One of our customer reported that upon downloading our application, he got a popup from his panda antivirus saying it was infected. He gave us a screenshot that showed the panda popup during a download in internet explorer. The popup shows "Panda Endpoint Protection Plus".
We downloaded the free version of panda (18.01.00) and were able to get the same detection, which reports "Trj/Genetic.gen".
The issue only happens while the file is being downloaded, where panda will interrupe the download. Somehow the file cannot be deleted, so I can go get a copy from the Temporary Internet Files folder. If I rescan the file (the partially/interrupted download), I get the same virus report.
If I disable panda, let the package download completely, and then scan the resulting (complete) file, panda does not report anything.
I tried the online tool at https://www.virustotal.com/ with the partial file and only "panda" and "CrowdStrike Falcon (ML)" report an issue. I would be surprised if the file was actually infected (though you never know).
The file can be dowloaded at https://s3.amazonaws.com/xmc-public/dow ... Cloud).exe
Would it be possible to get it analyzed?
False positive on "Trj/Genetic.gen"
Re: False positive on "Trj/Genetic.gen"
Is anyone at Panda looking into this?
Re: False positive on "Trj/Genetic.gen"
Any update?
Re: False positive on "Trj/Genetic.gen"
Hello,
Normal download with Panda IS.
Normal execution of the package, attached img.
No problem.
Normal download with Panda IS.
Normal execution of the package, attached img.
No problem.
- Attachments
-
- download normal.jpg (218.44 KiB) Viewed 7296 times
Panda Partner Colombia.