Testing Panda Cloud Anti-virus 1.1

Last night I tested the latest version of Panda’s Cloud Anti-virus. Why? I’m on the hunt for an effective free anti-virus that doesn’t use too much ram (about 25 mb tops) and doesn’t have “in your face” nag screens. Panda’s Cloud Anti-virus fits those 2 requirements, but can it really protect my clients? Yes and no.

During my testing I can see that Panda’s Cloud AV (v1.1) is able to tackle more of those zero-day threats, however it let a nasty rootkit through (see screen shots below). While that’s distressing, I can see that the free version of the Panda Cloud AV scanner is getting much better and you’ll probably be seeing more of it in the media.



, , ,

36 Responses to Testing Panda Cloud Anti-virus 1.1

  1. Johan June 9, 2010 at 3:52 pm #

    Good review as usual Matt!

    I will probably buy the Pro version when my ESS license ends.

  2. Kinar June 9, 2010 at 4:33 pm #

    nice review!

  3. croatian sensation June 9, 2010 at 5:14 pm #

    @Matt

    Thank you for finally doing a final review of the product, im glad u thought better of it as well. Also, doesnt the 64 bits nowadays not get rootkits anyways?

    Croatian

  4. jay June 9, 2010 at 6:22 pm #

    i think comodo uses about that and also should test the latest version 4.1

  5. Anthony June 9, 2010 at 7:30 pm #

    Great review

  6. Martin June 9, 2010 at 8:11 pm #

    A tiny suggestion for future videos. I know you don’t use very advanced methods for finding about if your VM has been infected and this isn’t supposed to tell you otherwise, I enjoy your videos nonetheless.

    -What you could do to find if new processes are running: Get Process Explorer from Sysinternals, get the “Select Columns” switch over to “Process Performance” and enable “Start Time”. Sort the columns afterwards. Much easier to spot new nasty stuff.

    -Easily detect changes made by malware with Regshot (http://sourceforge.net/projects/regshot/). Make a snapshot before you start testing and whenever you like run the second. Should be helpful – and it’s quick.

    • malwarekilla June 10, 2010 at 3:54 pm #

      @Martin – excellent idea, thanks Martin!

  7. Erik June 9, 2010 at 8:40 pm #

    Do you plan to replace mse with Panda Cloud Anti-virus?

    • malwarekilla June 10, 2010 at 3:54 pm #

      @Erik – Only on boxes with 512 MB of ram or less.

  8. OtakuWrath June 9, 2010 at 11:52 pm #

    I was wondering if you ever did a review on Malwarebytes registered version? i know you often use Malwarebytes and for a good reason… i tried the registered version and i feel it works really good.. so good in fact i deleted my AV because it was just wasted space..

    Have you ever used Rkill?

    Also i just want to thank you, I used to stress out trying to clean my Family’s computers. Thanks to your help i tossed on Sandboxie, Firefox with WOT and Malwarebytes and they haven’t gotten any rogues ๐Ÿ™‚

    • malwarekilla June 10, 2010 at 3:55 pm #

      @OtakuWrath – if they want to send me a key, then sure.

  9. Matt Stevenson June 10, 2010 at 1:57 am #

    Matt, I loved this review, but although not knowing much about Panda and it’s previous history and versions, I thought it didn’t really stand up to what it says it does. I thought 80% wasn’t so good, but GREAT REVIEW! I also was wondering how bad are Rogue Software to your business, because i’m developing a great rogue removal tool, and I was wondering if you would be willing to review it? Please contact me, thanks!

  10. Steve June 10, 2010 at 3:15 am #

    Matt,

    Enjoyed your Panda review as always. Regarding a light AV, have you considered ThreatFire by itself? I put it on a friend’s 256MB XP machine and seems to work well.

    Regards,
    Steve

  11. Johan June 10, 2010 at 11:00 am #

    @Croatian sensation!

    I thought Matt said in the Video that the test system was a 32-Bit version of Windows 7. Meaning the Rootkit had no problems getting in.

  12. Manab Choudhury June 10, 2010 at 7:27 pm #

    Hi matt,
    Its been a long time since you did reviews on MBAM and SAS,can you do a couple of reviews on the latest versions of those two?

  13. 927 June 10, 2010 at 8:25 pm #

    i use avast 5 on my parents pc, xp home 512 mb ram without any slowdown but its important to clean up msconfig/autostart. thats the best way way to free ram (and dont use adobe reader).
    very common apps thats runs on windows startup *junk*
    [TkBellExe] “c:\program files\common files\real\update_ob\realsched.exe” -osboot
    mRun: [Adobe Reader Speed Launcher] “c:\program files\adobe\reader 9.0\reader\Reader_sl.exe”
    [QuickTime Task] “c:\program files\quicktime\qttask.exe” -atboottime

  14. Erik June 10, 2010 at 8:33 pm #

    @malwarekilla – Maybe you should tell clients with 512 MBs of ram or less to just get a mac and that would fix all there problems…haha.(:

  15. croatian sensation June 11, 2010 at 2:51 am #

    @Johan

    You might be right, i was kinda sleepy while watching the video, i might have missed that.

    Croatian

  16. Johan June 11, 2010 at 12:00 pm #

    @croatian sensation!

    No Problems Mate ๐Ÿ™‚

  17. Adam June 11, 2010 at 6:14 pm #

    @ Martin

    I was going to recommend that as well. One more thing it does, is highlights new processes in Green and processes that just ended in Red. So when you run a piece of maware just look for a green line, then you know a new process just started on the virtual machine.

