(The quickest way to register)

Forum

  1. User picture
    • leofelix on Wed 02 Feb 2011
    • 06:38:36 PM UTC

    acs.pandasoftware.com (Panda Security) infected??!!

    I was downloading the latest Panda Cloud Antivirus v 1.4 (for more information more see: http://blog.cloudantivirus.com/ ) and as usual I checked WOT scorecard and comments first

    http://www.mywot.com/scorecard/acs.pandasoftwar...

    According to Malware Patrol (see also http://www.malwarepatrol.net/stats.shtml )

    Appeared on a list of malware distributors.

    http://www.urlvoid.com/scan/acs.pandasoftware.com

    http://www.google.com/safebrowsing/diagnostic?site... (Clean)
    http://safeweb.norton.com/report/show?url=acs.pand... (Clean)
    http://www.browserdefender.com/site/acs.pandasoftw... (Clean)
    https://zeustracker.abuse.ch/monitor.php?host=acs.... (Clean)

    Trend Micro Web Reputation Query - Online System
    http://reclassify.wrs.trendmicro.com/wrsonlinequer...
    Web reputation result: This URL is currently listed as malicious.

    VT URL analysis tool Result
    http://www.virustotal.com/url-scan/report.html?id=...

    Firefox Clean site
    G-Data Clean site
    Google Safebrowsing Clean site
    Opera Clean site
    ParetoLogic Clean site
    Phishtank Clean site

    Since I cannot access to a download directory I scanned the whole path link to the Panda Cloud Antivirus installer

    Normalized URL: hxxp://acs.pandasoftware.com/cloud/PandaCloudAntivirus. exe
    URL MD5: 861019e81b6dc5a24a3a18d753a1b562
    Content-Type: application/octet-stream

    http://www.virustotal.com/file-scan/report.html?id...
    File name:
    PandaCloudAntivirus.exe
    Submission date:
    2011-02-02 17:50:30 (UTC)
    Current status:
    finished
    Result:
    0/ 43 (0.0%)

    Clean

    Panda Security is also a partner of WOT
    http://www.mywot.com/blog/163-wot-partners-with...

    Since I hardly believe that Panda is engaged in the distribution of malware:

    Can some security expert enlight me? Are there any recent incident reports?
    Do Anyone know if Panda Security has been compromised or hacked?
    Is that a false positive maybe?
    I'm aware that Panda Cloud Antivirus comes with a undesiderable toolbar included, but it is not malware
    (see: http://www.calendarofupdates.com/updates/index.php... )

    Thank you in advance for any possible reply

    festina lente (hurry slowly)

Comments:

  1. User picture
    • Sami on Wed 02 Feb 2011
    • 07:00:08 PM UTC

    RE: acs.pandasoftware.com (Panda Security) infected??!!

    There are some additional details in the report from Malware Patrol. It's hard to say what happened, because the full URL is hidden. Could be a false positive too based on the low detection rate.

  2. User picture
    • Jazspeak on Thu 03 Feb 2011
    • 01:39:52 AM UTC

    RE: acs.pandasoftware.com (Panda Security) infected??!!

    "F-Prot and ClamAV are prone to false positive detections"

    I don't know about F-Prot (never used it) but I have found that Clam AV can seem to give a lot of false positives when the Potentially Unwanted Programs (PUP) detection is selected, and not when PUP detection is deselected..

    ~Music is not just for the Masses~

    • User picture
      • leofelix on Thu 03 Feb 2011
      • 05:09:55 PM UTC

      RE: acs.pandasoftware.com (Panda Security) infected??!!

      I don't know about F-Prot (never used it) but I have found that Clam AV can seem to give a lot of false positives when the Potentially Unwanted Programs (PUP) detection is selected, and not when PUP detection is deselected..

      a good reason more to believe those detections are false positive.
      Yahoo toolbar/Panda Security toolbar is not malware and can be unchecked during setup.
      Not to count that only 3 antivirus on 43 detected as "malware" a file into a hidden directory, that's not enough to classify a whole website, a security related website, as engaded in the distribution of malware in my opinion

      festina lente (hurry slowly)

  3. User picture
    • leofelix on Sat 05 Feb 2011
    • 07:35:41 PM UTC

    RE: acs.pandasoftware.com (Panda Security) infected??!!

    bumping for a reason
    acs.pandasoftware.com

    has been delisted

    http://www.malwarepatrol.net/stats.shtml

    http://www.malwarepatrol.net/cgi/search.pl?id=VzMy...

    festina lente (hurry slowly)