Archive

Archive for the ‘Utils’ Category

Panda Antivirus Command Line Scanner 9.5.1.2

February 10th, 2011 5 comments

We have an updated version of Panda Antivirus command-line scanner available, version 9.5.1.2.  It can be downloaded from http://research.pandasecurity.com/blogs/images/pavcl.zip. The package includes a signature file (pav.sig) from today. In order to download updated signature files you can use a current license to any Panda products (except Panda Cloud Antivirus) to access the updates available a http://acs.pandasoftware.com/member/pavsig/pav.zip with the license credentials.


Possible parameters:
-auto Scan without user intervention.
-nob Do not scan boot sectors.
-lis Show virus list
-del Delete infected files.
-cmp Search for viruses into compressed files.
-clv Disinfect the viruses found.
-exc: Use exclusion list
-ext: Use valid extension list
-help Show help
-heu Activate heuristic detection method.
-heu: Activate heuristic detection method with level (1-3).
-onlype Use only PE Heuristic during analysis
-nbr Does not allow interrupting the program with Ctrl-C.
-nomalw Do not detect Malware
-nojoke Do not detect Jokes
-nodial Do not detect Dialers
-nohackt Do not detect Hacking Tools
-nospyw Do not detect Spyware
-nof Do not analyze files
-nocookiesDo not detect Tracking Cookies.
-nor Do not generate result files.
-noscr Do not output to console.
-nos Deactivate sounds.
-nsub Do not scan nested subdirectories.
-path Scan the directories specified in the path environment variable.
-sig: Alternate location for signature files
-ren Rename infected files.
-rto Restore original name for renamed files
-rpt: Report file
-save Saves the parameters to a file for its use the next time it is run.
-esp Change language to SPANISH.
-eng Change language to ENGLISH.
-aex Scan all files, independently of their extension.
-info Show configuration status information.
-no2 Do not perform the second action
-loc Analyze local drives
-all Analyze all drives

Categories: Heuristics, Malware, Utils Tags: ,

Panda SafeCD 4.4.3.0

June 7th, 2010 28 comments

We have finally released a new version (4.4.3.0) of the Panda SafeCD. This version includes the following new features over the previous one:

  • New graphical user interface
  • Update signature file from Internet, beta sig or from local PC
  • Ability to choose individual partitions for scans

You can download the new version from http://www.pandasecurity.com/resources/tools/SafeCD.iso

For those first-timers out there, once you download the ISO file, you need to burn it into a CD/DVD. Alternatively you can use something like UNetbootin to put it in a USB drive and boot it from there.

Categories: Utils Tags: ,

Panda Cloud Test File

March 9th, 2010 40 comments

Similar to the EICAR file, we have created a small “Cloud Test File” which can be used by testers and users to verify if their Panda product can successfully connect to the Collective Intelligence cloud-scanning servers.

testfile

The file PandaCloudTestFile.exe should be detected:

  • During HTTP download
  • On-Access
  • On-Demand

Download PandaCloudTestFile.exe. It’s MD5 hash is E01A57998BC116134EE96B6D5DD88A13. Alternatively you can also download a passworded RAR file with the EXE in it. The password is “panda”.

DISCLAIMER: This file is *not malicious*. If it is detected it simply means your Panda product can correctly connect to Collective Intelligence.

NOTE TO OTHER AV VENDORS: Please do not add detection for this file.

Panda USB Vaccine – Version 1.0.1.4

October 8th, 2009 22 comments

We recently released version 1.0.1.4 of Panda USB Vaccine. This version includes a few bug fixes plus multi-lingual support. The MD5 of the executable is 58cc5b530fc552c8e31870f90db425ed.

As always you can get it directly from download.com:
Get it from CNET Download.com!

Categories: Utils Tags:

Microsoft to disable AutoRun… maybe

September 14th, 2009 2 comments

Interesting news from Redmond:
http://www.theregister.co.uk/2009/09/14/more_microsoft_autorun_fixes/

On Friday, Microsoft announced the availability of updates to the XP, Server 2003, Vista and Server 2008 versions of Windows that removes the AutoRun popup window when some types of removable media is connected. The change doesn't affect optical media such as CDs and DVDs, a shortcoming we'll get to in a moment.
As we pointed out then, the move is a step in the right direction, but it doesn't go far enough. That's because certain types of removable drives – those made by U3, for instance – run firmware that advertises the device to Windows as a CD. Such drives will continue to automatically execute the AutoRun routine as soon as they're plugged in.
The new updates are available here. But as we've said before, given the large number of devices that are unaffected by this change, we'll continue to disable AutoRun altogether.

