Comments

Pedro,

the command line don't work on my pc.

Cheers

   Posted by lucass at 4 July 08 5:05 PM

Can Home users download this file for Panda IS 2008?

   Posted by Jonte at 4 July 08 6:17 PM

what has changed in activescan 2.0

please discribe whats changed

   Posted by jon at 4 July 08 7:54 PM

Lucass, make sure you're running with admin priviledges. Contact me via email if you're still having problems.

Jonte, I'm guessing you're referring to the signature file. Yes you can use it, but the Panda IS 2009 have a much improved system combining local signatures and in-the-cloud signatures for an even greater detection rate. More info at http://research.pandasecurity.com/archive/Panda-Internet-Security-2009-BETA.aspx

Jon, you can read on what's new in ActiveScan 2.0 at http://research.pandasecurity.com/archive/Panda-ActiveScan-2.0.aspx

   Posted by Pedro Bustamante at 5 July 08 1:50 AM

in activescan 2.0 you updated the active scan 2.0 files yesterday  I noticed it detects alot more malware as Suspicious then before

what has been changed to detect more unknown malware

please explain in detail

please  do a blog entry or reply

thanks

   Posted by jon at 5 July 08 2:24 AM

You're 100% right jon. The difference is basically how Collective Intelligence is implemented. Initial versions of ActiveScan 2.0 downloaded to each PC a limited part of the "knowledge" (signatures) generated by Collective Intelligence. With the version we uploaded a couple of days ago each file you scan gets checked against the total knowledge of Collective Intelligence in real time. This means that you're connected in real time against our CI servers and scanning is done "in-the-cloud" instead of locally on the PC. More information about Collective Intelligence here:

http://research.pandasecurity.com/archive/Technology-Paper_3A00_-From-AV-to-Collective-Intelligence.aspx

   Posted by Pedro Bustamante at 5 July 08 10:39 AM

Why the parameter of "-nomem" deleted?

Is that the developer made a mistake?

   Posted by ray.smith at 6 July 08 3:31 PM

Is that the new CSV format log does not support for a single file scanning?

The below is the log result of single file scan, I cannot see that it is a CSV log!

---------------------------------------------------

Date                : 06/07/2008

Time                : 22:20:43

File checked        : C:\AV.exe

  Suspicious file

                Panda CommandLineSecure 9.05.01 (c) Panda 2008                

Time employed for scan .............: 00:00:02

Number of files scanned ............: 1

Number of files infected ...........: 0

Number of suspicious files .........: 1

                         Copyright Panda Security 2008                        

   Posted by Andrew at 6 July 08 4:24 PM

Ray, -nomem was there for older DOS-based platforms. As we don't support that anymore we took it out.

Andrew, there's two files that are generated, a PAVCL.LOG (csv format) and a PAVCL.RPT (the one you posted). Check PAVCL.LOG for the csv formatted output.

   Posted by Pedro Bustamante at 6 July 08 10:19 PM

Pedro,

I have tested "-rpt:pavcl.cvs", it would output both pavcl.log and pavcl.cvs. If I just used "-rpt:pavcl.log", it would output pavcl.log only.

   Posted by Andrew at 7 July 08 2:30 AM

Sorry, I made a mistake. For -rpt:pavcl.csv, it would generate a pavcl.log and a pavcl.cvs. The pavcl.log was cvs format. But -rpt:pavcl.log was not.

   Posted by Andrew at 7 July 08 3:03 AM

Sometimes when i scan a file with Virustotal Panda found "Suspicious file", but my "own" Panda found notething. Why?

Jonte

   Posted by Jonte at 7 July 08 6:51 PM

This page is doesn't work http://www.pandasecurity.com/homeusers/security-info/default.aspx?lst=ac&sitepanda=particulares

please fix this active threats page soon

also there is no Description for this threat

Trj/CI.A

please try to fix these  problems

thank you

love jon

   Posted by jon at 7 July 08 10:35 PM

Jonte, make sure heuristics is turned on and set to high on your on-demand scan.

Jon, thanks for the heads-up. We're working on fixing this.

   Posted by Pedro Bustamante at 8 July 08 12:23 PM

when i use activescan 2.0 it detects a folder as a generic trojan the folder is called F-Secure SDBot.gen8

please try to fix this false postive

   Posted by jon at 11 July 08 2:52 AM

Tried it but cannot replicate Jon. Can you provide more details, such as content (files) within the folder, a HijackThis and Panda Anti-Rootkit log?

   Posted by Pedro Bustamante at 11 July 08 9:17 AM

Here is the activescan 2.0 log

This folder is empty

03257437  Generic Trojan                    

Virus/Trojan     E:\Users\pc\Desktop\cheats\confermed infected\FSecure SDBot.gen8

SUSPECTS

E:\Users\pc\Desktop\cheats\confermed infected\F-Secure SDBot.gen8

I send a sample of the folder though activescan

I hope this helps

   Posted by jon at 11 July 08 8:20 PM

And the Binnary of .Tar, .Rpm?

