Panda Cloud Antivirus

Hot off the trails of the great debut of Panda Cloud Antivirus at AV-Comparatives with an Advanced+ rating, now Panda Cloud Antivirus Free Edition is also taking part of the Full Product / Real-World tests of AV-Test.org.

The results are pretty good. Both Panda Cloud Antivirus Free Edition and Panda Internet Security 2012 achieved some of the top scores in protection. In addition Panda Cloud Antivirus achieved very good scores for usability, with very little slowdown of the test computers and zero false positives (when the industry average for this test was 17 false positives).

The full reports can be read online for both Panda Cloud Antivirus Free Edition and Panda Internet Security 2012.

As you’ve probably heard by now there’s a very nasty 0-day vulnerability in Adobe (CVE-2010-1297) that’s being used to infect people using drive-by exploits from infected websites. Of course all AV vendors are currently struggling and in a hurry to release updated signatures to detect the different variations of malicious PDF files that are being released into the wild.

Thanks to the Behavioural Blocking engine, users of Panda Cloud Antivirus Free Edition do not need to worry about this or any other Adobe 0-day as these types of exploits are blocked generically and automatically.

In the following video by Sean-Paul from PandaLabs you can see how PCAV blocks these 0-day exploits generically.

Thanks Sean-Paul & David from PandaLabs for all your work with KRE.

Panda Cloud Antivirus, the best free antivirus has received the first ever ICSA Labs certification for pure cloud-based antivirus.

To achieve the ICSA Labs Anti-Virus Certification, products must meet all criteria for detection of malware. Products must demonstrate they have the capability to detect, identify and prevent self-replicating malware while reporting no false positives.

Additionally Panda Cloud Antivirus has met all criteria for cleaning of malware on desktops and servers, which includes removal of “in-the-wild” viruses from infected files and sectors. The certified products must be able to remove all viruses without adversely affecting the data or functionality that existed before the infection.

More details can be found at the ICSA Labs certification webpage:
http://www.icsalabs.com/vendor/panda-software
 
 

     
Which feature would you most like to see in the next version Panda Cloud Antivirus?

Take the poll and help us design the next versions of your new favourite antivirus:
http://www.cloudantivirus.com/forum/poll.jspa?pollID=50103

 
If you’re having any type of problem with Panda Cloud Antivirus (a recent one we’re getting is the Error Code 1 while scanning) you can help us troubleshoot it by enabling exceptions and having Panda Cloud Antivirus create minidumps when it runs into a problem.

You can enable exceptions easily by creating the following registry key:
   Windows Registry Editor Version 5.00
   [HKEY_LOCAL_MACHINESOFTWAREPanda SecurityPanda Service HostExceptions]
   "CreateMiniDump"=dword:00000001
   "ToMessageBox"=dword:00000001

For those less familiar with manipulating the Windows Registry you can simply download and execute the following Exceptions.reg file which will automatically make the change in the Registry for you:
Enable Exceptions

Once enabled, any exception caught will be shown to you in popup windows similar to the following ones:

If this happens, you can find the minidump in the following locations:

• XP: c:documents and settingsall usersProgram datapanda securitypanda cloud antivirus
• Vista: c:program datapanda securitypanda cloud antivirus

Simply compress (in a ZIP or similar) the minidump and send it to us. We have enabled an FTP account where these can be uploaded to.
FTP Server: 212.8.79.111
Username: betatester
Password: d8PvVVdTQzWv

Don’t forget to drop us a note at http://www.cloudantivirus.com/forum if you do upload a minidump so we can provide you with an answer or fix after we analyze your upload.

Again thanks to all that are helping us improve Panda Cloud Antivirus !

We have received some comments and reports from Beta2 users of version 0.08.82 of slowness of their PCs and lots of hard drive I/O activity from PSANHost.exe.

We are tracing this problem back to an interaction of the new synchronous OnAccess cloud-scan with the BackgroundScan. This interaction seems as it could be the source of the slowness of the system even though we continue investigating it. Basically this occurs under certain circumstances when both scans are consuming the same resource. We’re in the process of redesigning these two scan tasks so they are optimized in the use of critical system resources to avoid simultaneous accesses to common resources.

As a workaround you can disable the BackgroundScan altogether. Disabling this task does not compromise the security level of the PC as the OnAccess scan guarantess the protection of the machine. If you apply this workaround simply make sure to run an OnDemand scan periodically to ensure there are no inactive & latent malicious files in the drive.

To disable the BackgroundScan simply create the following registry entry and reboot the PC:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESOFTWAREPanda SecurityPanda Service Host]
"BackgroundDisabled"="-"

If you are not used to playing around with the registry, simply download and execute the .REG file in the following file:
http://blog.cloudantivirus.com/wp-content/uploads/2009/07/background_disabled.zip

As we continue investigating this problem, if you are affected by this problem and are able to send us debug information please get in touch with us. Thanks again to everybody for your help

Thanks to the millions who have downloaded and installed Panda Cloud Antivirus Beta1 (0.08.80) and sent feedback to help us improve the product before its final release. Today we’re releasing Panda Cloud Antivirus Beta2 (0.08.81).

INSTALLATION INSTRUCTIONS
1- Uninstall the Beta1 from Control Panel, Add/Remove Programs. Reboot.
2- Download the Beta2 from http://www.cloudantivirus.com.
3- Install the Beta2.

BETA2 IMPROVEMENTS
We focused Beta2 on fixing the most important detection & disinfection aspects per feedback from the community. The following is a list of items that are either new or fixed in Beta2. If you have any doubts about any of them feel free to post your question as a comment.

New – “Undo” Option for Recycle Bin
Some users complained about the effect of the automated deletion of known malware. In some cases where users want these samples to not be deleted and/or in the case of false positives, there was no option to recover these files. A new option has been added with Beta2 to the Recycle Bin so users can recover deleted detections for a period of 3 days (configurable by CI). During this time period file icons will be changed to show that the file is quarantined in the Recycle Bin. NOTE: this does not apply to “disinfected” files, only to “deleted” files.

     

New – Synchronous Real-Time Cloud-Scan
Under some circumstances files being executed (directly from Internet download, from a read-only network share, etc.) were checked asynchronously against the cloud after the file was loaded into memory. This resulted in detection+disinfection actions to be taken after infection. With Beta2 we changed this behaviour to block the execution until a response has been received by Collective Intelligence. In the event that it is malware, the file will be deleted prior to allowing it to execute.

New – Latency & Response Control of the Cloud-Scanner
We deployed 10 sensors throughout America, Europe and Asia and have detected that 98.41% of the Collective Intelligence queries are responded to within 3 seconds. However, in the remaining cases there is not a control mechanism and if the response is not timely (because of connectivity issues, latency, proxy delays, etc.) then the program would be allowed to execute prior to receiving the response from Collective Intelligence. With the new response control mechanism, programs executing which take longer than 6 seconds to receive an answer from Collective Intelligence are put “on hold” for a second timeout period of 30 seconds after which the program is unblocked and allowed to execute (although it will continue being scanned asynchronously).

Fixed – Slow Scans
Right after installation Panda Cloud Antivirus launches a BackgroundScan of the entire PC to ensure it is clean. Some users reported that launching an On-Demand scan of the entire PC right after install slowed down the PC and/or caused the scan to take a long time. This bug was due to both the BackgroundScan and OnDemandScan running simultaneously. With Beta2 this is fixed by having the BackgroundScan automatically pause in case it detects an OnDemandScan being launched. Once the OnDemandScan is finished, the BackgroundScan will resumen where it left off.

Fixed – Recycle Bin Unblock Functionality
Under some circumstances and with certain types of malware, some users reported that unblocking a suspicious/potentially unwanted malware that was sent to the Recycle Bin, resulted in it being continuously detected over and over again. This has been fixed in Beta2.

Other Fixes

By the way, we’ll still release a Beta3 version prior to final release of Version 1.0. For Beta3 we’re already working on new platforms (Windows7, 64bits), improved features, a new website, a Collective Intelligence real-time encyclopedia and some additional things. Expect the Beta3 to be released around September.