Friday, December 31, 2010 5:49:12 PM (US Mountain Standard Time, UTC-07:00)
BitSecure Anti-Virus is a new antivirus system designed with performance in mind. Even with the full antivirus loaded the memory consumption is well below most competitors. Even though the software has brisk resource usage, the program does not skimp on the features. The real time or “on the fly” scanner contains over 14 real-time shields ranging from a http scanner to a registry modification scanner. The program also includes removable drive protection and even a full function settings restorer. The detection rates were way above average.
The installation of BitSecure Anti-Virus was very straight forward. The download was 70 megabytes in size. Even though this is on the larger side for antivirus suites, the installation was ridiculously fast. No restart or hefty definition download was necessary. After the installation, the interface quickly launched. Unfortunately, this is where BitSecure tends to lag behind other competitors. There are really are no pretty graphics but, the interface still manages to get the job done.
The scanning process of BitSecure is superior. The quickscan detected a myriad of threats on the test computer. It seems that BitSecure detects all forms of threats whether serious or semi suspicious. The program detected CommView and Hotspot shield. One thing that's great about the program is that it detects every possible trace of a virus or malware. Most free antivirus simply detect the main components of viruses and leave many traces. However, BitSecure finds every possible trace. A quick scan took approximately 6 minutes to complete. One annoying thing is that the results are quite repetitive as every trace is printed out. An expanding tree list would have been useful. Also, the quick scan automatically cleans the detected threats. However, there is a quarantine to restore modified programs.
Resource usage is where BitSecure really shines. While idle, the program uses approximately 23 megabytes of RAM and limited CPU power. When scanning, the program adds about 40 megabytes to the idle usage and about 13 percent CPU power. Since, the interface is barebones, impact on normal system resource usage is really quite minimal. It was hard to notice any slow down on the test system.
BitSecure includes several other features. The USB drive protection system is pretty robust and can be customized for Autorun.inf, thumb drive, floppy drive, and write protection. There is also a system restorer that can re enable the Run, Registry Editor, and Folder Options if they have been disabled by a virus or Trojan.
Monday, December 27, 2010 5:17:19 PM (US Mountain Standard Time, UTC-07:00)
IObit Malware Fighter is a new iteration of the IObit anti-malware programs. The difference between Malware Fighter and previous versions is that the software is truly unique. IObit has actually engineered a brand new antivirus from the ground up. The program has in-depth scanning, cloud technology, new upgraded interface, multiple real-time shields, and even a brand new heuristic engine.
The installation of IObit Malware Fighter was brief. The program is only 10 megabytes in size and includes most definitions on board. The installer includes a toolbar but I opted not to install. After the installation was complete, the program auto updated. The update file was only 16 kilobytes in size making it one of the smallest updates I have seen.
IObit offers 3 modes of scanning Smart or quick, full system, and custom scans. The smart scan finished in a approximately 6 minutes and scanned 60,000 files. The program detected misleading (unwanted) software in the system32 directory. They were as-exp2.ocx, progressbar4.ocx, and threadapi.tlb. During scanning Malware Fighter uses approximately 52 megabytes of RAM and 12% CPU power. Resource usage is in line or lower than the average free antivirus engine.
IObit Malware Fighter offers a plethora of real time protection shields. They include a startup, cookie, process, network, file, browser, USB disk, and malicious action guard. All of these shields are active upon launching the program. However, none of the shields offer any customizable options in the settings menu or even a simple explanation of what they block. The next feature is the cloud tab. The meter is identical to the Norton Insight tab in that it leverages the cloud to determine safe programs on ones computer. Malware Fighter determined that the test system had 217 safe files and 16 threats. Unfortunately, there is no way of knowing what programs were classified. Finally, IObit offers its new form of heuristic detection called DOG or Digital Original Gene. With DOG, Malware Fighter attempts to analyze programs based upon how they were advertised and distributed.
IObit Malware Fighter is really lacking on the settings. There are only a few customizable options. However, since the program is in beta it’s hard to complain.
Thursday, December 23, 2010 12:46:58 PM (US Mountain Standard Time, UTC-07:00)
Spy Emergency is a comprehensive anti-spyware, anti-virus, and anti-spam all in one package. The program really takes detection and removal to a whole new level. Spy Emergency includes more than 2 million signatures. A simple quick scan detected the most virus and suspicious entries I have seen for years (I test antivirus daily). The software also includes a real time memory shield, web protection, auto updates, and even anti-spam. If one desires maximum sensitivity of their antivirus, Spy Emergency seems to fit the bill.
The installation of Spy Emergency was straightforward. The download 50 megabytes in size, included an installer and all necessary virus definitions on board. Once the installation was completed the program allows the user to customize whether they want to install the resident shield, shell extensions, or real-time protection. Some users (myself being included) don’t prefer to have a real time shield constantly slowing the system down and prefer on demand scans.
The scanning process of Spy Emergency is one to brag about. The program offers 4 different types of scans, a quick scan, system scan, full scan, and a custom scan. The scanners cans also be customized to for a standard or deep (more verbose) setting. The quick scan finished in approximately 1 minute and 46 seconds and found 5 suspicious entries. They are as follows, WinVNC, CliprexDSDVDPlayer, Network Stumbler, BehavesLike.Virus (heuristic) and Tracking Cookies. While all of these aren’t interment threats they can be classified as potentially unwanted software. The scanner only used about 2 percent CPU power and 22 megabytes of RAM which is very reasonable usage.
The real treat of Spy Emergency is in its real time protection. The program has approximately 12 shields and provides protection for Internet Explorer but also Mozilla Firefox and even Opera. Few and far between antivirus offer protection on alternative browsers other than IE. Some of the notable shields include ADS or anti-rootkit shield, phishing shield, spyware communication shield, BHO toolbar shield, and Windows Logon shield etc. The database of Spy Emergency can be set to update every 60 minutes which is significantly more frequently than Free AVG 2011 etc.
Some other features that Spy Emergency offer is a quarantine called “the cage” and a keep list which is essentially a whitelist. Finally, I was intrigued by a setting that enables an unpacker to open executables. This means that Spy Emergency can easily look inside .exe files for malware.
Sunday, December 19, 2010 8:20:30 PM (US Mountain Standard Time, UTC-07:00)
Blue Atom is a small antivirus program that packs a big punch. Even though, the publisher isn’t Symantec, the program manages to contain over 333,000 virus definitions and an impressive 627 heuristic checks. This scale of detection capability can seldom be found in any antivirus installer greater than 50 megabytes. The size of Blue Atom is a measly 5.5 megabytes! Also, the antivirus contains a real-time protection system and even USB protection. Best of all, the whole program is free.
The installation of Blue Atom was easy. The included installer is above average and installed quickly on the test system. For 64 bit versions, the program completely installed. However, when scanning, the program doesn’t report the results correctly even though it is actually scanning. Therefore, I recommend Blue Atom antivirus be installed on 32 bit Windows. This is contrary to some download sites that claim the program is compatible with all versions of Windows.
Virus scanning with Blue Atom is easy. Simply select the folder or drive one wants to scan and the program is ready. However, I would have preferred just a full system scan or quick scan option. The program didn’t detect any viruses on the test system. Also, scanning seemed below the average free antivirus in terms of speed.
The interface of Blue Atom is above average, but lacks customizability. The settings page only includes an auto scanning removable drives feature, enable heuristic scanning, unhidden folder scanning, and the capability to change the language to Indonesian. This is definitely one of the briefest settings page that I have seen. It would have been nice to at least see the virus encyclopedia and the heuristic checks.
Resource usage was above average. The program used approximately 12 megabytes when scanning and the same while idle. CPU usage was steady at 12 percent during a scan. Some additional features of the program are a quarantine functionality, simple process manager, an USB immunization feature, and an auto update feature. The program also includes a premium license.
