an anti-spyware product. Therefore, my question to Panda was, “Is Defender OK to use alongside your “cloud” product, or indeed will it cause issue?”.
May 8, 2009 at 4:02 pm |
@MH
I agree. At home I use 2 AV products, one as real-time protection, second as on-demand scanner 🙂 There is no big differenсe in functionality of AV and anti-spyware product. Good AV does anti-spyware work too.
May 8, 2009 at 7:27 pm |
Does PCAV incorporate Rootkit removal, does it detect and remove as it does with malware?
May 8, 2009 at 9:12 pm |
Have you thought about an option to scan system without booting windows?
May 8, 2009 at 11:20 pm |
@MH, did the detection occur during downloading the EICAR file or once it was in the hard drive?
@DeHuC & @MH, let me check about this, as Defender is normally treated differently as an anti-spyware, so you might be able to run it alongside Cloud Antivirus.
@cotojo yes it does include some anti-rootkit functionality.
@James, you mean like a boot CD? We have this option in our regular consumer products but not Cloud Antivirus. Do you see this as necessary?
May 9, 2009 at 3:26 am |
Great idea, but the automatic deletion of files identified as malware with no way of restoring them makes it a non-starter for me.
May 10, 2009 at 7:30 pm |
CAV detected & neutralized TPE Civil War 1V. It found this in c:\windows\manifests\winsxs\………
A rescan does not find it again.
The file is still there and has not been modified.
What has happened & what does neutralized mean?
Thanks for a good product.
David
May 10, 2009 at 9:19 pm |
Yes, I think it would be quite useful, and also necesary, specially when you cannot boot your computer. But I think a boot CD could also be used to get a better removal of malware (rootkits, etc).
I am particularly concerned as I read just “some anti-rootkit functionality” (and I could not read “full”..). I hope to find a full system protection when using it (the best one, specially against this kind of malware).
May 10, 2009 at 9:34 pm |
Rootkits are a worry for certain. The Panda version doesn’t appear to be compatible with Vista.
Gmer I have.
May 11, 2009 at 9:31 pm |
Hi guys,
I have tested your new anti-virus but I’m not very satisfied with detection of malware, spyware, … . Your engine is using cached local signature database what is fine. But for example, detection of some “spyware object” is based on file name and file location. This is little bit crazy from my point of view.
Try this small example:
1. Open C:\WINDOWS\Temp folder
2. Create there file called istdnld.exe
3. Type some strings into this fake EXE file and save it
4. Check content of this folder after several seconds
5. Check the statistic info of Cloud AntiVirus
Result is that file will be deleted and Cloud AV statistic count one spyware and all to reports Adware/IST.ISTBar.
Good joke, but really bad software!
May 11, 2009 at 9:44 pm |
@Martin
1230203 294 4 Mon May 11 21:06:31 2009 Analysis result ON PREFETCH C:\WINDOWS\Temp\istdnld.exe Malware
1231500 295 6 Mon May 11 21:06:33 2009 Action result ON PREFETCH C:\WINDOWS\Temp\istdnld.exe Deleted
1258734 296 4 Mon May 11 21:07:00 2009 Analysis result ON PREFETCH C:\WINDOWS\Temp\istdnld.exe Malware
1259093 297 6 Mon May 11 21:07:00 2009 Action result ON PREFETCH C:\WINDOWS\Temp\istdnld.exe Deleted
May 11, 2009 at 10:01 pm |
I installed PCA recently and everything worked fine untill I booted my computer. PCA freezes Windows and it my pc does`n start. Where is the problem? Have XP SP3.
May 11, 2009 at 10:59 pm |
@Pedro Bustamante
Defender detected it when I downloaded it from the EICAR website. PCAV didn’t detect it at all when I opened an email containing the same EICAR text file or if I saved that attachment to disk.