While we applaud the move as it shows a little more conscious security decisions in product design, it's still too little, too late. 

If you want to be truly protected against AutoRun malware and make sure your USB drive is not used as an infection vector, download and use the free Panda USB Vaccine.

Categories: News, Utils Tags:

Panda SafeCD 3.4.3.5 Released

July 27th, 2009 44 comments

We just released Panda SafeCD version 3.4.3.5. This useful utility comes in handy when you need to clean a friend's PC (or your own) from a malware infested state. It is specially useful for detecting and disinfecting malware infections which give regular AV products running within Windows a hard time.

  • Automatic detection and removal of all types of malware.
  • Boot from CD or USB stick.
  • Supports using updated signature files.
  • Supports 13 languages.
  • Supports both FAT and NTFS drives.

The download consists of an ISO. You can either burn this into a CD/DVD or alternatively create a more convenient Boot USB stick by using something like the Universal Netboot Installer (UNetbootin). 

In order to use a more updated signature database, the Panda SafeCD searches the registry for installed Panda applications that use the regular pav.sig file signature format. If you want Panda SafeCD to use a more updated signature file simply make sure there is an installed Panda product (normally in C:\Program Files\Panda Security) with an updated pav.sig file. If the Panda SafeCD finds a more recent pav.sig than the one included in the ISO, it will use the more updated one.

For a more recently updated signature database file download pav.sig from this blog. Remember this signature file is for tests only and updated on a "whenever-I-feel-like-it" basis, so it should not be used for production systems. For critical situations and to disinfect production systems use our regular signature file which gets updated at least once a day.

Download Panda SafeCD 3.4.3.5
Get it from CNET Download.com!

Categories: Malware, Utils Tags:

Panda USB Vaccine with NTFS Support

June 18th, 2009 68 comments

First off many thanks to the hundreds of thousands of users who have downloaded, used and given us feedback on Panda USB Vaccine. Not only is it allowing us to improve this free utility for the community, it also helps protect users a little better from spreading malware infections.

Finally Panda USB Vaccine is out of beta and version 1.0.0.50 is here. Some of the most notable improvements are the following:

  • Support for vaccinating NTFS drives. This uses a completely different technique than the vaccination of FAT/FAT32 drives.
  • Executing USBVaccine.exe launches an installer which allows you to configure whether you want USBVaccine to start automatically with Windows.
  • Configuration option during setup to hide the tray icon.
  • Configuration option during setup to automatically vaccinate any new USB drives inserted into the PC.
  • Fixed bug on PC shutdown when USBVaccine was running in the background (Vista).
  • Other bug fixes reported by users on certain types of USB drives.

Some screenshots of the new Panda USB Vaccine:

 

As always you can get it directly from download.com:

Get it from CNET Download.com!

Categories: Utils Tags:

New Technical Support Forum

Our folks from support have recently opened their new Panda Technical Support Forum which you can find at http://support.pandasecurity.com/forum/. You can subscribe to alerts for updates, news, releases, betas, as well as get community-based support for all Panda products. Also there's a section to download utilities and troubleshoot malware related issues. Great job guys !

Categories: News, Utils Tags:

Panda Cloud Antivirus – Free AV thin-client

April 29th, 2009 28 comments

I'm happy to announce that we've finally published our first release beta version of Panda Cloud Antivirus, the first free cloud-based antivirus thin-client (yes, it's a free AV and yes, it's really a thin-client). It is available at www.cloudantivirus.com.

Panda Cloud Antivirus consists of a lightweight antivirus agent that is connected in real-time to PandaLabs’ Collective Intelligence servers to protect faster against the newest malware variants while barely impacting PC performance.

With Panda Cloud Antivirus we introduce a new protection model based on a thin-client agent & server architecture which services malware protection as opposed to locally installed products. By combining local detection technologies with cloud-scanning capabilities and applying non-intrusive interception techniques on the client architecture, Panda Cloud Antivirus provides some of the best protection with a lightweight antivirus thin-client agent that barely consumes any PC resources.