All in all Blue Atom, is a well rounded antivirus. However, it’s not quite ready to replace a free AVG or equivalent antivirus suite.
Wednesday, December 15, 2010 1:24:04 PM (US Mountain Standard Time, UTC-07:00)
Xyovs is a free antivirus that offers the basics of computer protection. What’s nice is that the security is all provided in an extremely compact package. The download with an included installer is only a minuscule two megabytes in size. This includes the full antivirus engine and up to date virus definitions. Also, Xyovs doesn’t solely depend on definitions but also a complete heuristic or behavior engine. Since Xyovs is a newer antivirus, it also lacks in some areas. I feel that more work could have been done on the interface and more features could have been implemented.
I first tired to install Xyovs on the 64 bit test system. This failed with a message stating that the driver could not be loaded. The clue was that the program was trying to install vcredist_x86.exe. One will notice the “x86” which means that the program was designed for 32 bit systems. Therefore, rather than getting an error message it would have been nice for the installer to at least scan the system version before creating the problem. Once on a 32bit machine, Xyvos started immediately.
The first thing about Xyvos free antivirus is that it is very basic. There actually is no full system or quick scan option, rather the program relies completely on real-time behavior protection. Xyvos scans active processes and monitors suspicious events. When a malicious one is found, it is added to the “Manage Trusted” list. There, one can modify whether to trust or ignore a process. There are bound to be many entry’s in this list as the protection looks for “suspicious” files that could be viruses, not definite viruses via a concrete definition.
Xyovs’s resource usage is very good. The program uses 6 megabytes of memory and zero percent CPU power to provide active protection. Also, the impact on performance is undetectable. Therefore Xyovs has some of the best resource management compared to its free competitors.
The program also includes a few additional features. They are a nice logging capability, USB protection, Anti-Keylogger, spyware protection, sensitivity levels, and auto updates. Unfortunately, there is no manual update function which is annoying.
Xyovs free antivirus is a nice program but it begs the question why should one choose it over a main stream program. Free AVG and many others already include excellent heuristic detection plus the added protection of definitions.
Saturday, December 11, 2010 5:17:12 PM (US Mountain Standard Time, UTC-07:00)
Digital Patrol is a relatively new free antivirus that simply does what is suppose to do; detect viruses and Trojans. The program offers a very basic interface but a very robust engine. The program’s virus database contains over 2,200,000 virus definitions and has auto update capability. The program also offers a real time shield. The company claims that the program can detect 100% of Trojans in the wild. This is a pretty bold claim that even Symantec and McAfee haven’t publically stated (probably for liability reasons).
The installation of Digital Patrol was easy. The only downside is that the program download is almost 32 megabytes in size. I personally feel that is kind of large given that the program doesn’t include a very robust interface.
Digital Patrol offers two forms of protection a standard definition and heuristic based protection. As stated before, there are quite a bit of virus definitions loaded on board. The publisher states that the program has auto and pulse updates that look for definition updates every two hours. However, this doesn’t seem to be used in practice as the publisher’s website states that the last update was released on 9th of December while today is the 11th.
The scanning speed of Digital Patrol can’t really be described as “quick” when compared with competitors. On the test system, after scanning for 1 hour, the scan was approximately 50% done. According to Windows Resource Monitor, Digital Patrol scanned from 2 to 3 megabytes per second. Resource usage during a scan also isn’t ideal. The program requires 185 megabytes of memory and approximately 8 to 11 percent CPU power on the test system. These statistics are below the average free antivirus competitor.
One area where Digital Patrol excels is virus detection. Since I frequently scan the same test system with different antivirus engines, it’s nice to see one detect viruses that have been missed by others. The virus I am talking about is related to wifi penetration testing. While it may not necessarily be considered a virus the program could be defined as malicious. Few free antivirus have successfully detected this program.
Tuesday, December 07, 2010 2:32:40 PM (US Mountain Standard Time, UTC-07:00)
Maftoox antivirus is a simple yet efficient free antivirus. Unlike most security software, Maftoox includes a real time shield and even an auto update capability. Some other notable things about the software are very fast scanning and fairly efficient resource usage. However, since the software is in beta, virus definitions may not be as robust as other versions. On inspection of the programs contents, its hard to verify that a large virus database exists.
The installation of Maftoox was seamless. The program was really designed for use on Windows 7. I didn’t encounter any problems with 64 bit versions; unlike competitors. The installation didn't require a system restart and the download was approximately 12 megabytes in size.
The first thing that is really impressive about Maftoox free antivirus is the interface. One can easily move through all parts of the menu without a hiccup. The crucial virus scanning engine is also very good. The program scans at an impressive 20 megabytes per second on the test system. This is actually probably one of the fastest scanners that I have tested. The scanner also doesn’t hiccup when scanning large compressed files like .iso’s and .zip files (tested 700 megabyte files). The full system scan finished in about 30 minutes and didn’t detect any false positives or viruses. All in all, the engine had a really corporate feel to it and barely slowed down with concurrent computer usage.
In addition to the scanning engine, there is also a real time shield. Maftoox antivirus appears to use two processes and about 40 megabytes of memory at any time. During scanning the program uses a paltry 6 percent CPU power, which is also significantly lower than other free antivirus. Updating is also easy. The program has the capability to auto update from a local or networked directory and/or the publishers servers.
In addition, to a full antivirus capability Maftoox includes many additional utilities. There are as follows, a registry cleaner, uninstaller tool, process manager, memory optimizer, and more. I had a problem launching these programs from within Maftoox. However, If one navigates over to the program files folder, they can easily launch any of the utilities directly.
Friday, December 03, 2010 6:07:22 PM (US Mountain Standard Time, UTC-07:00)
Virtualization is a new concept that has not been implemented with ease of use in mind until now. What BufferZone does is create a separate environment in memory, the registry, and on the hard disk where all files that enter a computer from the internet, usb drives, and any form of downloading are run. While most programs won’t cause any problems, if a virus is downloaded, it stays in the virtual folder and cannot affect or read any personal or OS files. This means that the virus is useless. The “virtualization” has also been referred to as sandboxing and is included in Comodo’s antivirus programs and Avast’s premium antivirus. However, the performance is lacking when compared to BufferZone. Also, the program doesn’t need to have local virus definitions to stop the latest malware.
The installation of BufferZone was ok. The download was 16 megabytes in size. I initially opened the installer and was greeted with a message that states there isn’t 64 bit support. Users may already be aware that this is a big pet peeve of mine because most new computers have 64bit O/S’s. Also, Sandboxie (similar to BufferZone) now has 64bit support; so it is possible. Regardless, I installed the software on a 32bit machine and was required to restart the computer after completing the installation.
Once the restart was finished, the program configuration started. One can protect specific important folders (i.e. My Documents) from ever being accessed by programs inside the BufferZone. Protection in Windows 7 is indicated by a lock on the folder and files. Also, one can enter in their bank URL address to prevent any program in the zone from accessing the website (aka keyloggers etc.)
Routine use of Bufferzone is hardly noticeable. The program already detects all forms of internet browsers (Firefox, Chrome, Opera etc.) and runs them virtualized automatically. If one wants any particular program to run in the sandboxed environment, simply right click and select it on the context menu.
The resource usage of BufferZone is very reasonable at only about 20 megabytes across three different processes. The program also requires very little CPU power and is only utilized when a user accesses a virtualized program.
One other complaint about BufferZone is the lack of programs that are automatically run in a virtualized environment. While a user can add any program, I think a more comprehensive list would provide more out of the box functionality.
In conclusion, Bufferzone is a great security tool and definitely should be run alongside a free antivirus to provide excellent protection.