Frequently Asked Questions
Â
We’ve been getting a lot of positive feedback from the community regarding Cloud Antivirus. Thanks to all for downloading, testing, and using it. Of course there are many questions that are being answered through this blog and via comments, but as not all users read through the comments, I thought I’d compile a list of the most important and most common questions as well as answers. The list is comments/questions is the following (scroll down for the answers):
- Why isn’t there a 64bit and Windows7 version?
- Will Panda Cloud Antivirus continue being FREE after the beta is over?
- Do I need to run a different antivirus at the same time as Cloud Antivirus?
- Am I still protected when I’m not connected to the Internet?
- After installing Cloud Antivirus I scanned my PC and it took a really long time. What’s up?
- Are my files being sent to the cloud for scanning?
- What exactly is sent to the cloud?
- Cloud Antivirus detected a Trojan and deleted it. How can I get it back?
- Why can’t I choose delete/block/ignore when it detects a Trojan?
- Can I run Cloud Antivirus alongside my Norton360/AVG/Etc.?
- Scan stuck at x%.
- I have 2 monitors and Cloud Antivirus always appears right in the middle of both.
- Since I installed Cloud Antivirus my system has *really* slowed down to a crawl.
- I’m having problems downloading the Cloud Antivirus installation program.
Â
Â
Why isn’t there a 64bit and Windows7 version?
Basically we wanted to get Cloud Antivirus out there and tested as soon as possible to validate the new philosophy and protection model. Supporting additional configurations was less of a priority than seeing if the model is truly valid or not. However we’re seeing that by popular demand this is the #1 request we’re getting so we’ll re-think our priorities and try to release these builds as soon as possible.
Â
Will Panda Cloud Antivirus continue being FREE after the beta is over?
YES. Absolutely. 100%. Free.
Â
Do I need to run a different antivirus at the same time as Cloud Antivirus?
No. Cloud Antivirus provides all the protection you need from viruses, malware, etc. Also it is not recommended to run 2 different AV engines at the same time as they can conflict with each other.
Â
Am I still protected when I’m not connected to the Internet?
Yes, you do not need to be connected to the Internet all the time in order to be protected. Cloud Antivirus stores a “local cache copy†of Collective Intelligence for offline operation. As soon as you disconnect, Cloud Antivirus still works in the background, checking every file against its local cache of detections. This local cache includes, amongst other things, detection for all malware files which are currently in circulation and affecting users.
After installing Cloud Antivirus I scanned my PC and it took a really long time. What’s up?
If you run an on-demand scan of your entire system right after installing Cloud Antivirus you will experience this slowness because both the initial Background Scan and the on-demand scan are running simultaneously. Panda Cloud Antivirus runs a Background Scan after installation. During this Background Scan Cloud Antivirus does a review of the entire PC by scanning it and by filling up its goodware cache (checking known good files against the cloud) in order to optimize future scans. Simply allow Cloud Antivirus to finish its Background Scan before launching a full system scan. If you are experiencing problems after that, please export your Windows Event Log for Cloud Antivirus (My PC, Manage, Event Viewer, Nano, right-click & Save as) and send it to us at beta@pandasecurity.com. Â
Â
Are my files being sent to the cloud for scanning?
No. Absolutely no files and no personal information is sent to the cloud. Also only PE files (.EXE, .COM, etc.) are checked against the cloud. Non-PE files such as pictures, documents, etc are not scanned from the cloud.
Â
What exactly is sent to the cloud?
For any PE file that is checked against the cloud, we create multiple cryptographic hashes. Amongst them is what we call a “reverse signature†of the file. This reverse signature is able to identify multiple similar files. The response from the cloud can be “malwareâ€, “goodware†or “unknownâ€. Also we send “behavioral traits†of files to be scanned heuristically remotely by the cloud. These are basically properties and characteristics of each file. In summary, no content and no personal information is ever sent to the cloud.
Â
Cloud Antivirus detected a Trojan and deleted it. How can I get it back?