May 12, 2009 at 1:56 pm |
@Martin I think it’s ok. There no human user in the world, who creates istdnld.exe in C:\WINDOWS\Temp 🙂
May 12, 2009 at 4:39 pm |
You say “Cloud Antivirus provides all the protection you need from viruses, malware, etc”, but you also say that it does not scan documents. What about malware that is embedded in documents (.doc, .pdf, etc)?
May 12, 2009 at 4:59 pm |
@MH
Have you ever tried to rename the EICAR.txt to EICAR.com.If not,do this and have a look.
May 12, 2009 at 6:57 pm |
@DavidC, can you find it in the Recycle Bin?
@James & @DavidC Panda Cloud Antivirus does have anti-rootkit functionality and definately once the product comes out of beta, all the technologies needed to protect just as much as any other AV solution. Keep in mind that we’re still in beta and still developing new functionalities. In short time we will release a new beta version which you can re-test.
@Martin this is a SmartClean detection of malware traces. It’s a very common to combine signature detection with traces detection (such as registry entries, specific paths, etc.). Most AVs have such types of detections.
@J R Sundberg can you send me the details of your setup to pedro.bustamante@pandasecurity.com? Thanks !
@MH Yes this is normal behaviour, as Panda Cloud Antivirus does not scan smtp/pop3. Please read the protection model that we are proposing with Panda Cloud Antivirus and why we think it’s not necessary to double-scan everything:
http://blog.cloudantivirus.com/2009/04/29/new-protection-model-explained/
May 13, 2009 at 9:27 am |
some worms disable regedit, taskmgr, msconfig, cmd, folder options… PCAV should be able to allow admin users to enable them.
May 13, 2009 at 3:43 pm |
My Recycle Bin seems to be broken. I currently have 7 files in it, and the only option available when I click on any of them is “Don’t block this program”. I don’t have any of the other featuers mentioned in the hlp section, such as “Enable automatic management”, “Delete this program”, or even “Exactly what does it do?”. All 7 files have the same comments about being blocked because they may be infected by a virus and they are currently being analyzed in the Panda Laboratory. It’s been like that for a few days now, and as far as I can tell the software isn’t being blocked by my firewall.
May 13, 2009 at 7:06 pm |
I use Windows XP Professional Edition SP3, and at the startup sometimes the Windows Security Center shows the Panda Cloud Antivirus is disabled, but in a few seconds it disappears.
May 13, 2009 at 8:53 pm |
This also happens with me, not sometimes, but always at startup. I’m on Windows XP Home SP3 (everything up-to-date), and what is worrying is that whilst this is occurring I am already on-line without protection for between 3 – 7 secs (before Panda Cloud kicks in)- plenty of time to receive a nasty!!
May 13, 2009 at 9:50 pm |
Well, I am also concerned as I don’t clearly understand why some files are not checked against the cloud. How do you scan non-PE files? How can you know that these files are not infected?
May 14, 2009 at 3:11 am |
@8928 these type of registry changes are included in many disinfection routines. So if you’re infected with a malware that makes these kind of changes, chances are they will be reverted once Cloud Antivirus disinfects it. However if you want to check them manually, you can monitor the following registry entries which are the ones normally modified by malware to disable system settings.
Check both HKEY_CURRENT_USER & HKEY_LOCAL_MACHINE for the following entries:
Disables registry editor
Software\Microsoft\Windows\CurrentVersion\Policies\System;DisableRegistryTools;0;REG_DWORD;0
Disables command line interpreter
Software\Microsoft\Windows\CurrentVersion\Policies\System;DisableCMD;0;REG_DWORD;0
Disables task manager
Software\Microsoft\Windows\CurrentVersion\Policies\System;DisableTaskMgr;0;REG_DWORD;0
Hides clock from the tray bar
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer;HideClock;0;REG_DWORD;0
Hides all desktop icons
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer;NoDesktop;0;REG_DWORD;0
Hides Search option in Start menu
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer;NoFind;0;REG_DWORD;0
Hides Run option in Start menu
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer;NoRun;0;REG_DWORD;0
Disables menus when right-clicking on the task bar
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer;NoTrayContextMenu;0;REG_DWORD;0
Disables menus when right-click except this from the task bar
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer;NoViewContextMenu;0;REG_DWORD;0
Hides Shutdown option in Start menu
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer;NoClose;0;REG_DWORD;0
Hides folder options in the tools menu of any folder
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer;NoFolderOption;0;REG_DWORD;0
Of course there could be more, but these are probably the most common ones.
