[CLOSED] is PIS affected by signature fail?

[problematiqueMG]

hello

I'm using Panda Internet Security 2015 and i just noticed the news that there was a false signature update.
First question: is Panda Internet Security also affected by the false signature file? For now i don't experience real issues, computer starts up normally, programs working fine so i think im not affected. If the definite answer is NO you probably can skip below.

The only thing happened today was that when i tried to check for updates for Nvidia Panda asked me to allow or block the update (DAO19394195.exe). This happens sometimes (i even started a thread for this a few months ago http://support.pandasecurity.com/forum/ ... 8e5#p14136) and when i click allow so Nvidia checks for updates. Today i did the same but then Panda gave the message that it was a virus and quarantined the file. When i just checked for updates all was normal and Panda didnt even ask for permission.

Now is my 2nd question, was this just a false positive or maybe a thing that relates to the signature fail?

my 3rd question, my panda database synched with the cloud on march 11 several times (10:19, 16:22 and 20:22) If this signature fail is also affecting PIS 2015 can you confirm one of those updates is the wrong one?

thanks in advance to clear things up.

[Crisis-1]

If you havent rebooted your pc yesterday while the big chaos began then you have no problem at all.

[problematiqueMG]

ok thanks for the quick reply. Because i don't experience any issues i think i'm lucky but i'll wait for a PandaHQ member to confirm. To add, there are no files in Quarantine.

Because I've shut down the computer 1 or 2 times yesterday and booted up again later (without knowing of the madness going on) I'm not 100% sure if i really avoided this mess

cheers!

[problematiqueMG]

UPDATE:
i did a system scan this morning. Nothing found. Still everything is working fine. Even Nvidia checks for updates without problems (aka Panda not asking permission to allow or block the DAO.exe update file). I think i can now surely assume i'm not affected by the signature fail. Thank god. hopefully all affected people will solve their problems quick!

At last I still ask you to find a permanent solution for this Nvidia update files (DAO.xxxxxx.exe) because there are still several times that i've to manually allow the DAO file so Nvidia can update. Yesterday it resulted in a false positive!! see also the thread i started a few months ago regarding this issue.
http://support.pandasecurity.com/forum/ ... aeb#p14136

[VirusBuster]

Sorry for the delay

First question: is Panda Internet Security also affected by the false signature file?

The products affected were Consumer 2015 and PCOP, but the faulty signature file was only published for a few minutes.

Now is my 2nd question, was this just a false positive or maybe a thing that relates to the signature fail?

It was a faulty signature file that was unpublished as soon as we detected the problem (in a few minutes)

my 3rd question, my panda database synched with the cloud on march 11 several times (10:19, 16:22 and 20:22) If this signature fail is also affecting PIS 2015 can you confirm one of those updates is the wrong one?

Not right now, it was unpublished as soon we detected the problem

[problematiqueMG]

EDIT: posted pics of Application control

application control screen

nvidia update.jpg (161.61 KiB) Viewed 10854 times

and Procesmonitor

proces monitor screen

nvidia update2.jpg (99.42 KiB) Viewed 10854 times

As you can see in Application control there are some blocked applications like Coprocupdate and DAO.xxx.exe
In Procesmonitor sometimes DAO and Coproc are flagged as SAFE and sometimes as LOW RISK which causes Panda to ask me for permission. How come that its sometimes flagged as completely SAFE and sometimes LOW RISK??


thank you for the explanation. I understand the delay.

For the Nvidia Update file, i still get the notifications that Nvidias Coprocupdate.xxxxxx.exe (x = random numbers) want to update. Since the false positive I got when I pressed Accept I'm "scared" to press accept to search for updates.

Its strange because sometimes Nvidia searches for updates (DAO.exe or Coprocupdate.exe) without asking permission. So there are times that Panda update their database with these files so my Panda product sees these files as legit and doesnt ask permission to search for updates for Nvidia Geforce Experience or Nvidia Graphic card

How come that I regularly get those notifications and sometimes not? Im now pressing decline when Panda asks permission because i dont want to get those VIRUS DETECTED notifications again. Although it is a false positive its not a very nice feeling when you get it on your screen.

[VirusBuster]

I think that you are mixing things, what you are reporting has nothing to do with the faulty signature file issue of March 11th
The difference of the processes being classified as SAFE or as LOW RISK is that the ones classified as LOW RISK are not digitally signed. As you can see the ones classified as SAFE have a green tick in that column and the others a red dash
I don't know why sometimes those applications download a digitally signed file and some other a file that isn't

[problematiqueMG]

thnx for the reply! I know this issue isnt related to the Faulty signatures from march 11 but as I explained this issue earlier in this thread i thought it wasnt necessary to open a new thread about it.

So basically theres nothing Panda can do about this? Is it Nvidia's task to digitally sign those processes or Panda?

[VirusBuster]

Is it Nvidia's task to digitally sign those processes or Panda?

Its nVidia the one to digitaqlly sign the files as they are owners, we can only digitally sign our own files

[VirusBuster]

Closed due to lack of reponse
TOPIC CLOSED