As you will notice we’ve migrated the Panda Research blog to a new platform, which I’m hoping will take less time to manage, specially moderating comments and filtering spam, which took a lot of time with the cumbersome Microsoft blogging platform.
If you’ve posted a comment which hasn’t made the migration, please post it again. I’ll try my best to moderate it as soon as possible.
I'm happy to announce that all our consumer and most corporate products with full Windows 7 compatibility have been released. You can download them from:
http://www.pandasecurity.com/windows7
Just as we did last year and other years before that, last week we had our Panda Security Days in Sweden. This year we started in Malmö, followed by Gothenburg and ending up in Stockholm. There were very good speakers from Panda presenting different topics; Cecilia Carlsdotter talked about Panda's corporate social responsabilities innitiatives. Sebastian Zabala talked about our different products and technologies. Daniel Nyström, Head of Tech Support in Sweden, talked about various support issues and presented his excellent team. Luis Corrons talked about the latest cyber-crime techniques, focusing on banking trojans and rogue antivirus. Petter Lautin talked about the different corporate objectives for Panda in Sweden and lastly I talked about internal statistics of Collective Intelligence and other stuff we're working on.
As I know you'll be curious about this, here's some of the Collective Intelligence stats we presented during the talks:
25 TB Size of Collective Intelligence Database
48 million Files hosted by Collective Intelligence
80 million Files analyzed by Collective Intelligence
61.000 New files received daily at Collective Intelligence
99.4% Files processed automatically every day
150 GB Size of logs generated every day by Collective Intelligence
165 million Files queried against Collective Intelligence every day
127 KB Bandwith usage of each Panda Cloud Antivirus agent every day
In addition to the interesting stats I'll also leave you with some pictures of this fun week in Sweden.
We recently released version 1.0.1.4 of Panda USB Vaccine. This version includes a few bug fixes plus multi-lingual support. The MD5 of the executable is 58cc5b530fc552c8e31870f90db425ed.
As always you can get it directly from download.com:
Cool dragonball-like video from our partner in Taiwan 
http://www.youtube.com/watch?v=D_kfddS_Tyc
I specially like the part about TruPrevent.
As you may remember at the beginning of the year we released a Panda AV 2009 compatible with Windows 7. We are now releasing Windows 7 compatibility of our Panda 2010 products in a beta program. Be sure to check out http://www.pandasecurity.com/windows7 or simply download Panda Global Protection 2010 for Windows 7 directly from here.
Interesting news from Redmond:
http://www.theregister.co.uk/2009/09/14/more_microsoft_autorun_fixes/
On Friday, Microsoft announced the availability of updates to the XP, Server 2003, Vista and Server 2008 versions of Windows that removes the AutoRun popup window when some types of removable media is connected. The change doesn't affect optical media such as CDs and DVDs, a shortcoming we'll get to in a moment.
As we pointed out then, the move is a step in the right direction, but it doesn't go far enough. That's because certain types of removable drives – those made by U3, for instance – run firmware that advertises the device to Windows as a CD. Such drives will continue to automatically execute the AutoRun routine as soon as they're plugged in.
The new updates are available here. But as we've said before, given the large number of devices that are unaffected by this change, we'll continue to disable AutoRun altogether.
While we applaud the move as it shows a little more conscious security decisions in product design, it's still too little, too late.
If you want to be truly protected against AutoRun malware and make sure your USB drive is not used as an infection vector, download and use the free Panda USB Vaccine.
We just released Panda SafeCD version 3.4.3.5. This useful utility comes in handy when you need to clean a friend's PC (or your own) from a malware infested state. It is specially useful for detecting and disinfecting malware infections which give regular AV products running within Windows a hard time.
The download consists of an ISO. You can either burn this into a CD/DVD or alternatively create a more convenient Boot USB stick by using something like the Universal Netboot Installer (UNetbootin).
In order to use a more updated signature database, the Panda SafeCD searches the registry for installed Panda applications that use the regular pav.sig file signature format. If you want Panda SafeCD to use a more updated signature file simply make sure there is an installed Panda product (normally in C:\Program Files\Panda Security) with an updated pav.sig file. If the Panda SafeCD finds a more recent pav.sig than the one included in the ISO, it will use the more updated one.
For a more recently updated signature database file download pav.sig from this blog. Remember this signature file is for tests only and updated on a "whenever-I-feel-like-it" basis, so it should not be used for production systems. For critical situations and to disinfect production systems use our regular signature file which gets updated at least once a day.
Download Panda SafeCD 3.4.3.5
It's a sad day for all of us when bad guys get caught, yet are allowed to walk freely.
As reported by TheReg, James Reno, involved in the creation, distribution and scams using Rogue Antivirus such as ErrorSafe, WinAntiviurs and XPAntivirus, was allowed to "walk" with just a small fine of $116K. The article suggest he scammed users out of $50 million by infecting their PCs with rogue crapware and scaring them into paying up.
http://www.theregister.co.uk/2009/06/29/scareware_settlement/
What kind of message is the FTC sending to the rest of the bad guys? "Go ahead, infect millions of users and don't worry about jail time. Just give us a small percentage and we'll let you go."
I already had small hopes that law enforcement and governments do anything useful to help protect users. But this goes beyond absurd and is sending the wrong message that cyber-crime is OK as long as they pay their dues to governments.