May 14, 2009 at 3:15 am |
@Hypersky the 7 files you see in your Recycle Bin have been tagged “suspicious” and are being analyzed at PandaLabs. As soon as the analysis finishes they will be permantently deleted (if found to be malware) or restored (if found to be clean). The option of “Enable automatic management” is in the main application, next to the proxy settings.
May 14, 2009 at 3:17 am |
@Alex Molina & @Julsey, can you send me a screenshot to pedro.bustamante@pandasecurity.com along with some basic info of your PC configuration?
@James Non-PE files are not checked against the cloud. The local cache of Cloud Antivirus, in addition of storing signatures for malware which is currently circulating, also holds signatures for detection of non-PE malware and other stuff.
May 15, 2009 at 3:08 pm |
I think I found a bug: when you use Google Earth and you try to show to the foreground (in spanish “poner en primer plano”, sorry) the Panda Cloud AV window it blinks. It happens with all the Panda windows (analysis, report, main window…). My Google Earth’s version is 5.0.11733.9347 and it’s run on OpenGL mode. With the Direct X mode it seems that it blinks more.
May 15, 2009 at 3:11 pm |
Is there a simple way how to make sure that Panda CA has access to the internet (e.g. my proxy settings is correctly specified)?
May 16, 2009 at 12:53 am |
@Alex Molina Yes Alex this is a known issue of the interface “transparency effect”. It happens every now and then. It’s on the list of things to fix, altough with lower priority.
@Andrew Zaikin one way to verify this is by running an on-demand scan of a folder. If the scan window doesn’t give you a message such as “Connect to the Internet to benefit from better detection rates” that means that it can connect correctly.
May 16, 2009 at 9:11 pm |
The files are still there, been there over a week now… how long is this supposed to take? And why don’t I have the option to delete them right away?
May 18, 2009 at 7:30 am |
is there any way send files to CI servers for classification, in case panda cloud av didn’t detect a virus , and how we know that it is connected to CI servers or not, there some indication in panda icon that let us know that cloud av is conncted with CI servers.
May 18, 2009 at 1:44 pm |
@Hypersky you can either delete them from your regular explorer window or click on Panda Cloud Antivirus bottom-right corner to access the Recycle Bin, where you can unblock and restore them to not be analized again.
@buddee the way to send info to CI is through the agent by having it detect something as suspicious. Otherwise you can send it to virussamples@pandasecurity.com and it will be imported automatically into CI (as opposed to virus@pandasecurity.com which goes to a lab engineer for manual analysis). Regarding the trayicon indication, it’s not a bad idea and one that some other people have already submitted.
May 18, 2009 at 2:30 pm |
1 more question, why files in quarntine takes too long time to be classified as maleware i am using pis 2009 and panda gp 2009. i have lots of files in quarntine, only few files in quarntine were classified as maleware, other still haven’t classifed yet, most of them were detected by TruPrevent and few by heuristics scan. to get rid of them i manuall send those files to virus@pandasecurity.com
May 18, 2009 at 10:23 pm |
i dont see panda cloud at startup taskbar
May 19, 2009 at 2:13 pm |
@kanturo Jules has sent a workaround for this problem. Delete all the files under your C:\Windows\Prefetch directory and reboot the computer. If the problem persists please post back here again.
May 19, 2009 at 4:23 pm |
This Windows error message has stopped occurring now – I deleted the NTOSBOOT*.*.pf file (and all other .pf files included) in the C:\Windows\Prefetch directory, then rebooted so that it would re-create itself again.
(Only guessing here – but I think there was info of my previous AV software included in the original NTOSBOOT file causing a conflict, which was cleared when deleted, and a new file created after reboot).
Have started the pc now numerous times without reoccurance of this problem.
May 19, 2009 at 11:15 pm |
@Julsey Many thanks for posting the fix Julsey!
May 20, 2009 at 10:04 am |
Come on with that windows7 version please!!!!!
May 22, 2009 at 9:22 am |
what is expected date of cloud av final release
May 22, 2009 at 11:59 am |
first of all i want to say congrats because this antivirus program is free next presently am using ESET nod32 business edition its working effectively iam dialy updating it uninstall it ,if i install this cloud antivirus is there any problem to my system it will update dialysecure files as ur saying it is beat version is there any security risk
May 22, 2009 at 12:01 pm |
If this program doesnt have updates then how it scans local file
May 22, 2009 at 12:13 pm |
Final date given as before end of 2009
When is the next beta with hopefully a speed-up of the time taken to resolve good/bad ‘catches’ by CAV
May 22, 2009 at 12:18 pm |
@Pedro Bustamante
Careful – not all (.ini {layout}) and if you del ntosboot files you should shut down and restart, not just restart.
May 22, 2009 at 12:41 pm |
As DavidC mentions, we plan to release before end of 2009. In the meantime there’ll be a beta2 in a few weeks and hopefully a beta3 before the final version 1.0 release.
@naresh yes Cloud Antivirus includes real-time protection so your system will be protected. It updates its local cache in real-time so you don’t have to worry about signature updates. The local cache is basically a dynamic local signature of what Collective Intelligence “sees” circulating in-the-wild. Local files are scanned using both the local cache as well as the online from-the-cloud scan.
May 22, 2009 at 4:48 pm |
What are the improvements you will add (or you’re studying) at the beta2?
May 22, 2009 at 7:26 pm |
Is Panda Cloud Antivirus free to use in a corporate environment? If so, will it continue to be free once past the beta stage?
May 23, 2009 at 1:05 am |
@Alex Molina It’s based mostly on feedback from here… the biggest visible change is probably more options for Recycle Bin to recover deleted files. The rest are mostly internal fixes (crashes, errors, disinfection improvements, etc.).
@Davan After the beta it will only be free for home users, not for corporate environments.
May 23, 2009 at 12:08 pm |
@Paulo
Download the installer, right-click the exe file, set compatibility for Vista SP2 and install.
May 24, 2009 at 3:16 pm |
Could Panda Cloud Antivirus be used with Threatfire?
May 24, 2009 at 9:12 pm |
@Kurt don’t see why not. Should not be incompatible.
May 24, 2009 at 9:22 pm |
@Austin Davies that will not work Austin.
May 25, 2009 at 11:18 am |
A question on about web scanning.
CAV scans files on disc, but some files are written to and executed from memory (RAM) after being downloaded via your browser.
How does CAV handle this type of vector.
May 25, 2009 at 5:48 pm |
Adding some kind of an “Advanced interface” option would be nice. The “Full Auto” concept would work for most users, but there are cases, when and advance user should be able to fine tune the detection/removal options of the program, and also the Recycle bin recovery option. For example – why don’t you add and option in the “Advanced interface”, that allows the user to set the time deleted files are kept in there – from 7(14, 30) days to manual remove only. That would be very helpful in some situations.
One of my main occupations is independent testing of AV detection capabilities and for that reason I keep a large collection of malware samples. It was extremely unpleasant to me to discover, that Cloud Antivirus had automatically removed most of my samples. Nice thing I had a backup archive 🙂
Otherwise – GREAT JOB!!! Keep it that way!
May 25, 2009 at 6:33 pm |
I was running CloudAntiVirus fine for several weeks. Then, last week, the icon failed to appear in the notification area. Running it from the start menu seems to have no effect.
Processes shows PSANHost.exe as active.
Services does not show any services I can identify as associated with CloudAniVirus.
I can not tell you what version of CloudAniVirus is installed but the initial installation was from a file I downloaded on 4/29/2009.
I am running Vista Business Service Pack 1.
Any help would be appreciated.
May 25, 2009 at 7:17 pm |
@Dave P make sure registry entry “C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe” /Traybar is in HKLM\Software\Microsoft\Windows\Currentversion\Run
once that entry is in the registry, the Panda will be back
May 26, 2009 at 11:02 am |
@Dave P Try to reinstall it.
May 26, 2009 at 1:04 pm |
@DavidC Most downloads will pass through the drive before executing. There are some types of threats like the ones you mention which exploit & execute direct to memory (SQLSlammer, CodeRed, etc.). For this it’s better to compliment Cloud Antivirus with a Deep Packet Inspection firewall. There’s some free ones out there that will prevent these types of exploits.
@Dave P Did it *ever* show the traybar icon and all of a sudden disappeared never to return, or did you never have the traybar icon? Is the shortcut in the registry (HKLM\Software\Microsoft\Windows\CurrentVersion\Run)?
The process of the icon is “PSUNMain.exe /Traybar” (as blametheadmin correctly states). You may try finding out what happens by running “C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe /Traybar”. Alternatively if all else fails try reinstalling as DeHuC mentions above.
May 26, 2009 at 9:34 pm |
@Pedro Bustamante When initially installed the icon would show up in the traybar notification area. The registry entry is:
“C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe” /Traybar
Running it with the /Traybar option has no effect.
Before I try reinstalling, will I lose the quarantine files?
May 27, 2009 at 1:01 pm |
Can I use Cloudantivirus with Windows ME edition
May 28, 2009 at 10:31 am |
@Karl H. Fischer Windows ME edition is not supported. At this time there is supported Windows XP 32Bit and Windows Vista 32Bit. Windows Me is never planned to be be supported as far as I know. Even Microsoft Support has ended the suppport for the product.
May 28, 2009 at 1:36 pm |
@Dave P please try reinstalling and see if that fixes the problem. Regarding the quarantine files, the uninstall process will ask whether you want to delete or keep them.
If you continue seeing the same problem after re-installing, please send me a list of files inside:
C:\Documents and Settings\All Users\Program files\Panda Security\Panda Cloud Antivirus
May 29, 2009 at 12:31 pm |
I found a new variant of MSNWorm.GI and I had to send it manually to virus [at] pandasecurity.com .
I miss a option for including manually files onto the Recycle Bin. It would be great if those files are sent too.
May 29, 2009 at 6:44 pm |
I found a broken link on the spanish Cloud Antivirus help: in “Introducción” the image next to “Visita la web de Panda Cloud Antivirus” links to “http://www.beta.panda-cloud-antivirus.com/” and not to “http://www.cloudantivirus.com/”.
May 31, 2009 at 1:34 am |
My reports screen keeps showing the “yellow” circle, does this mean my system has been affected by a worm?
A full scan only found a trojan which has since been removed.
June 3, 2009 at 1:44 am |
@Alex Molina thanks for the report Alex !
@Mohiuddin Shaikh The yellow circle is a pie chart of the malware detected, broken down by type (trojan, virus, spyware, etc.). As Cloud Antivirus detects more malware you’ll see it change over time.
June 3, 2009 at 7:52 am |
How can we clean this history?
June 4, 2009 at 4:04 pm |
Hi Pedro, like I said you yesterday, I would like to install the product across an activex control like Trend Micro OfficeScan installation process. This will improve an easy way to install to a lot of people than can´t find a saved file at their desktop… (unfortunatly too much people..).
Congratulations for you new product.
June 6, 2009 at 2:06 am |
Is this anti virus software a resource hog?
