It makes sense to keep SmartScreen enabled for WD but not for other AV. So AVC probably disable that too for other products. Maybe Panda blocks everything unknown that's downloaded over internet which results in more blocks but high false positives.
It has a component in the paid version that works same like Avast hardened mode. If you try to run something unknown to Panda, it will ask you whether you allow that and will recommend that you click on “don’t run”. The issue when I tried this was that almost everything is unknown
Maybe not enough user use it to have better reputational data. Do they publish any number about the number of users they have? They are from Spain so I guess they have quite a few there but what's the overall number?It has a component in the paid version that works same like Avast hardened mode. If you try to run something unknown to Panda, it will ask you whether you allow that and will recommend that you click on “don’t run”. The issue when I tried this was that almost everything is unknown
It also doesn’t give you an explanation why you shouldn’t run it.
www.pandasecurity.com
They claim they have about 40 or 50 millions of users, on their website. They have some huge customers, such as Telefonica (Spanish Telecom, present in the UK as well, under O2 name). They are not extremely popular, but outdated mechanisms for data collection and processing might actually be the reason behind their low success.Maybe not enough user use it to have better reputational data. Do they publish any number about the number of users they have? They are from Spain so I guess they have quite a few there but what's the overall number?
Here's Panda boasting about the AVC result on their blog. Though there's no mention of false positives number:
Panda Security does it again: 100% detection in AV-C's Real-World Test
Panda Security blocks 100% of threats in AV-Comparatives' Real-World test, which examines security suites in realistic scenarios.
I used Panda for some time a few years ago and only had minor issue with false positives, even though I was regularly downloading PUPs and lesser known software. Its behaviour blocker, never blocked anything either.
Does it require MOTM for blocking unknown exe files? Were you downloading via browser or other download managers?
It uses similar approach to Norton, that's why they had a product called "Panda Cloud Antivirus". In fact, Panda was the first one to start using "Collective Intelligence" back in 2006.
Hmm right. Basing detection based on hash only is a recipe for disaster. No wonder why it has such a high false positives. Every AV has some kind of hash based blocking system but that's for new threats which is known to them but they haven't pushed a signatures online/offline update yet. Panda also sucks at signatures. You'll almost never see it VT except for popular/older threats.
No, with the Panda Cloud Antivirus they stopped using signatures. They only use something like a local cache with prevalent malware hashes, for when you are offline. Other than that, it relies on the cloud. Trend Micro is more or less the same.
I see. Almost fully cloud dependent. Yes, Trend Micro also seem to detect a lot with hash which most of the time looks like a behavior blocking protection. Though it actually has a behavior blocker and it's pretty good unlike Panda which is non-existent.
It's like comparing the sun and the moon
