During my recent upgrade to version Pando Free 2.0.3.1 operation, Avast detected
file …\Temp\bar.0\P4SRCSP.EXE\ as being infected (Adw) : I put it in the chest.
I though Pando is a legit, clean, application.
So can you please submit it to VirusTotal and let us know the result? If it is indeed a false positive, as you know, send it in a password protected zip to virus@avast.com
Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.
A tried to submit the file to VirusTotal, but for some reason, I did not succedded
(0 bytes received by VT). So I sent it directly to Avast, along with a message.
Hope it worked and you received correctly.
You also can’t send it whilst it is in the chest, you need to export it not restore to the original location.
Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
Many thanks for the info. Finally, I succeded to submit the file to VT, which returned me some
positive detections : here follows an abtract (manually done) :
So at least, this file looks hightly suspicious to me …
As during this Pando update, a new toolbar came up, perhaps it would be wise
not to use this bar … What do you think about it ?
It may just be a coincidence that it came down the pipe at the same time as Pando, however, I have no knowledge of Pando and wat it may or may not have in it.
Some of the detections give the specific name MyWebSearch which many do consider adware, unfortunately some software comes bundled with this mywebsearch.
So I don’t know if that is part of Pando (that is the toolbar) if so I assume you can uninstall it ?
However I certainly wouldn’t use it, whilst it doesn’t do anything harmful on your system it does gather information which can be used to deliver adverts. I feel it is a valid detection.
Just to tell, and close the topic …
In fact, I could uninstall the Pando toolbar. In doing so, I did a complete re-installation
and removed the toolbar using the usual Windows remove programs tool. In a 1st attempt,
I reloaded Pando, with the toolbar option unticked. Avast did not complain. In a 2nd attempt,
I did the re-installation with the toolbar option ticked. At this time, Avast sent the same
alert. My guess is that Pando provides some tools (particularly toolbar) that may produce
alerts from AV programs and that Avast produced a valid detection.
That is most certainly the case as many consider the mywebsearch toolbar as adware, though not serious as it is gathering information on what you search for that could be used for marketing or delivery of targeted adverts.
There are plenty of other tools/search engines that aren’t considered adware.
I don’t think the Pando application by itself is an adware. But one must take care when
installing some new product : the suggested by default ticked options might lead somebody
to download some extra soft adds that he does not want, as perhaps the Pando toolbar.
After Pando installation, and after the Pando toolbar removal, I ran SAS : it detected
several adware entries, as :
each with several several entries. Even if these are low risk rated, I do not like the way they
come along with Pando. The 1s time I installed Pando, Avast did not complain, and SAS, as far
I can remember, did not detect anything.
Yeah… we do not need toolbars delivered by this way.
I used Pando in the past, on XP, but haven’t installed into Vista and indeed I’ve ‘used’ it none… I think it will be a good tool to be there when I need, but I never needed it, so… no Pando now.