June 9, 2009 at 3:20 pm |
I am just downloading a computer game from Steam. Just a second ago a window popped up and notified me that a virus has been found and deleted
😐 then the event log opened and I saw that the anti virus software deleted an important file from my Steam directory. How can I recover the file? I don’t want to download 10 GB again 😦 And why the heck isn’t the software asking what I want to do? This is absurd that the user can’t say “thats no virus for sure”… The file name is win2log.exe and your encyclopedia says it would be a trojan (absurd!). Of course in the Cloud AV recycle bin there is no file like this. Excellent.. what to do now? Deinstall Cloud AV and download 10 GB again? Come on… 😦
June 9, 2009 at 3:36 pm |
@Marco
Just found it.. “… there’s no way to get it back”.
So 10 GB download again. Wonderful. Thought I could keep this nice AV… but that’s a bit too risky for me if it deletes important files and there is no undo-function 😥
June 9, 2009 at 6:06 pm |
@La Felipedia that’s an interesting suggestion for alternative installation methods. Actually we’ve talked about this very same thing internally as well in the past. Right now we don’t have it in the roadmap but it’s something we’re considering seriously.
@LJ not really. 17MB RAM consumption and about a 3% performance impact.
@Marco sorry about that. This is something we’ve fixed in the Beta2 which will be released shortly at http://www.cloudantivirus.com.
June 9, 2009 at 7:15 pm |
I see that the event log doesn’t say which are the names of the malware detected since a few days ago (instead of that it says “No disponible”).
Another suggestion:
when you maximize the window of the event report, it would be nice that the rows auto-adjust themselves for seeing it better.
June 10, 2009 at 6:22 pm |
I like the product but will not use it on any client’s computer unless it is possible to recover deleted trojans/viruses etc.
I know of no other anti-virus that simply permananently deletes files without giving you the option to not do so or recover them – there is a very good reason for this.
June 10, 2009 at 6:25 pm |
@Alex Molina does this happen every time you open the report or only happened once? Do you use a proxy server to access the Internet?
June 10, 2009 at 6:28 pm |
@steven hawthorn we’ve changed this behaviour in Beta2, which we’ll release soon. With Beta2 you’ll be able to recover from the Recycle Bin any detected malware.
June 11, 2009 at 2:20 pm |
Will Beta 2 also run on Windows 7??
June 12, 2009 at 3:43 pm |
Would certainly like to have the Beta2 now… I maintain several systems and Panda deleted several of the tools I use regularly.
June 17, 2009 at 5:54 am |
Hola Pedro! I have a question, and I’m sure I’m not alone here, when are we gonna be seeing the next release of PCA? Cheers!
June 18, 2009 at 7:40 pm |
On the Beta2, will it be possible to move the files the user wants to the Recycle Bin? That could be used to send atomatically to PandaLabs the files that the user thinks that are malware and that the AV doesn’t detect.
June 20, 2009 at 3:50 am |
I’ve been using Panda Cloud for a little while now with no problems, but today I’ve been getting a Windows security alert saying that my antivirus is not turned on. When I try turning it on through the Windows security window or through the start menu, nothing happens. However, under Computer Management > Services, the NanoServiceMain thing is running. Can anyone shed any light on this? Thanks in advance!
June 20, 2009 at 5:25 pm |
Does pandacloud scan incomming mails?
June 23, 2009 at 10:19 am |
@Anand & @blametheadmin, it will come very soon in a few days..
@Alex Molina In Beta2 you will be able to recover deleted files but not enter new ones into the Recycle Bin manually. For this you can send the sample to virus@pandasecurity.com (manual response) or virussamples@pandasecurity.com (automated processing, don’t expect response).
@Brian, please try deleting the .PF files from C:\Windows\Prefetch and reboot. Does the problem still persist?
@Stefan Jonsson not currently. This is one of the important points of the New Protection Model explained at http://blog.cloudantivirus.com/2009/04/29/new-protection-model-explained/
June 26, 2009 at 5:47 am |
The problem does indeed persist. I forgot to mention that I recently downloaded the newest Microsoft Framwork. Would this pose any conflicts?
June 27, 2009 at 3:48 pm |
I don’t like the way that Panda Cloud Antivirus alerts the user that it has been detected malware, the banner is so big. What about showing a simple pop-up from the taskbar icon?
Check out this montage I made: http://img268.imageshack.us/img268/2411/pandacloudpopup.png
June 27, 2009 at 6:46 pm |
How *free* is Cloud Antivirus?
Can I use it in a commercial environment? Is there a EULA for the software?
June 29, 2009 at 11:19 am |
How do i should connect panda’s cloud antivirus to internet to get the better performance
July 1, 2009 at 1:31 am |
@Brian please download Beta2 from http://www.cloudantivirus.com. This problem should be fixed now.
@Alex Molina Very nice Alex, thanks for the suggestion. We’ll look at it at the User Interface department.
@Mesquire It’s free for personal use, not free for commercial environment.
July 22, 2009 at 10:22 pm |
Can’t wait to try the x64 native version!
July 22, 2009 at 11:20 pm |
in the FAQ it says that only Portable Executable files are checked against the could. Does this mean Panda Cloud does not protect against malicious pdf’s, scripts, macros etc? Otherwise this is a great program and very innovative concept!
July 23, 2009 at 4:16 pm |
Is it true this always will be free of charge.Sound strange in my ears.Is it not good enough,is that why you not ar selling the product????
July 25, 2009 at 11:14 am |
Two reasons I can think:
1. Each PC with Cloud AV is a “malware sensor” to C.I. More users, more sensors, faster reaction to new malware. Good to Cloud AV and good to paid versions of Panda Antivirus. And Cloud AV is free to home users, not corporate users.
2. Merchandising… Do you know AVG or Avast? If you know it’s because they distribute free versions of their antivirus.
July 30, 2009 at 4:49 pm |
The FAQ says that only PE files are scanned. Does this provide protection from MS Office documents with macro viruses or PDF’s with embedded bad stuff?
Thanks.
July 31, 2009 at 12:26 am |
@DaveA & @Terry it’s correct that only PE files are checked against the cloud. But in addition to the cloud, Panda Cloud Antivirus also has a local cache of Collective Intelligence signatures which serve different purposes:
* Protect while not connected to the Internet
* Detect & disinfect file infectors, polymorphic, script/PDF/Office and other type of non-PE files.
@Adrian Yes that’s the plan. The reasons that Amauri mentioned are 100% correct.
August 2, 2009 at 8:27 pm |
Having installed the software it launched into a full background scan and then proceeded to scan by back up disc, which is huge and goes back a long way. How do I make sure that it doesn’t go through this every time? It’s been running for 3 hours now!
Thanks
August 6, 2009 at 1:11 am |
I have a virus running in my computer that’s not detected by Panda Cloud Antivirus. I’ve tried removing the hidden, system and read-only attributes from the executable file (named 22yj2fy1.exe) it creates on “c:\”, and then scanning it with the explorer contextual menu, but it says the file is fine. How can I send it to you so you can check it?
August 6, 2009 at 9:48 am |
@EKantar, you can disable the BackgroundScan if you have a huge amount of disks and data and don’t want it to be scanned. To find out how read:
http://blog.cloudantivirus.com/2009/07/21/known-issue-with-beta2-synchronous-background-scan/
@Jose Please run a scan with ActiveScan (http://www.activescan.com) to see if it is able to detect it and send it to us. Also, can you send me the MD5 of the file? Alternatively if you can boot with a LiveCD and copy the file, then password-protect it and send it to my email pedro.bustamante@pandasecurity.com.
December 27, 2009 at 9:24 am |
hi, i havae panda antiviruis 2010.i updated it and then scan my cumputer with it then it found my viruis. but i dont know how to delete them can email my the soluition step by step and explian it for me.i also read the part help but it wasnt usefule. thanks