Results 1 to 7 of 7

Thread: Is this normal ? Panda Av

  1. #1
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744

    Is this normal ? Panda Av

    I installed Panda Anti Virus on a clients machine, and following up on another problem I removed the HDD and did a scann using VET, the following is the Report..

    Started scanning: 12:16:47, 07-Jun-02
    Major dat file v1000
    Minor dat file v2092
    Macro dat file Jun 5 2002 (VMD Ver 1.6)

    Scanning memory...

    Scanning boot sectors...
    D:\ Master Boot Record is OK: standard Win95 OSR2.
    D:\ Partition Boot Record is OK: standard MSWIN 4.1 FAT32.

    Scanning file(s)...
    D:\WINDOWS\SYSTEM\Apvxd.vxd - Win32.Maya.4108/4113 dropper.
    D:\WINDOWS\SYSTEM\Pav.sig - Win95.Bumble.1736/1738 dropper.
    D:\Program Files\Panda Software\Panda Antivirus 6.0\Pav.sig - Win95.Bumble.1736/1738 dropper.
    D:\Program Files\Panda Software\Panda Antivirus 6.0\pavdll.dll - infected with Tentacles III virus.
    D:\Program Files\Panda Software\Panda Antivirus 6.0\pavcl.exe - infected with Tentacles III virus.

    Finished scanning: 12:36:47, 07-Jun-02
    Number of files scanned: 23987.
    Number of infections: 5
    Number of infected files not cleaned/deleted/renamed: 5
    D:\WINDOWS\SYSTEM\Apvxd.vxd (Win32.Maya.4108/4113 dropper)
    D:\WINDOWS\SYSTEM\Pav.sig (Win95.Bumble.1736/1738 dropper)
    D:\Program Files\Panda Software\Panda Antivirus 6.0\Pav.sig (Win95.Bumble.1736/1738 dropper)
    D:\Program Files\Panda Software\Panda Antivirus 6.0\pavdll.dll (Tentacles III virus)
    D:\Program Files\Panda Software\Panda Antivirus 6.0\pavcl.exe (Tentacles III virus)
    is this normal? just never had this with other AV's any thoughts please..

    cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  2. #2
    Senior Member
    Join Date
    Dec 2001
    Posts
    884
    It's normal if you have a virus. I've had that one before; had to format. It was before I knew hardly anything about PCs, though, so maybe you'll come out a bit more lucky than me.

  3. #3
    Senior Member The Old Man's Avatar
    Join Date
    Aug 2001
    Posts
    364
    I think it's normal, depending on how you have the Panda set to deal with virii.... you have the option to delete them, rename them, disinfect them, isolate them... send a warning to the address they came from if it was email, mail them to Panda for examination...... kind of looks like the program as configured was isolating them in the Panda folder..

  4. #4
    Senior Member
    Join Date
    Dec 2001
    Posts
    884
    The Old Man: You're not reading what files are infected thoroughly enough. It says:

    D:\WINDOWS\SYSTEM\Apvxd.vxd (Win32.Maya.4108/4113 dropper)
    D:\WINDOWS\SYSTEM\Pav.sig (Win95.Bumble.1736/1738 dropper)
    D:\Program Files\Panda Software\Panda Antivirus 6.0\Pav.sig (Win95.Bumble.1736/1738 dropper)
    D:\Program Files\Panda Software\Panda Antivirus 6.0\pavdll.dll (Tentacles III virus)
    D:\Program Files\Panda Software\Panda Antivirus 6.0\pavcl.exe (Tentacles III virus)

    Every single one of these files is essential for Panda Antivirus to work. A virus has infected the important PAV files, making it useless.

  5. #5
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Thanks for the comments guys,

    BTW those 5 files were the only ones to come up on the HDD

    Scanned the Panda AV install file came up clean, Installed on a known clean system... bingo same result when HDD scanned in a test machine.. So have sent the Install file off to Panda to check it out..

    avagoodweegend

    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  6. #6
    Senior Member
    Join Date
    Apr 2002
    Posts
    711
    Personally, I'd double-check the system with an online "free" scan or two and see what it says... I'm not familiar with the virii it's finding, but, there a chance that their "wimpy stealth virii" that have infected the virus scanner when you ran it and now, having done so, it's cloaking itself elsewhere?

    In any case, I'd boot off a floppy (if that's even still possible these days) and see if you can scan the system when booted from clean media (even a cdrom). And again, perhaps an online scanner or two... at least as a sanity check.
    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

  7. #7
    They are just infected files. Scan with an online virus scanner (like Panda ActiveScan) and clean them. It appears that they have tried to disable the antivirus program so I think the best thing to do would be to uninstall Panda (it will delete all the files that were created when you installed Panda meaning all the infected files) then just install it again. The viruses will be deleted from the system and you will have a new Panda AntiVirus program. I suggest you update thoroughly though because non-updated files it probably the reason you got infected with these viruses.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •