PCVRBSTR.RVW   930729
                               Comparison Review
 
Company and product:
 
Leprechaun Software Pty Ltd
PO Box 134
Lutwyche  Queensland  4030
Australia
(07) 252 4037
fax: (07) 252 4071
BBS: (07) 252 4104
Leprechaun International
2284 Pine Warbler Way
Marietta Georgia 30062 USA
404 971 8900
fax 404 971 8988
Roger Thompson <70451.3621@CompuServe.COM>;
Virus Buster 
 
 
Summary:
 
Very complete range of antiviral protection programs, including
change detection, resident and non-resident scanning, activity
monitor and operation restriction.
 
Cost                          
 
Rating (1-4, 1 = poor, 4 = very good)
      "Friendliness"
            Installation      3
            Ease of use       3
            Help systems      3
      Compatibility           3
      Company
            Stability         3
            Support           2
      Documentation           3
      Hardware required       4
      Performance             3
      Availability            2
      Local Support           
 
General Description:
 
Virus Buster offers a very wide variety of antiviral protection,
and is suitable for both novice and experienced users.  BUSTER and
WATCHDOG/PROTECT are non-resident and resident change detection
software, respectively.  In addition, WATCHDOG provides activity
monitoring and operation restriction.  FIDO/Phideaux allows
WATCHDOG to run under Windows.  DOCTOR and VBSHIELD provide non-
resident and resident signature scanning.  DISKLOK provides access
restriction to the hard disk and detection/disinfection of boot
sector viri: KEYLOK restricts access to the computer if left
unattended.  VBCOPY checks files for viral signatures during copy
operations.  VBSAVER provides other Virus Buster programs with the
ability to detect stealth viri.  A file browser, LIST, and a task
scheduler, ONCEADAY, are also included.
 
                  Comparison of features and specifications
 
 
 
User Friendliness
 
Installation
 
The package is shipped on dual media.  Both sets of disks are writable, but
protected.
 
The manual is dauntingly thick, but the first page provides
information on installation, and clearly outlines the "Standard"
and "Default" methods for installation.
 
Installation is quite intelligent.  Time to install will vary
greatly depending upon the options chosen.  As is indicated in the
manual, default installation can be quite lengthy.
 
Ease of use
 
Most of the programs run with a mouse sensitive menuing interface,
but there is also an option to use command line switches for those,
more familiar with the system, who wish faster and more direct
control.
 
Menu and mouse use is well explained in the manual, and should
present no difficulty to anyone.  It is, however, not quite
standard for those used to a CUA interface.
 
Help systems
 
A number of help systems are available, and help for menu items is
context sensitive.  It is, however, fairly brief in most cases.
 
A very nice feature is the fact that some characteristic
information is given about any virus detected, rather than merely
a name.
 
Compatibility
 
The programs appear to be well behaved.  Provision has been made
for the WATCHDOG TSR to work under Windows.
 
The PROTECT program is one which adds information to program files
in order to detect any changes made to the files.  As has been
noted with other, similar, programs in the past, this practice may
conflict with programs which already have internal self checks. 
However, a number of such programs, modified by PROTECT, showed no
problem in subsequent runs.
 
Company Stability
 
The company has apparently enjoyed sufficient success as to open an office in
the United States, and is enjoying well deserved success in Australia.
 
Company Support
 
The documentation lists numbers for voice, fax and BBS in
Australia, and the manual stresses the use of the BBS for support. 
A small window in the lower right hand corner of the screen
continually scrolls through the phone and fax numbers for the North
American office (which I received my copy from), as well as the
serial number: a nice feature when calling for support.
 
Documentation
 
Although the printed documentation is the size of a significant
novel, the arrangement of the material is thoughtful and well
presented.  Chapter 1 is a single page, which explains how to
install the program.  Subsequent chapters explain: how the manual
works, how the program works, how the interface works, how
installation works and so forth.  (If I may be permitted a small
"peeve", the typeface is still awful.)  Much information is duplicated in
many chapters as many of the programs have common options.
 
Chapter 18 is a good description of the virus situation - with the
one proviso that it overemphasizes the value of "buy only
commercial" as a defence against viri.  The statement that "no
professional software house releases virii ..." may be
syntactically correct, but is misleading in terms of the actual
safety of commercial software.
 
Hardware Requirements
 
None stated.
 
Performance
 
The description of VBSAVER's operation is very short, although
perhaps understandably so in view of the battle for security
technology between virus writers and antiviral developers.  The
documentation seems to imply that VBSAVER is ineffective until
invoked, and in tests it was unable to assist in identification of
stealth boot viri, although the DOCTOR program did state that a
stealth virus might be operating, and recommended rebooting.
 
DISKLOK is unusual among hard disk access restriction programs in
that it stores copies of the original system areas and restores
them if any change is detected, thus defeating most boot sector
viri including Stoned.  DISKLOK can be bypassed, but the manual is
quite clear about possible dangers and what to do about them.
 
WATCHDOG was effective in preventing writing to disks during
testing.  Any attempt to write to a protected area generates an
alert window.  The menu allows the user to allow or disallow the
operation, and, optionally, provides information on the action
detected.
 
Local Support
 
None provided.
 
Support Requirements
 
Virus Buster can be almost fully utilized by a novice user.  Expert
help in installation should provide a very high level of
protection.
 
                                 General Notes
 
Virus Buster provides one of the most complete defences against
viral attack yet reviewed, ranking with pre version 2.00 FPROT in
the range of protection provided.  The help systems, interface and
manual should allow it to provide a high level of protection to
even naive users.  A weakness in the area of detection of memory
resident viral programs should be addressed, but the combination of
defences does not seriously weaken the overall protection delivered
by the package.
 
Leprechaun Software also has a new companion product called C:CURE, a hardware
"write-protect" for IDE hard drives.  I have discussed this with the US office,
but have not seen the product yet.
 
copyright Robert M. Slade, 1993   PCVRBSTR.RVW   930729

======================
roberts@decus.ca           rslade@vcn.bc.ca           rslade@vanisl.decus.ca
       "In America, freedom of the press is largely reserved for those 
               who own one"    - A. J. Liebling
Author "Robert Slade's Guide to Computer Viruses" 0-387-94663-2 (800-SPRINGER)