Cloud Antivirus is pre-configured to automatically delete malicious files. However suspicious files and certain types of grayware (hacking tools, potentially unwanted programs, etc.) are not deleted automatically and sent to the Recycle Bin (quarantine). To access the Recycle Bin, click on the folded bottom right corner of the Cloud Antivirus program. From there you can unblock detected files and get access to them again. Keep in mind that, once unblocked, these will not be detected again by Cloud Antivirus. However if the file that was detected is a true malicious file such as a Trojan, it will be deleted automatically and there’s no way to get it back (after all, you’re installing Cloud Antivirus to get rid of malware, right?).
Â
Why can’t I choose delete/block/ignore when it detects a Trojan?
As an antivirus program, the main thing that users ask for from us is that we detect and get rid of malicious files without bothering them. This is exactly what Cloud Antivirus does, keeping everything as simple and straightforward as possible. This is what we’re trying to do with the new protection model of Cloud Antivirus, to manage all these decisions for end users automatically. However we are getting some feedback from advanced users to have this functionality included. We’re thinking about how to approach this but one way would be to activate an “advanced mode†and while in that mode maintain an encrypted copy of every detected file in the Recycle Bin (at least for x amount of max time) that can be recovered if needed. Comments about this approach are welcomed.
Â
Can I run Cloud Antivirus alongside my Norton360/AVG/Etc.?
No you can’t, just as you can’t (or shouldn’t) run two or more different antivirus programs at the same time. The Cloud Antivirus installer identifies a large number of AV programs and will stop the installation if it detects one running. However there are reports of some users that have been able to install Cloud Antivirus running at the same time as lesser known AV programs such as Spyware Doctor Antivirus. In these cases you might experience slowness or slugginesh of the Operating System. To resolve this issue simply uninstall one of the two AV programs.
Â
Scan stuck at x%.
Issue 1: This is a bug of the interface transparency effect. It’s not really a bug with the scan itself; rather it’s a bug on the interface painting actions. It occurs when, during the scan, the screensaver kicks in or the user session is closed. After coming back to the scan window, the impression is that the scan is stuck. However if you click on the scan window and drag it you can see that the scan is finished or still progressing.
Issue 2: We have had some reports of stuck scans which are not due to the interface transparency effect. If you are experiencing this problem, please export your Windows Event Log for Cloud Antivirus (My PC, Manage, Event Viewer, Nano, right-click & Save as) and send it to us at beta@pandasecurity.com.
Â
I have 2 monitors and Cloud Antivirus always appears right in the middle of both.
Yes this is a reported and known bug. We’ll fix it as soon as possible.
Â
Since I installed Cloud Antivirus my system has *really* slowed down to a crawl.
See the FAQ above about running Cloud Antivirus in parallel with another AV program. If this is not the case and you still experience slowness of the Operating System in general, please contact beta@pandasecurity.com and send us the details of your configuration.
Â
I’m having problems downloading the Cloud Antivirus installation program.
Delete all temporary file from your browser and try downloading again from www.cloudantivirus.com.
Â
The obvious question is with the scanning done “online/in the cloud” what happens if I have not got internet connection at some point and I put a usb key in my pc (eg at a friends house etc) which happens to have some virus etc on it what happens? I dont see this answered in the FAQ’s. I would hope it would get caught but how if everything is done “online”?
Thanks for the information!
Sounds good with a “Advanced mode” setting =)
BTW
Hope you can get so that you do not need to restart your computer every time CloudAV finds a Virus.
It´s very annoying.
Cloud AntiVirus marked one of my system specific files as suspicious (OQO model 02’s PrepUI.exe). I unblocked it it and Cloud AntiVirus promptly neutralized it again. Two questions:
1) How do I keep Cloud AntiVirus from neutralizing the file?
2) If I unblock a suspicious file, is that action sent to you to factor into your analysis of the file?
Good question (re: what happens if you’re offline) considering not just the case where you’re legitimately offline and some infected files on a disk/thumbdrive/etc gets inserted, but what if viruses take advantage of this being a weak point and prohibit internet access until they, themselves, need it to spread or whatever (if they do at all).
¿Este antivirus puede funcionar en redes Proxy? ¿El autodetecta la configuracion o hay que configurarle la direccion proxy manualmente?
Hola @jesusguevarautomotriz
Panda CloudAV si funciona en redes proxy y si ya tenes configurada esta y las estas usando desde IE, CloudAV la toma automáticamente desde este, de lo contrario pulsando el botón de configuración podes acceder al panel donde cargar los datos del proxy.
Salu2
Marcelo
¡Hola! Una preguntita que siempre me he hecho con todos vuestros productos: ¿vais a mejorar la forma en que se guarda el registro de eventos? Por ejemplo, se podrÃa guardar en un archivo HTML único con un formato aceptable (queda bastante “cutre” en archivo TXT…) ^^
Por cierto, creo que el “checkmark” del cÃrculo verde pequeño tendrÃa que ser de color blanco (igual que el grande), en negro no destaca.
¡Saludos!
¡Ay! Se me olvidó otro detalle: no es capaz de detectar las cookies de Google Chrome (creo que están todas en un mismo archivo), ¿tenéis pensado algo?
¡Gracias!
@Ben Burrows and @Gryffyn, thanks for the tip, I’ve updated the post to include this FAQ.
@Jonas, this is a known issue (http://blog.cloudantivirus.com/2009/04/30/known-issues/). Please wait for the next release and it’ll be fixed.
@Alex Molina, you can export the event log into TXT or CSV formats to import into any format you want.
@Dave P, either send the file to virus@pandasecurity.com or myself at pedro.bustamante@pandasecurity.com to fix this.
So If I understand it good…
While we are disconnected from the internet…
- CloudAV detects and protects us from the most common threats of the last moment we were online connected…
- CloudAV will store the fingerprints of the files of these offline scans for a throughly scan in the cloud when we reconnect with the internet?
@Terence correct about protecting against the most common threats while offline. During offline the files will be checked against the local cache copy, not queued for later analysis against the cloud. Of course once connected the processes will be checked against the cloud.
@Pedro: I have encountered the problem that PCAV deleted tools that I need cause they were classified as malware. What if PCAV would just encrypt that file and decrypt it back after I told PCAV to recover it?
Another idea I had was to modify the ACL of that specific file so that I can no longer work with it - this one would not cause so much CPU-load as encrypting the file. Unfortunately it might led to wrong statements in case somebody uninstalls PCAV and afterwards installs another scanner that finds a virus inside that file.. people might wrongly say “oh look, PCAV did not find that virus.”
I´ve notified that CloudAV doesent scan IM, only when they reach the computer, you have to configure yourself so CloudAV scan IM ,like MSN.
It would be good if CloudAV scan incoming files automaticly, for people who dont know how to configure.
I love this software,seems to be quite efficient,I plan to install it on some friends’ machines,is it really better than Avast or Antivir?
And if yes why?
One more vote for WIN7 compatibility…I would love to beta test it…
Strange situation. I executed some .exe file. File starts. Then CloudAV says that it is a trojan and deletes this .exe.
Why executing of trojan in fact is allowed in this situation?
@Peter Piksa, yes this is exactly what we’re thinking about doing, saving the file for x amount of time in the Recycle Bin, so that you are able to recover in case of false positive or other scenarios. We’ll have to think about the scenario you mention, but I think during uninstall it already asks if you want to delete the files in the Recycle Bin or keep them, so it would be up to the user if they wanted to keep the malicious file in their system.
@Jonas this is correct. It’s the idea behind the new protection model (http://blog.cloudantivirus.com/2009/04/29/new-protection-model-explained/) introduced by Cloud Antivirus. The idea is that the file will be scanned already twice when copied to the file system and when trying to execute it. Is scanning a “feel safe” issue or do you think there’s a scenario where it really is needed to be scanned also during transfer?
@DeHuC, please open the event log, find the detection and click on the name. Can you send me the URL in the encyclopedia that it is pointing to pedro.bustamante@pandasecurity.com?
Does Panda Cloud AV scan webmail and Outlook emails? I test sent the EICAR test virus file via Outlook and Panda did not pick it up! However, it did for a straight download from the EICAR website. Still, very worrying that email scanning does not appear to be a function of this product?
Is CloudAV free for commercial use?
I have a malware which is not detected by CloudAV.
This one http://www.virustotal.com/analisis/cc423bbe42da985fa7820c9e956dd641
What should I do?
Quote: “activate an “advanced mode†and while in that mode maintain an encrypted copy of every detected file in the Recycle Bin (at least for x amount of max time) that can be recovered if needed.”
I think that this is essential so that FP’s can be recovered.
I have downloaded more rogue programs that contain malware and in some cases it is detected immediately and in others it is detected upon execution, which is a win-win situation.
At the moment it appears to be highly responsive to both downloaded threats and executed apps which contain threats. The one thing I miss is the warning when visiting a known dangerous site which many traditional AV’s would highlight with a warning about the threats, PCAV does not offer this warning but does remove malware if downloaded from such sites.
After the initial installation and scan it picks up very quickly on any attempt to download or execute programs containing a variety of malware with very low resources. The little popup is useful to inform users that malware was found and removed from the system too.
Why the user can’t clear the “event report”? And I miss the option of doing an analysis of the system’s memory (only all computer or selected files/folders)…
@MH & @cotojo. No it doesn’t scan web/email traffic while in transit. It basically waits to the file to be downloaded and then it is scanned. This is one of the things that is different from traditional AV products. We believe it’s not necessary to check it twice, once during transit and another when it’s on your drive.
@DeHuC It will definately will be free for home/personal use. Don’t know about commercial use yet. I’ll find out.
@Alex Molina thanks again for your suggestions Alex. They are good ones!
Thank you for the clarification, that was what I expected and makes more sense to be done that way.
I appreciate that you are recommending not to use other AV products alongside Panda Cloud AV but what about Microsoft’s Defender? I am currently running both, and during a test open of a Eicar text file, Defender alerted first with nothing reported in the Panda logs about it?
@MH
It’s a very bad idea to use 2 AV in real time simultaneously. The result can be even worse than running only one of them.
I have more constructive suggestions
-You can’t minimize the program windows when double-clicking on the windows taskbar tab (like the other programs do).
-If you use Google Chrome, on the “About Google Chrome” window the program checks for updates. Would it be useful for Panda CA something like that?
-And the menu that appears when clicking on the “?” button shows thwo options too similar at least in spanish (”Ayuda de Panda Cloud Antivirus” and “Acerca de Panda Cloud Antivirus”): I think it would be more comfortable for the users rename them by “Ayuda” and “Acerca de…”. The first time I read them I couldn’t distinguish among them easily hahahha
(Sorry for my bad English: I’m helped by Google Translator XD)
I mean when you click (not double-click, I mistaked) on the button that appears on the Windows taskbar like when you open a program or a window.
@Alex Molina
As for second suggestion. I thik it will be useless option.
I’ve monitored AV network traffic for some time. CloudAV periodically automatically checks new version (don’t know how often). And it was said previously, that some notifying message will be shown when new version is available.
@DeHuC
“Defence in depth” is best practise and I don’t believe that reliance on one product is credible. Note that MS Defender is not a true/typical AV product but more an anti-spyware product. Therefore, my question to Panda was, “Is Defender OK to use alongside your “cloud” product, or indeed will it cause issue?”.
@MH
There is no big differenÑe in functionality of AV and anti-spyware product. Good AV does anti-spyware work too.
I agree. At home I use 2 AV products, one as real-time protection, second as on-demand scanner
Does PCAV incorporate Rootkit removal, does it detect and remove as it does with malware?
Have you thought about an option to scan system without booting windows?
@MH, did the detection occur during downloading the EICAR file or once it was in the hard drive?
@DeHuC & @MH, let me check about this, as Defender is normally treated differently as an anti-spyware, so you might be able to run it alongside Cloud Antivirus.
@cotojo yes it does include some anti-rootkit functionality.
@James, you mean like a boot CD? We have this option in our regular consumer products but not Cloud Antivirus. Do you see this as necessary?
Great idea, but the automatic deletion of files identified as malware with no way of restoring them makes it a non-starter for me.
