While Windows 8 may not be universally popular, its touch-friendly user interface is making major headway in the antivirus arena. Panda’s 2013 products had already moved to a big-button style. Panda Antivirus Pro 2014 ($39.99 per year direct; $49.99 for three licenses) fully embraces the Windows 8 style, with flat tiles that display security status and offer quick access to important actions.
As with Windows 8, the tiles come in a variety of shapes and bold colors—no pastels here! Where many antivirus products represent overall security status using a red or green traffic light, Panda displays a flower. You won’t mistake this product for anything else!
Last year’s edition displayed buttons for features present only in Panda’s full suite. Clicking one of these would bring up a window extolling the benefits of that feature and offering a link to upgrade. The current edition replaces those with a single panel titled “Improve your protection,” but as before it links to an upgrade offer.
False Positives Mar Lab Scores
Most of the independent labs I follow include Panda’s antivirus technology in their testing, and it gets generally good scores. ICSA Labs and West Coast Labs certify Panda both for malware detection and malware cleanup. Panda earned ADVANCED+, the top rating, in a test by AV-Comparatives that focuses specifically on thorough cleanup of known malware.
Panda entered six of the last twelve tests by Virus Bulletin and received VB100 certification in four of those tests. In other malware detection tests by AV-Comparatives, it lost points due to false positives—erroneous reporting of valid files as malware. Panda would have scored ADVANCED+ in the standard file detection test, ADVANCED in the retrospective detection test, and ADVANCED+ in the real-world dynamic test. In each case, it dropped one full grade due to false positives.
Researchers at AV-Test didn’t encounter as many false positives; they gave Panda 5.5 of 6.0 possible points for usability (a score based on low false positives). Panda also earned 5.5 points for protection, and 4.5 for performance.
Aggregating many different tests, I’d summarize Panda’s lab test performance as worth three stars, out of a possible five. Without those nasty false positives it would have managed four. Of course, there are others like Bitdefender Antivirus Plus (2014) and Kaspersky Anti-Virus (2014) that ace nearly every test. For a full explanation of the way I derive the star ratings in the chart below, please see How We Interpret Antivirus Lab Tests.
Panda Antivirus Pro 2014 lab tests chart
Malicious URL Blocking
My relatively new malicious URL blocking test uses extremely recent malicious URLs supplied in a feed from MRG-Effitas. In general, each antivirus will run up against a different 100 malicious URLs. The one thing that’s constants is that the test URLs are just a few hours old.
In this case, though, I had the opportunity to test Panda, VIPRE Antivirus 2014, and Outpost Antivirus Pro 9.0 with the exact same collection. The results varied widely. VIPRE blocked access to 14 percent of the malicious URLs and blocked another 25 percent during the download process. Panda blocked 15 percent of the URLs, but it only halted the download of another 2 percent of the malicious executables.
At 17 percent, Panda’s blocking rate is the lowest of any product I’ve tested in this fashion. The best score, 79 percent, goes to avast! Free Antivirus 2014. I did note that after 24 hours and a signature update, Panda wiped out nine samples that had initially slipped past its protection.
Local Malware Blocking
I also tested Panda using a collection of malware samples downloaded some months ago. As soon as I opened the folder, it started wiping out those that it recognized. Within a few minutes it had eliminated 64 percent of the samples. That’s a relatively low figure. McAfee AntiVirus Plus 2014 wiped out 89 percent of the samples on sight, FortiClient 5.0 whacked 94 percent, and VIPRE wiped out every single one.
I proceeded to launch the samples that survived the initial massacre, and noticed a clear pattern. In every case, Panda either completely prevented installation of any malware traces, or completely missed detecting the sample. With a detection rate of 89 percent and a malware blocking score of 8.9, Panda has more products above it than below, score-wise. Topping the list of products tested with this same collection is VIPRE, with a perfect 10.0. FortiClient, F-Secure Anti-Virus 2014, and three others managed 9.4 points.
The chart below reports the latest results for both the local malware blocking test and the malicious URL blocking test. To get more detail on how I conduct these tests, please see How We Test Malware Blocking.
Panda Antivirus Pro 2014 malware blocking chart
TruPrevent behavior-based malware detection was once a big selling point for Panda, so I was somewhat surprised to find it turned off by default. My Panda contact explained that advances in other technology have made TruPrevent less necessary, and that enabling it does consume a bit more of the system’s resources.
Well Equipped for Malware Cleanup
A full scan of my standard clean test system took 23 minutes, a bit faster than the current average. VIPRE, ESET NOD32 Antivirus 7, G Data AntiVirus 2014, and others speed subsequent scans by skipping known safe files. Not Panda; a re-scan took just as long.
Panda is well equipped to clean up even tough malware infestations. In addition to the usual quick, full, and custom scans, it offers to run a scan with Panda Cloud Cleaner, a free cleanup-only tool dedicated to rooting out malware that may resist the regular antivirus. From the scan page you can also check for unpatched vulnerabilities or create a bootable USB or CD antivirus, for use in case malware makes booting to Windows impossible.
Of course, some malware actively fights against installation of antivirus software. Panda won’t install in Safe Mode, but you can download the bootable antivirus to handle that sort of problem. The problem might also be solved using Panda’s free online scanner, or Panda Cloud Cleaner.
If you need help, tech support can supply a diagnostic tool that will gather necessary information and, if necessary, run repair scripts. And if that doesn’t help, they’ll log in to remotely diagnose and remediate the problem. Access to tech support is built right into the program. This remote-control help is available for free; a higher level of paid tech support is also available.
Many security companies include phishing protection in their antivirus product but reserve the firewall component for the full security suite. Panda bucks that trend; the antivirus does include a firewall but doesn’t attempt phishing protection.
The firewall properly stealthed all ports, making the test system invisible to outside attackers. By default, it pre-configures access for a collection of widely used programs. The first time any other program attempts access it will ask you what to do. You can choose to allow or block the connection, once or always. If you ask it to assign permissions automatically, in most cases it will allow all outbound connections and block unsolicited inbound connections.
Of course, the firewall can only control the Internet connections that it sees. Some malicious programs attempt to evade this protection by piggybacking on existing connections or injecting code into trusted programs. I ran a dozen leak tests, utilities that demonstrate malware techniques for evading program control, and found that Panda detected just one of them. F-Secure’s DeepGuard behavior monitor caught all of them.
Defending your PC against attacks that attempt to exploit security holes is another typical task for a firewall, but Panda did very little when I attacked the test system using 30 or so exploits generated by the CORE Impact penetration tool. It actively blocked exactly one exploit, identifying it by name. The antivirus component detected and removed the executable payload of one other. That’s it.
Panda protects its Registry entries against illicit modification, so I couldn’t just set “firewall=disabled” in the Registry. I also couldn’t terminate its processes using Task Manager. However, a somewhat complex series of actions allowed me to disable its essential services. My Panda contact indicated that it is designed to recover in this situation, but I didn’t see that happen. While a malware coder could write code to disable protection in this way, though it would be a complex task.
Even if your computer never connects with the Internet, malware can still get on board by riding a USB drive. You insert the drive, the malware automatically launches, and your system is hosed. That’s how the infamous Stuxnet reached its target.
Panda’s unusual USB Vaccine tool comes with the antivirus, though it requires a separate installation. This tool can “vaccinate” any USB drive, making it impossible for malware to use that drive to spread. In addition, it can “vaccinate” the PC by totally turning off the autoplay feature that allows malware to launch when a USB drive is mounted.
From the firewall page you can launch a network traffic scan, but you’ll need some skills to interpret the resulting display. More useful is the network management map, launched from an icon at the bottom of the main window. The map identifies other computers on your network and flags those that have Panda protection installed. For those equipped with Panda it reports security and update status. As with Norton, if you need to fix something you’ll have to go over to the remote computer.
Panda’s malware protection should keep your system free of software keyloggers, but if you’re really worried about entering a particular password you can bring up the virtual keyboard. There is, of course, the possibility that a spy program might capture the screen image of the virtual keyboard and note which keys you clicked. To foil that possibility you can enable a half-dozen fake cursors that move about at random.
There’s quite a bit to like here, especially if you’re a fan of the Windows 8 interface. While Panda didn’t catch every local malware sample, it thoroughly blocked those it did detect. Having a built-in firewall is a nice bonus. And Panda has plenty of resources ready to take on malware that interferes with installation or scanning.
I was unimpressed by its performance in my malicious URL blocking test, though, and its scores from the independent labs were merely good, not great like some. I’d recommend you go with an all-around winner like Kaspersky Anti-Virus (2014) (recently named product of the year by AV-Comparatives) or with one of our Editors’ Choice antivirus products. Bitdefender Antivirus Plus (2014), Norton AntiVirus (2014), and Webroot SecureAnywhere Antivirus (2014) are all ECs, and each has its own special merits.
Copyright © 2012 Ziff Davis, Inc