PCVRBSTR.RVW 930729 Comparison Review Company and product: Leprechaun Software Pty Ltd PO Box 134 Lutwyche Queensland 4030 Australia (07) 252 4037 fax: (07) 252 4071 BBS: (07) 252 4104 Leprechaun International 2284 Pine Warbler Way Marietta Georgia 30062 USA 404 971 8900 fax 404 971 8988 Roger Thompson <70451.3621@CompuServe.COM> Virus Buster Summary: Very complete range of antiviral protection programs, including change detection, resident and non-resident scanning, activity monitor and operation restriction. Cost Rating (1-4, 1 = poor, 4 = very good) "Friendliness" Installation 3 Ease of use 3 Help systems 3 Compatibility 3 Company Stability 3 Support 2 Documentation 3 Hardware required 4 Performance 3 Availability 2 Local Support General Description: Virus Buster offers a very wide variety of antiviral protection, and is suitable for both novice and experienced users. BUSTER and WATCHDOG/PROTECT are non-resident and resident change detection software, respectively. In addition, WATCHDOG provides activity monitoring and operation restriction. FIDO/Phideaux allows WATCHDOG to run under Windows. DOCTOR and VBSHIELD provide non- resident and resident signature scanning. DISKLOK provides access restriction to the hard disk and detection/disinfection of boot sector viri: KEYLOK restricts access to the computer if left unattended. VBCOPY checks files for viral signatures during copy operations. VBSAVER provides other Virus Buster programs with the ability to detect stealth viri. A file browser, LIST, and a task scheduler, ONCEADAY, are also included. Comparison of features and specifications User Friendliness Installation The package is shipped on dual media. Both sets of disks are writable, but protected. The manual is dauntingly thick, but the first page provides information on installation, and clearly outlines the "Standard" and "Default" methods for installation. Installation is quite intelligent. Time to install will vary greatly depending upon the options chosen. As is indicated in the manual, default installation can be quite lengthy. Ease of use Most of the programs run with a mouse sensitive menuing interface, but there is also an option to use command line switches for those, more familiar with the system, who wish faster and more direct control. Menu and mouse use is well explained in the manual, and should present no difficulty to anyone. It is, however, not quite standard for those used to a CUA interface. Help systems A number of help systems are available, and help for menu items is context sensitive. It is, however, fairly brief in most cases. A very nice feature is the fact that some characteristic information is given about any virus detected, rather than merely a name. Compatibility The programs appear to be well behaved. Provision has been made for the WATCHDOG TSR to work under Windows. The PROTECT program is one which adds information to program files in order to detect any changes made to the files. As has been noted with other, similar, programs in the past, this practice may conflict with programs which already have internal self checks. However, a number of such programs, modified by PROTECT, showed no problem in subsequent runs. Company Stability The company has apparently enjoyed sufficient success as to open an office in the United States, and is enjoying well deserved success in Australia. Company Support The documentation lists numbers for voice, fax and BBS in Australia, and the manual stresses the use of the BBS for support. A small window in the lower right hand corner of the screen continually scrolls through the phone and fax numbers for the North American office (which I received my copy from), as well as the serial number: a nice feature when calling for support. Documentation Although the printed documentation is the size of a significant novel, the arrangement of the material is thoughtful and well presented. Chapter 1 is a single page, which explains how to install the program. Subsequent chapters explain: how the manual works, how the program works, how the interface works, how installation works and so forth. (If I may be permitted a small "peeve", the typeface is still awful.) Much information is duplicated in many chapters as many of the programs have common options. Chapter 18 is a good description of the virus situation - with the one proviso that it overemphasizes the value of "buy only commercial" as a defence against viri. The statement that "no professional software house releases virii ..." may be syntactically correct, but is misleading in terms of the actual safety of commercial software. Hardware Requirements None stated. Performance The description of VBSAVER's operation is very short, although perhaps understandably so in view of the battle for security technology between virus writers and antiviral developers. The documentation seems to imply that VBSAVER is ineffective until invoked, and in tests it was unable to assist in identification of stealth boot viri, although the DOCTOR program did state that a stealth virus might be operating, and recommended rebooting. DISKLOK is unusual among hard disk access restriction programs in that it stores copies of the original system areas and restores them if any change is detected, thus defeating most boot sector viri including Stoned. DISKLOK can be bypassed, but the manual is quite clear about possible dangers and what to do about them. WATCHDOG was effective in preventing writing to disks during testing. Any attempt to write to a protected area generates an alert window. The menu allows the user to allow or disallow the operation, and, optionally, provides information on the action detected. Local Support None provided. Support Requirements Virus Buster can be almost fully utilized by a novice user. Expert help in installation should provide a very high level of protection. General Notes Virus Buster provides one of the most complete defences against viral attack yet reviewed, ranking with pre version 2.00 FPROT in the range of protection provided. The help systems, interface and manual should allow it to provide a high level of protection to even naive users. A weakness in the area of detection of memory resident viral programs should be addressed, but the combination of defences does not seriously weaken the overall protection delivered by the package. Leprechaun Software also has a new companion product called C:CURE, a hardware "write-protect" for IDE hard drives. I have discussed this with the US office, but have not seen the product yet. copyright Robert M. Slade, 1993 PCVRBSTR.RVW 930729 ====================== roberts@decus.ca rslade@vcn.bc.ca rslade@vanisl.decus.ca "In America, freedom of the press is largely reserved for those who own one" - A. J. Liebling Author "Robert Slade's Guide to Computer Viruses" 0-387-94663-2 (800-SPRINGER)