ritchie58 Posted December 6, 2012 Report Share Posted December 6, 2012 The ClamAV module is detecting one of Panda Cloud's RarSFX update files as malicious. From past experience this is no doubt a FP. To double check I have contacted Panda Support to confirm that this is indeed a FP and waiting for a response from them as of this writing. Link to comment Share on other sites More sharing options...
ritchie58 Posted December 7, 2012 Author Report Share Posted December 7, 2012 Panda just sucessfully auto-updated through the GUI and was attempting to update when the first detection occured so that file is a confirmed FP. Anyone else using Panda Cloud & Immunet if the same thing happens to you just restore the RarSFX file from Quarantine to get the 2.1 version update. This is the first time Panda Cloud has pushed a new build update install through their GUI. I believe that's the reason for the detection. Hopefully it will get whitelisted soon. Link to comment Share on other sites More sharing options...
ritchie58 Posted June 20, 2013 Author Report Share Posted June 20, 2013 It happened again. Panda Cloud was trying to update through the GUI to the newest 2.2 version when ClamAV flagged this RarSFX file as malicious using the same Clam.Plastique2900 detection name as before (see images). Immunet version: 3.0.8.9025 - Since this RarSFX file uses a Windows Temp file I am unable to retreve the MD5 checksum or the SHA256 hash for it. Panda Cloud's RarSFX files need to be permantly whitelisted, if that's possible, so I and anyone else that uses the Panda Cloud/Immunet combo don't have to go through this everytime Panda updates to a new version. Let me know if you want me to submit a SDT report also. Regards, Ritchie... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.