This is a follow-up to my previous post on security; or rather to its comments, where I said at some point that I was testing Panda Free Antivirus 18.0 and that I was rather satisfied with it.

Later on, I was revisiting Neil J. Rubenking’s review of Panda Antivirus Pro (2017), which is an updated version of the review from last year. If you’re opening that page from Europe, you’ll be redirected to the UK edition of the site, which is generally half-broken, and in this case it shows the text for 2017 with the title and rating from 2016! (With some efforts one can force the US site though.)

What is important to mention is that I want two security features in addition to the signature-based detection and to HIPS:

  • Application Control: unknown applications shouldn’t be allowed without explicit approval.
  • Data Shield: only selected applications should be allowed to access documents from the protected folders.

Here’s how Neil J. Rubenking describes these features in what he calls “Panda Antivirus Pro 2017”:

  • Application Control. Most modern types of malware use some form of polymorphism, meaning that every instance of the malicious program is different. This helps them avoid signature-based detection. However, the fact that every instance is different makes possible a different kind of detection. Panda’s Application Control checks each program that launches against its database of known programs. If it encounters an unknown program, it asks you whether to let it run. If that query is unexpected, you should click Deny. Initially, Application Control is off, but enabling is a snap.

    You can also set it to automatically deny execution of any unrecognized program, allowing only known programs. That should put a stop to any attack by zero-day or polymorphic malware. Just turn it off temporarily if you need to install something new.

  • Ransomware protection in Bitdefender Internet Security 2017 and Trend Micro prevents modification of protected files, but Panda stops unauthorized programs from even reading those files. With Data Shield active, I tried to open a document using an editor that I wrote myself. Panda popped up a warning about the access, giving me the choice to allow or deny it. Another program that emulates the activity of encrypting ransomware also got caught in Panda’s net.

    Seeing that the feature really did work, I brought out the big guns. I turned off the antivirus component and launched a sample of the TeslaCrypt encrypting ransomware. The first thing this program does is create a random-named executable in the Documents folder. When I denied access, the ransomware failed.

    Data Shield is truly a useful addition to your security arsenal. If it pops up when you’re actively using a new application, just click Allow to add that application to the trusted list. If it pops up unexpectedly, hit Deny, and give thanks that you just dodged a ransomware bullet. You’ll note at the bottom that I gave Panda 4 stars specifically for privacy; Data Shield is the reason.

What are the paid editions of Panda that include both features? Because there is no such thing as “Panda Antivirus Pro” anymore! There are several paid, “Pro” editions of Panda, referred to in a confusing way:

Unfortunately, Data Shield is not available in Panda Antivirus Pro, so Panda Internet Security is the minimum edition worth paying for!

This is the edition I started to test three weeks ago. And it proved very satisfactory! (Note that there are two possible downloads: the 1.7 MB stub, and the full 65 MB setup, which I preferred.)

Panda Internet Security 17.0.1 comes with an outdated GUI. Let aside the confusing navigation through the configuration screens, the old-style UI can’t scale on high-resolution screens:

Panda Free Antivirus 18.0 has each dimension with 25% larger because of the 125% scaling configured in Windows 10:

Maybe some day the paid editions will be upgraded to the new UI. Until then, what I could do to ease my life was to arrange the “tiles” in a layout somewhat more to my taste:

During the trial, each opening of the main GUI pops such a reminder:

In the last 10 days, things are getting more aggressive, but the offered discount is pathetic:

Let’s get to our sheep: testing the extra features.

Application Control settings:

Application Control at work:

Data Shield settings:

Data Shield at work:

Here’s a situation when both protection mechanisms were involved. The application was both unknown to Panda and it tried to access a protected folder!

I then moved the application one level up in the filesystem hierarchy, and relaunched it. Panda flagged the process as suspicious, and even after adding it to the exclusions list, the attempt to access a protected folder triggered another alert:

So far, so good. What other features do we have in this Internet Security edition? Oh, the firewall:

NJR is wrong to discard this firewall as not much more than Windows’ built-in one: it’s much easier to block a program’s attempts to phone back home in this one!

Process Monitor is an extremely nice feature:

Say I selected MSN Weather…

…and here’s the servers it talks to:

Safe Browsing includes blocking sites known for malware or phishing attempts. I personally dislike such stupid ways of blocking, but it shouldn’t hurt much…

The last one was obviously a false positive, as nobody else flags it and it does not host malware; it’s merely a Chinese e-commerce site trying to pretend it’s a German one.

What issues did I have with Panda Internet Security in more than 3 weeks? Not much. A couple of times, Panda’s PSANHost.exe was using most of the CPU for a couple of minutes, but then everything went back to normal without exception:

I should add that the system performance didn’t seem affected, and nor was the stability.

As for the real-world protection tests, here’s AV-Comparative’s factsheet for February 2017 (PDF), leading to this:

The only remaining impediment–the price. By no means would I pay 39.99 € for a year! As I am writing this, there are two ways of getting it for 19.99 €/year–just use one of the two links below:

When these offers will expire, I’m pretty sure something else is going to come up.

It’s worth noting that–unlike some other security products–activating a Panda license doesn’t “eat” the remaining trial days! The purchased 365 days are simply added to the remaining trial period:

Case closed, moving on.