;-) SYSOP

   Posted by DarkStar at 16 July 08 9:59 AM

This version only comes in win32 flavour. The latest linux versions are available here:

http://research.pandasecurity.com/archive/Free-commandline-scanner.aspx

   Posted by Pedro Bustamante at 16 July 08 2:08 PM

What is the LATEST version of PAVCL for LINUX ?

thanx.

   Posted by catteau at 22 July 08 4:01 PM

Look at the comment above catteau. Linux version available here:

http://research.pandasecurity.com/archive/Free-commandline-scanner.aspx

   Posted by Pedro Bustamante at 23 July 08 5:54 PM

Nice, clean and a great change under the actual technology.

Perfect the linux version for networks affected.

Only, an option for run under solaris. (perfect for scan networks with a high risk)

Best regards

   Posted by Jan Arbona at 1 August 08 11:00 PM

Can you shed some light as for why the signature file that comes with the new command line version has more signatures (3,441,666 / June 30, 2008) than the signatures that I download when I sign in with the license purchased (1,846,697 / Nov 6, 2008)? Thank you!

   Posted by Harold at 6 November 08 11:41 PM

Yes Harold, we have different signature files for different purposes. Normally our products which have in-the-cloud scanning from Collective Intelligence include a smaller signature file which includes the most important threats. The rest are queried online. We call this the real-time-wildlist-signature. Then there's the mega-signature which corresponds to a full signature file.

   Posted by Pedro Bustamante at 10 November 08 11:32 AM

Thank you Pedro! So, for me to have a broader range of singatures it is better to download the ones from :"http://research.pandasecurity.com/blogs/images/pav.zip", correct? The other question I have is in regards to sending the signatures definition date to a log file. How do I do that? I tried redirecting the output with "pavcl.exe -info > log.txt" and "pavcl.exe -info -rpt:log.txt", but it didn't work.

   Posted by Harold at 11 November 08 2:56 PM

Harold the sig on the blog is not updated every day. Its only updated once every week or so as this is a free sig I provide for testing purposes. If you need a regularly updated sig download it from the following location:

http://acs.pandasoftware.com/member/pavsig3/pav.zip

This is the full signature and you'll need an active username/password to access it.

In order to log the date of the sig file, you can simply log the date stamped on the pav.sig file on disk.

   Posted by Pedro Bustamante at 13 November 08 4:56 PM

Pedro,

Is this new commandLine scanner a different product, or a replacement for the free commandline scanner you've posted here:

http://research.pandasecurity.com/archive/Free-commandline-scanner.aspx

?

Thanks.

   Posted by barry at 18 November 08 2:57 PM

Barry, same product just a newer version. The download link is the same so regardless of where you download from you'll get the latest version.

   Posted by Pedro Bustamante at 19 November 08 2:11 PM

How do i apply to get username/password to get regularly updated sig download it from the following location:

http://acs.pandasoftware.com/member/pavsig3/pav.zip

Thanks

   Posted by Devaud at 19 November 08 2:21 PM

Devaud, simply purchase a license to one of our products and you'll get a username and password valid for downloading regularly updated sigs. For example from here:

https://shop.pandasecurity.com/cgi-bin/pp?prd=409938

   Posted by Pedro Bustamante at 19 November 08 3:55 PM

Hello Pedro,

Please, could you tell us if return codes had changed or is the same binary combination as version 9.4.x?

Thanks

   Posted by Jose at 5 January 09 7:08 PM

Hey Jose, should be the same.

   Posted by Pedro Bustamante at 7 January 09 12:05 PM

Did the pav.sig for this (http://acs.pandasoftware.com/member/pavsig3/pav.zip) change this week? It seems the pav.sig went from being 100MB to 60MB this week. It used to be a 'megasig' and now it's the same file as the normal pav.sig in the desktop client. Are we missing something?

   Posted by Gary at 9 February 09 11:00 AM

Yes Gary you're right. It now redirects to http://acs.pandasoftware.com/member/pavsig/pav.zip which is the regular pav.sig for corporate products. We've discontinued the megapavsig for the moment.

   Posted by Pedro Bustamante at 9 February 09 1:33 PM

Oh, shame, so what's the advantage of using the command line scanner now over just the normal Panda Desktop scanner if they both use the same sig? Is the megapavsig going to return?

   Posted by Gary at 9 February 09 1:54 PM

We're working on the replacement of the megapavsig Gary, which will be much more complete than what you've seen until now. I'll announce it here when it's ready.

   Posted by Pedro Bustamante at 9 February 09 4:46 PM

thank you!!! for your work

   Posted by user1 at 5 June 09 8:59 AM

Post a comment

Name 

Email Address:

URL:

Remember personal info?

Comments: