If you put off installing antivirus software until after your system is pwned by malware, you may find yourself in a bind. Some malicious programs target antivirus installers, preventing you from installing protection or running a scan. Others, called ransomware, take over the whole computer and demand money before they’ll release it. The free Panda Cloud Cleaner is specifically designed to address those situations, clearing out problem malware and allowing you to install ongoing protection. In testing, though, its aggressive cleanup techniques did some collateral damage.
When you visit the product’s webpage (www.pandasecurityusa.com/tools/) you get some clear choices. If you’re able to boot your system to Windows, it suggests the regular Panda Cloud Cleaner or, for experts, a portable no-install edition. If you can’t boot Windows, or if ransomware has taken over, it offers two bootable solutions, Panda Rescue USB or Panda Rescue ISO. One or the other of these should get your system back in working order.
Quick, Simple Install and Scan
The product installs very quickly and launches right away. With one click you can accept the license agreement and begin a scan. The scan itself is quite a bit quicker than most full-scale antivirus products. In my testing it averaged about ten minutes, sometimes more, sometimes less.
On completing the scan, Cloud Cleaner summarizes its findings in three categories. The most importants is “Malware & PUPs Found,” where PUP stands for Potentially Unwanted Program. It also notes how many “Unknown Files & Suspicious Policies” it found. Malware often disables Task Manager, REGEDIT, and other tools—these changes are suspicious policies. Finally, the scan also offers “System Cleaning,” checking for useless items, or traces that could reveal your browsing and computer use history.
You could just click “Clean” at this point, but it’s wise to dig into the details, especially if any of them report something like “Clean 8 of 10 elements.” In some cases I found that it detected PUPs but didn’t check them for cleanup, and in every case it found more system cleaning items than it would clean by default.
In almost every case, Cloud Cleaner wanted to reboot to complete the disinfection process. With or without reboot, at the end of the process it asks whether you’re satisfied with its work. You can click thumbs-up for yes. If you choose no, you can further specify that it took too long, it failed to remove malware, or “other.”
Cloud Cleaner’s trusted boot mode is designed to handle malware that resists removal by normal means. You enable it by clicking “Advanced options” on the main window, which warns that you’ll need three reboots to complete the process.
The first step is for Cloud Cleaner to install special drivers and reboot the system. According to my Panda contact, this effectively virtualizes all of the PC’s resources. After reboot it runs a full scan and reports a slightly different trio of findings: Malware Found, Unknown Files and Anomalies, and System Cleaning.
After cleanup, it reboots to finish the process. Finally, one more reboot is needed to remove the special drivers and apply the virtualized cleanup to the physical system. It’s a little more complicated than the basic scan, but still within the ability of any user. Even so, Panda doesn’t recommend using this mode unless it’s actually needed.
Some Collateral Damage
Cloud Cleaner installed, scanned, and cleaned up 11 of my 12 malware-infested test systems in record time. It sometimes takes me days to get an antivirus product installed on all of my sytems; Cloud Cleaner finished in a morning. Ransomware blocked access to the desktop on one system, but the bootable Rescue CD made short work of that problem.
I did observe that it wiped out quite a few files that weren’t themselves malicious, but that were infested by a virus. This isn’t too uncommon a behavior in emergency cleanup tools; they use more aggressive cleanup techniques than standard antivirus. However, in one case this overactive cleanup rendered the test system unbootable.
Panda’s developers went into overdrive and soon supplied me with a one-off rescue CD to fix the problem. It succeeded, but I wonder if the ordinary user would have gotten such service. They also updated the product itself to avoid causing this problem in the future. I retried my test with the updated Cloud Cleaner, and it did indeed run without problems.
I also rescanned each system using the Trusted Boot mode, just to see if it did a better job. In every case it found a lot of random anomalies and leftover traces to clean up, but its efforts only raised the product’s score by a fraction. In addition, the trusted boot scan disabled that one problem system again, causing it to bluescreen on every bootup.
I rate antivirus products on the installation and cleaning user experience, separately from their accuracy and malware removal skills. Cloud Cleaner would have earned five stars for its extremely fast and easy installation. However, a user whose computer is rendered unbootable by malware cleanup will have a very bad experience indeed. A product that causes that level of collateral damage earns zero stars.
I pulled together the stats for Cloud Cleaner’s malware removal, using the trusted boot results for all systems except the one that bluescreened after a trusted boot scan. It detected 78 percent of the malware samples and earned 6.2 points for removal overall. Of the products tested using my current malware collection, only Jumpshot and Bitdefender Antivirus Plus (2014) scored better, with 6.5 and 6.6 points respectively.
Looking at products tested with my previous malware collection, the top scorer is another emergency cleanup-only tool. Malwarebytes Anti-Malware 1.70 detected 89 percent of those samples and scored 7.1 points for cleanup. In addition, it did so with no install problems or collateral damage. Norton AntiVirus (2013) and Webroot SecureAnywhere Antivirus 2013 both scored 6.6 points while AVG Anti-Virus FREE 2013 took 6.5.
To learn just how I perform and score my malware removal test, please see How We Test Malware Removal.
Panda Cloud Cleaner malware removal chart
Not Directly Lab-Tested
The independent testing labs do include Panda’s technology in their evaluations, but none have tested Cloud Cleaner in particular. Panda’s scores are generally good, if not stellar. ICSA Labs and West Coast Labs both certify it for virus detection and cleaning. After a lengthy hiatus, Panda is again participating in testing by Virus Bulletin; it received VB100 certification in all three of three recent tests.
I follow three of the many tests performed by AV-Comparatives. In the simple file-detection test and in the dynamic whole-product test, Panda earned an ADVANCED rating, the second-highest rating. It passed the proactive test (which simulates zero-day protection) with a STANDARD rating. And in the threefold protection, performance, and usability test by AV-Test it took 14.5 of 18 possible points.
Once again, these findings relate to Panda’s technology in general, not necessarily to Cloud Cleaner. For more information about the labs and the tests they report on, see How We Interpret Antivirus Lab Tests.
Panda Cloud Cleaner lab tests chart
Use as Directed
The purpose of Panda Cloud Cleaner is to get your system cleaned up sufficiently that you can install a full-scale antivirus for ongoing protection. If you don’t have an active malware problem, don’t use it. Its aggressive cleanup techniques will sometimes delete infected files, and in my testing caused significant collateral damage. I would have given it four stars, if not for that damage.
On the plus side, it did do a good job cleaning up most of the test systems. Also, this is a very new product. The development team may well get a better handle on the balance between cleaning out tough malware and avoiding damager, going forward.
Our Editors’ Choice for free, emergency, cleanup-only antivirus remains Malwarebytes Anti-Malware 1.70. Once you’ve handled the emergency, consider installing a free solution for ongoing protection. AVG Anti-Virus FREE 2013 is one Editors’ Choice for free antivirus. Ad-Aware Free Antivirus+ 10.5, also an Editor’s Choice, wasn’t quite as good a cleanup tool, but it’s great at protecting against new threats. Either way, you’ll be protected.
Copyright © 2012 Ziff Davis, Inc