  18. JimBob June 12, 2010 at 2:57 pm #

    Matt,
    Just curious how you think MS Security Essentials is anything but lightweight? I use it on client computers with low RAM, *because* it’s so light on RAM. My test computer is running MS Sec. Ess. and it’s using a tiny 4MB of RAM. The most I’ve ever seen it use is about 50MB…which is still tiny.

  19. OtakuWrath June 12, 2010 at 9:22 pm #

    @JimBob

    Well i can say with experience, it seemed to suck up my CPU like it was candy.. my computer was always working really hard.. i put it on my aunts computer and she reported a decrease in performance.. with Firefox taking 70% of my CPU i can’t really use Firefox along with my other heavy duty programs. MSE was bad enough that i started to keep it turned off until i wanted to run a scan.. i eventually got rid of it.. pretty good AV, but it was heavy duty and system scans would make my CPU skyrocket.

    (just thought i would share my experience with it.)

  20. JimBob June 12, 2010 at 11:09 pm #

    @OtakuWrath

    That’s odd…my experience with MSE has been just the opposite. In fact, on my personal PC, it’s dropped since my last post from 4MB to 2MB of memory being used. As far as CPU, it’s using a whopping ZERO%.

  21. Tweak June 13, 2010 at 3:20 am #

    On the subject of Panda Cloud, taking a page from your book Matt I found the same results with exe exploits getting snagged but a few others slip through the cracks, hopeful that improves in the next release though. I also notice it slow some things like when you click the Windows orb and it takes a few seconds to populate the listings, it is apparently a known issue according to their forums with Win7. As for MSE, it seems to be luck of the draw, I do see it more often being lightweight but on the rare PC I have seen it cause severe slowdowns, nothing obvious stands out but it does happen often enough to be easily recalled when I think back on different systems. Overall thanks Matt and thanks Panda, I look forward to the progression of this app and others like it such as Immunet Protect to name one example.

  22. Tweak June 13, 2010 at 10:47 pm #

    Since Immunet Protect is similar I just wanted to drop a line here to say the next version 2.x is due out probably within the next 2 weeks or so and I’d like to see/hear your opinion on it Matt, it isn’t intended to be a stand-alone solution but the next version will have multiple engines and offer cloud and real-time protection. As a side note I as others have mentioned would love to see HitMan offer a real-time protection as well someday.
    You can checkout the next version with some screenies here for any interested. http://community.immunet.com/immunet/topics/immunet_version_2_rc1

  23. Daniel Snyder June 14, 2010 at 11:53 pm #

    Great review, thanks. I’m relatively new to Panda products, and I’ve been quite impressed and what I see. I posted your video to my blog with a link to your site! thanx.

  24. C C June 15, 2010 at 4:15 am #

    @ OtakuWrath

    I am in the Malware Hunters Group at Malwarebytes and you should install an AV product on your PC. Malwarebytes is a great tool but does not replace an AV product. Malwarebytes Anti-Malware does not detect java exploits or pdf’s exploits, etc. The module does block malware URL’s in the paid version but this is still not an meant to be an AV replacement. You could be putting your PC at risk by not running an AV,

  25. Frank June 15, 2010 at 4:02 pm #

    I’m curious about Matt’s comment regarding MSE as well. I’m running it and it’s using around 800K (yes, that’s kilobyte).

  26. C C June 17, 2010 at 1:12 am #

    End of Support for Windows XP SP2, Windows 2000 Server and Professional on July 13, 2010
    Support (including new security updates) ends July 13, 2010 for Windows XP Service Pack 2 (SP2), Windows 2000 Server and Professional. Migration to the latest OS or installation of the current service pack is recommended.

  27. Dan June 20, 2010 at 8:05 pm #

    @ JimBob

    Have you seen that MSE uses 2 processes..

    1. AntiMalware Service Executable (MsMpEng.exe), and that around 80mb of ram.

    2. Microsoft Security Essentials User Interface (msseces.exe),and thats around 4-8 mb of ram..

    So, i think that you havent seen the MsMpEng.exe, when you say that its only uses ~2-4mb of ram

  28. JimBob June 21, 2010 at 10:33 pm #

    @Dan

    Yeah, you’re right…that second service doesn’t show by default in Vista or Win7. Either way, the second service is using Zero CPU and about 35MB of memory on my Windows 7 computer, and 42MB on my XP computer, and 40MB on my Vista computer… That’s still really, really small.

  29. Nevi June 28, 2010 at 12:32 pm #

    Hi Matt..
    Thanks for the vid.Something could look like they have started to take it serious.Soon it will probably be better than MSE.I wouldnt be surpriced.

  30. LR July 10, 2010 at 2:19 am #

    Matt, will you be reviewing Immunet Cloud AV ? It is no longer in beta and can be run at the same time as your regular AV (i.e. Avira, Avast, Norton, etc)

  31. LR July 10, 2010 at 2:21 am #

    Matt, will you be reviewing Immunet Cloud AV ? It is no longer in beta and can be run at the same time as your regular AV (i.e. Avira, Avast, Norton, etc)

  32. Trinidad318 August 22, 2010 at 5:20 am #

    Just wanna say you guys are awesome,I’m a+ certified,but it’s hard to learn when you don’t know anyone who loves this stuff too.so thank you guys for the ineresting conversations,I owe u all.

    • malwarekilla August 25, 2010 at 5:06 pm #

      @Trinidad31 – thanks!

Leave a Reply