CAV detected & neutralized TPE Civil War 1V. It found this in c:\windows\manifests\winsxs\………
A rescan does not find it again.
The file is still there and has not been modified.
What has happened & what does neutralized mean?
Thanks for a good product.
David
Yes, I think it would be quite useful, and also necesary, specially when you cannot boot your computer. But I think a boot CD could also be used to get a better removal of malware (rootkits, etc).
I am particularly concerned as I read just “some anti-rootkit functionality” (and I could not read “full”..). I hope to find a full system protection when using it (the best one, specially against this kind of malware).
Rootkits are a worry for certain. The Panda version doesn’t appear to be compatible with Vista.
Gmer I have.
Hi guys,
I have tested your new anti-virus but I’m not very satisfied with detection of malware, spyware, … . Your engine is using cached local signature database what is fine. But for example, detection of some “spyware object” is based on file name and file location. This is little bit crazy from my point of view.
Try this small example:
1. Open C:\WINDOWS\Temp folder
2. Create there file called istdnld.exe
3. Type some strings into this fake EXE file and save it
4. Check content of this folder after several seconds
5. Check the statistic info of Cloud AntiVirus
Result is that file will be deleted and Cloud AV statistic count one spyware and all to reports Adware/IST.ISTBar.
Good joke, but really bad software!
@Martin
1230203 294 4 Mon May 11 21:06:31 2009 Analysis result ON PREFETCH C:\WINDOWS\Temp\istdnld.exe Malware
1231500 295 6 Mon May 11 21:06:33 2009 Action result ON PREFETCH C:\WINDOWS\Temp\istdnld.exe Deleted
1258734 296 4 Mon May 11 21:07:00 2009 Analysis result ON PREFETCH C:\WINDOWS\Temp\istdnld.exe Malware
1259093 297 6 Mon May 11 21:07:00 2009 Action result ON PREFETCH C:\WINDOWS\Temp\istdnld.exe Deleted
I installed PCA recently and everything worked fine untill I booted my computer. PCA freezes Windows and it my pc does`n start. Where is the problem? Have XP SP3.
@Pedro Bustamante
Defender detected it when I downloaded it from the EICAR website. PCAV didn’t detect it at all when I opened an email containing the same EICAR text file or if I saved that attachment to disk.
@Martin I think it’s ok. There no human user in the world, who creates istdnld.exe in C:\WINDOWS\Temp
You say “Cloud Antivirus provides all the protection you need from viruses, malware, etc”, but you also say that it does not scan documents. What about malware that is embedded in documents (.doc, .pdf, etc)?
@MH
Have you ever tried to rename the EICAR.txt to EICAR.com.If not,do this and have a look.
@DavidC, can you find it in the Recycle Bin?
@James & @DavidC Panda Cloud Antivirus does have anti-rootkit functionality and definately once the product comes out of beta, all the technologies needed to protect just as much as any other AV solution. Keep in mind that we’re still in beta and still developing new functionalities. In short time we will release a new beta version which you can re-test.
@Martin this is a SmartClean detection of malware traces. It’s a very common to combine signature detection with traces detection (such as registry entries, specific paths, etc.). Most AVs have such types of detections.
@J R Sundberg can you send me the details of your setup to pedro.bustamante@pandasecurity.com? Thanks !
@MH Yes this is normal behaviour, as Panda Cloud Antivirus does not scan smtp/pop3. Please read the protection model that we are proposing with Panda Cloud Antivirus and why we think it’s not necessary to double-scan everything:
http://blog.cloudantivirus.com/2009/04/29/new-protection-model-explained/
some worms disable regedit, taskmgr, msconfig, cmd, folder options… PCAV should be able to allow admin users to enable them.
My Recycle Bin seems to be broken. I currently have 7 files in it, and the only option available when I click on any of them is “Don’t block this program”. I don’t have any of the other featuers mentioned in the hlp section, such as “Enable automatic management”, “Delete this program”, or even “Exactly what does it do?”. All 7 files have the same comments about being blocked because they may be infected by a virus and they are currently being analyzed in the Panda Laboratory. It’s been like that for a few days now, and as far as I can tell the software isn’t being blocked by my firewall.