Of course keep in mind that this is still beta code and as such we continue improving and tuning both the cloud architecture and detection techniques as well as the agent architecture, specially now during the initial phases. That's why we're calling out to betatesters out there to help us test this new protection model in different scenarios.

Feel free to download Panda Cloud Antivirus from Download.com.

Get it from CNET Download.com!

For submitting reports please use beta@pandasecurity.com.

Categories: News, Utils Tags:

Panda USB and AutoRun Vaccine

March 5th, 2009 246 comments

UPDATE October 8, 2009: New version 1.0.1.4 released.

The Microsoft Windows Operating Systems use the AUTORUN.INF file from removable drives in order to know which actions to perform when a new external storage device, such as a USB drive or CD/DVD, is inserted into the PC. The AUTORUN.INF file is a configuration file that is normally located in the root directory of removable media and contains, among other things, a reference to the icon that will be shown associated to the removable drive or volume, a description of its content and also the possibility to define a program which should be executed automatically when the unit is mounted.

The problem is that this feature, widely critizised by the security community, is used by malware in order to spread by infecting as soon as a new drive is inserted in a computer. The malware achieves this by copying a malicious executable in the drive and modifying the AUTORUN.INF file so that Windows opens the malicious file silently as soon as the drive is mounted. The most recent examples of this are the W32/Sality, W32/Virutas and also the W32/Conficker worm which, in addition to spreading via a vulnerability and network shares, also spreads via USB drives.

Due to the large amount of malware-related problems associated with Microsoft AutoRun we have created a free utility for our user community called Panda USB Vaccine.

Computer Vaccination

The free Panda USB Vaccine allows users to vaccinate their PCs in order to disable AutoRun completely so that no program from any USB/CD/DVD drive (regardless of whether they have been previously vaccinated or not) can auto-execute. This is a really helpful feature as there is no user friendly and easy way of completely disabling AutoRun on a Windows PC.

USB Vaccination

The free Panda USB Vaccine can be used on individual USB drives to disable its AUTORUN.INF file in order to prevent malware infections from spreading automatically. When applied on a USB drive, the vaccine permanently blocks an innocuous AUTORUN.INF file, preventing it from being read, created, deleted or modified. Once applied it effectivelly disables Windows from automatically executing any malicious file that might be stored in that particular USB drive. The drive can otherwise be used normally and files (even malware) copied to/from it, but they will be prevented from opening automatically. Panda USB Vaccine currently only works on FAT & FAT32 USB drives. Also keep in mind that USB drives that have been vaccinated cannot be reversed except with a format.

Download

Panda USB Vaccine is a 100% free utility. We’ve tested it under Windows 2000 SP4, Windows XP SP1-SP3,  and Windows Vista SP0 and SP1. Feedback is always welcomed. Click on the download button below to start downloading.

Get it from CNET Download.com!

Command line Operation

For advanced users who wish to run Panda USB Vaccine automatically at boot to notify every time a new USB device is mounted on the system or to perform network-wide computer vaccinations via login scripts or other distribution methods, Panda USB Vaccine can be operated via command-line. Its input parameters are the following:

USBVaccine.exe [ A|B|C|Z ] [ +system|-system ] [ /resident [/hidetray] ]

[drive unit]:     Vaccinate drive unit
+system:      Computer vaccination
-system:        Remove computer vaccination
/resident:      Start program hidden and prompt for vaccinating every new drive
/hidetray:      Hides tray icon when used with the /resident command

Examples:
To vaccinate USB drives F:\ and G:\, use
USBVaccine.exe F G

To vaccinate the computer, use
USBVaccine.exe +system

To vaccinate computer and prompt for vaccinating every new drive without showing a tray icon, use
USBVaccine.exe /resident /hidetray +system

It could be very useful to create a Shortcut in the Startup folder to USBVaccine.exe with this last command line (or without the /hidetray) to make sure that every time you boot the computer USBVaccine gets loaded by the system and it vaccinates the computer and prompts the user for vaccinating any new non-vaccinated USB drive. However if you do this under Vista, UAC will block it from running at Startup as it requires admin priviledges. We’ll fix this in future versions.

Categories: Utils Tags: